Karthik Venkatachalam Shanmugasundaram — Director of Engineering

A strategic, forward thinking and results-driven cybersecurity leader with 12+ years of experience in fortifying enterprise security, driving risk-based frameworks, and embedding security by design into technology ecosystems. Adept at aligning cybersecurity strategies with business objectives, fostering a resilient security culture, and leading transformative security initiatives across global organizations. Currently spearheading Secure by Design, overseeing Cloud & Container Security, API Security, Cybersecurity Incident Response, IT Audits, Risk & Privacy Assessments, and Vendor Risk Management. A proven expert in conducting cloud architecture reviews, product security integrations, and regulatory compliance (ITGC, SOX) to mitigate threats and ensure security excellence. Proven ability to lead GRC programs, DevSecOps integration, CASB & Endpoint DLP management, and security governance for Mergers & Acquisitions (M&A). Skilled in threat modelling, infrastructure security, and continuous risk assessment, reinforcing proactive cybersecurity defences in dynamic enterprise environments. A strategic partner to Cross Functional teams such as development, testing, Devops, cloud engineering, and operations teams, ensuring seamless security integration across CI/CD pipelines, Agile environments (Scrum/Kanban), and automation-first security models. Hands-on experience with Jira, Confluence, Bitbucket, Jenkins, Terraform, AWS, and ELK, driving security innovation through automation and process optimization. Beyond enterprise security, a dedicated security evangelist, actively contributing to cybersecurity awareness, education, and mentorship delivering cybersecurity sessions, technology talks, and panel discussions at leading technology conferences. Passionate about career guidance for young professionals and graduates, providing insights into cybersecurity careers, industry trends, and skill development. Regularly publishes security technology articles in e-publications, shaping thought leadership and advancing cybersecurity best practices. Recognized for building and mentoring high-performing security teams, influencing executive decision-making, cross-functional stakeholders and driving enterprise-wide security excellence through high-impact security programs. A visionary CISO-in-the-making, committed to innovation, resilience, and shaping the future of cybersecurity leadership.

Stackforce AI infers this person is a Cybersecurity expert with a focus on enterprise security and risk management.

Location: Tiruchirappalli, Tamil Nadu, India

Experience: 16 yrs

Skills

Cloud Security
Risk Assessment
Information Security

Career Highlights

12+ years of experience in cybersecurity leadership.
Expert in aligning cybersecurity strategies with business objectives.
Proven ability to lead transformative security initiatives.

Work Experience

Nium

Senior Principal | Director - Cybersecurity (4 yrs)

Principal Cybersecurity (1 yr 9 mos)

Standard Chartered Bank

Principal Cybersecurity Consultant (IaaS) (7 mos)

Senior Manager - Cyber Risk Advisor (1 yr 3 mos)

Manager Information Security (2 yrs 7 mos)

Cognizant Technology Solutions

Senior Executive (3 yrs 2 mos)

EY

Associate Consultant (8 mos)

iGATE Global Solutions

Senior Software Engineer (3 yrs 8 mos)

Education

PGP at Indian Institute of Management Tiruchirappalli

B.E at Crescent Engineering College

SSLC at Kendriya Vidyalaya

Karthik Venkatachalam Shanmugasundaram

Director of Engineering

Tiruchirappalli, Tamil Nadu, India16 yrs experience

Most Likely To SwitchAI Enabled

Key Highlights

12+ years of experience in cybersecurity leadership.
Expert in aligning cybersecurity strategies with business objectives.
Proven ability to lead transformative security initiatives.

Stackforce AI infers this person is a Cybersecurity expert with a focus on enterprise security and risk management.

Contact

Skills

Core Skills

Cloud SecurityRisk AssessmentInformation Security

Other Skills

.NETAI auditAI securityAJAXAPI SecurityAWS LambdaAmazon EKSApplication SecurityBISOC++CISACOBITCertified Ethical HackingCloud Architectural ReviewsContainer Security

About

Experience

Nium

2 roles

Senior Principal | Director - Cybersecurity

Promoted

Mar 2022 – Present · 4 yrs · Hybrid

Principal Cybersecurity

Mar 2022 – Dec 2023 · 1 yr 9 mos · Hybrid

Head of Secure By Design managing Cloud Security , Container Security , API Security ,Cyber Security incident investigation and Reporting , Secure By Design Reviews, Risk Assessment, Product Integration Reviews, IT Audits, Data Privacy Assessments and Vendor Risk Assessments, cloud architectural reviews , Cloud Access Security Broker (CASB) and Endpoint DLP management , onboarding new security solutions based on product and technology roadmap of the organisation, Infrastructure security review, Devsecops , Strategic planning and managing Security for Mergers & Acquisitions (M&A)

