Senior technology leader with close to two decades of experience at the intersection of
AI product development, offensive cybersecurity, and
enterprise program delivery. Currently building AI-powered
security platforms for regulated industries.
Leading offensive security engagements, VAPT assessments, and compliance implementations for financial services and government. Building AI-powered attack surface management platforms.
VAPTASMISO 27001OWASPRed TeamCloud Security
AI & Machine Learning
Architecting enterprise AI platforms with agentic frameworks, RAG pipelines, and MLOps. Developing Gen AI-powered solutions including virtual agents and autonomous security testing tools.
Agentic AILLMsRAGMLOpsVertex AIGen AI
Program & Agile Delivery
Directing multi-million dollar transformation programs with SAFe, Scrum, and Lean-Agile. Certified PMP and PMI-ACP with a track record of scaling teams and accelerating delivery across global engagements.
PMPSAFeScrumSDLCKPI-Driven
Career
Professional Experience
ES2 Solutions
Sep 2025 – Present
Colombo, Sri Lanka
Partner & Chief AI Officer (CAIO) Current
Co-created AttackSight, an AI-powered Attack Surface Management (ASM) platform providing continuous threat intelligence, vulnerability scanning, and asset discovery for enterprise clients
Architecting ES2 Ravana, an automated VAPT platform integrating autonomous AI agents with security testing frameworks for scalable penetration testing
Leading ISO 27001:2022 and ISO 27701:2025 implementation projects for IT services companies — conducting gap assessments, risk assessments, and policy development
Conducting AWS security audits for Central Bank of Sri Lanka (CBSL) licensed Primary Dealers, evaluating IAM, network security, and compliance posture
Delivering SSDLC training covering OWASP Top 10, SAST/DAST, threat modeling, and DevSecOps practices
Performing network and web application VAPT for financial services organizations, including SWIFT interfaces and trading platforms
Arimac Digital
Aug 2021 – Sep 2025
Colombo & Dubai, UAE
AI Program Lead & Cloud Strategy Lead
Architected the "AI Factory" — a multi-tenant MLOps platform on GCP Vertex AI, Kubernetes (GKE), and Elastic Stack for Fortune 500 clients
Led development of a Gen AI-powered Virtual Agent Platform with multi-LLM support, RAG, and real-time WebRTC communication, reducing customer wait times to seconds
Orchestrated cloud partnerships with Microsoft Azure, Oracle, and Huawei achieving 20% infrastructure cost reduction
Designed talent development framework increasing Data & AI team capacity by 400% in three months
Directed a Multi-Million Dollar front-end stream for the Du IGNITE Transformation (UAE); implemented SAFe achieving 15% efficiency gains across Program Increments
Texus Solutions
Jul 2020 – Aug 2021
Colombo
Agile Delivery & Business Consultant
Co-developed a business framework improving operational efficiency by 35% and boosting conversions by 10%
Established Agile framework for lean startup incubation, reducing go-to-market time by 10% and launching multiple MVPs within six months
Devised product strategies using growth hacking techniques, increasing growth potential by 25%
Tryonics
Jul 2017 – Jul 2020
Colombo
Project Manager & Business Analyst Lead
Led Scrum transformation across all projects, raising efficiency by 70% and halving project cycle time
Launched COVID-proof insurance solutions — automating sales, underwriting, and claims — resulting in a 90% revenue increase during the pandemic
Defined product vision and roadmaps, boosting product uptake by 30%
Tech One Global & SriNetGate
Aug 2008 – Dec 2016
Dhaka & Colombo
Project Manager / Business Analyst
Built dedicated applications teams from the ground up, driving annual revenue growth of over 35%
Implemented Agile-first delivery frameworks, improving project success rates by 25%
Created requirements and documentation frameworks, raising project efficiency by 40% and client satisfaction by over 50%
Credentials
Education & Certifications
Education
Master of Business Administration (MBA)
Quantic School of Business and Technology · Washington, D.C.
Post-Graduate Diploma, Business Analytics
Seneca Polytechnic · Toronto, Canada — GPA 4.0
BSc (Hons), Information Systems & Management
London School of Economics and Political Science (LSE) · London, UK
ISO 27001:2022ISO 27701:2025GDPRPDPAMITRE ATT&CKCBSL ComplianceRisk Assessment
Get in Touch
Let's Work Together
Whether you need a security assessment, an AI strategy, or a program delivery partner — I'd love to hear from you. I'm currently taking on select consulting engagements through ES2 Solutions.
This site uses cookies from Cloudflare and Google Analytics to measure traffic and improve your experience.
Legal
Privacy Policy
Last updated: February 2026
This Privacy Policy explains how lesith.com ("this website," "we," "I") collects, uses, and protects your information when you visit this site. Your privacy is important, and this site is designed to collect only the minimum data necessary.
1. Information We Collect
This website does not collect personal information such as your name, email address, or phone number unless you voluntarily contact me. We do collect limited, anonymised usage data through the following third-party services:
2. Cloudflare
This website is hosted on Cloudflare Pages and uses Cloudflare's content delivery and security services. Cloudflare may automatically collect:
Your IP address (for security and performance purposes)
Browser type and version
Pages visited and timestamps
Country of origin
Cloudflare processes this data in accordance with their Privacy Policy. Cloudflare Web Analytics, if enabled, collects anonymised, privacy-first analytics without using cookies or tracking individuals.
3. Google Analytics
This website uses Google Analytics 4 to understand how visitors interact with the site. Google Analytics collects:
Pages viewed and time on site
Referral source (how you arrived at the site)
Device type, browser, and screen resolution
Approximate geographic location (city-level)
Google Analytics uses cookies to distinguish unique visitors. IP anonymisation is enabled, meaning your full IP address is never stored by Google Analytics. You can opt out by declining cookies when prompted, or by installing the Google Analytics Opt-out Browser Add-on.
4. Cookies
This website uses a cookie consent mechanism. When you first visit, you will be asked whether you accept or decline analytics cookies.
If you accept: Google Analytics cookies will be set to collect anonymised usage data.
If you decline: No analytics cookies will be set, and no data will be sent to Google Analytics.
Your consent preference is stored in your browser's local storage (key: cookie_consent) so you are not asked again on subsequent visits. You can clear this at any time by clearing your browser data.
5. How We Use Data
The anonymised data collected is used solely to:
Understand which content is most useful to visitors
Improve site performance and user experience
Monitor site health and security
We do not sell, rent, or share personal data with third parties for marketing purposes.
6. Third-Party Links
This site may contain links to external websites such as LinkedIn or other professional platforms. We are not responsible for the privacy practices of those sites.
7. Data Retention
Google Analytics data is retained for 14 months, after which it is automatically deleted. Cloudflare logs are retained according to Cloudflare's data retention policies.
8. Your Rights
Depending on your jurisdiction, you may have the right to access, correct, or delete any personal data associated with your visit. Since this site collects only anonymised data, individual records cannot typically be identified. If you have any questions, please contact me directly.
9. Changes to This Policy
This Privacy Policy may be updated from time to time. Any changes will be reflected here with an updated revision date.
10. Contact
If you have questions about this Privacy Policy, you can reach me via the contact section on this website or through LinkedIn.