Simon Bhanu Chandar Tummala Mallem
Gothenburg
Summary
With over 17 years of experience in information technology, highly specialized professional in cyber security, identity and access management (IAM), information security risk management, and cyber security strategy & assessments. Achieved great success in leading enterprise security services projects, ensuring software development security, conducting requirement analysis, implementing process frameworks, establishing governance policies, procedures, and controls. Expertise extends to customer interfacing, pre-sales activities, and project management. Excel in defining target landscapes within the IAM security space to enhance security measures across organizations. Possess a deep understanding of business processes and products. Consistently deliver effective solutions to stakeholders by partnering with technology and enabling businesses to adhere to information security standards.
Technical knowledge encompasses IAM/IDAM, IT security architecture, PAM, IAM policies, procedures and controls, IAM frameworks, identity governance, active directory, Azure Active Directory (Entra ID), CA SiteMinder, federation, user directories, Saviynt Access Management (SAM), Saviynt Identity Management (SIM), CA Identity Minder, Ping Identity, CA PAM, CyberArk, SailPoint, Saviynt IGA, LDAP architectures, IMS, RBAC models, PIM, certificate management, PKI cryptography threat & vulnerability management. Strong foundation in agile methodologies and a passion for continuous learning and growth within the field of information technology and cyber security.
Actively seeking a long-term association with a growth-oriented organization that can provide rewarding career opportunities where knowledge and skills can make a significant impact.
Overview
17
17
years of professional experience
1
1
Certification
Work History
Senior Security Architect
Geely Europe Innovation and Collaboration AB
06.2022 - Current
- Deep understanding of the organization's technology and IT systems, with expertise in IAM and strengthening the company’s cybersecurity posture
- Planning, researching, and designing security architectures and information security (infosec) policies and support business in execution
- Creating and maintaining standards surrounding IT security documentation, security baselines, risk assessments, IAM processes, procedures, and infrastructure and fostered a culture of security awareness by providing strategic leadership and guidance on IAM best practices across the organization
- Responsible for maintenance of overall IAM and IT security areas owing Identity management, access management, privileged access, authentication directories, Identity Governance Administration, Single Sign-On, Reverse Proxy (RP) Configurations, and the life cycle management of the JML events
- Enhances department and organization reputation by accepting ownership for accomplishing new and different requests, exploring opportunities to add value to job accomplishments. Cultivated strong relationships with key stakeholders, including customers, vendors, regulators, and community leaders to promote collaboration and long-term success.
- Subject matter expert for zero trust architecture and Identity Governance Administrative (IAM) products while providing guidance on cybersecurity and information security best practices like ISO, NIST, SOX, GDPR etc., building sturdy people, processes and technology where IT security frameworks and standards are helpful
- Own the responsibility of shaping and maintaining the IAM strategy for business user access controls, making informed decisions that align with the company’s goals by balancing security, efficiency, and business needs, this approach supports both compliance and a seamless user experience.
- Assesses the applications and architecture to ensure current implementations align with industry security guidelines, best practices, and management-approved standards.
Vice President - Technology and Operations Risk
Morgan Stanley
11.2021 - 05.2022
- Lead the IAM/IT Security teams to manage the Firm's Identity, Authentication, Authorization and Privileged access to key infrastructure and applications.
- Ownership of the enterprise risk management framework and ensure consistency with global standards and compliance with local regulations for all the risks arising from business activities.
- Adhere to IT Security standards, security baselines and mitigate the risks by closing the gaps and improve overall security.
- Define information security metrics to demonstrate effectiveness of controls for IAM Products. Involve in activities such as IAM architecture design assurance, product road maps, execution events, DR activities, Audits.
- Manage IAM Life Cycle Management events and maintain IAM & PA reporting and Assurance processes.
- Responsible for the technical and data analysis aspects of a multi-phase project to review the IAM security controls in place, and then develop tools and products that resolve the control gap and improve operation efficiency.
- Provide oversight and coverage in the regions for audit requests and advice on best practice for risk management.
Infrastructure Project Technical Consultant
Shell
01.2019 - 09.2021
- Provided IAM Solution designs for new Identity management tool which simplifies user identity provisioning by trusting Partner’s joiner, Mover, Leaver and Identity Management processes and safeguarding the assets.
- Designed and Implemented IAM Security Models, RBAC to improve the security across the organization ensuring right identity is provisioned the first time. Identified the dependencies and business impacts while designing the solution.
- Developed and understood Information Risk Management and Business requirements process so that the solution delivered has satisfied the needs of stake holder and accommodated the requirement as per Shell standards
- Delivered architecture, integration designed documents and defined detailed L3 processes and worked with information risk management teams.
- Enhancing user experience in terms of ease of access and Standardized company and identity attestation process. Tested the scenarios in the new tool for identity and company life cycle management tasks.
- Active Directory (AD) - Azure Active Directory (AAD)Technology Upgrade Project establishing Azure Active Directory as a formal Shell business critical service and defining a target landscape within Azure for IAM Architecture, Process, Policy, & Controls governed tenants (Production, Development & POCs) and consolidating the Azure tenants
- Provided technical support for IAM Security features for Web and Mobile in future to improve security across the organization.
- Supported in Hiring, Performance review and process guidance.
Lead Software Engineering
Lowe's
01.2015 - 12.2018
- Developed authentication and federation, Privileged Access Management, ID automation, LDAP directory integration, single sign-on, access management, governance processes, and the support of SOA enabling technologies.
- Partnered with other IT functional teams to design and implement IAM capabilities that will serve as a foundation for platform integration and enable service-based solutions
- Expanded our integration with new applications and expanding our service / integration offerings will be key to Lowe’s IT success and provided full life cycle support for Identity and Access Management solutions.
