Sep 2024 – Present · 1 yr 6 mos · Sri Lanka · Hybrid

• Reimagining Possibilities through Technological Innovation
• Our team of experts is dedicated to helping businesses enhance their operations, maximize their talent, and achieve their organizational goals through cutting-edge technology and digital solutions. Whether it’s transforming your workplace into a modern, smart environment with cloud solutions or safeguarding your business from cyber threats, we have you covered. Our expertise include:
• Technology Consulting: Optimizing productivity through advanced insights and strategic IT planning.
• Cybersecurity: Protecting your digital assets with robust security measures and rapid response strategies.
• GRC Assessment and Audits: Ensuring robust governance, risk management, and compliance frameworks.
• Digital Transformation: Navigating the future with innovative business process reengineering and technology integration.
• Cloud Solutions: Enabling smart, flexible working environments with seamless cloud migration and optimization.
• AI and Big Data Analytics: Leveraging data for strategic advantage through advanced analytics and AI algorithms.
• CIO Management Consulting: Aligning IT strategy with business goals to drive growth and innovation.
• By leveraging the latest in digital innovation, we help you reimagine the possible and achieve your organizational goals.

Mar 2024 – Present · 2 yrs · Hybrid

• Leading a specialized cybersecurity practice at ContinuityNZ Ltd., I partner with enterprise and BFSI clients across New Zealand and Australia to deliver elite cybersecurity consultation and strategic risk management. Together, my team and I design, validate, and execute resilient, defense-in-depth architectures that safeguard trans-Tasman critical infrastructure against advanced persistent threats (APTs).
• Core Consulting & Team Operations:
• ▪️ Cybersecurity Architecture & Solutions Designing:
• Direct the team in blueprinting bespoke, Zero Trust environments across distributed AWS, Azure, and on-premise ecosystems. We ensure robust business continuity and scalable protection tailored to the unique threat landscape of the ANZ region.
• ▪️ Technical Audits & Gap Analysis:
• Spearhead comprehensive infrastructure audits and rigorous assessment reviews. We perform deep-dive gap analyses to seamlessly align complex technical environments with both global and regional compliance mandates, including ISO 27001, NIST, ACSC Essential Eight, APRA CPS 234, and the NZ Information Security Manual (NZISM).
• ▪️ Advanced Offensive Operations (VAPT):
• Orchestrate sophisticated adversarial simulations and full-spectrum Red Teaming. I guide our offensive security specialists in exposing and systematically fortifying vulnerabilities across critical web applications, APIs, and enterprise networks for AU/NZ organizations.
• ▪️ Strategic Cybersecurity Consultation:
• Provide executive-level advisory tailored to trans-Tasman C-suites and boards. My team and I translate deep technical intelligence leveraging OSINT and regional threat telemetry into actionable incident response protocols that navigate evolving ANZ data privacy laws and regulatory requirements.

Feb 2024 – Present · 2 yrs 1 mo · Hybrid

• Heading the Cybersecurity Division:
• ▪ Lead and manage the cybersecurity division.
• ▪ Set strategic goals, allocate resources, and oversee the team’s activities.
• ▪ Trains, guides, and advises the cybersecurity team, ensuring continuous improvement and
• knowledge sharing.
• Cybersecurity Technical Consultancy, Architecture and Solution Designing:
• ▪ Provide expert advice on cybersecurity best practices, risk management, and compliance.
• ▪ Deploy various technologies such as SIEM, SOAR, endpoint protections, firewalls, intrusion
• detection systems, identity and access managements, and encryption techniques.
• ▪ Develop security blueprints, guidelines, and standards for implementation.
• ▪ Collaborate with stakeholders to design effective security solutions tailored to the client’s needs.
• Assessing Security Posture and Identifying Risks:
• ▪ Evaluate the current state of an organization’s security measures, policies, and procedures.
• ▪ Identify vulnerabilities and risks that may pose a threat to information systems.
• ▪ Conduct comprehensive Vulnerability Assessment and Penetration Testing (VAPT) and IT Risk
• Assessments of cloud, network systems, software, hardware, and data storage practices.
• Pre-Sales and Post-Sales Support:
• ▪ Assist in pre-sales activities by understanding client requirements and proposing cybersecurity
• solutions.
• ▪ Provide post-sales support, including troubleshooting, incident response, and ongoing security
• guidance.

