Padmavidhya E
Cyber Security Program Manager
About
Results-driven Cyber Security Program Manager with 10+ years in IT and 5+ years of dedicated cybersecurity experience spanning CISO advisory, GRC, security consultancy, and program management roles. Deep domain expertise across network security, cloud security (AWS, Azure, GCP), IAM, data protection, application security, third-party risk, and AI governance. Proven ability to lead enterprise-wide compliance programs, conduct gap assessments against NIST CSF, ISO/IEC 27001/27002, PCI DSS, HITRUST, and CIS Controls, and translate regulatory requirements into practical security controls. Adept at communicating security risk to executive leadership and aligning security strategy with business objectives.
Skills & Expertise (51)
Work Experience
Cyber Security Program Manager
IEHP / Blue spire Inc
Jun 2024 - Present
Leading the enterprise cybersecurity compliance and governance program for a major healthcare managed care plan, directly supporting CISO-level objectives across people, processes, and technology. Spearhead the system-wide cybersecurity compliance program ensuring all IT activities, processes, and procedures meet HITRUST, HIPAA, NIST CSF, and CIS Controls requirements. Conduct security reviews and gap assessments of technology products and solutions, identifying control design deficiencies and developing remediation plans aligned to NIST SP 800-53. Design and maintain cybersecurity metrics dashboards (Power BI) for executive and board-level management, focused on crown-jewel application risk posture and operational resilience. Perform privileged access and identity reviews for both human and machine accounts; implement RBAC improvements via Saviynt IAM platform. Coordinate HITRUST and financial audits with third-party assessors; manage all evidence collection, control mapping, and stakeholder communication. Build and test disaster recovery, business continuity, and contingency strategies; conduct annual tabletop exercises simulating ransomware, data breach, and insider threat scenarios. Develop and maintain cybersecurity policies, procedures, and security awareness training programs; execute extended access reviews and enhanced logging initiatives. Architect and lead the organization's AI Governance strategy and program, establishing controls for AI risk, data privacy, and model integrity. Provide input to third-party risk management, vendor security assessments, and supply chain security controls aligned to the organization's control portfolio.
Cyber Security Extern
NJCCIC via Rutgers MBS Externship
Sep 2021 - Dec 2023
Completed three sequential externship engagements with New Jersey's state cybersecurity agency, delivering threat intelligence, honeypot, and DNS security projects for public sector critical infrastructure. Malicious DNS Finder: Extracted DNS features from CrowdStrike and Palo Alto logs using Python. Built Google Big Query ML models for anomaly detection; coordinated with CISO on daily information security management. MISP Threat Intelligence Repository: Configured AWS EC2 with hardened security (EBS encryption, controlled ports); deployed MISP CTI platform in a containerized Ubuntu environment; configured RBAC, event enrichment, and IOC management. Cybersecurity Honeypots: Deployed Open Canary + ELK Stack on AWS EC2; visualized attacker telemetry in Kibana; presented intelligence findings to senior NJCCIC leadership.
GRC Analyst
KPMG / Orion Innovation
Jan 2020 - May 2024
Delivered IT compliance assessments and security consultancy services for KPMG Clara workflow engagements, supporting clients across financial services and regulated industries. Planned, conducted, and reported IT compliance assessments against ISO 27001, NIST SP 800-53, PCI DSS, and SOX, identifying gaps and recommending risk mitigation measures. Performed gap assessments of application, database, OS, middleware, and business processes against predefined security control frameworks; documented and presented findings to senior stakeholders. Evaluated access control design and operation in both cloud and on-premises environments; audited IAM configurations for least-privilege and segregation of duties compliance. Analyzed regulatory changes, contributed to compliance strategy refinement, and served as point of contact for compliance for assigned areas. Gathered and interpreted evidence for vulnerabilities, gaps, or control deficiencies; coordinated with SMEs to prepare data packages for external auditors. Developed test procedures and recommendations to improve validation of security control objectives; re-tested remediated controls and validated closure of audit deficiencies.
Test Lead — Records & Data Management IT
UBS / EPAM Systems
Jun 2018 - Apr 2019
Led integration and security testing for financial data management systems; coordinated with L2/L3 support teams on production fix validation in SIT, UAT, and PROD environments.
IT Analyst — Loan & Credit Origination Systems
United Overseas Bank
Apr 2014 - May 2018
Delivered secure integration of third-party credit bureau systems via web services; developed QTP automation framework; conducted peer reviews on application security configurations.
Test Lead — SAP Supply Chain IT APAC
Hewlett Packard
Apr 2012 - Mar 2014
Led QA strategy and execution across SAP PDM, Procurement, and Logistics modules; ensured data integrity and security across APAC supply chain systems.
IT Analyst
TATA Consultancy Services
Dec 2005 - Sep 2010
Participated in security audit documentation and internal compliance reviews; developed VBScript QTP automation frameworks; executed performance tests for telecom ordering applications.
Education
Master of Business and Science (MBS) — Cybersecurity - Rutgers University
- 2024 · Afghanistan
Diploma in Information Security and Forensics - Temasek Polytechnic
- 2019 · Afghanistan
Bachelor of Electronics & Instrumentation Engineering - Anna University
- 2005 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (51)
Click a skill to find developers with the same skill
