Summary
Overview
Work History
Education
Skills
Languages
Timeline
Generic

Sri Kanth Rajalingam

Security Architect
Petaling Jaya,Petaling Jaya

Summary

A seasoned Cybersecurity professional with a proven track record within the industry. I excel in cybersecurity strategy and fostering cross-functional team collaboration. Expert in application security and secure software development, I've significantly enhanced AI and devsecops security frameworks, achieving streamlined operations and robust data protection measures.

Overview

13
13
years of professional experience
36
36
years of post-secondary education

Work History

Security Architect

Axiata
10.2022 - Current
  • Developed Application security playbook covering areas of Devsecops, API and CICD pipeline security playbook.
  • Enhanced group AI security playbook to cover security and governance.
  • Collaborated with cross-functional teams for seamless integration of security protocols into existing Zero Trust Architecture.
  • Managed relationships with external vendors, ensuring timely delivery of hardware and software solutions that met strict security requirements.
  • Instrumental in securing company assets through verification of critical assets.
  • Worked with operating companies to balance requirements, security and risk mitigation.
  • Created policies and procedures for emerging security technologies such as application security standards and enterprise security architecture.
  • Created governance frameworks by designing and developing technical architectures based on industry standards.
  • Proactively identified opportunities for process improvement in domains of API and Devsecops security governance resulting in streamlined operations across multiple departments.
  • Instrumental in creation of AI Security Security and Governance framework for group adoption and worked with various levels of AI and analytics architects.

Group Security Consultant

Greenpacket Berhad
02.2019 - 08.2022
  • Implementation and Governance of Security Frameworks: - RMiT, ISO 27001:2013 (ISMS) & PCIDSS
  • Provide Information Security Reviews and Updates to Company Board of Directors eWallet Security Testing and Review
  • Payment Gateway PCIDSS Security Controls implementation and annual Refresh
  • Digital Innovation Security Governance and Planning, and DR Project lead
  • Lead Consultant for Incident Response, BCP DR Testing, Technical and Process
  • Managing Overall Group Cybersecurity annual budget forecasts
  • Cybersecurity Strategy and Planning exhibited via Maturity model and Targeted Deliverables
  • Deployment of Secure Software Development Lifecycle Practices; Policies and Procedures
  • Deployment of Secure coding tools and Reporting
  • Lead on Digital technology Security covering Fintech, Urbantech security
  • Oversee and support implementation of special projects as and when required
  • Implementation of DevSecOps pipeline alongside Planning and Governance Security
  • Implementation covering basics like Procurement and Supplier Security, Staff Education and Awareness, Red Teaming and Annual Penetration testing
  • Public Cloud Security Operations and Architecture
  • Validate and determine best security technologies to deploy in network at reasonable cost and also to ensure long term use is aligned with business needs and projects
  • Overall department SLA measured by existing tools
  • Identify root cause of problems and assist in remediation strategy
  • Board presentations quarterly on cybersecurity existing state of security and breaches and identifying key Security Risks with potential remediation's

Principal Engineer; IT Security

TIME Dot COM
03.2011 - 01.2019
  • Lead IT Security Principal Engineer for TdC covering aspects of IT and Data Centers under TdC group
  • Implementation and monitoring of ISO 27001 (ISMS). Head of Working Committee.
  • Formulate Strategy and roadmap on Security and overall security program for TdC.
  • Initiate security programs including Security in project management, Incident response and BCM for TdC
  • In charge of PCI-DSS and ISO 27001 programs and ensuring compliance and PCIDSS certification covering credit card transactions via TdC portals
  • Liaison in Managing regulator expectations (MCMC) and Manage IT Risks performing Security Risk Assessments for Overall IT
  • IT Disaster Recovery Lead performing functions to draw plans and identify systems that require DR and manage overall DR program.
  • Divisional Audit Representative, manage Internal audit and external auditors such as PCIDSS, ISMS and Big-Four audit firms
  • Responsible on IT Security Awareness to TIMEdotCom group. Establish and implement security policy and procedure to compliance with internal and external standard
  • Apply security best practice to govern confidentiality, integrity and availability on TIME infrastructure and business information
  • Responsible for overall management and control of IT Security Operation. Oversee the security function on various entities of TIMEdotCom by establishing comprehensive security monitoring and mitigation toward any form of intrusion to TIMEdotCom IT infrastructure
  • Conduct security auditing, penetration testing, vulnerability assessment and security analysis in a periodic manner across critical assets
  • Perform periodic security risk assessment including disaster recovery and contingency planning, and coordinate internal audits to ensure that appropriate access to company information assets is maintained at acceptable levels as agreed by stakeholders
  • Represent IT Division in information Security Committee in its policy development efforts to maintain security and integrity of information asset in compliance with accreditation standards
  • Appraise, evaluate and ensure right security solution or advice given to save guard TIMEdotCom infrastructure (IT or Telco)
  • Provide consulting with respect to application security and roll out of applications that serve business interests for group by leveraging use of specific technologies to identify code security issues and risk remediation's

Security Architect

Prestariang SKIN
02.2018 - 12.2018
  • Design, Build, Deploy and Deliver full security Architecture for SKIN Solution.
  • High level and Baseline security design and architecture
  • Lead ISO27001 standard implementation member for Jabatan Imigresen Malaysia
  • Conducting evaluations, strategy and deployment of various technologies for Malaysia's immigration department, e.g. Identity and Access Management, Privileged Access Management, SIEM, Vulnerability Management and Network Security technologies.
  • ISMS Security policy preparation and awareness trainings
  • Managing overall cybersecurity budget and deliverables

Education

No Degree -

No Degree
04.2001 -

High School Diploma -

Sekolah Menengah (Laki-Laki)Bukit Bintang
Petaling Jaya
01.1989 - 12.2024

Skills

Cybersecurity Strategy

Application security

Secure Software Development

Data protection

Languages

English, Malay, Tamil
Native language

Timeline

Security Architect

Axiata
10.2022 - Current

Group Security Consultant

Greenpacket Berhad
02.2019 - 08.2022

Security Architect

Prestariang SKIN
02.2018 - 12.2018

Principal Engineer; IT Security

TIME Dot COM
03.2011 - 01.2019

No Degree -

No Degree
04.2001 -

High School Diploma -

Sekolah Menengah (Laki-Laki)Bukit Bintang
01.1989 - 12.2024

Similar Profiles

  • YOGI SANTOSO

    YOGI SANTOSOYOGI SANTOSO

    ISO Project Manager at PT XL Axiata TbkISO Project Manager at PT XL Axiata Tbk

    View Profile
  • Fatema Tuz Zohra

    Fatema Tuz ZohraFatema Tuz Zohra

    Manager, Robi Internet ATL at Robi Axiata LimitedManager, Robi Internet ATL at Robi Axiata Limited

    View Profile
  • Pikon Ash

    Pikon AshPikon Ash

    Scrum Master at Celcom Axiata BerhadScrum Master at Celcom Axiata Berhad

    View Profile
Sri Kanth RajalingamSecurity Architect