Induja Maramraj

• Worked on company-wide rollouts of new security solutions, such as phishing-resistant MFA, adoption of AuthZ library, and migrations away from legacy systems, including their depreciation.
• Collaborated with cross-functional teams (xfn) and v-squads, comprising of engineering, product, and design teams from various organizations, to manage projects from planning, resourcing, milestone creation/tracking, stakeholder communication, risk identification/mitigation, pilot testing, metric tracking to launching new features for customers.
• Led planning and OKR creation for the Trust org, encompassing Platform Security, Identity and Access Management, Security Ops, and GRC, and tracked them through completion.
• Ensured privacy law compliance by understanding the flow of personal data and creating workflows to execute GDPR data subject requests.
• Developed company-wide training for Privacy best practices.
• Created a Slackbot using automation for security reviews and vulnerability tracking for product teams.
• Revamped the Bug Bounty Program, improving payouts and expanding the scope.
• Advocated best practices in project management, including Agile practices and regular status updates, increasing adaptability in dynamic environments and fostering a culture of continuous improvement.
• Led the vendor selection and management process for program initiatives.

Projects:

• Improved customer authorization by launching a centralized AuthZ library, deprecating old AuthZ mechanisms, launching resource-aware authorization, implementing new default admin roles, and enabling role customization.
• Implemented phishing-resistant MFA for Brex employees.
• Conducted GDPR data mapping and data deletion initiatives.
• Enhanced the Secure Product Lifecycle.

• Reviewed third-party SaaS, PaaS, and IaaS providers for their security controls and assessed their security posture.

• Collaborated with cross-functional teams to formulate strategies and workflow integrations to build strong security.

• Communicated identified or foreseeable internal and external risks to business owners and stakeholders.

• Supported the incident response team with third-party related incidents.

• Negotiated with business owners and vendors to work on reducing risks based on security best practices.

• Developed risk reports and dashboards and presented them to stakeholders and senior leaders.

• Identified gaps within the existing Vendor Security program at Adobe and drove process improvements.

Projects:

• Optimized the vendor security review process by classifying vendors into buckets and implemented effective solutions like auto-approvals.

• Developed a tool to verify the implementation of SSO for third-party vendors’ web applications.

• Worked with procurement to migrate the vendor security workflow from an old tool to an integrated procurement tool.

• Collaborated with a group of 20 individuals to plan and execute Adobe’s global Security Summit.

• Managed and drove remediation efforts related to information security – remediation from vulnerability scans

• Trained users to ensure system security and improve server and network efficiency

• Implemented incident response procedures to accommodate security requirements and reported violations