Hello, I'm

Prudhvi Ananthula

US Head of IAM Operations @ Santander Bank, N.A. | Identity Governance, Regulatory Compliance | IEEE & ACM TKDD/TOIT Reviewer | CISM, CISA

Building identity and access management programs that meet the highest bar of regulatory scrutiny in global banking — spanning 200,000+ digital identities across workforce, privileged, and non-human accounts.

View My Work Get in Touch
Prudhvi Ananthula
About Me

Professional Background

I build identity and access management programs that meet the highest bar of regulatory scrutiny in global banking — spanning 200,000+ digital identities across workforce, privileged, and non-human accounts.

As US Head of IAM Operations at Santander Bank, N.A., I lead enterprise identity governance within one of the most complex regulated environments in financial services. The work spans Federal Reserve, OCC, FDIC, and FFIEC oversight, and has consistently delivered clean audit outcomes since 2017. At the center of my work is the Zero-Defect IAM Policy Framework — a methodology that embeds compliance directly into control design. PwC recognized elements of the framework as industry-leading.

Beyond operations, I contribute as an IEEE and ACM peer reviewer, published author, and cybersecurity awards judge. MS in Computer Science and Information Systems from the University of Michigan. 15+ years across banking, telecom, and aviation.

View Full Profile
0
Years Experience
0
K+ Identities Managed
0
Certifications
0
Publications
Expertise

Areas of Expertise

Identity Governance & Administration

SailPoint IdentityIQ engineering, Joiner-Mover-Leaver lifecycle management, and access recertification at enterprise scale.

Privileged Access Management

Designing and operating PAM solutions for privileged accounts, service accounts, and API credentials across hybrid infrastructure.

Regulatory Compliance

Federal Reserve, OCC, FDIC, and FFIEC regulatory readiness. Zero-Defect IAM Policy Framework for audit-grade control design.

Zero Trust Architecture

Implementing Zero Trust controls for workforce and machine identities across hybrid cloud and on-premises environments.

Non-Human Identity (NHI) Governance

Governance programs for service accounts, API credentials, and machine identities that traditional IAM overlooks.

AI-Driven Identity Analytics

Leveraging AI for identity risk detection, access anomaly identification, and intelligent governance automation.

Impact & Innovations

What I Built

Enterprise platforms, commercial products, published apps, and passion projects — systems I designed, built, and shipped across my career.

Enterprise Contributions

Executive IAM Intelligence Dashboard

Designed and built a real-time executive dashboard for a top-10 US bank, providing leadership and regulators instant visibility into hundreds of applications, hundreds of thousands of accounts, and compliance posture across multiple business entities. Features multiple analytical views including application inventory, certification status, owner analysis, data quality scoring, compliance matrix, and workgroup directory — replacing weeks of manual report generation with one-click compliance intelligence for SOX, GLBA, and risk oversight.

Executive Intelligence Multi-Entity SOX/GLBA Real-Time

SailPoint Certification Plugin Commercialized

Created a SailPoint IdentityIQ plugin that transforms the certification review experience — enabling batch decision updates, enhanced workflows, and streamlined reviewer actions that dramatically reduced certification completion time. The plugin's effectiveness led to it being commercially adopted as a product and offered to other SailPoint customers. Original intellectual property that evolved from an internal efficiency tool into a revenue-generating solution.

SailPoint Plugin Commercialized Batch Decisions Original IP

Zero-Defect IAM Policy Framework

Developed a methodology that embeds regulatory compliance directly into control architecture — eliminating last-minute audit scrambles. A Big Four firm formally recognized elements as "industry-leading." The framework anchors how a major financial institution delivers examiner confidence at scale across Federal Reserve, OCC, FDIC, and FFIEC oversight.

Big Four Recognized 4 Regulators Clean Audits

Enterprise Identity Platform — Ground-Up Build

Led the full SailPoint IdentityIQ implementation from scratch at a major financial institution — building Joiner-Mover-Leaver lifecycle workflows, access recertification campaigns, and governance reporting across hundreds of thousands of digital identities. The platform directly addressed regulatory enforcement actions and delivered consistently clean audit outcomes.

SailPoint IIQ Full Implementation Regulatory Remediation

Identity Sync Optimization — 90% Faster

Engineered delta aggregation and partition tuning for Azure AD identity synchronization, achieving 80–90% runtime reduction. Optimized API pagination to reduce cloud API calls by 10x and eliminated database connection leaks from long-running search operations.

90% Runtime Cut 10x Fewer API Calls Performance Engineering

Operations Monitoring & Automation Suite

Built a multi-component monitoring platform tracking hundreds of applications across multiple business entities — with automated vendor alerting, file pre-validation, KRI compliance reporting, and an email-integrated feed loader that eliminated manual data handling from IAM operations entirely.

