Rasika Kularathna
Cyber Security Leader
Canberra
Summary
As a client-focused and technically minded professional in the Cyber Security field, I bring with me a diverse career spanning over 7 years. I have worked across various sectors, including retail, consumer products, aviation, telecommunications/media, mining, and Defence & Aerospace. Throughout my journey, I have acquired valuable transferable skills. My career began in technology consulting back in 2017, and since then, I have held roles ranging from system tester to business analyst, eventually transitioning into project management within the Cyber Security domain. Notably, I have been involved in critical digital identity projects across both federal government and private sectors. In these projects, I successfully delivered high-quality outcomes by constructing robust security solutions that enhance overall security posture. My expertise extends to utilizing frameworks such as Essential 8, ISM, and PSPF. Furthermore, I possess expertise in liaising with C-level stakeholders within federal government clientele to comprehend their unique cybersecurity challenges and propose appropriate solutions.
Overview
8
8
years of professional experience
Work History
Cyber Security (Identity) SME - Contract
Services Australia
10.2024 - Current
- Rasika was engaged by Services Australia to provide strategic security advise on the current IDAM solution implemented in the agency.
- Current State Analysis: Rasika performed a thorough current state analysis on the existing IDAM solution in the agency. This analysis included mapping the current business processes and a detailed analysis of the security posture of the solution.
- Essential Eight Uplift Projects: He was also engaged in a few Essential 8 uplift projects in the agency. His role was to provide specialized advice on implementing the solutions to achieve the Maturity Level 1/2.
- Cyber Solution Implementation Advisory: Rasika advised Services Australia on best-practices of IAM and PAM solution implementations by reviewing designs (both HLD/DLD).
- Engaging with C-level stakeholders: Engaged with the C-level stakeholders to communicate the cyber security risks, challenges and cyber project progress.
Senior Security Consultant - Contract
Australian National University
01.2024 - 10.2024
- Rasika served as a senior consultant at the Australian National University. In this role, he plays a crucial part in supporting two critical security projects (Identity and PAM) within the organization.
- Stakeholder Management: Rasika was responsible for managing the stakeholders across various business units across ANU for both PAM and Identity projects. These stakeholders consist of both technical and non-technical (including the senior executives of ANU).
- Business Case Preparation: Rasika prepared robust business cases for these projects, enabling the Information Security Office (ISO) to seek appropriate security solutions that effectively mitigate security risks.
- Current State Analysis: He was responsible for assessing the current state of the identity/PAM environments including detailed analysis of the current business processes.
- Requirements Gathering: Rasika conducted requirements gathering workshops with various internal and external stakeholders to understand the future state for the new identity and PAM solutions. He was responsible for developing the requirements traceability matrix for both projects.
- Cyber solutions Assessment: He engaged stakeholders across various business units to assess the current state of the organization’s identity systems.
- Engaging with C-level stakeholders: Engaged with the C-level stakeholders to communicate the cyber security risks, challenges and cyber project progress.
- Vendor engagement and evaluation: He engaged with various external vendors to understand the solution offerings and to assess the solutions against the business requirements.
- Requirement Documentation: Rasika meticulously developed comprehensive requirement documents for identity security solutions, ensuring alignment with organizational needs.
- Policy advises and drafting: He contributed to the drafting of security policies related to Privileged Access Management and Identity and Access Management.
- Stakeholder Workshops: Rasika conducted workshops with ISO stakeholders, aiming to uncover their security expectations from future identity security solutions.
- Product Evaluation: He assisted in evaluating various identity and PAM products, ensuring they meet requirements and align with the organization’s long-term security objectives.
- Cyber Solution Implementation Advisory: Rasika advised ANU on best-practices of IAM and PAM solution implementations by reviewing designs (both HLD/DLD). He ensures the technical requirements and technical designs are aligned.
Engagement Manager – PAM Implementation
Australian Taxation Office
12.2022 - 12.2023
- Rasika held the position of engagement manager for the Privileged Access Management (PAM) implementation project at the Australian Taxation Office (ATO). His key responsibilities encompassed:
- Project Management: Rasika actively contributed to the project leadership group, overseeing critical aspects such as schedule management, resource allocation, risk mitigation, and issue resolution. He ensured that the solution met the security and contractual requirements.