Oct 2022 – Sep 2023 · 11 mos · Hybrid

• ▪ Lead the cybersecurity team in Colombo and collaborate with the Melbourne team to ensure the
• organization's cybersecurity and information security objectives are met.
• ▪ Monitor and maintain the group's IT infrastructure, ensuring that cybersecurity controls are in
• place and effective.
• ▪ Manage Microsoft and AWS cloud security to protect sensitive data and systems.
• ▪ Conduct vulnerability assessments and penetration testing to identify and mitigate security risks.
• ▪ Implement and administer endpoint protection measures to safeguard devices from malware and
• other threats.
• ▪ Manage security operations center (SOC) analysis to detect and respond to security incidents.

Oct 2021 – Sep 2022 · 11 mos · Hybrid

• ▪ Evaluate and suggest modifications to performance tuning, infrastructure design, administration,
• and monitoring as required.
• ▪ Collaborate with senior management on the strategic direction of technology projects, with a
• focus on developing the IT infrastructure technology stack.
• ▪ Implement technology successfully with minimal downtime and disruption.
• ▪ Consult with project engineers and managers to ensure that technology is utilized and deployed
• appropriately to facilitate the realization of technology solutions.
• ▪ Conduct thorough technical evaluations and design reviews and provide recommendations on
• proposed physical and logical designs.

Jul 2018 – Oct 2021 · 3 yrs 3 mos · Colombo, Sri Lanka · On-site

• ▪ Monitor the bank's infrastructure for security breaches and investigate any instances of security
• violations.
• ▪ Collaborate with senior management to enhance the organization's security and risk
• management strategies.
• ▪ Contribute to the development, implementation, and maintenance of the organization's
• cybersecurity plan.
• ▪ Responsible for the maintenance and renewal of the PCI DSS certification and standards.
• ▪ Establish security standards, policies, and procedures; collaborate with facility security; and make
• recommendations that comply with Central Bank BSS, PCI DSS/PIN, and ISO 27001 standards.
• ▪ Conduct vulnerability assessments and risk analyses.
• ▪ Maintain up-to-date incident response and disaster recovery plans for the business.
• ▪ Manage and administer Microsoft 365 cloud security as the global administrator and on-premise
• data center infrastructure security.
• ▪ Conduct educational programs, and ongoing communication to promote security awareness.
• ▪ Verify the security of third-party vendors and collaborate with them to ensure compliance with
• security standards.

Aug 2017 – Jul 2018 · 11 mos · Colombo, Sri Lanka · Hybrid

• ▪ Provide advice and oversee the operations and IT infrastructure of the Delmege Group to
• facilitate scalability and agility.
• ▪ Directly reported to the Director of IT.

Dec 2016 – Jun 2017 · 6 mos · Malé, Maldives · On-site

• Subsidiary of South Asian Technologies (SAT) https://www.satl.biz
• Product engagements: Check Point, Cisco, IBM, Dell EMC, Symantec, McAfee, Commvault, Carbon
• Black, Vision Solutions, Hitachi Data System, Barracuda new project design, implementation, and
• upgrade.
• ▪ Technical Consultation and Product Training for Maldives Partners and Customers as the
• Maldives distributor’s first point of technical contact.

Sep 2015 – Nov 2016 · 1 yr 2 mos · Colombo, Sri Lanka · On-site

• ▪ Responsible for managing the IT infrastructure and financial systems.
• ▪ Directly reported to the Managing Director.
• ▪ Ensure the security of the financial and customer data, IT system, and infrastructure at the
• production and DR sites.
• ▪ Managing the annual budget and ensuring cost effectiveness
• ▪ Engaged with central bank audits and finance system audits.
• ▪ Data center upgrade project
• ▪ Active Directory upgrade and O365 implementation

Apr 2015 – Sep 2015 · 5 mos · Colombo, Sri Lanka · On-site

• ▪ Administrate the Delmege Group IT infrastructure and Data centers.
• ▪ Senior Network & System Administrator for Delmege Group IT infrastructure (Network, Systems,
• Security, Virtualization, Cloud, Voice, Storage, etc.)
• ▪ Senior Administrator for Check Point Firewall, Cisco Catalyst 6500 Core Switch, Cisco Call
• Manager, Active Directory and Domain, Microsoft Office 365, VMware, Citrix XenApp &
• XenDesktop, Veeam Backup & Replication, System Center, and sales force automation (SFA)
• System
• ▪ Maintain security integrity of the IT infrastructure.
• ▪ Planning and designing future IT developments
• ▪ Providing IT solutions to the business and management and Level 3 support to team members

Apr 2012 – Apr 2015 · 3 yrs · Colombo, Sri Lanka · On-site

Jun 2009 – Apr 2012 · 2 yrs 10 mos · Colombo, Sri Lanka · On-site

Jun 2008 – Jun 2009 · 1 yr · Colombo, Sri Lanka · On-site