Profiles search

Hari Mukundhan

Director, Cybersecurity Product Management at Capital One
New York, NY, United States

Details

Education: Master's Degree (ALM)

Information Systems Management

Harvard University



Master of Business Administration - MBA

Systems and Finance

Amrita School of Business - Coimbatore



Bachelor of Science

Physics

University of Madras
Experience: Head of Product Management for Data Protection (Data Loss Prevention, bEncryption, Key & Certificate Management)

My fundamental goal is to transform the Data Protection practice into a world class one across people, processes, and tooling capabilities.

2022 : Present

Capital One

Director, Cybersecurity Product Management

Own and manage the Data Protection technology risk & controls lifecycle and roadmap for the firm. Owned product strategy and roadmap for several Data Protection products with budget totaling to $20m annually

a) Define Data Protection controls requirements – both security and regulatory requirements - and design for on-premises and cloud.

b) Own the Data Protection Standards, Controls Procedures globally

c) Execute risk and controls assessments for the domain - using both manual measures

and automated measures such as KPI’s

d) Trusted advisor to business and technology leadership on Data Protection risk posture to drive proactive risk management

e) Enabled Public Cloud adoption by modernizing Data Protection Standards, Procedures, and Controls Design

f) Implemented a Cryptographic Key Management Service w/ FIPS Level 3 HSM’s. Approx. 700 applications have adopted the tool

g) Managed the Database SIEM Activity Monitoring product globally, processing 5B log events/day across 30k databases firmwide

h) Managed the Endpoint Encryption Product covering 60k devices

i) Defined risk and control requirements for SaaS deployments (e.g., Snowflake, O365

AIP for 250k users, Oracle HCM, etc.)

2017 : 2022

JPMorgan Chase & Co.

Vice President - Cyber Product Management, Risk and Controls Roles for Data Protection (Global)

Managed a multi-year, JPMC Board monitored, ‘Privileged Access Management’ Program to protect privileged accounts in the Chase Retail Bank

2015 : 2017

Chase

Vice President - Cyber Security Identity and Access Management (Retail Banking)

a) Co-headed IB’s Access Management Operations spanning 4000 applications and 100,000 infrastructure assets

b) Managed a high-visibility program to continuously monitor and control access for Top 100 “crown jewel” applications in the Investment Bank

2012 : 2015

J.P. Morgan

Vice President - Cyber Security Identity & Access Management (Investment Banking)

Partnered with both Technology and Business teams to assess technology risk establish the right control prioritization, and manage the risk on an ongoing basis. Served as a trusted advisor to the technology management teams

Managed the Business Continuity plan for the line of business’s North America presence. Partnered with senior technology and business stakeholders, corporate resiliency teams to design, document, test and improve the plan

2007 : 2012

J.P. Morgan

Vice President - Information Risk Manager & Business Continuity Manager
Company: Capital One
Years of Experience: 22
Spoken Language: English

Skills

Business Analysis, Business Continuity, Certificate Management, CISA, CISSP, Cloud Computing, COBIT, Cryptography, Cybersecurity, Data Privacy, Data Protection Manager, Disaster Recovery, DLP, Encryption, Executive, Financial Services, General Data Protection Regulation (GDPR), Identity Management, Incident Management, Internal Audit, IT Audit, Key Management, Leadership, Machine Learning, Management, Network Security, Office 365, Personal Data Protection, Program Management, Public Key Cryptography, Risk Management, Sarbanes-Oxley Act, Software as a Service (SaaS), Team Management, Technology Risk, Vendor Management, Vulnerability Assessment, Business Continuity Planning, Auditing, SAS70, Risk Assessment, Enterprise Risk Management, Information Security Management, Unix, SDLC, Business Process, Governance, Operational Risk Management, Computer Security, IT Risk Management, Investment Banking, Infrastructure, ISO 27001, COSO, Information Technology, Internal Controls, Gap Analysis, Management Consulting, Enterprise Risk, Operational Risk, Information Security, Project Management, TCP/IP

About

Extensive cybersecurity experience across multiple control domains. Expertise in building highly impactful control capabilities to protect data at scale. Ability to patiently forge relationships in deeply complex and global organizations to design, deliver, and sustain such capabilities. Carries different perspectives to the same control domain by leveraging product management, IT Audit, and IT Risk & Compliance experience.