- Project Reporting: Rasika was responsible for the project status, issues and risks reporting to program level and executive management.
- Project Scope management: Rasika was involved in the project planning and initiation activities including scope negotiation.
- Stakeholder Engagement: Rasika actively engaged with stakeholders across various ATO branches to assess their current PAM capabilities and define the desired future state for PAM.
- Workshops Coordination: He coordinated and conducted initial PAM engagement workshops at the branch level, ensuring stakeholders were informed about the project’s scope and requirements.
- Documentation Support: Rasika assisted in preparing Security Risk Management Plan (SRMP) and System Security Plan (SSP) documentation, crucial for achieving security accreditation for the solution.
- Risk Identification and Mitigation: He collaborated with security architects and enterprise architects to identify risks associated with the PAM solution and understand effective risk mitigation strategies.
- Onboarding Roadmap: Rasika developed an onboarding roadmap and schedule to seamlessly onboard privileged accounts of ATO teams onto the CyberArk platform.
- Collaboration with Build Team: He closely collaborated with the CyberArk build team to define specific onboarding requirements tailored to different ATO teams.
- Security Documentation: He played a pivotal role in creating essential security documentation for the project, including the Incident Response Plan, High-level design, Detailed Design, and Test Strategy.
- Security Requirements Definition: Rasika worked alongside ATO’s cyber governance and security by design teams to articulate the security requirements specific to the CyberArk solution.
- External Service Providers Onboarding: He gathered CyberArk onboarding requirements for external service providers working with ATO through targeted workshops.
Client Engagement Manager – Cyber Security
Deloitte
04.2021 - 12.2023
- In his role as Cyber Security Manager at Deloitte Canberra, Rasika was engaged in numerous high-profile cyber projects for a variety of federal government clients.
- He boasts a wealth of experience in project delivery and has consistently delivered successful results for his federal government clients through the implementation of solid security solutions.
- In addition to his delivery responsibilities, he was also actively involved in several business development activities, which included:
- Building and maintaining positive relationships with prospective federal government clients.
- Responding to RFPs, RFQs, and RFIs from government clients.
- Participating in cyber industry events to establish relationships with vendors and the broader cyber community in Canberra.
- Identifying potential project opportunities for Deloitte and leading client discussions to understand their challenges and business needs.
- Keeping abreast of current market trends in Canberra to strategically position Deloitte with federal government clients.
Technical Business Analyst
Australian Government Security Sensitive Agency
06.2022 - 12.2022
- Rasika was actively involved with a security-sensitive federal agency in Canberra, assisting them in mapping their current-state business processes and defining the future state.
- In this role, he leveraged frameworks such as the Essential Eight maturity model, the Information Security Manual (ISM), and the Protective Security Policy Framework (PSPF) to analyze the agency’s existing business processes.
- His objective was to align these processes with the Essential Eight, ISM, and PSPF guidelines, ultimately enhancing the organization’s overall security posture.
Senior Technical Business Analyst – IAM Implementation Project
Commonwealth Bank
07.2021 - 06.2022
- Rasika has been actively engaged with two teams in the CBA SailPoint IIQ implementation project:
- Application Onboarding Team: Rasika plays a pivotal role in the Application Onboarding team. His responsibilities include:
- Engaging with Service Owners and Service Managers of IT services to communicate onboarding timelines and assess the readiness of these services for SailPoint IIQ integration.
- Collaborating with Service Owners/Managers, external vendors, and subject matter experts (SMEs) to agree on approved integration patterns (AD/SCIM/Direct Connect) for IT service onboarding.
- Facilitating triage workshops with internal and external stakeholders to understand the current state of IT services and map out the future state.
- Coordinating with the Analyze and Build teams to prioritize IT services for onboarding.
- Providing status updates to senior leadership teams regarding triaging activities, risks/issues, and pain points.
- Assisting the project manager in identifying priority IT services for onboarding and driving funding discussions where remediation is necessary.
