Open to opportunities

Sajeev Raj

@sajeevraj

Message

Information security & GRC leader building audit-ready ISMS and reducing risk.

Malaysia

Message

What I'm looking for

I want to lead enterprise ISMS/GRC initiatives—align controls to ISO 27001 and SOC 2, automate evidence and risk workflows, and deliver board-ready risk reporting. I thrive building audit-ready programs with measurable reductions in manual dependencies.

I’m an Information Security and GRC leader with 18 years of IT experience, including 11+ years building governance, risk, and compliance programs that stand up to real audits. I’ve designed and implemented enterprise ISMS from inception, achieving ISO/IEC 27001:2022 and SOC 2 certifications with zero findings.

I lead security teams and bring structure to risk and control ownership—defining ISMS scope, governance models, risk methodologies, and reusable controls that reduce duplication across regional operations. I’m known for board-level risk reporting and for centralizing and automating GRC workflows so evidence is always ready, remediation is trackable, and compliance culture becomes operational—not manual.

Experience

Work history, roles, and key accomplishments

Current

Information Security Manager

Current

Aventra Group Sdn. Bhd.

May 2023 - Present (2 years 11 months)

Designed and implemented an enterprise ISMS from inception, achieving ISO 27001:2022 and SOC 2 certifications with zero findings. Led a security team of 3, defined ISMS governance and risk methodology, centralized audit evidence, and initiated GRC platform centralization/automation for reporting and audit tracking.

ISO 27001 SOC ISMS GRC Risk Management Audit Evidence

Service Management & InfoSec Manager

Aventra Group Sdn. Bhd.

Dec 2021 - Apr 2023 (1 year 4 months)

Established ITIL-aligned service management processes and integrated operational controls with ISO 27001 and SOC 2 requirements to maintain audit-ready operations. Developed access governance, change management, and asset lifecycle management policies, and supported audits using evidence management and remediation tracking.

Change Management ISO 27001 SOC Access Governance

IT Services Manager

IBM CIC

Mar 2019 - Nov 2021 (2 years 8 months)

Managed IT operations, infrastructure services, vendor governance, and business continuity planning while supporting compliance with ISO standards and corporate policies. Led major IT projects including network migrations, IPv6 enablement, Wi-Fi upgrades, and disaster recovery, and supported internal/external audits.

IT Operations Management Infrastructure Services Vendor Governance Business Continuity Planning Disaster Recovery IPv6 Wi Fi Upgrades ISO Compliance Support Audit Support

ASEAN Security & Compliance Advisor

IBM CIC

Nov 2015 - Apr 2017 (1 year 5 months)

Managed security and compliance activities across Malaysia and the Philippines, conducting audits, access reviews, and risk assessments. Acted as primary audit focal point and advised regional stakeholders on security governance, control alignment, and audit readiness.

Security Governance Compliance Management Internal Auditing Risk Assessment Control Alignment Regional Compliance Oversight

Technical Project Lead

IBM CIC

May 2015 - Nov 2015 (6 months)

Led Microsoft technology delivery for a client engagement by automating large-scale Windows Server migrations using PowerShell. Provided technical support for Hyper-V and Citrix environments.

PowerShell Server Migration Hyper V Citrix Automation Systems Engineering