Summary
Overview
Work History
Education
Skills
Timeline
Generic

Vijaykumar Jayakrishnan

Summary

Results-driven IT professional with over 19 years industry experience, that includes 11+ years specializing in cybersecurity, of which 5 years is dedicated to Software Development Life Cycle (SDLC) security and remaining 6 years focused on securing infrastructure services. Demonstrates a strong technical acumen and a commitment to delivering high-quality solutions in the field of Information Security.


  • End-to-End Security Risk Assessment: Conduct comprehensive security risk assessments of technology systems, applications, and infrastructure to identify threats and ensure compliance with security policies and standards. Responsible for recording and tracking security risks, that includes risk classification and treatment.
  • Governance, Risk and Compliance (GRC) Management: Experienced in GRC management across all functions of account security, including Cyber Security, Application Security, Network Architecture & Design, Identity and Access Management, Security Operations, and Business Continuity/Disaster Recovery.
  • Audit and Regulatory Compliance: Expertise in Process Compliance Audits, Internal Audits, ISO 27001 Certification Audits, Program Management, Risk Management, Data Analytics, and Metrics Reporting. Strong knowledge of global regulations and standards, including GDPR, GXP, HIPAA, SOX, SOC1, SOC2 (Type I & II), PCI-DSS and PII protection.
  • Third-party Vendor Risk Management: Experienced in Third-Party Vendor Risk Management, including vendor risk assessments, performance reviews, and driving service improvement projects using Lean and Six Sigma methodologies.

Overview

19
19
years of professional experience

Work History

Business Unit Security Officer (BUSO)

Manulife
12.2022 - Current
  • Security Risk Assessment and Management: Conduct comprehensive risk assessments of technology systems, applications, and infrastructure to identify potential threats, vulnerabilities, and impacts on business operations.
  • Led risk assessments and implemented security controls for applications migrating from on-premises to cloud (Azure / AWS), resulted in improving technology efficiencies by 30%
  • Led risk assessment projects aimed at improving the user experience and feature additions that improved the overall user experience by 3x.
  • Application Security and Release Sign-Off: Review and sign off on application security measures during the software development lifecycle. Ensure security requirements are integrated into the DevOps pipeline and associated medium+ severity vulnerabilities are remediated ahead of production deployment
  • Reviewed technology architecture solutions for projects utilizing Azure OpenAI for streamlining process efficiencies and productivity improvements while ensuring adherence to Manulife's privacy policies, security policies and standards
  • Consultation and Collaboration: Consult with business stakeholders, Directors of Engineering, Product Owners, IT Architect, Security Architect, Privacy and Compliance team to integrate security and privacy practices into their workflows
  • Perform Risk & Control Self-Assessment on a periodic basis, assess the design and operating effectiveness of the controls, collaborate with cross-functional stakeholders to apply corrective action plans for the gaps identified
  • Perform third-party vendor risk assessments and ensure vendor policies comply with Manulife's security policies and standards
  • Responsible for developing new policies and standards in alignment with NIST cyber security framework, that includes defining the control objective, control description, create test plan and test procedures to aid control testing
  • Investigated security incidents to identify root causes and prevent future occurrences.


Information Risk Manager

Cognizant Technology Solutions Canada Inc.
04.2019 - 09.2021
  • Perform security risk assessments based on scope, ensure security obligations are compliant with Corporate Security policies. Record, track, classify the risks based on severity and impact and ensure risks are mitigated based on defined timelines. Evaluate the effectiveness of controls implemented and suggest improvements
  • Perform internal audits aligned with ISO 27001, report the findings to Senior Management and assist in implementation of corrective and preventive actions
  • Lead and execute security compliance reviews of master service agreements and advise business team regarding gaps and corresponding mitigation requirements
  • Collaborate with cross-functional teams, security team and business process owners to facilitate closure of issues, audit findings, risk mitigation, acceptance or transfer of risks as appropriate
  • Perform annual HIPAA compliance assessment for the Healthcare clients of the employer and ensure adherence to Personal Health Information (PHI)
  • Other responsibilities include: Security exceptions management, investigation of security incidents, provide security awareness trainings and presentation of security metrics to senior management.

Information Risk Manager

Cognizant Technology Solutions US Corporation
03.2015 - 04.2019
  • Ensure all the IT systems, policies and procedures fully comply with privacy, regulatory, security laws, rules and regulations. Perform security risk assessments based on scope, ensure security obligations are compliant with Client Security policies
  • Ensure compliance to SOX, GDPR and SOC1, SOC2 requirements
  • Responsible for developing new policies and standards in alignment with NIST cyber security framework
  • Lead and execute security compliance reviews of master service agreements and advise business teams regarding gaps and corresponding mitigation requirements
  • Lead and execute internal audits aligned with ISO 27001, report the findings to Senior Management and assist in implementation of corrective and preventive actions
  • Collaborate with cross-functional teams, security team, business process owners, HR teams, Legal teams to facilitate risk mitigation, acceptance and treatment as appropriate
  • Ensure compliance to European data protection laws, identify, protect and secure Personally Identifiable Information (PII)
  • Facilitate SOC1 (Service Organization Controls) & SOC 2 Type I and Type II assessments, collaborate with cross-functional teams for closure of findings. Monitor effectiveness of controls implemented and recommend improvements
  • Track and report on security and privacy incidents, facilitate investigations, handle client communications, engage with business leaders and cross-functional teams to drive corrective & preventive actions. Responsible for tracking risk metrics and presenting risk reports to senior management.

