Raju Raghavan

• Drive large-scale data migration and divestiture projects, driving timely and compliant delivery across four buyer banks by adhering to regulatory and legal frameworks
• Aligned project objectives with Citibank's Technology Strategy, working closely with senior management to ensure consistency with organizational goals
• Refined data migration governance frameworks in collaboration with SMEs, enhancing project methodologies and templates for consistent execution across teams (GRC)
• Ensured compliance with regional data privacy laws, including managing legal requirements for cross-border data transfer restrictions in multiple jurisdictions
• Classified data based on sensitivity, ownership, and retention policies, and developed a detailed data map to document data locations and dependencies
• Identified and mitigated risks across a multi-market divestiture program (UOBM, UOBTH, UBP, AXIS), safeguarding the project from potential disruptions, focusing on the GRC on the overall program
• Presented regular risk analysis and governance reviews to senior leadership, enabling informed decision-making and ensuring project alignment with strategic goals
• Coordinated cross-functional teams to ensure seamless execution, maintaining strict adherence to project budgets, timelines, and compliance standards
• Facilitated workshops to collect project requirements and user feedback.
• Developed and implemented project plans and budgets to ensure successful execution.
• Tracked project and team member performance closely to quickly intervene in mistakes or delays.
• Reported regularly to managers on project budget, progress, and technical problems.
• Verified quality of deliverables and conformance to specifications before submitting to clients.
• Maintained open communication by presenting regular updates on project status to customers.
• Scheduled and facilitated meetings between project stakeholders to discuss deliverables, schedules and conflicts.
• Used strong analytical and problem-solving skills to develop effective solutions for challenging situations.
• Managed time efficiently in order to complete all tasks within deadlines.

• Worked closely with certified security SME's to develop and enforced IT security policies and procedures, collaborating with Core Security Implementation teams and external product vendors to mitigate cybersecurity threats and prevent data breaches across multiple government clients, including SGX, ICA, LTA, and IHIS
• Spearheaded the implementation of the CrowdStrike solution for SGX, overseeing the full setup in line with company policy requirements, collaborating with CrowdStrike vendors for rigorous testing, and ensuring successful deployment across SGX's infrastructure to bolster endpoint protection
• Orchestrated the testing and deployment of CrowdStrike's EDR solution, aligning with security standards and ensuring seamless integration within SGX's environment to strengthen defences against cyber threats
• Directed the implementation of Forcepoint DLP for Singapore Health (IHIS), managing the end-to-end project lifecycle from product evaluation to policy creation
• Partnered with a certified DLP consultant to execute thorough testing and successfully deployed the solution with the IHIS team to protect sensitive healthcare data
• Drive the enhancement of security program initiated by ICA by Implementing CIS Hardening of servers and Databases, implementing advance monitoring tools of their critical application and infrastructure environment
• Steered the external Vulnerability & Penetration Testing program for the Land Transport Authority (LTA), coordinating with certified penetration testers to identify vulnerabilities, assess risks, and execute testing based on engagement requirements
• Delivered actionable insights for vulnerability remediation, enhancing LTA's cybersecurity defences
• Shifted security left: ensuring embedding security practices (SBD) earlier in the Software Development Life Cycle (SDLC), integrating security controls, threat modelling, and secure coding practices from the outset to proactively mitigate risks across all projects
• Implemented DevSecOps practices, fostering a culture where security was a shared responsibility across development, operations, and testing teams, ensuring continuous security testing and vulnerability assessments throughout the software and infrastructure project lifecycles
• Ensured compliance with security standards and regulatory frameworks, overseeing the configuration and deployment of security solutions while adhering to both government and industry regulations for all clients
• Managed project scopes, timelines, and budgets, ensuring the timely and on-budget delivery of solutions while maintaining strict alignment with security protocols and client expectations
• Collaborated closely with senior stakeholders to present executive-level reports on security posture, delivering performance dashboards, audit findings, and actionable recommendations to strengthen overall security resilience
• Govt.Client: ICA, LTA, SGX, IHIS

• Drive a team of Certified SME's in executing Penetration Testing (Pentest) and Vulnerability Assessments (VAPT) as part of external engagement across 13 hospitals, ensuring systems met HIPAA and ISO 27001 compliance standards to safeguard sensitive healthcare data
• Managed security engagements by acting as the primary liaison between senior stakeholders, vendors, and cross-functional teams, ensuring clear communication and alignment to successfully meet project objectives
• Validated scope of Vulnerability Assessments for identified systems, applications, and networks, ensuring comprehensive coverage of critical assets
• Ensured alignment with client expectations and regulatory requirements by collecting details on IP ranges, application URLs, and system configurations, obtaining client approval for tools and methodologies used during assessments
• Coordinated with clients to provide access credentials, establish whitelisting, and ensure VPN setups for assessment teams, ensuring smooth and efficient testing processes
• Developed and implemented risk management frameworks, embedding security best practices into the project lifecycle to strengthen the overall security posture of the organization
• Categorized vulnerabilities based on severity, exploitability, and potential business impact, providing the foundation for effective remediation prioritization
• Analysed findings in detail, preparing comprehensive reports that highlighted the root causes of critical vulnerabilities, presenting actionable recommendations to stakeholders for immediate remediation
• Client: Columbia Asia Hospitals

• Spearheaded the development of a Point-of-Sale (POS) Retail System built on .NET and MySQL, contributing to the creation of an efficient and scalable solution for retail environments
• Led the team as a Product Owner in an Agile/Scrum setup, collaborating closely with cross-functional teams to define product features, prioritize the backlog, and ensure successful delivery of software increments
• Drove the data modelling process for the MySQL database using Toad tool, creating a robust and optimized database structure to support efficient transaction processing and reporting for the overall POS system
• Collaborated with development teams to translate business requirements into technical specifications, ensuring alignment with the overall product vision and stakeholder expectations
• Facilitated Scrum ceremonies including sprint planning, daily stand-ups, sprint reviews, and retrospectives, driving iterative improvements and maintaining focus on delivering high-priority features in each sprint
• Monitored team progress and removed obstacles to ensure timely delivery of the product, managing scope changes and ensuring that the team stayed on track with agreed-upon timelines
• Contributed actively to the entire product development lifecycle from initiation through to the Version 4 release, playing a key role in the testing and QA phases
• Engaged in Test-Driven Development (TDD), Behaviour-Driven Development (BDD), and Acceptance Test-Driven Development (ATDD) to ensure high-quality deliverables and alignment with user requirements
• Engaged with stakeholders to gather feedback, refine product features, and adjust priorities, ensuring that the POS system addressed customer needs and business goals
• Ensured data integrity and performance optimization of the MySQL database, closely working with the development team to handle scalability, indexing, and query optimization for improved system performance

In Progress