SUMMARY

Strategic IT leader with 15 years of experience in multinational environments. Specialising in aligning IT with business objectives, collaborating with people from diverse technical and cultural backgrounds to drive digital transformation and deliver scalable and future-ready solutions, all while having security in the DNA.

‍

EXPERIENCE

Head of IT

Honest Technologies

Jul 2025 - Present

●       Oversee IT infrastructure and operations to ensure systems, networks, and core platforms are available and performing well at all times.

●       Manage resources and steer IT projects based on priorities to implement IT strategies and programs to align with business objectives and regulatory requirements.

●       Implemented agentic AI integration to streamline customer service processes, reducing manual chat-related workload by 90% and mitigated data loss risk by replacing human agents’ direct access to PII with AI-fetched, masked data.

●       Renegotiated and redesigned IT and security solutions, reducing overall Opex by 20%. For example, replaced and re-arranged KYC solution and moved non-critical assets from the cloud to on-premise to cut cost by 30% and 70%, respectively.

‍

VP of Cybersecurity & Risk

Honest Technologies

Dec 2024 - July 2023

●       Manage cybersecurity posture and facilitate cross-functional collaboration to position security as a strategic business partner, bridging the gap between technology and business objectives.

●       Ensure regulatory and compliance alignment by working with stakeholders to implement best practices under relevant frameworks such as PCI-DSS, ISO 27001, or local regulations.

●       Successfully completed ISO 27001 certification on an accelerated 4 months timeline and PCI-DSS prioritized approach.

●       Implemented 24/7 SOC and developed use cases with corresponding playbooks, achieving automation and enhancing SOC effectiveness by over 20%.

‍

Global Cybersecurity Architect

Pluxee International (formerly Sodexo BRS)

Nov 2023 - Dec 2024

●       Developed technology standards and blueprints to maintain global security standards, reference architectures, and patterns for engineering and infrastructure teams to follow, with a strong focus on automation.

●       Conducted threat modelling and risk assessment on new and existing systems to identify design-level vulnerabilities before they reach production.

●       Designed the company’s Landing Zone as a baseline security architecture for cloud workloads as part of the cloud migration strategy, assuring at least 80% compliance by default to new workloads.

●       Developed an automated CI/CD pipeline by integrating tests for every code push and deployment for every successful tests achieving 80% automation with higher code quality.

‍

Regional CISO

Sodexo Benefits & Rewards Services (BRS)

Nov 2019 - Nov 2023

●       Owned and optimised annual budget forecast across a diverse regional footprint, aligning country-level requirements with global strategy while driving financial efficiency.

●       Designed and executed recurring security awareness programmes, phishing simulations, and crisis tabletop exercises to strengthen organisational resilience, including security incident resolutions.

●       Built a shared service team dedicated to vulnerability remediation, reducing vulnerabilities by over 90% regionally, and established a network & security team to support smaller countries.

●       Implemented a standardized regional WAF solution, centralizing tool management and third-party risk management from different providers, resulting in $300K annual cost savings.

‍

Information Security Manager

AXA Group Operations

Sep 2017 - Nov 2019

●       Manage operational stability and security of 400+ servers, 2k workstations, and dozens of network devices, supporting service delivery of highly regulated  insurance products.

●       Acting physical security manager, overseeing incoming and outgoing business travelers and ensuring their safety, including Data Center physical security.

●       Designed and implemented security assurance process to ensure secure-by-default from the earliest stage of any project, reducing delivery time from up-to 5 man-days to 3.

●       Produced and enforced regular patch process, resulting in reduced number of critical vulnerabilities by more than 90%.

‍

Information Security Consultant

AXA Group Operations

Feb 2015 - Sep 2017

●       Generate key performance metrics for regular reports and provide security assurance for new projects and change management, ensuring compliance with security best practices.

●       Perform audit remediation and certification efforts, such as ISO 27001 and PCI-DSS.

●       Initiated the implementation of LAPS and account delegation across AD to adhere to least-privilege principle, reducing built-in administrator usage to steady, close to 0 login per day.

●       Implemented various cybersecurity solutions such as WAF, SIEM, DLP, and PAM, and championed EPP, DLP, VAS, and PAM.

IT Infra & Security Engineer

Bank Mayora

Aug 2013 - Feb 2015

‍

System Admin

Inotech (Esurance & TIBCO Lab Offshore)

Nov 2012 - Aug 2013

‍

Network Engineer

Bank DBS

Feb 2012 - Aug 2012

‍

IT Support | Web Developer & Designer | Cloud Administrator (SoftLayer)

Freelance

Apr 2009 - Dec 2011

‍

‍

EDUCATION

Bachelor in Information Technology

STMIK JIBES

Cisco Networking Academy Program

Binus Center

Diploma in Multimedia

Imperia Institute of Technology

‍

CERTIFICATION

●      ISO/IEC 27001:2022 Lead Auditor

●      Information Systems Security Architecture Professional (ISSAP)

●      Microsoft Certified: Cybersecurity Architect Expert (AZ-500)

●      Microsoft Certified: Azure Security Engineer Associate (SC-100)

●      Certified Cloud Security Professional (CCSP)

●      Certified Information System Security Professional (CISSP)

●      Fortinet Certified Network Security Administrator (FCNSA)

●      Cisco Certified Network Associate (CCNA)

‍