J. RAJA MARIMUTHU
United Kingdom
Summary
Cybersecurity professional with expertise in cyber risk management, security governance, and zero trust architecture. Proven success in regulatory compliance and enterprise risk reduction, particularly in third-party and cloud risk governance. Experienced in developing investment roadmaps and information security strategies that facilitate cybersecurity transformation. Proficient in identity and privileged access governance, with a focus on control uplift across frameworks such as DORA, ECB, FRBNY, and MAS.
Overview
23
23
years of professional experience
1
1
Certification
Work history
Cybersecurity Program Director – Network & Cybersecurity
Deutsche Bank
, United Kingdom
2021.04 - 2026.04
- Accountable for multi-million Euro Cybersecurity portfolio, shaping enterprise security strategy and driving risk reduction across complex global banking environments
- Reduced enterprise attack surface by >90%, materially lowering lateral movement risk and strengthening resilience against ransomware-class threats
- Enabled regulatory uplift (F4/F3 → F2) and embedded continuous compliance under DORA
- Led investment prioritization strategy, balancing regulatory mandates with business continuity to successfully navigate DORA compliance requirements across legacy and modern platforms
- Defined multi-year cybersecurity roadmap aligned to regulatory expectations and enterprise risk priorities
- Delivered enterprise-wide network micro-segmentation transformation across critical banking infrastructure, eliminating lateral movement pathways with zero disruption to mission-critical services
- Led 125+ global engineering organization delivering concurrent cybersecurity transformation programmes across network security and regulatory domains
- Strengthened application and email security controls across 1,000+ domains, reducing exposure to application-layer attacks and phishing threats
- Delivered €1M cost optimization via automation and recertification (~20% AI-driven)
- Presented risk posture, control gaps, and remediation strategy to senior leadership and regulatory stakeholders under audit conditions
- Directed enterprise risk acceptance criteria and security control prioritization, actively balancing business continuity with strict regulatory mandates
- Governed enterprise risk exception lifecycle across complex transformation portfolios, safeguarding business continuity without compromising regulatory alignment
Program Director – Privileged Access Management
Deutsche Bank
, United Kingdom
2018.01 - 2021.04
- Accountable for strategy, roadmap, and end-to-end delivery of enterprise Privileged Access Management (PAM) transformation across infrastructure and application estates
- Secured 1,600 critical applications and 40,000 servers by achieving 95% reduction in privileged accounts, drastically minimizing insider threat exposure and closing major regulatory audit findings
- Enforced 100% brokered access (PSM) and 100% session monitoring
- Designed and implemented enterprise cryptographic access governance, technically eliminating lateral movement risks originating from unmanaged key pairs
- Achieved 90% estate onboarding, significantly reducing unmanaged privileged access across critical systems
- Delivered €1.6M programme on schedule with strong regulatory alignment
- Led 60+ global team across 7 locations, delivering multi-year enterprise PAM transformation under regulatory scrutiny
- Eliminated legacy access environments across enterprise, realizing €500K in cost savings while measurably reducing systemic risk and architectural complexity
Cybersecurity Program Manager – Third-Party Risk Management (TPRM)
Deutsche Bank
, United Kingdom
2016.02 - 2018.12
- Enabled secure enterprise cloud adoption by establishing rigorous third-party risk governance frameworks, integrated ISO 27001 and NIST controls to ensure all SaaS providers met stringent regulatory requirements prior to production
- Balanced business enablement with risk governance, enabling secure adoption of strategic cloud platforms without delaying enterprise initiatives
- Led security due diligence and architecture risk assessments for strategic cloud and SaaS adoptions, directly influencing enterprise technology adoption decisions
- Established cloud-aligned risk assessment framework integrating CSA, ISO 27001, and NIST controls for SaaS providers
- Strengthened third-party risk governance, ensuring secure onboarding of critical vendors prior to production deployment
- Governed global Country Exception process, risk-rating and managing regional security deviations across jurisdictions
- Influenced contractual security controls, embedding audit rights, data protection, and breach notification clauses
- Drove remediation of critical vendor security gaps, reducing third-party risk exposure across key platforms
- Enabled consistent risk evaluation and compliance posture across global vendor ecosystem
- Consultant via Tata Consultancy Services
Senior IT Infrastructure Manager – Test Environment & Audit Remediation