- SailPoint Build Team: Rasika was an integral part of the SailPoint Build team, actively contributing to build and test activities across various releases:
- Executed SailPoint build activities based on business requirements provided by CBA.
- Developed a test library to support the building team’s activities and address gaps identified in test/defect management processes.
- Created documentation in Confluence, including test summary reports, business process diagrams/flows, and test process flows.
- Conducted system testing and unit testing for ongoing releases.
- Coordinated test automation activities across different teams.
Senior IAM Business Analyst
Australian Federal Police
04.2021 - 05.2021
- Rasika held the position of Senior Business Analyst and Test Analyst within the Australian Federal Police (AFP) during a critical SailPoint Implementation Project. His multifaceted role encompassed various responsibilities, each contributing to the successful execution of the project:
- Business Requirements Gathering and Documentation: Rasika actively engaged with stakeholders to meticulously gather and document the business requirements for the Joiner (onboarding) lifecycle processes at AFP. These requirements formed the foundation for subsequent phases of the project, ensuring alignment with organizational needs.
- End-to-End Test Case Development: He played a pivotal role in constructing comprehensive end-to-end test cases specifically tailored for the joiner processes. These test cases were meticulously designed to validate the functionality, security, and reliability of the system.
- Test Documentation Creation: Rasika developed essential test documents to support the project’s execution: Test Execution Plans: These detailed the approach, scope, and resources required for testing during different releases. Test Instructions for UAT (User Acceptance Testing): These guided end-users through the testing process, ensuring thorough validation. Defect Logs: These documented any identified defects, facilitating efficient resolution.
- End-to-End System Testing: He actively performed rigorous end-to-end system testing for the joiner processes. This involved simulating real-world scenarios to validate the system’s functionality, data flow, and integration points.
- Stakeholder Workshops: Rasika conducted workshops with key business stakeholders, including system owners, the Human Resources team, and the payroll team. These workshops served as crucial communication channels, ensuring that all relevant parties were informed about the project’s progress, timelines, and release plans.
Senior IAM Business Analyst
Australian Bureau of Statistics
02.2020 - 11.2020
- Company Overview: PwC
- Rasika held a dual role as a Senior Business Analyst and Test Analyst during a significant Oracle Identity Manager (OIM) to SailPoint migration project. This project, which marked PwC’s largest Government Identity Implementation to date, involved critical transformations within the agency’s identity lifecycle processes.
- Technical Requirements Gathering: Rasika actively engaged with stakeholders to meticulously gather technical requirements for the identity lifecycle processes (Joiner, Leaver, Rehire) within the agency. These requirements formed the bedrock for subsequent phases of the project, ensuring alignment with organizational needs.
- User Stories Development: He skillfully translated these technical requirements into detailed user stories using JIRA, a widely used project management tool. These user stories served as essential building blocks for the development and testing phases.
- Test Case Creation: Rasika meticulously developed test cases in JIRA, specifically tailored to address the identity lifecycle requirements and use cases. These test cases were designed to rigorously validate the functionality, security, and reliability of the system.
- Stakeholder Engagement and Showcases: He facilitated end-of-sprint showcases, demonstrating the developed SailPoint IdentityIQ (IIQ) functionalities to relevant stakeholder groups. These showcases provided transparency, elicited feedback, and ensured alignment with stakeholder expectations.
- End-to-End Testing and UAT: Rasika actively performed end-to-end testing for both the Leaver and Joiner processes, including User Acceptance Testing (UAT). Rigorous testing validated the system’s behavior across the entire identity lifecycle.
- Regression Testing Support: He assisted agency resources in executing regression testing for production releases. This involved ensuring that existing functionality remained intact after system updates.
- Defect Management and UAT Execution: Rasika took responsibility for managing defects across different test environments, diligently tracking them until resolution. He personally executed UAT for the first production release, specifically focusing on the Leaver Processes.
- Active Participation in Agile Ceremonies: He actively engaged in agile ceremonies, including Sprint reviews, retrospectives, showcases, and sprint planning sessions. These ceremonies fostered collaboration, continuous improvement, and alignment with project goals.
