Summary
Overview
Work History
Skills
Custom
Languages
Work Availability
Timeline
TIRON ARAVINDA

TIRON ARAVINDA

Colombo

Summary

Leading cybersecurity initiatives within the enterprise finance and insurance sectors, this accomplished Information Security Manager brings over 15 years of experience in IT, including more than six years of dedicated specialization in information security within multinational environments. Demonstrates proven expertise in managing high-impact security programs such as DLP, SOC, PAM, and DORA, as well as implementing robust Governance, Risk, and Compliance (GRC) frameworks aligned with ISO 27001, NIST, GDPR, PCI DSS, and CBSL regulations. Skilled in developing effective security strategies, policies, risk mitigation measures, and incident response plans to safeguard critical assets and ensure regulatory compliance. Highly adept at building a strong culture of cybersecurity awareness across the organization and aligning security operations with business objectives to support secure growth and resilience.

Overview

12
12
years of professional experience

Work History

Chief Information Security Officer(CISO)

UB Finance PLC
No.10 , Daisy Villa Avenue, Colombo 04, , Sri Lanka
04.2026 - Current

Strengthen banking resilience by leading digital cybersecurity programmes with risk controls.
Improve recovery from sophisticated threats by operating effective defence readiness.
Enable strategic advantages by reducing enterprise risk through cybersecurity leadership.

Information-security- Risk Manager

Cargills Bank PLC
Colombo
12.2024 - Current
  • Align IT policies and processes to CBSL baseline security standards and frameworks.
  • Review information security systems coverage and staff processes for adequacy routinely.
  • Identify risks and external threats and strengthen people, processes, technologies controls.
  • Evaluate and strengthen existing controls across people, processes, and technologies.
  • Develop risk mitigation strategies that reduce likelihood and impact of incidents.
  • Maintain a risk reporting structure covering DLP, PAM, PT, and SOC.
  • Escalate exceptions properly and report risk assessments to management and committees.
  • Review risk register audit reports and external assessments like VAPT.
  • Improve risk and control environment using findings from compliance audits.
  • Collaborate with the information security team to manage IT/IS risk frameworks.
  • Develop dashboards and incident reports for visibility and governance.
  • Assess incident severity and maintain compliance with regulatory requirements.
  • Ensure full compliance with internal information security requirements.

Information-security-Assistant-manager

Allianz Insurance (Pvt)Ltd.
Colombo
10.2019 - 11.2024
  • Identified infrastructure weaknesses to stabilise systems and strengthen security controls.
  • Conducted regular penetration tests and vulnerability assessments to mitigate threats proactively.
  • Analysed emerging cyber threat trends and coordinated with IT on patching.
  • Enforced ISO 27001 and GDPR through ongoing policy checks and audits.
  • Maintained reliable backups and streamlined vulnerability management for faster remediation.
  • Delivered employee awareness training and ran risk assessments for security threats.

System Engineer

Richardson Technologies Pvt. Ltd.
Colombo
06.2018 - 09.2019
  • Delivered high-quality technical support by efficiently resolving issues and escalating complex problems when necessary.
  • Developed custom automation scripts to streamline routine tasks and boost productivity.
  • Applied strong problem-solving and root cause analysis skills to resolve complex technical challenges.
  • Enhanced overall system efficiency through effective implementation and optimization of hardware and software solutions.
  • Successfully managed multiple projects simultaneously, meeting tight deadlines while maintaining exceptional quality and performance standards.

System Engineer

Allianz Insurance (Pvt)Ltd.
Colombo
03.2016 - 06.2018
  • Provided expert technical support by resolving issues efficiently and escalating complex problems when necessary, ensuring high-quality service delivery.
  • Developed custom automation scripts to optimize routine processes and enhance productivity.
  • Applied advanced problem-solving and root cause analysis to address complex technical challenges.
  • Improved overall system performance through effective implementation and optimization of hardware and software components.
  • Strengthened network security by conducting regular vulnerability assessments and applying necessary patches.
  • Additionally, resolved operational issues related to LAN, WAN, and voice systems to maintain reliable and secure network operations.

IT Manager

ITES(Pvt)Ltd
Colombo
12.2014 - 06.2016
  • Led and coordinated IT operations to ensure seamless business continuity and strong technical performance.
  • Updated customers and senior leadership on project progress, challenges, and key milestones.
  • Guided the organization's technology strategy and roadmap development to align with business objectives.
  • Managed network and system performance through proactive troubleshooting, maintenance, and security patching.
  • Collaborated with project teams to quickly resolve technical issues and enhance operational efficiency.
  • Oversaw staff training and professional development initiatives to strengthen technical capabilities across the IT department.

Skills

  • GRC Management - (Archer-GRC)
  • Policy, Procedures &Guideline Development
  • Phishing Awareness,Security Awareness Training & Social Engineering (Knowbe4)
  • Assessment (Thirdparty vender,Gap,DR & Audit)
  • Project & Budget Coordination
  • Threat Intelligence ( SOCReader )
  • Vulnerability Management ( Qualys, Neass & BitSight)
  • SOC & SIEM Management ( Fortinet)
  • Identity and Access Management ( Forti PAM)
  • Data Loss Prevention ( GTB )
  • Network & Application SecurityGPAM

Custom

  • Yoshika Kehelpanna, CISO, Allianz Insurance (Pvt)Ltd, 94773283273, yoshika4@gmail.com
  • Janak Senanayaka, SVP, Soflogic Life (Pvt)Ltd, 94773284138, janakse@gmail.com

Languages

English
Upper Intermediate
B2

Work Availability

monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Timeline

Chief Information Security Officer(CISO) - UB Finance PLC
04.2026 - Current
Information-security- Risk Manager - Cargills Bank PLC
12.2024 - Current
Information-security-Assistant-manager - Allianz Insurance (Pvt)Ltd.
10.2019 - 11.2024
System Engineer - Richardson Technologies Pvt. Ltd.
06.2018 - 09.2019
System Engineer - Allianz Insurance (Pvt)Ltd.
03.2016 - 06.2018
IT Manager - ITES(Pvt)Ltd
12.2014 - 06.2016
TIRON ARAVINDA