Python Automation KRI Reporting

Compliance Certification Automation

Architected automated certification campaigns for SOX and GLBA compliance — dynamic configuration, intelligent exclusion logic, and multi-certifier workflows that eliminated manual audit preparation across hundreds of regulated applications.

SOX GLBA Automated Campaigns

Non-Human Identity Governance

Pioneered governance programs for service accounts, API credentials, and machine identities — closing a critical gap that regulators flagged across the industry. This operational experience directly informed published research on NHI threats and Zero Trust.

NHI Service Accounts Informed Research

Decentralized IAM Management Portal

Built a custom governance portal for applications not yet onboarded to the enterprise identity platform — providing full governance coverage across the entire application estate without mandating platform migration. A pragmatic bridge that closed audit gaps while onboarding continued in parallel.

Custom Portal Gap Coverage Pragmatic Governance

AI/ML Peer Group Analysis for Access Reviews

Implemented machine learning for intelligent access certifications. The system tells managers: "99% of people in this role have this access — safe to approve" or flags outliers: "This user is the ONLY person in Finance with admin access to this server." Reduced review fatigue and improved decision quality across thousands of certification decisions.

Machine Learning Peer Group Intelligent Reviews

Custom IAM Automation Suite — 12+ Tools

Designed and built a comprehensive in-house toolset: Schema Checker, Pre/Post Cert Validations, Mass Email Generator, Health Check Monitors, Logs Cleaner, Auto ScreenPrints (RPA for auditors), Automated KRI Reporting, Instant Report Pulls, Threshold Monitoring, Uncorrelated Analysis Engine, and the IMP (One Stop Shop) Portal — eliminating hundreds of hours of manual operational work annually.

12+ Tools RPA KRI Automation

Zero Trust Access Program

Led the enterprise-wide Zero Trust Access initiative — shifting the network model from implicit trust to continuous verification of Identity, Device Health, and Context on every access request. Architected the transition across a global financial institution's infrastructure.

Zero Trust Continuous Verification Enterprise-Wide

CyberArk Database PAM Governance

Onboarded critical databases (SQL Server, Oracle) with built-in super-admin accounts (SA, SYS) into CyberArk PAM governance — extending privileged access management to the data layer and closing a significant audit gap for database administrator access.

CyberArk Database PAM Privileged Access

HR Migration & Entity Consolidation

Led the IAM implications of an Oracle Fusion to Workday HR migration and a multi-entity corporate consolidation — ensuring lifecycle controls, access integrity, and audit continuity remained intact through both platform changes and organizational restructuring.

HR Migration Entity Merge Access Integrity

Passion Projects & Independent Ventures

AI Smart Email Responder Independent

Built an intelligent email automation system that works completely offline with no LLM dependency. Detects email categories from subject/sender patterns, extracts context (ticket numbers, names, dates), generates context-aware responses, and learns from rejected drafts to improve over time. Privacy-first AI that runs locally without sending data to external APIs. Designed for potential commercial use.

Offline AI No LLM Pattern Learning Privacy-First

Naypex — Photo Cleaning App Free on App Store

Published mobile app that intelligently identifies duplicate photos, screenshots, social media downloads, and large videos to reclaim phone storage. Features timestamp-based duplicate grouping, device-aware screenshot detection, low-resolution social media identification, and resolution-based video bitrate estimation. A free tool built to help people — no monetization, just impact.

App Store React Native Media Analysis Free

Stock Trading Assistant Passion Project

A comprehensive Python toolkit for scanning markets, analyzing stocks with 12+ technical indicators, generating ranked trade signals, managing risk, backtesting strategies, and practicing with paper trading. Built to explore quantitative finance and algorithmic trading concepts. Educational purposes only — not financial advice.

Python 12+ Indicators Backtesting Paper Trading
Research

Publications & Research

ORCID LinkedIn Publications
2026

The Strategic Value of AI-Driven Physical Identity and Access Management

IEEE ICSSAS 2026 • International Conference on Smart Systems and Advanced Security

P. Ananthula

IEEE AI & IAM Peer-Reviewed
2026

Methodological Analysis of Translating Ambiguous Federal Mandates into Binary Engineering Controls for Zero-Defect Audit Outcomes

Trade Publication • Cybersecurity & Regulatory Compliance

P. Ananthula

Regulatory Zero-Defect IAM
2026

The Insider Threat You Didn't Hire

Security Magazine • Non-Human Identity & Zero Trust

P. Ananthula

NHI Zero Trust Cybersecurity
2026

American Journal of Technology — Vol. 5, Issue 3

American Journal of Technology • DOI: 10.58425/ajt.v5i3.506

P. Ananthula

Journal DOI Peer-Reviewed
2026

Trade & Industry Publications

Dark Reading • SC Media • CIO.com • Finextra

P. Ananthula

Dark Reading SC Media CIO.com Finextra
Pending

Under Review — Harvard Business Review & CSA Journal

HBR • Cloud Security Alliance Journal

P. Ananthula

HBR CSA Under Review
Engagements

Speaking & Media

IEEE ICSSAS 2026
Conference Paper

The Strategic Value of AI-Driven Physical Identity and Access Management

2026 • IEEE ICSSAS

Authored paper on leveraging AI for physical identity governance — bridging logical and physical access controls in enterprise environments.

