Mr. Mohan Chathuranga

BSc (Hons) in Computer Science Faculty of Computing | Computer Science Principal Consultant, Cyber Labs (Aug 2024 – Present, Remote/Dubai)

Mohan Chathuranga serves as the Head of Governance, Risk, and Compliance (GRC) at Daraz, where he plays a pivotal role in shaping the cybersecurity landscape across South Asia. With a robust background in cybersecurity spanning over a decade, Mohan is dedicated to enhancing data protection practices and establishing comprehensive cyber governance frameworks that align with international standards. His collaboration with the Alibaba group is instrumental in implementing secure technology practices that not only safeguard sensitive information but also drive operational efficiency across various markets.

In his current role, Mohan leads key projects aimed at fortifying the organization’s risk management strategies and ensuring compliance with regulatory requirements. His expertise in information governance and strategic planning enables him to develop innovative solutions that address the unique challenges faced by the e-commerce sector in South Asia. By leveraging tools such as Microsoft SQL Server and advanced data analytics, he enhances the organization's ability to manage and mitigate risks effectively.

Mohan's commitment to teamwork and collaboration fosters a culture of security awareness within the organization, empowering employees to adopt best practices in cybersecurity. His proficiency in CISA and other industry-recognized certifications further underscores his capability to navigate complex regulatory landscapes and implement robust data protection measures. As he continues to drive value and innovation at Daraz, Mohan remains passionate about creating a secure digital environment that not only protects customer data but also supports the company’s growth and success in the competitive e-commerce market.

Alumni Stories

Key Skills & Expertise

2024 – Present: Principal Consultant, Cyber Labs Leading high-level cybersecurity consulting, strategy, and education for clients across domains.
2023 – 2024: Head of GRC, Daraz (Alibaba Group, South Asia) Oversaw cyber governance, risk, and data protection across South Asian markets; implemented secure tech practices in collaboration with Alibaba.
2023: Cyber Security Manager, KPMG New Zealand Managed cybersecurity and information security projects in hybrid environments for enterprise clients.
2021 – 2023: Head of IT Governance & Data Protection, MAS Holdings Led data protection, policy advocacy, identity management, third-party risk, and IT audit functions across the group.
2019 – 2021: Deputy General Manager – IT Governance, MAS Holdings Directed information security governance, GDPR compliance, and cyber risk management for the organization.
2021 – 2023: Chair – Cyber Security Centre of Excellence, SLASSCOM Volunteered to promote Sri Lanka as a global cybersecurity hub through policy, talent, and ecosystem development.
2018 – 2022: Co-Founder, Test My Users Launched and ran a freelance venture providing usability and security testing services.
2017 – 2019: Cyber Security Manager, PwC Sri Lanka Led large teams on ISO 27001, GDPR, and cybersecurity transformation projects across sectors; managed presales and R&D.
2016 – 2017: Assistant Manager – Cyber Security, PwC Delivered cybersecurity assessments, social engineering tests, and IAM consultancy; supported multiple ISO audits.
2014 – 2016: IT Auditor / Business Analyst, MOQdigital, Sydney Conducted audits, risk assessments, and process analysis for IT systems; supported business continuity planning.
2014: Technology Advisory Lead, EY Led ISO 27001 and business continuity engagements; advised clients on IT governance and vendor assessments.
2013 – 2014: Technology Advisory Associate, EY Focused on ISO, business continuity, and external audits in Sri Lanka and Maldives.
2012: Marketing Intern, EDEX Supported promotions and web marketing initiatives for career exhibitions.
2010 – 2012: Visiting Lecturer, CICRA Campus Delivered industry-relevant cybersecurity and governance training to students.

Volunteering and Industry Leadership

Director, ISACA Sri Lanka Chapter (since 2019), promoting professional development and technology innovation in the cybersecurity field.
Chair of SLASSCOM’s Startup Committee, fostering the creation of cybersecurity startups to boost the industry’s growth and innovation ecosystem in Sri Lanka.