Sajeev Vijayakumar

Innovative and results-driven Security Consultant with extensive experience overseeing the work of security operations teams comprised of both internal and external resources. Proven ability to establish and implement effective security, governance, and risk management practices within large business organizations. Capable of understanding and adapting to the continuously evolving landscape of security challenges in the current and future state of business operations, as well as empowering the organization with the proper tools, skill sets, resources, and capabilities to address a wide range of information security risks. Demonstrate excellent written and verbal communication skills, along with a high level of personal integrity in building partnerships with key internal executives and leaders across different departments and business units, third-party vendors, government institutions, and thought leaders within the industry.

Equinoxgold Corporation, Vancouver, BC.                                                                                       August 2022 – Present

Cyber Security Program Manager

Cyber security program manager involved in creating strategic alliances with organization leaders to effectively align with and support key cyber initiatives. Build and retain high performance teams by hiring, developing and motivating skilled professionals. 

• Lead complex, cross-functional security and compliance initiatives, including Designing and maintaining vulnerability management program, assessments and audits with CIS and NIST 800-53, Microsoft O365 E5 security stack optimization, Migration of SIEM system – Rapid 7 IDR to Microsoft Sentinel, Information security training and awareness, 3rd party vendor management, incident response process and playbooks, and penetration tests. 
• Managed a program budget of $3M. 
• Defined project deliverables and monitored status of tasks with internal teams and third-party vendors. 
• Collaborated with cross functional teams to draft project schedules and plans. 
• Developed IT strategic vision and drove key department objectives. 
• Provide transparency into project health and present the portfolio of projects in a dashboard for management. 
• Manage internal projects that support continuous improvement of services offered across the organization. 
• Actively manage project portfolio, provide consistent program status/progress updates to leadership. 
• Performed risk assessments and control gap analysis, managing associated remediation plan to minimize risk. 
• Provide direct oversight and coordination of security improvement program and the project activities. 
• Designed metrics to show continuous program improvement and regularly communicated program status to stakeholders and executives. 

Shared Services Canada, Ottawa, ON.                                                                                       May 2022 – August 2022

Information Security Consultant (SMG CSOARR)

Assist with the development of governance frameworks, policies, standards and procedures which sets the foundations for the Management of IT Security Compliance for SSC and customers. 

• Understand the working of Shared Services Canada organization and its exposure to current risks in the cyber security landscape and develop policies and procedures to address the gaps and resolve any creditable challenges. 
• Work independently and as part of a team in researching and developing policy and technical responses to current or emerging environmental issues
• Collaborated with various stakeholders to review and assure Business requirements using the industry standards and develop an effective policy that would be sustainable over time. 
• Assisted in the development of Enterprise Cyber and IT Security compliance framework, Vulnerability Management compliance framework and Patch Management compliance Framework. 
• Assessed SSC’s client needs and developed customized security plans that included the required technology, tools, and techniques. 
• Participated in collaborative research, analysis, consultation and synthesis of information to produce recommendations.  Part of the process involves evaluation of options against a set of criteria used to assess each option. 

Shared Services Canada, Ottawa, ON.                                                                                      October 2021 – April 2022

Information Security Consultant (Enterprise Vulnerability Scanning Services (EVSS) team at SSC-NSS-ISO)

Identify weaknesses within existing information security technologies and programs through collaborations with executives and teams of information technology security experts. Oversee Enterprise Vulnerability Management programs and provide leadership and guidance to personnel and coordinate the development of a comprehensive information security program in accordance with industry best practices and the latest threat landscape. Recommend and execute IT technologies, strategies, and policies to guard customer’s information assets. 

• Implement security risk analysis for current and new systems to find system weaknesses or disclosures. Maximize efficiency in protecting data and information systems, networks, and software against hacker attacks.
• Recommend solutions for explaining risks and reducing exposure areas through Security Assessment Reports (SAR) and Statement of acceptable risk (SOAR). 
• Plan and design vulnerability scanning and hardening standards for IT projects. Prepare security program plans and execute IT controls, processes, audit tools, interfaces, and utilities for authentication.
• Support and provide consultancy for audit compliance actions as required for partner organizations. 
• Implement periodic, on-demand project audits plus vulnerability analysis.
• Assist in documenting letters of Authorization (ATO) and Statement of Sensitivity (SOS). 
• Perform independently in team implementing security and privacy engagements. 
• Ensure that any new or existing security capabilities align with the overall vision and mission of the organization. 
• Supervise and guide security teams of managers, engineers, and other technical or security employees. Work with managers, engineers, and other security analysts to decrease risks for an organization

Durham College & Ontario Tech University, Oshawa, ON.                                                       October 2020 – October 2021

Director of Information Security                                                                                           

Coordinate the development of a comprehensive information security program in accordance with industry best practices and the latest threat landscape. Manage operations related to incident response and forensic analysis and audits in order to support investigations or litigation procedures.