Trade Publication
Thought Leadership

The Insider Threat You Didn't Hire — Non-Human Identity Risk

2026 • Cybersecurity Publication

Published analysis of non-human identity threats — service accounts, API keys, and machine credentials that bypass traditional IAM controls.

Zero Trust & IAM
Trade Authorship

Zero-Defect Audit Outcomes — Translating Federal Mandates into Engineering Controls

2026 • Regulatory Compliance

Methodological analysis of translating ambiguous federal regulatory mandates into binary engineering controls that deliver zero-defect audit results.

View All on LinkedIn
Service

Judging & Review Roles

2026

Awards Judge — Cyber Defense Magazine Global InfoSec Awards

Evaluated cybersecurity products and innovations for one of the industry's most recognized award programs.

2026

Awards Judge — Fortress Cybersecurity Awards

Assessed enterprise cybersecurity solutions and recognized excellence in security innovation.

2026

Technical Program Committee Reviewer — IEEE ICSCAI 2026

TPC Reviewer for 10 papers at IEEE International Conference on Smart Computing and AI (Technically Sponsored by IEEE UP Section).

2026

Reviewer — IEEE ICSSAS 2026

Peer reviewer for IEEE International Conference on Smart Systems and Advanced Security.

Academic Service

Conference Management & Review

Contributing to the academic community through conference management, peer review, and technical program committee roles via CMT (Conference Management Toolkit).

Technical Program Committee

IEEE ICSCAI 2026

IEEE UP Section • Int'l Conference on Smart Computing and AI

TPC Reviewer evaluating paper submissions and shaping the conference technical program. Technically sponsored by IEEE UP Section.

2026 10 Papers Reviewed
Reviewer

IEEE ICSSAS 2026

IEEE • Int'l Conference on Smart Systems and Advanced Security

Reviewed research submissions on smart systems and security, providing detailed technical feedback to authors.

2026 Peer Review
Journal Reviewer

ACM Transactions on Knowledge Discovery from Data (TKDD)

Association for Computing Machinery (ACM)

Peer reviewer for ACM TKDD, evaluating manuscripts on knowledge discovery, data mining, and analytics.

2026 Ongoing
Journal Reviewer

ACM Transactions on Internet Technology (TOIT)

Association for Computing Machinery (ACM)

Peer reviewer for ACM TOIT, assessing research on internet systems, protocols, and security technologies.

2026 Ongoing
Recognition

Awards & Recognitions

ACM Certified Reviewer

Association for Computing Machinery

April 2026

Earned ACM Certified Reviewer credential recognizing expertise in scholarly peer review for TKDD and TOIT journals.

IEEE TPC Reviewer — ICSCAI 2026

IEEE UP Section

2026

Selected as Technical Program Committee Reviewer for 10 papers at IEEE International Conference on Smart Computing and AI.

Zero-Defect IAM Framework — "Industry-Leading"

PwC Recognition

2021

PwC formally recognized the Zero-Defect IAM Policy Framework controls as "industry-leading" during regulatory audit engagement.

Credentials

Certificates & Credentials

CISM — Certified Information Security Manager

ISACA

Active

CISA — Certified Information Systems Auditor

ISACA

Active

SANS CISSP Certification

SANS / (ISC)²

Active

GIAC Python Coder (GPYC)

GIAC / SANS

Active

ACM Certified Reviewer

Association for Computing Machinery

April 2026

ORCID: Connecting Research and Researchers

ORCID

0009-0003-5458-8989

Impact

Mentoring & Volunteering

IAM Engineering Mentorship

Mentoring junior and mid-level IAM engineers on SailPoint IdentityIQ development, BeanShell scripting, governance design, and navigating regulatory audit processes in banking.

2017 — Present

Academic Peer Review Mentoring

Guiding emerging researchers on writing rigorous academic papers and navigating IEEE/ACM peer review standards as an ACM Certified Reviewer.

2026 — Present

Cross-Functional Consulting & Knowledge Transfer

Built IAM knowledge transfer programs across multiple employers and consulting engagements — enabling enterprise teams in banking, telecom, and aviation to operate their IAM programs independently post-engagement.

2013 — Present
Thought Leadership

Writing & Insights

Connect

Get in Touch

Interested in collaboration, speaking opportunities, or mentoring? I'd love to hear from you.

Location

New York City Metropolitan Area