Rohit Singla

The Financial Services Regulatory Authority of Ontario (FSRAO) is a Crown agency which acts as the financial regulator for the Canadian province of Ontario.

• Establishing Privilege Access Management (PAM) program. BeyondTrust Password Safe Cloud product implementation
• Procurement, Governance and Implementation of a PAM SaaS solution
• Delivering Identity Governance & Administration (IGA)
• Implementing critical vendors & third-party risk management program
• Leading crown jewel assessment and information protection program
• Completed incident management paperwork, recognized discrepancies and promptly addressed for resolution.
• Used critical thinking to break down problems, evaluate solutions and make decisions.
• Managed relationships with third-party vendors such as intrusion detection system providers.

City of Toronto is the capital city of the Canadian province of Ontario. It is the largest city in Canada and the fourth largest city in North America. Rohit served in the office of the CISO. As the Director of cybersecurity, he was in-charge of the following mandates:

• Established the PAM program and SaaS based product integration.
• Citizen facing IAM and digital identity (DI) Program.
• Security governance, risk, and compliance (GRC) management.
• Third party and threat risk management (TRA).
• Privacy risk assessments (PIAs).
• Contract negotiations with Vendors.
• Privacy and security awareness and trainings program.
• Establish operational and risk-based metrics and KPIs to demonstrate effectiveness of PAM and DI programs.

In addition, played an active role in building cyber security strategy:

• Developed and managed C-Suite and other key relationships with internal and external partners.
• Provided strategic direction and functional leadership for activities including, business case development, operational business planning, cybersecurity program/service development, delivery and results review, governance and accountability, resource estimating, control, direction setting, contract negotiations, vendor relationships, financial committee reviews and growth forecast.
• Established Programs – Citizen IAM, Cyber & Privacy Risk Management, PAM, PKI, Privacy and Data Protection.
• Led development, maintenance and implementation of authentication, credential and PAM policies/best practices to ensure continuous improvement, integrity and compliance.
• Provided strategic HR planning for building talent pool within my branch.
• Developed and maintained incident response protocols to mitigate damage and liability during security breaches.
• Created cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.
• Maintained company-wide compliance with industry standards and Privacy principles.

Deloitte is a global leader for cyber risk advisory services. Rohit was part of Deloitte’s cyber practice for 11 years where he served clients across multiple geographies – Canada, US, India, UK, and Australia. He started with Deloitte (India) in April 2010 as a Sr. Consultant and gradually progressed to become a Manager with Deloitte (USA) in 2014, providing several types of cyber advisory services to Deloitte’s clients, such as:

• Led delivery and repair of multi-year multi-tiered PAM and IAM programs
• Built and managed cybersecurity teams of up to 20 professionals
• Built consensus on IAM strategy and influence stakeholders
• Defined IAM governance and operating models
• Led the development of authentication & access control strategy, best practices, and conducted market research
• Worked on various PAM and IAM tools – IBM Security/Tivoli, Okta, ForgeRock, Ping One, Azure AD, Beyond Trust, CyberArk

As a senior member of Deloitte’s cyber practice, his responsibilities also included:

• Developed and managed key senior management relationships with internal and external partners to provide strategic business advice within various cyber and Identity and Access Management areas
• Provided strategic advice and decision-making to resolve critical business, project management and operational issues
• Influenced strategic decisions to provide advice and input for business planning, decision making and problem-solving relating to Identity and Access Management
• Represented in steering committees and reported project status to senior management/executives

• Led teams of up to 4 in developing and implementing IAM systems, resulting in increase operational efficiency and customer satisfaction.
• Developed, and implemented IAM programs using IBM Security Product Suite
• Planned and oversaw configuration changes for IAM infrastructure.
• Worked with business partners to balance requirements, security and risk reduction.
• Achieved faster response time using cyber process automation and saved millions of dollars in opportunity cost
• Implement and integrate heterogeneous applications and systems with enterprise Identity and Access Management system using IBM Tivoli Access Manager, Tivoli Identity Manager and Federated Single Sign-On (SSO) identity provider (IDP)

• Worked on various cyber security projects across IAM domains for Detroit based automaker
• Led a team of onsite/offshore professionals to provide cyber services to client and customers
• Applied leading theories and concepts to development, maintenance and implementation of information security principles.
• Represented company's technical security interests to clients and facilitated bi-directional flow of technical information and best practices in information security.
• Counseled senior-level management on current privacy and security trends and recommendations to mitigate risk.
• Provided consultation and technical services on IAM aspects of information security.