• Incorporated numerous information security improvements across IT services and multiple departments to ensure optimum protection of university data being handled by remote service providers including cloud and SaaS.
• Modified information security policies and documentation system to provide users and staff with adequate knowledge and technical advice on standard security practices and procedures, thereby maintaining consistent adherence to the information security aspects of various regulations and local organizational policies.
• Formulated practices and solutions for more efficient management of user identity (account) credentials and authorization and authentication procedures in collaboration with the ITS management team.
• Provided crucial guidance to the maintenance of appropriate network perimeter security and intra-network partitioning solutions as needed for effective risk mitigation and security administration, along with recommendations to key stakeholders on relevant risk issues.
• Delivered key contributions to the design and implementation of various information security monitoring and reporting solutions, identification and evaluation of new and emerging security threats, assessment of modern information security technologies and processes, and implementation of research on a wide range of evolving and best practices in information security management.
• Collaborated with senior management and executive stakeholders and defined enterprise level IAM frameworks.
• Involved in development of IAM business blueprint and business case customized for Departments within the Academia sector. 
• Lead the pilot implementation of Duo security cloud based multifactor authentication service and end point security on Confidential enterprise remote access services.
• Implemented a training program, which raised information security awareness through role-based security training, and phishing simulation campaign.
• Played a key role in conducting third-party risk assessment by analyzing the security practices of new candidate vendors, participating in contract negotiations, tracking the performance of existing vendors, and ensuring that pertinent concerns about current vendors are properly reported to the appropriate area for review.
• Introduced an information security dashboard reporting metrics as part of a new information security roadmap.
• Review, analyze, and apply the best practices, on IT Security Risk Management Methodology for cloud solutions.  

IBM (International Business Machines), Markham, ON.                                                    October 2017 – September 2020

Security Program Manager, May 2019 – September 2020

Direct all aspects of daily operations involving the design, implementation, and integration of enterprise-wide end-to-end information security programs and managed services for a diverse set of security technologies including FortiGate Firewalls, FortiWeb Web Application Firewall, RSA Authentication Manager (multi-factor authentication), Tenable (vulnerability scanning), FireEye HX (endpoint protection), Thycotic Secret Server (PAM), and Microsoft Certificate Authority (PKI).

• Elevated the skill set of a team of 15 reports in facilitating the deployment of new products and services, while serving as the primary point of contact for GRC solutions. 
• Led the development and implementation of a strong governance framework for maintaining consistent visibility and transparency of all technology development initiatives, automated processes, and various application dependencies.
• Completed an extensive examination of audit controls in the environment with keen focus on improving risk management capabilities.
• Designed new processes for aligning operational process with IBM Global Cyber Security policies and procedures. 
• Significantly enhanced RTO by collaborating with the Cyber DevOps team in streamlining processes and enabling the automation of routine tasks for greater efficiency.
• Expedited a cyber security program, which led to the modernization of a Canadian payment system.
• Responsible to elicit high level IAM Business Requirements from key business and technology stakeholders
• Assisted in executing the implementation of IAM systems and upgrade to systems as needed. Assist in updating (SailPoint IIQ) workgroups and Monitor SailPoint IIQ product functionalities. Implemented Self-service feature, Password management feature, Provisioning feature and forgot password change in SailPoint.

Senior Security Project Manager, October 2017 – May 2019

Provided strategic leadership and guidance to the delivery of multiple information security enhancement projects and engagements with high-value clients including government jurisdictions and large private and public sector organizations such as Bank of Canada, Payments Canada, CIBC, TD, Central Bank of Bahamas, Shared Services Canada, Canada Revenue Agency (CRA), City of Toronto and Air Canada. Orchestrated program planning, execution, progress monitoring, stakeholder communications, and status reporting for cross-functional projects.

• Formulated strategies for fostering open communication and awareness on project status. 
• Responsible to elicit high level IAM Business Requirements from key business and technology stakeholders
• Worked on multiple projects with IAM tools such as Sailpoint, CA Identity Manager, Oracle Identify Manager, Saviynt, CyberArk. 
• Ensured full client satisfaction with the project delivery process through rigorous effort in project status reporting, risk assessment and mitigation, and issue escalation and resolution.
• Built productive business relationships with key stakeholders across various levels of the organization, while identifying crucial resources and establishing precise ownership for the execution of project tasks.
• Commended for excellent leadership in guiding the work of technical teams, articulating project objectives and scope, translating business requirements into technical terms, preparing comprehensive work breakdown structures (WBS), and instilled shared accountability towards the achievement of project milestones. 

CIBC (Canadian Imperial Bank of Commerce), Toronto, ON.                                                     August 2013 – October 2017

IT Project Manager

Supervised project development processes from initiation to closure. Articulated expectations and project/intake requirements to appropriate team members.

• Identified proper adoption, usage, and satisfaction metrics for validating and monitoring project progress.
• Expedited the alignment of IT services with business needs, while taking part in planning and forecasting engagements.
• Developed profound understanding of various aspects of performance and service level agreements, risk assessment and issue resolution, disaster recovery, business continuity, and service provider/vendor contract management.
• Executed complete integration, adoption, and compliance to the Change, Asset, and System Configuration processes across the entire business.
• Defined project scope and timelines, while adapting to constantly evolving PMO governance framework and processes.
• Instrumental in enabling the proper identification and mitigation of business risks, impacts, and various constraints related to the adoption of technical solutions.
• Instrumental in the design of IT departmental strategies that aligns with the broader business development roadmap.
• Promoted the incorporation of project management best practices across the entire organization.
• Cultivated an extensive knowledge base of modern IT governance procedures to ensure compliance of IT infrastructure with pertinent industry standards.

Additional Work Experience

Network Technical Specialist (Global Command Centre), CIBC (Canadian Imperial Bank of Commerce), 2011-2013

Senior Technical Analyst, CIBC (Canadian Imperial Bank of Commerce), 2010-2011                                                                          

Education

Telecommunications Technology Co-op                                                                                             

Sheridan College – Oakville, ON, 2010

Licenses & Certifications

1. Actively pursuing Azure and AWS certifications.
2. CISM, April 2021
3. PMP, October 2018
4. CISA, December 2017
5. ITIL 2011, September 2013
6. CISSP, September 2013
7. CCNA, March 2012