Cloud SecurityContainer SecurityAPI SecurityCyber Security Incident InvestigationRisk AssessmentIT Audits+5

Standard chartered bank

3 roles

Principal Cybersecurity Consultant (IaaS)

Promoted

Jul 2021 – Feb 2022 · 7 mos

Cloud Security , Container Security , Application Security , Risk Assessments , Security Impact Assessment and Governance Risk & Compliance ( GRC)

Cloud SecurityContainer SecurityApplication SecurityRisk AssessmentsGovernance Risk & ComplianceRisk Assessment

Senior Manager - Cyber Risk Advisor

Apr 2020 – Jul 2021 · 1 yr 3 mos

Manager Information Security

Aug 2017 – Mar 2020 · 2 yrs 7 mos

Cognizant technology solutions

Senior Executive

Jun 2014 – Aug 2017 · 3 yrs 2 mos · Chennai Area, India

Information Security Audits and sox audits

Information Security AuditsSOX AuditsInformation Security

Ey

Associate Consultant

Oct 2013 – Jun 2014 · 8 mos · Chennai Area, India

Yet to Explore ! Will update Soon !

Igate global solutions

Senior Software Engineer

Feb 2010 – Oct 2013 · 3 yrs 8 mos

Audit the System Access Testing (SAT), reviewing and validating the Domain, Operating System, Application and Data Base users for monthly, quarterly and annually.
 Review the assessments of TOD (Test of Design), TOE (Test of Effectiveness) and Statement on Standards for Attestation Engagements (SSAE) No 16 as per COBIT standards of IT Audit Controls
 Working in IT General Computer Control (ITGCC) activities across 8 domains (Ensure Continuous Service/Disaster Recovery, Ensure System Security, Manage Changes, Data Backup and Recovery/Manage Data, Manage Problem and Incident, Manage Operations, Manage IT Physical Space, and Manage Program Development)
 Interacting with respective Application Owner’s (AO) to resolve the compliance issues, provide recommendation, communication on status of action resolution and bringing to management issues that require attention tracking corrective actions.
 Work with audit and assurance teams and the client to plan engagement strategy, define objectives, and address technology-related control risks
 Reviewing the Segregation of Duties (SoD) in Development, QA, Test, and Production environments
 Monitor the changes to process documentation (narrative & control matrix) including risk monitoring
 Proactively identify gaps / conflicts / areas of improvements in existing processes and develop scalable solutions.
 Discuss control weakness to AO’s and senior management, prioritize remediation based on the risk
 Facilitate Vendor (external) audits, Statement on Standards for Attestation Engagements (SSAE)-16 reviews, rating agency reviews and customer audits, and actively project-manage the remediation of external audit findings
 Timely, accurate, concise and effective documentation of audit reports on exceptions observed during the course of audit

Education

Indian Institute of Management Tiruchirappalli

PGP

Jan 2014 – Jan 2017

Crescent Engineering College

B.E — Computer Science & Engineering

Jan 2005 – Jan 2009

Kendriya Vidyalaya

SSLC

Jan 1992 – Jan 2003

Stackforce found 100+ more professionals with Cloud Security & Risk Assessment

Explore similar profiles based on matching skills and experience

Rony Shalit

Chief Compliance and Ethics Officer

at Bright Data

Tel Aviv, Israel16 yrs 1 mo exp

ComplianceRisk ManagementSustainabilityInternal Audit

Prateek Srivastava

Senior Manager Internal Audit

at Al Hilal Official

Abu Dhabi, United Arab Emirates15 yrs 3 mos exp

Technology RiskEnterprise Risk ManagementPayment Card Industry Data Security Standard (PCI DSS)ISO 27001

Harshil Dua

Lead - Security and Compliance

at Avaamo

Bengaluru, India9 yrs 2 mos exp

ComplianceInformation Security

Swetha K

Compliance Lead

at interface.ai

Noida, India8 yrs 3 mos exp

Akansha Pandey

Principle Security Engineer

at GoDaddy

Bengaluru, India10 yrs 3 mos exp

Cyber Security RiskISO 27001Information Security Awareness

Prasad N Shenoy

Executive Director

at JPMorganChase

Columbus, United States21 yrs 8 mos exp

CybersecurityDigital StrategyRisk Management

Gopi Thangam

Principal Security Engineer

at Autodesk

Bengaluru, India7 yrs 3 mos exp

AuditingCloud SecurityEndpoint SecurityIAMNetwork Security

Nishad Ahamed

Assessment & Assurance

at Siemens Healthineers

Bengaluru, India12 yrs 3 mos exp

Cloud SecurityComplianceCybersecurityInformation SecurityRisk Management