- PwC
IAM Business Analyst/Test & Defect Coordinator, Software Engineering Senior Analyst
Defence
09.2018 - 07.2019
- Company Overview: Accenture
- Rasika has held the pivotal role of a Test and Defect Management Coordinator within an Identity and Access Management (IAM) project. His multifaceted responsibilities spanned various critical aspects of the project’s execution:
- Requirements Traceability Matrix (RTM) Maintenance: Rasika collaborated closely with the lead Business Analyst to meticulously maintain the Requirements Traceability Matrix (RTM). The RTM served as a crucial document, ensuring alignment between project requirements and subsequent phases.
- End-to-End Test Case Development: He actively participated in building comprehensive end-to-end test cases specifically tailored for the IAM solution. These test cases were meticulously designed to validate the functionality, security, and reliability of the system.
- Defect Triage and Ongoing Releases: Rasika assumed responsibility for defect triaging throughout the project’s lifecycle. Rigorous defect management ensured timely resolution and maintained the quality of the solution across different releases.
- ISM and Essential 8 Compliance: He diligently ensured that ISM (Information Security Manual) and Essential 8 control requirements were accurately implemented and rigorously assessed. Compliance with these security standards was paramount to the project’s success.
- Project Reporting and Escalation: Rasika actively contributed to project reporting, providing regular updates on testing progress, status, and any identified issues. Daily status presentations and timely escalation of critical matters were integral to effective project management.
- Stakeholder Coordination and Test Execution: He skilfully coordinated test execution across different business and technical teams within the department. Effective collaboration ensured seamless testing activities and alignment with project goals.
- Test Planning and Data Preparation: Rasika took charge of test planning, meticulously preparing for different releases. This involved managing test data, ensuring comprehensive coverage, and aligning testing efforts with project milestones.
- Accenture
SAP Deployment Coordinator, Software Engineering Analyst
Glencore
01.2018 - 08.2018
- Company Overview: Accenture
- Rasika has held the role of Deployment Coordinator for two divestment projects within a multinational mining client. His responsibilities encompassed critical aspects of project execution:
- Project Coordination: Rasika actively coordinated the deployment activities for both divestment projects. This involved ensuring seamless collaboration between key business stakeholders, the project team, and third-party vendors. Communication primarily occurred through email, conference calls, and meetings.
- Deployment Planning and Execution: He provided crucial support to the deployment lead in executing a comprehensive deployment plan. This plan covered work planning, scheduling, metrics, and resource allocation. Rasika actively managed deployment execution, including Dress Rehearsals and Actual Cutover.
- Data Alignment and Collaboration: He collaborated closely with the data team to align data provisioning and deployment activities. Ensuring data consistency and accuracy was essential for successful deployment.
- Project Reporting and Escalation: Rasika played a pivotal role in project reporting, providing regular updates on deployment progress, status, and any identified issues. Daily status presentations and timely escalation of critical matters were integral to effective project management.
- Accenture
PMO Coordinator, Software Engineering Analyst
Lion Australia
07.2017 - 09.2017
- Company Overview: Accenture
- Rasika brings extensive expertise as a PMO Coordinator within a major SAP implementation project in the food and beverage industry. As the primary point of contact for project management inquiries, Rasika’s focus centered on resource management.
- Key Contributions: Resource Onboarding and Offboarding: Rasika efficiently managed the onboarding and offboarding processes for project resources.
- Resource Tracking and Visualization: Rasika actively participated in resource tracking initiatives, skillfully constructing dashboards to visualize resource supply and demand.
- Resource Forecasting and Reporting: Rasika played a pivotal role in resource forecasting, consistently providing status reports to both the PMO lead and the client.
- Vendor Performance Reporting: Rasika took charge of preparing the end-of-financial-year Vendor Performance Report, highlighting Accenture’s successful fulfillment of contractual obligations.
- Accenture
Tech Delivery & Operations Excellence Practitioner, Software Engineering Analyst
NBN Australia
05.2017 - 07.2017
- Company Overview: Accenture
- Rasika has contributed to the regional deployment team at Australia’s largest telecommunications provider, serving as a Tech Delivery & Operations Excellence Practitioner. In this role, Rasika played a pivotal part in ensuring seamless operations and efficient data management.
