VIJAY KUMAR
Singapore
Summary
An astute, diligent and dynamic Information security professional having 15+ years of successful strategic and persuasive leadership in all phases of diverse cybersecurity, technology infrastructure, IT operations. Highly accomplished Information Security and Technology Risk Manager with extensive experience in leading and executing comprehensive security and risk management programs. Adept at identifying, assessing, and mitigating security risks to protect organizational assets and ensure compliance with regulatory requirements. Proven ability to develop and implement effective security strategies, policies, and controls while fostering a culture of security awareness. Skilled in leading cross-functional teams and collaborating with stakeholders to achieve business objectives securely. Seeking to leverage expertise in information security and technology risk management to drive security initiatives and safeguard organizational integrity.
Overview
18
18
years of professional experience
6
6
years of post-secondary education
5
5
Certifications
2
2
Languages
Work History
VP - APAC Technology Infrastructure and Third-Party Risk and Control Management
Citi Bank
01.2022 - Current
- Supports Citibank APAC entities for Technology Risk Governance and Regulatory requirements including, but not limited to, regulatory impact assessments, issues management, Cross-border, Data Privacy and SOX programs
- Supports Technology Risk assessment program including governance, oversight and reporting of management Control Assessments (MCA) and Key Risk Indicators (KRI) tests
- Develop and implement information security and technology risk management programs to safeguard organisational assets and ensure compliance with regulatory requirements.
- Define and enforce security policies, standards, and procedures to establish secure computing environment and mitigate cyber threats.
- Provide strategic guidance and recommendations to senior leadership on security initiatives, investments, and risk mitigation strategies.
- Collaborate with internal stakeholders and external partners to assess and manage third-party security risks and ensure compliance with security standards.
- Stay abreast of regulatory requirements and industry best practices related to technology risk management. Ensure that organization remains compliant with relevant laws and standards.
VP - IT Security Risk and Controls for Digital technology
Citi Bank
07.2019 - 12.2021
- Improved the security control environment and minimized the risk and impact of information security threats and vulnerabilities through risk assessments and responsible for digital banking application vulnerability finding, risks, mitigation threat management, risk management & external vulnerability assessment processes aligned to NIST risk assessment framework and MAS TRM guidelines
- Develops & delivers Information Security Program strategy for Risk Assessment, Penetration Testing, Project Consultancy, Incident Response and Cyber Threat Intelligence
- And also manages exit strategy for partners when relationships are ended
- Develops appropriate controls and processes in place to facilitate outsourcing and appropriate information risk management clauses in outsourcing contract
- Coordinates with third parties to perform vulnerability tests and create security authorization agreements and standards
- Designs, implements and administers process to report on continuous monitoring of all Information Security controls
- Performs risk assessment for process to be outsourced and ensures appropriate levels of due diligence is performed prior to contract signature
- Collaborates with vendors for vulnerability assessment and digital banking application releases for Citi businesses globally, performing TPISA, TPRAP also engaging business partners to go via VA following CITI standards
- Led Regulatory VA testing, such as DDOS attacks and Compliance testing of business-critical applications
- Facilitates meetings, with digital technology, consumer Business and Technical leaders in organization to develop cyber threat management and execute go-to-market plans; assessing immediate and long-term needs, creating policies and procedures.
AVP - Technology Infrastructure and Cyber Security Risk and Control Management
Citi Bank
05.2016 - 06.2019
- ed Technology Infrastructure and Cyber Security Risk and Control Management function for APAC/EMEA managing internal, external and regulatory audits, oversight of contracts and service agreement for Cross Border, Third Party insourcing and outsourcing risk management
- Identified best risk assessment approach and supported methodology to develop overall IS audit plan and determined priorities for effective allocation of IS audit resources
- Reviewed IS policies and procedures and communicated effective risk and control structure to CITI infrastructures and cybersecurity teams and utilised risk-based control assessment strategies and initiatives to evaluate IS control structure
- Created and developed Risk and Control Matrix (RCM) for documenting inherited risks, controls and control test plans for effectiveness
- Managed IT Audits, Compliance and Regulatory audits and assessed, monitored, reported, escalated and remediated IT Security, Risk and Compliance related issues
- Worked towards obtaining sufficient and appropriate evidence to draw reasonable conclusions and evaluated sufficiency of evidence obtained to support conclusions and achieved engagement objectives
- Developed audit results report communicating results upon completion of engagement consisting of findings, conclusions, and recommendations to base engagement results in accordance with terms of audit charter.
