Sr. Director of Product Management - Information Security - IGA

Summary

Summary: Product Management Leader with 14 years of experience in shipping industry acclaimed Identity & Access Governance related products and features.

Accomplishments:
1. Successfully delivered a home-brewed Identity & Access Management (IAM) tool for Salesforce to host 55+ production critical SOX applications with 165 endpoints resulting in automation of ITAC controls; provisioning and de-provisioning of access within 6 months with savings of ~6.2M USD in annual expense.
2. Built & socialized 2-year roadmap & wireframes of home grown IGA tool with policy engine based on cyber security mesh and ZTA principles, planned to be launched for 4 external customers at minimum using Salesforce App exchange platform with initial annual recurring revenue projection of ~10M USD and 30% growth rate. (Annual average revenue per user (AARPU) = 25 USD; Average # of apps = 200; Average # of accounts per app = 500; ARR per customer = AARPU x ~10000). Currently in pilot with internal Business units.
3. Successfully lead the SOX compliance program. Successfully received a clean chit from internal and external SOX audit reviews of ITAC and ITGC controls of Salesforces internal production security tools & services for the year 2021-2022. (namely IAM tool, connector framework, IDP gateway, directory service, identity store).
4. Implemented automated compliance policies to improve organizational IAM related NIST CSF score by 20%.
5. Early member of Saviynts team dedicated to grow IGAaaS org from a 5M valuation to ~700M in 8 years.
6. 10+ years of experience in leading IAM/IGA product teams in close partnerships with enterprise architects, implementation engineers, dev-ops & software engineers to deliver enterprise application security solutions at 25+ Fortune 500 companies.
7. 9+ years of experience in vendor management and resource allocations.
8. Experience in building and scaling multiple teams from grounds up (product, operations, HR, professional services, customer success).
9. Founded USC EE/CS Job seekers LinkedIn group to help new grad students with jobs and interviews, currently 2000+ members.
Professional Experience:
Salesforce, Inc. Director of Product Management - IGA, Compliance & Security Experience: 2020 - present
Prioritized, refactored and relaunched internal IAM tool to save ~5M USD service dollars annually and 1.2M licensing fee by hosting production facing SOX and SOC1 applications and infra services on it.
Successfully defined and evangelized security north star vision for Salesforce IAM team to implement a single source of truth internally, while focusing on the principles of least privileged access, RBAC and Zero Trust Architecture, aimed to reduce the security vulnerabilities by at least 50%.
Created 2-year roadmap and wireframes of a home grown IGA product with intentions to launch it on Salesforce app exchange platform with first year revenue projection of 20M USD.
Drastically reduced time to onboard enterprise application to common IAM controls from 120 hours to 8 hours by introducing factory method of discovery, simplified RBAC and self-serve capability, resulting in increased customer adoption by 15X.
Lead a global team of product managers and architects to evangelize and transform Salesforce org security offerings to a zero-trust architecture enabling digital business, modernizing remote access, endpoint security and significantly reducing security risk.
Lead a team of Sr. product managers and program managers to deliver & assure SOX reliance of internal security products by automating ITAC & ITGC controls.
Worked in collaboration of SVP of engineering to ship security tools and enhancements to improve org wide NIST CSF score by 20% annually during the last fiscal year.
Quickly learned the latest concepts of Cyber Security Mesh Architecture, defined vision and long range plan (LRP) and enterprise architecture design to launch a robust policy engine based on the principles of Zero Trust Architecture to manage access for centralized, federated and decentralized identities.
Proven track record of efficiently managing and guiding cross functional teams globally across salesforce org.

Saviynt, Inc. Director of Product Management, IGA solutions: 2013 2020
Directly managed a team of product managers, sr. product managers (managers of managers), technical account managers, while demonstrating leadership qualities consistent with company values & mission through performance management, goal settings, training and effective employee relationships.
Assisted C level executives with presentations, customer data metrics & product demos to secure a first round of funding for ~40M USD from Carrick Capital Partners.
Designed and launched industrys first Robotic Process Automation SCIM 2.0 connector using Workfusion APIs to enable rapid application onboarding.
Successfully lead go to market large-scale Saviynt IGA/AAG implementations including identity life cycle management, risk based access request, automated access review and certifications, actionable analytics engine, policy engines, RBAC, Segregation of Duties workbench, privileged access management with session recording via direct & partner channels at 25+ Fortune 500 publicly traded companies.
Reduced customer acquisition cost (CAC) and churn rate by 15% and customer retention rate of 95% for SI Partners successfully by launching Saviynt Control Exchange to empower SI Partners to share intelligence & collaborate with their specific customer communities to speed up the delivery processes. It includes best practice guides & reusable configurations.
Improved customer satisfaction score (CSAT) by ~20% by getting customers trained on Saviynts tool to implement risk definitions to remediate violations based on IT General controls, SOX, PCI, etc., across hybrid environments.

Expectations

Opportunity to build and ship identity and access governance products, go to market, people management, cybersecurity, Risk Management, Automation of Policy orchestration & Management, Cyber Security Mesh Architecture, Identity LifeCycle Management, Segregation of Duties analysis, Cloud Security, Enterprise Security, Privileged Access Management, User Behavior Analytics, Role Based Access Control, Attribute Based Access Controls, Location Based Access Controls, Birthright rules, Access certifications, Application Access Governance, Compliance, Audit reviews, SOX compliance program, SOC1/SOC2 certifications, NIST CSF, AI & ML based security policies, Autonomous identities.

Employment Preferences

Expected Base Salary

**0,000 USD

Academic Degree

Experience

Skills

• Identity Governance
• Administration Skills
• Risk Management
• Automation
• Policy Orchestration
• Management
• Cyber Security Mesh Architecture
• Identity Life Cycle Management
• Segregation
• Duties Analysis
• Cloud Security
• Enterprise Security
• Privileged Access Management
• User Behavior Analytics
• Role Based Access Control
• Attribute Based Access Controls
• Location Based Access Controls
• Birthright Rules
• Access Certifications
• Application Access Governance
• Compliance
• Audit Reviews
• SOX Compliance Program
• SOC1
• SOC2 Certifications
• NIST CSF
• AI
• ML Based Security Policies
• Autonomous Identities.
• Technical Tools
• Saviynt Identity
• Access Manager
• Sailpoint IIQ
• AWS
• IDM
• Ping
• Okta
• Salesforce
• PSA
• Financial Force
• Workday
• Office 365
• Azure AD
• Workfusion RPA
• Balsamiq
• Lucid Charts
• JIRA
• SAP GRC
• MS Visio
• MySQL Workbench
• Freshservice
• Servicenow
• Freshdesk
• Splunk
• Securonix
• Active Directory
• Agile Framework
• Scrum
• Rest API
• SOAP Web Services
• Linux
• GUS
• MySQL