Program Manager Project Management
Resume:
PULIYUR NARAYANAN
call / text: 908-***-**** Scotch Plains, NJ 07076
email: ****************@*******.*** social: https://www.linkedin.com/in/puliyurnarayanan
Summary
Proven analytical and results-driven executive-level IT and OT Security Program Manager with progressive accomplishments in financial, utilities, energy, and other highly regulated industries. Collaborative and motivating cybersecurity leader with experience leading, supervising, and directing large teams of Project Managers, Technical Consultants, Design Engineers and globally spread virtual teams. Professional with entrepreneurial mind-set, strong work ethic, C-level executive & stakeholder management skills, and excellent technical problem-solving skills. Proven history of successfully executing several large (>$30M) IT & OT Cybersecurity, Cloud, and IT Infrastructure programs / contracts that meet regulatory compliance and client satisfaction.
Expertise
Financial and other regulated industry
Capital Markets, Investment Banking
Trading Platforms, Market Data Platforms
IT and OT Cyber Security
Security Risk Assessment
(NIST CSF, CMMC, NERC CIP)
Threat and Vulnerability Management
End Point Security, Network Security
SIEM, XDR for IT and OT assets
Cloud Security
Vulnerability Assessment and Pentesting
DevSecOps
Quantitative Risk Assessment (FAIR)
Leadership and Mentoring
Technical Program Management
Agile Project Management, Continuous Improvement & Continuous Deployment
Scrum and Waterfall Methodologies
Portfolio Reporting, Metrics (business and financial)
Key Performance Indicators (KPIs and KRIs)
Business Analysis, Presenting to Leadership
Performance Management
Stakeholder Management, Client Interfacing
Budgeting, Financial Reporting
Complex Problem-Solving
Experience
OT Security Consulting Manager, SGS Consulting LLC
04/2023 – Present
Role: OT Cybersecurity SME & Program Manager, OT Security Governance Program
Client: PECO Utilities, Operating Company of Exelon, Malvern, PA
Serve as OT Security SME and Program Manager for PECO Utilities and manage PECO’s Implementation of Exelon 10-Year OT Security Governance Program. Primary point of contact for coordination and execution of PECO Utilities T&S (Transmission and Substations) wide OT security program to deploy OT security controls to all electrical substation assets across PECO’s 480+ substations. Responsibilities include OT substation asset inventory assessment, gap analysis, and implementation of various security controls. Common OT security controls include firmware upgrade, complex passwords, enhanced logical access controls, minimum security baseline configuration, logging and monitoring of key OT cyber assets, OT patch management, vulnerability management, etc.
Manage a team of eight external OT Security Consultants and internal staff of electrical engineers and implement various projects within the PECO OT Security program. Key projects managed:
Inventory assessment of over 5,800 L2 and L3 substation assets (Relays, SCADA, SI Controllers, AVC, annunciators, etc.), performed gap analysis, provided a path for full OT security remediation that meets Exelon OT security standards.
Manage a comprehensive L2 and L3 OT security remediation plan which includes implementation of endpoint OT security controls such as firmware upgrade, security baseline configuration, logical access controls, etc. that will increase(d) their L2 and L3 substations to be fully compliant by 2025.
Manage an external vendor assisted OT NIST CSF assessment of PECO Utilities and ensure PECO’s RISK score meets or exceeds the current NIST-CSF Level 3 (Repeatable) which is an indication of PECO-wide, consistent and formal cyber risk management program that is expressed through documented policies / processes and one that considers the changing business landscape.
Senior Program Manager, Accenture Security Florham Park, NJ
02/2020 – 03/2023
Perform service delivery, technical program management, and business development activities for various Clients in resources domain (utilities, oil and gas, manufacturing, etc.) in NA. In addition, lead and mentor a small team of Security Project Managers and Project Analysts within our Applied Cybersecurity practice. Key programs managed:
Service Delivery Lead for CyberSecurity Transformation Program: Client: PPL Utilities
Provide service delivery and program management leadership for a portfolio of cybersecurity projects (2 Year - $12.7 million) to Fortune 500 Client, a major electric utility in Mid-Atlantic region.
Led a project team of 35+ IT & OT cybersecurity professionals involving application security, infrastructure and network security,, vulnerability management, SIEM, OT Security (transmission and distribution electrical systems), IT & OT pentesting, and other areas with responsibility for planning, technical design, and implementation of strategic security tools and systems of high complexity to fulfill Client business needs.
OT/ICS Security 2-Year project included the following:
oOT/ICS Asset & Architecture Discovery and Validation: Performed a detailed OT devices assessment for both transmission and distribution systems and based on the Security Consultant’s recommendations, deployed Claroty tool for asset discovery and categorization of various OT/ICS assets from security perspective.
oPerformed OT/ICS Security Assessment involving key (selective) substation elements such RTUs, SEL3620, battery packs, circuit switchers, etc. and did pilot implementation of various recommendations (security controls) at 2 selected substations in PA. In addition, created governance and architectural documents for further implementation across the entire organization for all substations and thus ensured they are NERC CIP compliant.
