Rahul Kohli is a Principal in KPMG’s Cyber Security Services and located in the Detroit office. He has more than 19 years of experience providing information security and identity and access management assistance to clients across a variety of industry verticals. His professional focus is helping organizations in all industries reduce the risk of cybercrime while complying with the applicable regulations, improving operational efficiency, and securely enhancing the end-user experience.
Professional and industry experience
Rahul serves as a member of the KPMG cybersecurity leadership team with responsibility for business development and execution of cyber security services, including identity management planning, implementation, and strategic security program transformation initiatives.
A selection of relevant experience is included below:
- Led an IAM implementation project for the technology client, including implementation of SailPoint IdentityNow and Okta cloud identity solution for user provisioning, Single Sign-on and Multi-factor authentication. Developed an application on-boarding factory model for the rapid on-boarding of applications.
- Developed a role-based access control (RBAC) and Segregation of Duties (SoD) strategy, architecture, and implementation plan for the Financial Services client. Created a framework and implementation roadmap which facilitated a streamlined and user-friendly experience, reducing security risks and enhancing overall risk awareness and education. The deliverables included RBAC governance uses cases, Role governance model, RBAC Implementation methodology, and a sample role model.
- Led a cybersecurity assessment and IAM strategy and implementation project for a Healthcare client, including implementation of SailPoint IdentityNow and Okta cloud identity solution for user provisioning, Single Sign-on and Multi-factor authentication. Developed an application on-boarding factory model for the rapid on-boarding of business units and applications.
- Led a cybersecurity assessment based on NIST CSF and development of cybersecurity strategy and roadmap project for a Technology client.
- Led enterprise-wide IAM implementation and managed services involving 300+ applications, 4 million+ identities of employees, contractors, business partners, and citizens. Implemented Consumer IAM leveraging API framework for the underlying IAM technologies to provide user registration, data synchronization, SSO, MFA, Identity Proofing, Access Certification, and Biometrics (POC).
- Delivery Manager and Technical Lead for the State government project for state-wide Identity, Credentialing, and Access Management. Responsible for delivering Identity, Credential and Access Management services based on various Federal and State standards including Identity Management, Single Sign-on, Identity Federation, Identity Proofing, Multi-factor authentication (MFA) for the State employees, contractors, 3rd party users, and citizens.
- Security Lead and Delivery Manager for the State government’s Department of Transportation project. Responsible for delivering Security and Privacy services including Identity and Access Management, Application Security, Data Security, and Infrastructure Security to help State comply with HIPAA, HiTech, PCI DSS, IRS 1075, DPPA, NIST 800-53, EO 504, 201 CMR 17.00, MGL Ch. 93 H and I Ref, and 201 CMR 17.00, MGL chapter 93 H and I, and other State-specific regulatory and compliance requirements.
- Delivery Manager for the citizen-facing IAM solution providing User
Provisioning, Access Management, Identity Federation, and Web Services Security
functions for 1.2 million user population. IAM services are provided to the
Service Oriented Architecture (SOA) based solution being implemented by the
State in compliance with Health Insurance Portability and Accountability Act
(HIPAA), National Institute of Standards and Technology (NIST) 800-53, Internal
Revenue Service (IRS) 1075, Payment Card Industry Data Security Standard
(PCI-DSS), and other State-specific regulatory and compliance requirements.
- Delivery Manager for the Identity and Access Management solution
providing User Provisioning, Access Management, Identity Federation for the
State government. The overall effort involved various initiatives such as
deployment of the IAM solution, IAM enhancements and extension project, and IAM
Operations project to provide Maintenance & Operations services for the IAM
Planned and led a strategy and architecture
review of a leading life sciences organization’s IAM environment. Developed the
roadmap and go-forward plan for the organization to achieve their desired IAM
maturity level for providing access to employees, contingent workers, and
third-party business partners, therefore, reducing risk and improving