Information Security Manager

Cognizant Technology Solutions India Private Limited
06.2013 - 01.2015
  • Responsible for Physical, Logical and Cyber Security Management of client's onshore and offshore locations. Ensure adherence to organization and client security policies
  • Performed security risk assessments in line with contractual needs, assisted the Project teams with risk mitigation plans and tracked them to closure
  • Responsible for third-party vendor management, perform vendor risk assessments and managed vendor performance reviews
  • Lead and execute security compliance reviews of master service agreement and advise business team regarding gaps and corresponding mitigation requirements
  • Facilitated compliance to SOC1 & SOC2 audit, responsible from scoping stage, identifying the suitable vendor from the Big 4 companies and ensure the SOC assessment is performed and the observations if any identified are tracked to closure
  • Review and respond to RFP (Request for Proposal) requests received during initial bidding stage and best and final offer stage
  • Provided support for security incidents, facilitated investigations and ensured corrective and preventive actions were driven to closure
  • Responsible for Security Metrics Management and Reporting, Risk and Escalation Management, handled client presentations as needed
  • Performed Internal Audits to ensure compliance to ISO 27001 and client policies, supported external audits and ensured timely closure of findings
  • Managed 8 Information security analysts working from various locations in India, responsible for People Management, Performance Management and Resource Management

Associate Manager - Operations Maturity

Cognizant Technology Solutions India Private Limited
09.2011 - 06.2013
  • IT Service Management and Process Design: Analyzed, designed, and implemented ITSM processes aligned with ITIL best practices, including workflow integration with ServiceNow
  • Continuous Improvement and Risk Mitigation: Led continual service improvement initiatives using Lean and Six Sigma, conducted process health checks, FMEA analysis, and closed identified gaps

ITIL Process Consultant

WIPRO Technologies India Private Limited
06.2010 - 08.2011
  • Process Design and Compliance: Designed processes, ensured compliance with international standards, conducted contract compliance reviews, and performed health check assessments to identify and close gaps
  • Continuous Improvement and Risk Management: Streamlined processes using Lean and Six Sigma, performed FMEA for ITIL processes, and tracked service level metrics to drive improvements
  • Vendor Relationship Management: Managed supplier relationships, evaluated performance, and handled underpinning contracts from initiation to renewal

Quality Assurance Professional

IBM India Private Limited
11.2006 - 05.2010
  • Compliance and Process Improvement: Conducted contract compliance reviews, work execution audits, and ITIL process maturity assessments, producing improvement roadmaps aligned with ISO 20k standards
  • Lean, Six Sigma, and Problem Management: Streamlined ITIL processes and led service improvement projects using Lean and Six Sigma, resulting in a 12% reduction in reactive tickets through proactive problem management and root cause analysis.

Technical Support Executive

HCL Technologies Private Limited
11.2005 - 11.2006
  • Delivered technical support for British Telecom Broadband customers, handling incoming calls to troubleshoot and resolve user issues. Conducted analysis of customer satisfaction and support effectiveness to optimize service performance.

Education

Master of Science -

International Technological University
San Jose, California
05-2016

Skills

    Leadership and Management:

  • Strategic planning to align information security deliverables with business objectives
  • Team leadership focused on mentoring and high performance
  • Expertise in change management and smooth transitions
  • Strong critical thinking, problem solving and decision making abilities

    • Technical Expertise:

  • Hands-on experience in using GRC tools: Archer and Metric-Stream
  • Proficient in using ticketing tools such as ServiceNow, Remedy, Maximo and Manage Now
  • Hands-on experience in working with security assessment tools like Prisma Cloud, Snyk, SonarQube, Qualys and Nessus Tenable
  • Hands-on experience working with Microsoft Azure Cloud and Azure Open AI

    • Certifications:

  • Certified Information Security Manager (CISM) by ISACA
  • Certified ITIL V30 EXPERT by EXIN, UK
  • Certified Six Sigma Green Belt by IBM
  • Certified LEAN Practitioner by IBM

Timeline

Business Unit Security Officer (BUSO)

Manulife
12.2022 - Current

Information Risk Manager

Cognizant Technology Solutions Canada Inc.
04.2019 - 09.2021

Information Risk Manager

Cognizant Technology Solutions US Corporation
03.2015 - 04.2019

Information Security Manager

Cognizant Technology Solutions India Private Limited
06.2013 - 01.2015

Associate Manager - Operations Maturity

Cognizant Technology Solutions India Private Limited
09.2011 - 06.2013

ITIL Process Consultant

WIPRO Technologies India Private Limited
06.2010 - 08.2011

Quality Assurance Professional

IBM India Private Limited
11.2006 - 05.2010

Technical Support Executive

HCL Technologies Private Limited
11.2005 - 11.2006

Master of Science -

International Technological University

Similar Profiles

CREATE PROFILE
Vijaykumar Jayakrishnan