- Key Responsibilities: Asset Transfer and Data Management: Rasika actively participated in managing the underlying copper network, overseeing asset transfers and data-related processes.
- Timely Operational Reporting: Rasika ensured the accurate and punctual delivery of both ad hoc and standard operational reports.
- Performance Analysis: Rasika meticulously analyzed designated performance metrics, including financial, satisfaction, and operational indicators.
- Root Cause Investigation: When necessary, Rasika conducted root cause analyses, such as examining customer satisfaction survey results.
- Collaboration and Process Improvement: Rasika collaborated with cross-functional teams to access and comprehend data for analysis, identifying opportunities for process enhancement.
- Insightful Reporting: Rasika’s coordination across multiple operations and teams added valuable insights to reporting, supporting overall reporting needs.
- Accenture
Education
Bachelor of Business Informatics -
University of Canberra
10-2014
Master of Business Administration - Cyber Security Leadership
AGSM (UNSW)
03-2026
Skills
- Cyber Security
- Project Management
- Identity and Access Management
- Stakeholder Management
- Risk Assessment
- Cyber Policy reviews
- Security Reviews
- Business Analysis
- System Testing
- Test Management
- Identity Governance
- Privileged Access Management
- JIRA
- Confluence
- SailPoint
- CyberArk
- BeyondTrust
- ISM
- PSPF
- Essential eight maturity model
- Vulnerability Management
Certification
- AWS Certified Cloud Practitioner
- Professional Scrum Master (PSM 1)
- PRINCE2 Foundation
- SailPoint IdentityIQ Introduction eLearning
- SailPoint IdentityNow Introduction eLearning
- Identity Implementation: Advanced Provisioning and Workflows v8.1
- ForgeRock Access Management Fundamentals
- CISSP (On-going)
Industries
- Federal Government
- Financial Services & Higher Education
- Mining
- Telecommunications
Timeline
Cyber Security (Identity) SME - Contract
Services Australia
10.2024 - Current
Senior Security Consultant - Contract
Australian National University
01.2024 - 10.2024
Engagement Manager – PAM Implementation
Australian Taxation Office
12.2022 - 12.2023
Technical Business Analyst
Australian Government Security Sensitive Agency
06.2022 - 12.2022
Senior Technical Business Analyst – IAM Implementation Project
Commonwealth Bank
07.2021 - 06.2022
Client Engagement Manager – Cyber Security
Deloitte
04.2021 - 12.2023
Senior IAM Business Analyst
Australian Federal Police
04.2021 - 05.2021
Senior IAM Business Analyst
Australian Bureau of Statistics
02.2020 - 11.2020
IAM Business Analyst/Test & Defect Coordinator, Software Engineering Senior Analyst
Defence
09.2018 - 07.2019
SAP Deployment Coordinator, Software Engineering Analyst
Glencore
01.2018 - 08.2018
PMO Coordinator, Software Engineering Analyst
Lion Australia
07.2017 - 09.2017
Tech Delivery & Operations Excellence Practitioner, Software Engineering Analyst
NBN Australia
05.2017 - 07.2017
Bachelor of Business Informatics -
University of Canberra
Master of Business Administration - Cyber Security Leadership
AGSM (UNSW)
Similar Profiles
Merna YokhanaMerna Yokhana
Centrelink Service Officer - APS4 at Services AustraliaCentrelink Service Officer - APS4 at Services Australia
Mai HuynhMai Huynh
Team Leader at Services AustraliaTeam Leader at Services Australia
AMADOUR BAPTISTEAMADOUR BAPTISTE
APS 4 Service Officer at Services AustraliaAPS 4 Service Officer at Services Australia
Nicole DunkNicole Dunk
Customer Service Officer at Services AustraliaCustomer Service Officer at Services Australia
Pranav SureshPranav Suresh
Front Desk Administrator at JRS and Co. Chartered AccountantsFront Desk Administrator at JRS and Co. Chartered Accountants