Global Operations Manager, Group Finance IT Production services - UBS AG
Infosys Ltd
02.2010 - 04.2016
- Served as Global operations and crisis manager for Group Finance IT (GFIT) leading crisis calls and problem investigations for all finance production issues
- Responsible for management and oversight of IT Operational Risk Management
- Managed all audit (external and internal) related requirements for Finance applications
- Ensured Finance applications are compliant with SOX control standards and other regional regulatory standards
- Managed daily operations for Global General Ledger/Profit and Loss Reporting application for timely delivery of PNL and Balance sheet reporting deliverables
- Responsible for entire Software life cycle from Incident Management, Problem Management, Release Management, Business Continuity Management, Infrastructure Management
- Responsible for functional oversight of front-to-back delivery of Daily Balance Sheet, Daily P&L and IPV Valuations processes for UBS
- AG
- Responsible for development documentation implementation and maintenance of BCP program including governance policies processes and standards
- Contributed to BCP strategy by assisting in review, development and administration of policies and procedures for BCP, IT, and others as requested.
Regional lead for Group Finance IT Production services (Tier 1 operations) - UBS AG
Infosys Technologies Ltd
06.2007 - 01.2010
- Led and supported as Strategic Innovation lead in APAC/EMEA region, responsible for identifying process hotspots, and designing and implementing effective automated solutions to improve efficiency and mitigate risk
- Interacted with front office Business users and Business Unit Controllers to troubleshoot their day-to-day PNL related issues and other systemic queries
- Participated in and managed business continuity planning projects and activities
- Conducted root cause analysis to derive and implement bug fixes with minimal impact to business
- Responsible for Incident and Problem Management of all applications involved in Global General Ledger/Profit and Loss Reporting suite
- Acted as SME liaison between Business and Technology teams to co-ordinate with Change-bank and Business during UAT testing and post-implementation of new changes
- Responsible for establishing and overseeing annual testing of BCP strategies and plans including documenting reporting and tracking test results.
Application Support Analyst (Level 1 Operation) - Microsoft Corp.
Infosys Technologies Ltd
09.2005 - 05.2007
- Addressed user issues and queries by providing them with necessary data and fixing problems with their reports
- Coordinated with tier2 team for resolving issues, reporting production issues which may need change in code
- Conducted root cause analysis to derive and implement bug fixes with minimal impact to business
- Prepared support documents for applications and knowledge documents for day-to-day issues.
Education
Master of Technology (M.Tech.) - Environmental Geotechnology
Motilal Nehru National Institute of Technology
India 07.2003 - 05.2005
Bachelor of Technology (B.Tech.) - Civil Engineering
GB Pant University of Agriculture And Technology
India 07.1999 - 05.2003
Skills
Process Improvement
undefinedCertification
Certified Information Security Manager® (CISM).
Accomplishments
- Top scorer in 2022 CRISC Certification Exam for ISACA Singapore.
- Awarded 'Service Award for Best Value Added, L2 Operational Excellence and all-around performance in L2 team' for displaying service excellence and superior business acumen at UBS (years 2011, 2012, 2013 and 2014).
Personality Traits
- Charismatic Leadership
- Methodical Approach
- Meticulous
- Strategic & Analytical Thinking
Timeline
VP - APAC Technology Infrastructure and Third-Party Risk and Control Management
Citi Bank
01.2022 - Current
VP - IT Security Risk and Controls for Digital technology
Citi Bank
07.2019 - 12.2021
AVP - Technology Infrastructure and Cyber Security Risk and Control Management
Citi Bank
05.2016 - 06.2019
Global Operations Manager, Group Finance IT Production services - UBS AG
Infosys Ltd
02.2010 - 04.2016
Regional lead for Group Finance IT Production services (Tier 1 operations) - UBS AG
Infosys Technologies Ltd
06.2007 - 01.2010
Application Support Analyst (Level 1 Operation) - Microsoft Corp.
Infosys Technologies Ltd
09.2005 - 05.2007
Master of Technology (M.Tech.) - Environmental Geotechnology
Motilal Nehru National Institute of Technology
07.2003 - 05.2005
Bachelor of Technology (B.Tech.) - Civil Engineering
GB Pant University of Agriculture And Technology
07.1999 - 05.2003
Similar Profiles
Ignacio AbarcaIgnacio Abarca
Infrastructure Solution Architect at Citi BankInfrastructure Solution Architect at Citi Bank
Joseph FuquaJoseph Fuqua
Domestic Escalations at Citi BankDomestic Escalations at Citi Bank
Alexandra LeitchAlexandra Leitch
Privacy Compliance Officer (Contractor) at Citi BankPrivacy Compliance Officer (Contractor) at Citi Bank