Sanjay Sharma is a transformational cybersecurity executive with more than 20 years of experience leading enterprise security, risk, governance, and resilience programs across global, highly regulated, and finance-focused organizations. As Chief Information Security Officer at Zafin, he leads cybersecurity strategy, compliance, cloud security, incident readiness, and secure-by-design transformation initiatives that strengthen resilience while enabling business growth. He is a trusted advisor to executive leadership and boards, known for translating complex cyber risks into practical, business-aligned strategies.
Over the course of his career, Sanjay has held senior leadership roles across industry and consulting, including Zafin, Pathway Communications, Toronto Hydro, PwC Canada, and Deloitte. He has built security programs from the ground up, led large-scale cyber transformations, established governance and risk frameworks, and advanced capabilities in Zero Trust, cloud security, identity and access management, threat readiness, and regulatory compliance. His experience spans critical infrastructure, financial services, enterprise modernization, and digital transformation, giving him a unique perspective on securing complex environments under real-world business pressure.
Sanjay also brings deep expertise in emerging areas of AI security, with a particular focus on application security, secure-by-design engineering, and the risks introduced by AI-enabled and agentic systems. He is engaged in advancing security practices for modern applications and intelligent platforms, including governance, threat modeling, identity and access controls, data protection, and resilience strategies for AI-driven environments. His work reflects a forward-looking approach to securing innovation, helping organizations adopt advanced technologies while maintaining trust, control, and operational discipline.
Sanjay is also recognized for his commitment to innovation and leadership development. He has driven AI-enabled security improvements, strengthened board-level cyber governance, and built high-performing teams that embed security into product, engineering, and operational decision-making. With an MBA from the Schulich School of Business and credentials including C|CISO, CISSP, CISA, and PMP, he brings a rare combination of executive vision, technical depth, and operational discipline to the evolving cybersecurity landscape.
