Contact  
Kirubakaran Kamatchi  
9941480275 (Mobile)  
kkirubakaran@gmail.com  
IT Security Manager | Information Risk Management | GRC (ISO  
27001, SOC) | IAM & Zero Trust | SIEM & Incident Management |  
Vulnerability & Threat Management | BCP/DR | Audit & Compliance  
Chennai, Tamil Nadu, India  
www.linkedin.com/in/kiruba81  
(LinkedIn)  
www.linkedin.com/in/kiruba81  
(Portfolio)  
kirubakaran81.github.io/Resume/  
(Personal)  
Summary  
kirubakaran-kamatchi-  
jv9f3hu.gamma.site/ (Other)  
I am an Information Security & IT Risk Manager with 19+ years of  
experience leading cybersecurity, cloud security, and enterprise risk  
management across technology, shipping, and healthcare domains.  
I help organizations reduce cyber risk, strengthen compliance, and  
improve operational resilience through well-governed, measurable  
security programs.  
Top Skills  
Vulnerability  
Audit & Regulatory Compliance  
Governance, Risk Management, and  
Compliance (GRC)  
My expertise includes Information Security Management, Identity  
& Access Management (IAM) using Microsoft Entra ID/Azure AD,  
Cloud & Endpoint Security, Vulnerability Management & VAPT,  
SIEM-based threat detection, and Incident Response. I also lead  
GRC initiatives aligned to ISO 27001, SOC 1/2, HIPAA, and SSAE  
16, ensuring audit readiness and regulatory compliance.  
Languages  
Tamil (Native or Bilingual)  
English (Professional Working)  
Certifications  
ISO/IEC 42001:2023 Lead Auditor  
Web Application Scanning  
In recent leadership roles, I’ve reduced unauthorized access  
risk, improved security operations efficiency, strengthened data  
protection and insider-threat controls, accelerated incident response,  
and enhanced BCP/DR preparedness with improved RTO/RPO  
compliance.  
ABCs of Malware Analysis  
Certificate of Proficiency - Tenable  
Cisco Certified Network Associate  
(CCNA)  
I work closely with CIOs, CISOs, auditors, and business leaders  
to translate security risk into business outcomes, building scalable  
security governance without slowing operations.  
Experience  
Shipping ERP software Company  
Manager - IT Security  
October 2023 - November 2025 (2 years 2 months)  
India  
* Led the organization’s information security posture, ensuring confidentiality,  
integrity, and availability (CIA).  
Page 1 of 4  
* Managed Microsoft Entra ID & M365: IAM governance, MFA enforcement,  
conditional access, access reviews, and baselines.  
* Designed and maintained endpoint security architecture (ESET Protect  
Cloud, Trend Micro), improving remediation by 40%.  
* Implemented insider-threat framework using Teramind (UBA, DLP, exfiltration  
monitoring).  
* Analyzed Cloudflare security logs to detect and mitigate attacks.  
* Led full incident response lifecycle, reducing incident impact by 35%.  
* Managed Zabbix infrastructure monitoring across servers, applications, and  
data centers.  
* Supported SSAE 16 and ISO 27001 internal audit readiness.  
Veryx Technologies Pvt Ltd.  
Manager - Information Security and Infrastructure  
September 2022 - October 2023 (1 year 2 months)  
Chennai, Tamil Nadu, India  
* Manage and monitor security incidents, including conducting investigations,  
coordinating response efforts, and implementing remediation plans  
* Conduct regular security audits and vulnerability assessments to identify and  
mitigate potential risks and threats  
* Develop and implement information security policies and procedures to  
ensure the confidentiality, integrity, and availability of company data and  
systems  
* Collaborate with cross-functional teams to ensure compliance with industry  
regulations and standards, such as ISO 27001  
* Stay up-to-date with the latest trends and developments in information  
security, and provide recommendations for continuous improvement  
* Support for external audits of ISO 27001:2013 in collecting the evidences  
from different stakeholders and reviewing the documents  
* Monitored and managed ITIM (IT Infrastructure Management) processes,  
ensuring optimal performance and availability of Network Infrastructure and  
Assets.  
* Lead the design, implementation, and maintenance of the organization's  
information security infrastructure, including firewalls, intrusion detection  
systems, and encryption technologies  
* Develop and deliver security awareness training programs to educate  
employees on  
* Implementation of BCP/DR minimizing potential disruptions to critical  
operations.  
Page 2 of 4  
* Evidence of ability to create new processes to improve security and  
compliance with minimal oversight  
Global Healthcare Billing Partners  
Senior Information Security Auditor  
March 2022 - September 2022 (7 months)  
* Evaluate compliance with industry standards and regulatory requirements,  
such as HiTRUST/HiPAA and ISO 27001.  
* Develop and implement audit plans, including scoping, risk assessment, and  
testing methodologies.  
* Participate and work with internal IT and regulatory audit team to ensure  
closure of audit points.  
* Review and assess security policies, procedures, and documentation to  
ensure alignment with industry standards and organizational objectives.  
Exela Technologies  
Senior Security Analyst Information Security  
November 2008 - March 2022 (13 years 5 months)  
Chennai, Tamil Nadu, India  
* Proficiently managed Business Continuity Plans and Disaster Recovery,  
ensuring organizational preparedness  
* Successfully developed and maintained Security Metrics and Information  
Security Dashboard for insights  
* Directed recruitment efforts and internal training initiatives, fostering a skilled  
and knowledgeable team  
* Established and executed Awareness Programs, ensuring BCP/DR  
compliance across diverse projects  
* Strategized and managed Security Policies, Risk Management, and Project  
Life Cycle aspects  
* Ensured vendor compliance with agreements, policies, and regulations,  
aligning controls and requirements  
* Generated Committee reports and Metrics to communicate program status  
and updates  
* Guided projects in a large healthcare organization, providing robust Project  
Life Cycle Security Engagements  
* Analyzed risk logs, mitigated threats, and facilitated data security and access  
monitoring  
* Conducted comprehensive vulnerability testing, risk analyses, and security  
assessments  
Page 3 of 4  
* Utilized static and dynamic analysis tools for in-depth vulnerability  
assessment  
* Spearheaded Vulnerability Management Process across multiple sites  
* Managed network systems and intrusion detection/prevention, addressing  
security breaches effectively  
* Expertly conducted internal and external security audits, including HiTRUST/  
HiPAA, ISO 27001, PCI-DSS, SSAE 16  
Quick Heal Technologies Pvt Ltd  
Senior Technical Support Engineer  
October 2005 - October 2008 (3 years 1 month)  
Chennai  
* Provided advanced technical support, malware analysis, and RCA reporting.  
* Trained staff on secure practices and product implementation.  
Newgen Imaging solution Pvt Ltd  
Data Entry Operator  
November 2003 - July 2005 (1 year 9 months)  
Chennai, Tamil Nadu, India  
* Maintain accuracy and completeness of information across systems.  
* Retrieve data for reports, analysis, and audits.  
* Review data for errors or missing information and correct discrepancies.  
Education  
Bharathidasan University  
M.Sc, Electronics · (May 2001 - May 2003)  
Sengunthar Arts & Science College,Tiruchengodu  
B.E.S, Electronics Science · (May 1998 - May 2001)  
Page 4 of 4