Umit Aslan
@umitaslan
Cybersecurity and AI governance executive building risk-informed security platforms for regulated innovation.
United StatesWhat I'm looking for
I’m a cybersecurity and AI governance executive with 20+ years of Enterprise Risk Executive experience designing and operating enterprise-scale governance and security systems across financial services, technology, retail, and other regulated industries. I translate regulatory pressure, emerging technology risk, and business velocity into pragmatic operating models that keep security defensible and accountability clear.
In my current role as Head of Cybersecurity Products & Platforms at Capital One, I led the convergence of security platforms and operating models across Capital One and DFS environments—delivering full security parity within 12 months and establishing a unified enterprise security baseline. I restructured the cybersecurity operating model around core risk imperatives, eliminating redundancy, accelerating delivery timelines by 20%, and reducing sustained resource demand by over 40%.
I’ve also built governance that scales from point-in-time compliance to continuous, risk-informed operations, including enterprise policy and control standardization at Amazon. I led generative AI governance and security standards, and in parallel I develop AI guardrails, governance models, and control requirements that enable faster AI agent and AI-enabled product deployment while maintaining model accountability, data protection, and regulatory alignment.
Experience
Work history, roles, and key accomplishments
Head of Cybersecurity Products
Capital One
Jan 2025 - Present (1 year 5 months)
Led convergence of cybersecurity platforms and operating models across Capital One and DFS environments, achieving security parity within 12 months. Redesigned the organizational model around core risk imperatives, eliminating redundant programs, accelerating delivery by 20%, and reducing sustained resource demand by 40%+.
Head of Security Policy & Governance
Amazon
Jan 2022 - Jan 2025 (3 years)
Overhauled Amazon’s enterprise information security and privacy governance framework to address scalability and design gaps. Improved ISO certification outcomes by 25% and reduced policy exceptions by 43% in the first year.
Managing (Senior) Director
Richey, May, & Co., LLP
Jan 2020 - Jan 2022 (2 years)
Served as trusted executive advisor and interim CISO/CRO, stabilizing security and risk programs during regulatory and leadership transitions. Cut breaches by 25% and compliance issues by up to 45%, while minimizing incidents and regulatory fines by 40%.
Director - Cyber Transformation & GRC
KPMG
Jan 2018 - Jan 2020 (2 years)
Designed and implemented GRC frameworks across technology, entertainment, finance, healthcare, and energy clients to address HIPAA, NIST, PCI-DSS, ISO, GDPR, and CCPA requirements. Led GRC product development for cloud migrations, emphasizing scalability, security, and usability, while delivering multiple $10M+ engagements in parallel.
Senior Security & Privacy GRC
Edgile
Jan 2017 - Jan 2018 (1 year)
Provided security and privacy GRC leadership to support enterprise governance and compliance outcomes. Translated regulatory requirements into actionable governance and controls aligned to business objectives.
Information Security & Privacy GRC Manager
PwC
Jan 2014 - Jan 2017 (3 years)
Managed information security and privacy GRC engagements, aligning controls and governance to regulatory and audit expectations. Supported enterprise risk management by operationalizing governance processes and assurance activities.
Junior Privacy Officer
HSBC
Jan 2013 - Jan 2014 (1 year)
Supported privacy governance activities by helping translate privacy obligations into practical compliance practices. Contributed to maintaining defensible privacy controls within a regulated environment.
Security & Privacy Consultant
Deloitte
Jan 2010 - Jan 2013 (3 years)
Consulted on security and privacy GRC initiatives, helping clients mitigate risk and comply with applicable requirements. Delivered governance approaches that improved clarity, control traceability, and compliance readiness.
Education
Degrees, certifications, and relevant coursework
University of Florida
Master of Science, Information Systems & Operations Management
Earned an MS in Information Systems & Operations Management.
University of Florida
Bachelor of Science, Decision & Informational Science
Earned a BS in Decision & Informational Science.
Tech stack
Software and tools used professionally
Availability
Location
United StatesAuthorized to work in
Job categories
Skills
Interested in hiring Umit?
You can contact Umit and 90k+ other talented remote workers on Himalayas.
Message UmitFind your dream job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