- Analyzed complex issues and developed problem resolution plans ensuring the quality of solutions while delivering accurate and timely status reports.
- Defining the roadmaps, architecture designs and process standards for the identity management platform and Onboarding applications in IAM technologies in CA SSO, PAM (CyberArk, CA PAM), DIRECTORY etc
- Performed Security and Risk management driving run-time activities in the respective product areas including - SSO onboarding, Patching, Threat & Vulnerability Management, alert management, Incident, Problem & Change Management, Certificate Management/Cryptography, Automation of Health check of all portfolio systems
- Help business teams leveraging as an Omni Chanel Solution in the organization.
- Accountable for all the deliverables like projects, production support, operational activities from IAM team and manage working on an effort that involves collaboration across global teams
- Strong ability to communicate clearly and appropriately with executive and management level business partners, non-technical end users, technical subject matter experts and vendors
- Lead Security Operations engagement with application and business owners who consume IAM services ensuring the quality of solutions while delivering accurate reporting metrics for entire IAM and providing the support for incidents and required on call support.
- Mentoring new team members to develop their skillsets. Analyzing and resolving complex authentication, integration and automation issues
- Have been the single point of contact towards the global team and continuously seek to improve the time, cost and risk associated with the automation of user authentication.
Technical Lead
Wipro Technologies
08.2014 - 12.2014
- Federation management is performed for the applications and migrating the new applications to new products.
- Analyzed, developed and implemented complex authentications, problem fixes while ensuring adherence to information security standards, custom development standards and corporate policy.
- Key point of contact for business and global managers for all issues relating to IAM including the Incident/Change management.
Technology Analyst, Cluster Lead
Infosys Limited
06.2008 - 08.2014
- Analyzed, planned and maintained IAM Technologies and optimized system performance through regular maintenance and updates, resulting in increased efficiency.
- Actively involved in management activities, including planning, designing, deploying, and configuring systems. Worked closely with business managers to address and resolve issues efficiently through incident management.
- Determined root cause, implementing solutions, configuring policy servers, Installing SiteMinder and applying all required or missing patches to run directory servers properly for resolving authentication, authorization and performance issues.
- Extensively worked in coding, debugging and developing the application to accomplish the task on time.
- Solved the complex technical solutions efficiently and delivered the user acceptance testing without any blocking defects.
- Assisted in winning business proposal for a new project by suggesting and improving the user friendly interface of the application.
- Conducted knowledge sessions regularly to train the peers thus building the team.
Education
B.E. - Electronics & Communications
SJCET
Hyderabad, Andhra Pradesh01.2008
H.S.C -
Sri Vivekananda Junior College
Vijayawada, Andhra Pradesh01.2004
S.S.C -
Balayesu Vidyalaya Hindupur
Hindupur, Andhra Pradesh01.2002
Skills
- Identity and Access management
- Identity Governance and Administration
- Privileged Access Management
- Security Policy Development
- Data Protection
- Security Operations Center
- Incident Management Planning
- Security Awareness Training
- Technical Support Services
- Network Security Management
- Application Security Expertise
- Security Information and Event Management
- Intrusion Detection Systems
- User Directories
- Physical Security Management
- Single Sign-On Expertise
- Federation Service Management
- Infrastructure Management
- Client Service Coordination
- Proficient in Programming Languages
- Software Development Life Cycles
Certification
- TOGAF 9 Certified
- ITIL Foundation Certificate
- CISSP Trained
- Certified Scrum Master (CSM)
- Certified Scrum Product Owner (CSPO)
- IBM Cloud Architecture V1 and V2
- Microsoft Azure Fundamentals
Hobbies and Interests
- Photography, Travelling, Listening to Music
Personal Information
- Date of Birth: 02/15
- Visa Status: Europe Resident Permit US Business Visa B1 Netherlands Business Visa UK Business Visa
Accomplishments
- One Click with the CEO in recognition of outstanding quality work in IAM, highlighting dedication, focus on quality, and technical expertise.
- Received an Engagement Level Feedback (ELF) rating of 7 out of 7 scale from client and have received “Star Award”
- Recognized with a “Certificate of Appreciation” and “Wall of Fame” award for exceptional contributions to IAM Security Enterprise Tower, including evaluating technical designs, conducting proof of concepts, and delivering end-to-end integration design documents.
- Rewarded "Most Valuable Player" at the Business level for exceptional contributions, along with multiple awards, including "Rewards & Recognition" and "On the Spot" for outstanding project performance.
Timeline
Senior Security Architect
Geely Europe Innovation and Collaboration AB
06.2022 - Current
Vice President - Technology and Operations Risk
Morgan Stanley
11.2021 - 05.2022
Infrastructure Project Technical Consultant
Shell
01.2019 - 09.2021
Lead Software Engineering
Lowe's
01.2015 - 12.2018
Technical Lead
Wipro Technologies
08.2014 - 12.2014
Technology Analyst, Cluster Lead
Infosys Limited
06.2008 - 08.2014
H.S.C -
Sri Vivekananda Junior College
S.S.C -
Balayesu Vidyalaya Hindupur
B.E. - Electronics & Communications
SJCET
Similar Profiles
Edwin KarlssonEdwin Karlsson
Strategic Commodity Manager at Zeekr Technology Europe - GEELYStrategic Commodity Manager at Zeekr Technology Europe - GEELY
Bassel YassinBassel Yassin
International Travel Consultant at GTE Global Travel Engine Europe ABInternational Travel Consultant at GTE Global Travel Engine Europe AB
ZIYUE WANGZIYUE WANG
Senior CMF Designer at DreamSmart (GEELY)Senior CMF Designer at DreamSmart (GEELY)