Deutsche Bank
, United Kingdom
2013.09 - 2016.12
- Accountable for global IT infrastructure operations, capacity forecasting, and large-scale regulatory remediation, ensuring enterprise test environments met rigorous internal and external audit standards
- Delivered enterprise-wide audit remediation across 1,000+ applications, enforcing compliance with 10 critical technology and process control attributes
- Strengthened control maturity and audit readiness across global test environments, reducing regulatory risk exposure
- Directed 50+ global resources across India and Singapore to drive infrastructure architecture build, and operational transition
- Transformed legacy environments into automated, on-demand self-service platforms, accelerating delivery cycles
- Enhanced system security posture through middleware hardening and structured threat assessment workflows
- Optimised infrastructure cost and capacity planning, aligning resources with enterprise development demand
Service Operations Manager – Trade Finance Applications
Deutsche Bank
2010.01 - 2013.08
- Led 24x7 operations and resilience strategy for mission-critical Trade Finance platforms, ensuring high availability, rapid incident recovery, and alignment with enterprise continuity requirements
- Designed and executed Disaster Recovery (DR) strategy, including failover testing and adherence to RTO/RPO objectives
- Led major incident and problem management, driving rapid resolution and root-cause elimination of critical outages
- Strengthened operational resilience and service stability across global production environments
- Consultant via Tata Consultancy Services
Test Environment Manager – Trade Finance
Deutsche Bank
2009.03 - 2009.12
- Managed large-scale test infrastructure (40+ midrange servers, 23 mainframe environments) and governed ITIL-aligned change control processes for global banking applications
- Consultant via Tata Consultancy Services
Project Lead & Application Release Manager
Deutsche Bank
2008.01 - 2009.02
- Governed release and change management across 20+ banking applications, directing end-to-end SDLC execution for the Domestic Payment Reengineering (DPR2) programme
- Consultant via Tata Consultancy Services
Project Lead – Domestic Payment Reengineering (DPR2)
Deutsche Bank
, United Kingdom
2006.07 - 2007.12
- Led core SDLC activities, production stability initiatives, and defect resolution lifecycle for critical European payment systems
Early Career Progression
IBM / GIES
2003.01 - 2006.12
- Progressed from mainframe development to application release and environment management roles, building foundational expertise in SDLC, production operations, and large-scale banking systems
Education
BE - Electrical and Electronics Engineering
Madras University
Chennai 2003.01 -
Skills
- Cyber Risk Management
- Security Governance
- Zero Trust Architecture
- Regulatory Compliance
- Enterprise Risk Reduction
- Third-Party and Cloud Risk Governance (TPRM)
- Investment Roadmaps
- Information Security Strategy
- Cybersecurity Transformation
- Identity and Privileged Access Governance (PAM)
- Control Uplift (DORA, ECB, FRBNY, MAS)
- Audit Remediation
- Security Architecture Strategy
Certification
- CISM
- CEH
- PMP
- PMI-ACP
- ITIL
EXECUTIVE CAREER HIGHLIGHTS
- Enterprise Risk Mitigation, Institutionalized Zero Trust segmentation across 35,000+ servers, reducing attack surface by >90% and materially limiting lateral movement risk
- Identity Transformation, Delivered enterprise-wide PAM programme eliminating 95% of privileged accounts and enforcing full session governance across critical systems
- Financial & Operational Efficiency, Realized €2M+ cost optimization through strategic vendor consolidation, automation, and AI-driven recertification
- Regulatory Uplift, Elevated control maturity ratings (F4/F3 → F2) and embedded continuous compliance aligned to DORA and ECB expectations
PERSONAL INFORMATION
Title: Enterprise Cybersecurity Leader
EXECUTIVE SCOPE
Multi-million portfolio ownership, 125+ global FTEs, Enterprise-scale cybersecurity transformation (Tier-1 banking), Regulatory remediation (ECB, DORA, FRBNY), €1M+ cost optimization delivered
Timeline
Cybersecurity Program Director – Network & Cybersecurity
Deutsche Bank
2021.04 - 2026.04
Program Director – Privileged Access Management
Deutsche Bank
2018.01 - 2021.04
Cybersecurity Program Manager – Third-Party Risk Management (TPRM)
Deutsche Bank
2016.02 - 2018.12
Senior IT Infrastructure Manager – Test Environment & Audit Remediation
Deutsche Bank
2013.09 - 2016.12
Service Operations Manager – Trade Finance Applications
Deutsche Bank
2010.01 - 2013.08
Test Environment Manager – Trade Finance
Deutsche Bank
2009.03 - 2009.12
Project Lead & Application Release Manager
Deutsche Bank
2008.01 - 2009.02
Project Lead – Domestic Payment Reengineering (DPR2)
Deutsche Bank
2006.07 - 2007.12
BE - Electrical and Electronics Engineering
Madras University
2003.01 -
Early Career Progression
IBM / GIES
2003.01 - 2006.12