Led overall cybersecurity delivery on behalf of Engagement Lead and Client CISO working in concert with Client PMO; oversaw creation of project management plans (in agile DevOps board), scope documents, risks & issues register, and coordinated technical requirements, scheduling, and project execution in collaboration with PMs and various strategic stakeholders.
Establish and sustain effective, professional relationships with Client cybersecurity leaders and business managers; work closely with IT partners to understand business drivers and deliver on technical and financial requirements; provide leadership to team Security Consultants in creating right solutions in the required timeframe.
Led delivery of all work products; architecture plans, gap assessments, implementation plans, coordination and execution of approved security controls, tracking security exceptions, and obtaining sign-off on all SOW work-products & artifacts.
Provided regular portfolio updates and metrics to CISO and ensured projects are successfully delivered and security goals achieved as measured by Client KPIs and KRIs.
Created stakeholder communication plans for multiple cybersecurity initiatives simultaneously; also provided financial reporting and operational analysis to the Client’s IT Governance leadership as needed.
Led and mentored Client PMs in Cybersecurity technology and imparted agile framework to drive continuous improvement resulting in 100% of the projects being delivered on time and within scope and budget.
Service Delivery Lead for Cyber Transformation Program: Large Oil & Gas Company in Houston, TX
OT Security Project: Provided full technical program management for OT Security workstream which involved three major components, namely – OT Firewalls assessment of upstream PCD environment, OT Application Security Design Review, and OT Security Monitoring assessment and roadmap. Built Azure DevOps board and project managed the deliverables and milestones to Client satisfaction.
IT Cybersecurity transformation consisted of six workstreams, namely: data security, Cloud security, Cyber Awareness, DR & Cyber Resilience, Security Monitoring & IR, and Infrastructure Hardening. Built and managed the Agile DevOps board for these 6 cybersecurity workstreams (projects) with major milestones and critical tasks tracked weekly with Client PMO team. Managed a team of 18 Security Consultants and ensured all the technical work products were delivered to the satisfaction of the Client. Built Azure DevOps board and project managed the deliverables and milestones to Client satisfaction using agile methodology.
Delivery Lead for M&A CyberSecurity Assessment Project: Large Bank in NC
Service Delivery Manager for 5-month M&A assessment project for large Bank in NC, wherein I managed the Security gap assessments and Cloud Security assessment for the combined Bank entity.
Managed a team of cybersecurity consultants involving cyber post-merger due diligence between BB&T and SunTrust organization, involving vulnerability management, end point protection, network security, cyber resilience, and Cloud Security. Security assessment included gap assessments and recommendation target end-state application security architecture, cloud security tools, and related security framework for the merged entity.
Consulting Cyber Program Manager, Vaco Consulting LLC Charlotte, NC
03/2019 - 11/2019
Program Manager, NextGen CyberSecurity Transformation Project Client: Refinitiv, Hoboken, NJ
Led and managed $7.7 million Cybersecurity Transformation project in support of Refinitiv divestiture from Thomson Reuters.
Working with a third-party service provider and Client CISO, managed the delivery of Security Gap Assessment, first stage of the project, upon which the rest of the program was based .
Project involved closing operational gaps for Threat and Vulnerability Management, Incident Response, Offensive Operations, Cyber Threat Intelligence Operations, etc. post divestiture. Based on the recommendations outlined in the gap assessment, the following cyber capabilities were built in support of Client’s Security Operations group’s transition out of Thomson Reuters security platforms.
oBuilt and deployed a robust global infrastructure for Anomali ThreatConnect TIP (Threat Intelligence Platform) and integrating various threat intelligence feeds such as CrowdStrike, Intel471, etc.
oBuild and deploy SOAR Platform using D3 Security SaaS platform and integrated it with on-prem QRadar infrastructure, among other cyber intelligence tools.
oFor TVM (Threat and Vulnerability Management) group, built and deployed 18 Qualys scanners globally as part of Refintiv separation Program and migrated existing / legacy scans and end point assets to new Refinitiv’s Qualys infrastructure.
oAlso integrated the new Qualys infrastructure with Kenna Security Risk Management platform as well as ServiceNow CMDB IT asset data.
oBuilt and deployed Symantec based CASB (Cloud Access Security Broker) enterprise solution.
Created business cases, project documentation, project plan, and related artifacts for the projects.
Created a cybersecurity dashboard that quantified the benefits and reduction in Client’s cyber risk exposure (KRIs – Key Risk Indicators) as projects progressed. The dashboard offered recommendations that balanced cost, cyber risk reduction, and customer expectations.
NextGen Cybersecurity Transformation project won The Project of the Year award from Refinitiv Executive leadership.
Senior Program Manager, Refinitiv, F&R Division of Thomson Reuters New York
08/2016 - 01/2019
Directed strategic software deployment and large-scale infrastructure upgrade projects, aligning them with company's vision to connect with customers, simplify businesses and products, and drive performance through growth and market share.
Direct, manage, and monitor all phases of projects and programs for DCIS group's portfolio of approximately 15 medium to large scale projects.
