Interview

Pritam Mukherjee: Safeguarding America’s Largest Public Power Organization

Tushal Mehra May 22, 2025

Jump To Key Section

Pritam Mukherjee

The lead of SAP Application and Data Security, Governance, Technology Risk, and Compliance at the New York Power Authority (NYPA), the largest state-owned utility in America, is Pritam Mukherjee. A GRC senior professional, he now acts on the utility’s five-year strategy, which is focused on advanced technologies while ensuring safeguarding America in all kinds of business operations. 

He has led the SAP security and GRC design and implementation throughout the digital transformation within the utility, particularly focusing on role design, user provisioning, and access control. (Source: Techbullion)

In a recent discourse, Pritam provided information regarding IT application security, the challenges of leading Application Security & Control during large-scale digital transformations. He also shared his experience working through Technology Risk management frameworks for AI/ML tools and GRC navigation concerning emerging technologies.

More About Pritam and His Career 

Pritam carries close to 20 years of experience in IT and is acknowledged as a subject matter authority in IT Application Security, GRC, AI, ML, and Fintech PR. The merging of SAC with AI and ML tools was performed to protect enterprise data and enhance operational efficiency. It was along with laying down the SAC Security system architecture and policies on the organization’s myriad business processes.

Doing so, he has examined risks, vulnerabilities, and potential threats to security in IT as well as business systems. It ensured security standards adherence while simultaneously working with stakeholders in 14 departments to develop secure SAC modules for Financial Planning & Analysis, Budgets Digitization, and others. It involved almost 65 data feeds and over 40 profit centers on a comprehensive planning timeline. 

Pritam demonstrated his competence at the 2023 ASUG conference in New York City; the conference is a premier meeting for all organizations in North America that are using or are considering SAP systems.

What Attracted Pritam to the Public Utility Industry?

The learning journey was truly wonderful. Attracting the right kind of professional is one of the major strengths of a start at TCS. Interestingly, security was not the first profession that this person went for when joining TCS. Trainers and learning opportunities were well within the capability of the company, and as their global work experience grew, they got carried away with setting their career into this track of information security and risk management. The market then had a handful of practitioners and so many grey areas from which their careers could grow much more within that environment. 

The utility sector has been, ever since the early days of his career, the primary sector of application for him. Most of their work has centered on safeguarding America, contrasted with which they have also had the opportunity and capacity to absorb knowledge in the areas of manufacturing, automotive, retail, and pharmaceutical industries. Nonetheless, their dream is to serve in some big public utility organization where they can give back with all their skill, especially in the area of application security. With an increasing demand for cybersecurity throughout the world, this takes much more importance in their work.

Unique and Critical Professional Experience Pritam Brings to Technology Innovation

As they undertake various initiatives over time, the bucket of diverse experiences becomes invaluable in the construction of technology solutions for safeguarding America. At a certain point in time, it became necessary to build processes and tailor functionalities for change management within a cloud application under the segregation of duties principle. Also, it should not be withstanding the technical challenges being posed. In digitizing the financial process, there needed to be a technical distinction between the Development and Production environments that was necessary for ITGC control and was far from standard and common due to a technical limitation of the tool being used. 

Furthermore, they were directing their team towards establishing a risk and control management framework concerning AI technology risks across the lifecycle of AI application technology. They had already piloted a similar framework for Open AI application, both of which were rather unique, and thus far ahead of the curve from the handful of existing ones then, including from a regulatory standpoint.

Related Posts
×