Provide project business cases (creation thru approvals), monthly PMO reporting to stakeholders, financial status and risks/issues logs for the projects with key stakeholders.
Established project plans and cost estimates and managed delivery to ensure project goals are met in line with original scope and budget estimates.
Development and continuous improvement of the Portfolio execution processes & standards, seeking contributions from Project Managers, Application development and Infrastructure teams, to ensure the standards meet the best practices.
Senior Program Manager, Thomson Reuters Markets New York, NY
03/2009 - 08/2016
Realtime Technology Program Management Lead: Led strategic and transformative projects and programs focused on various initiatives within Financial Markets group and aligned with low-latency, high-performance Elektron and TDN (Thomson Data Networks) networks and flagship Eikon desktop platform.
Headed portfolio management activities, partnering with Senior Development Managers, DevOps Managers, and various BU leads in creating portfolio of projects, ensuring completion of project within time, scope, and budget.
Orchestrated $14M division capital budget and ensured adherence to financial policies and controls.
Guided project definition, infrastructure build out, testing, and product launches working in concert with product and software development teams.
Key Projects and Accomplishments:
BDN (Bridge Data Network) Sunset Program: Decommission and disposal of over 3,800 servers and associated exchange feeds in various datacenters in the US and migrated the applications to Elektron network in Plano and Hazelwood data centers in the US. This resulted in $3.3M annual operational savings to the business unit.
oCoordinated the network builds and migration of over 1200 servers to new networks.
oNetwork builds involved industry standard hardware (F5 Big-IP 5200 series load balancers, Cisco Nexus 7000, Juniper MX series core routers, etc., and Checkpoint Firewalls).
oMigration included Client applications that are hosted in Colocation centers and load balanced using Citrix NetScaler.
OCL Data Center Migration: Orchestrated and executed $18M program to migrate Thomson One infrastructure involving 2,500+ servers (including collections, core and distribution networks) from One Liberty Plaza data center in New York to a new data center in Plano, Texas.
oMigrated the strategic infrastructure from lower NY metro region to a more cost-effective strategic location in Plano, TX and ensured savings of over $8 million in annual hosting cost.
oBuilt out new collections and distribution circuits, core networking, and systems consolidation, including integration and testing Client hosted applications (BAML and Wells Fargo) and migration of over 800 Client Systems from OCL to Plano networks with no Customer impact.
oNetwork build out involved Cisco Nexus 5000 series, Checkpoint 3000 NextGen, and F5 load balancers.
Orchestrated TDN (Thomson Market Data Network) Modernization Program involving $14M upgrade to the TDN network and executed in two years.
oMigrated core and distribution networks to 8 X 10Gig T-bone infrastructure with 20Gig WAN connectivity across multiple data centers.
oThis strategic project enabled multiple divisions within Thomson Reuters to share data feeds and distribution networks (using Cisco and Juniper Core networking gear) thus saving $6M in annual recurring costs for the company.
Vice President, Senior Technology Project Team Manager
07/2002 - 03/2009
Bank of America New York, NY
Promoted from Technology Project Manager to Senior Technology Project Team Manager through the years. Collaborated with senior executives of the technology and business organizations in creating, evangelizing and executing strategic vision relating to design, build, and deployment of trading platforms for GRCC (global rates, currencies, and commodities) division and Risk Technology groups within Banc of America Securities.
Consulted with senior executives to create, evangelize, and execute strategic vision for design, build, and deployment of trading platforms based on well-known vendor products such as Algo, Murex, and Calypso.
Programs involved capital spend of over $24 million at various sites (New York, London, Chicago, San Fran, Singapore, and Hong Kong) and this enabled Clients to increase trading revenue by over 40%.
Managed end to end delivery of projects using agile and six-sigma methodologies.
Built out .NET based infrastructure for FX-Options trading platform, launching as first FX Options liquidity provider to trade FX derivative products on Bloomberg platform and providing proprietary web site for customers.
Recognized with two Bank of America Medallions for excellence in service.
Education
MBA: Strategy and Finance, Columbia Business School New York, NY
Master of Science: Ocean Engineering, Florida Atlantic University Boca Raton, FL
Bachelor of Technology: Naval Architecture, Indian Institute of Technology Chennai, India
PMP Certified, Member ID: 1421793 (not current) 03/2013
Software and Tools
Security Tools: Carbon Black, Qualys, Shodan, Rapid 7, Palo Alto Prisma, Nozomi Guardian, Claroty Platform
Standards: NIST 800-82, NIST CSF, IEC 62443, CIS 20, NERC CIP, ISO 27002, ISO 27001
Software: JIRA, Confluence, Clarity, Smartsheet, Microsoft Project, Visio, SharePoint, Lucid Chart, Canva Designer, and ServiceNow.
Extras
Training & Certification:
CCSP, CISA, and CISSP Bootcamp training via Accenture Security Training program
Cyber Risk Assessment training, FAIR Institute
Certified in Microsoft Azure Fundamentals (AZ-700 Exam), AZ-700 in progress
Contact this candidate