Sign up to save your podcasts
Or
Share How Pragmatic Controls Build Trust Between GRC, Security, and Engineering ft Mukund Sarma, Deputy CISO @ Chime
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
How Pragmatic Controls Build Trust Between GRC, Security, and Engineering ft Mukund Sarma, Deputy CISO @ Chime
In this episode of Security & GRC Decoded, host Raj Krishnamurthy sits down with Mukund Sarma, Deputy CISO and Head of Product Security at Chime, to explore what happens when governance, risk, and compliance teams work with engineering instead of against it. Mukund shares real-world lessons from a decade in security, explaining how to balance shift-left initiatives, build paved paths that reduce friction, and make compliance a natural byproduct of great engineering. This is a masterclass in aligning security, GRC, and DevOps for scale and sanity.
5 Key Takeaways
- GRC isn’t a blocker—it’s a mirror that keeps security honest and accountable.
- Strong security engineering automatically strengthens compliance outcomes.
- Friction between security and engineering fades when empathy drives collaboration.
- “Shift left” works best when paved paths and automation support developers.
- Practical controls and continuous validation create sustainable, scalable governance.
What You’ll Learn
- How to bridge silos between security, GRC, and engineering teams.
- Why automation and continuous control monitoring are the future of compliance.
- What “practical controls” really mean in modern DevSecOps environments.
- How empathy and communication transform security culture.
- Why compliance should follow great security engineering, not lead it.
- Real-world examples from Chime’s approach to product security.
This podcast is brought to you by ComplianceCow — the smarter way to manage compliance. Automate evidence collection, eliminate screenshots, and scale your program with confidence. Learn more: https://www.compliancecow.com
Watch more episodes: https://www.compliancecow.com/podcast
Connect With Our Guest:
Mukund Sarma | Deputy CISO and Head of Product Security | Chime
Connect on LinkedIn: https://www.linkedin.com/in/sarmamukund/
Rate, review, and share if you enjoyed the show!
Subscribe to Security & GRC Decoded wherever you get your podcasts:
Spotify: https://open.spotify.com/show/5pigcMwOrYIA6d9OOOsxqr
Apple Podcasts: https://podcasts.apple.com/us/podcast/security-grc-decoded/id1795144450?i=1000736617569
View all episodes
By Raj KrishnamurthyIn this episode of Security & GRC Decoded, host Raj Krishnamurthy sits down with Mukund Sarma, Deputy CISO and Head of Product Security at Chime, to explore what happens when governance, risk, and compliance teams work with engineering instead of against it. Mukund shares real-world lessons from a decade in security, explaining how to balance shift-left initiatives, build paved paths that reduce friction, and make compliance a natural byproduct of great engineering. This is a masterclass in aligning security, GRC, and DevOps for scale and sanity.
5 Key Takeaways
- GRC isn’t a blocker—it’s a mirror that keeps security honest and accountable.
- Strong security engineering automatically strengthens compliance outcomes.
- Friction between security and engineering fades when empathy drives collaboration.
- “Shift left” works best when paved paths and automation support developers.
- Practical controls and continuous validation create sustainable, scalable governance.
What You’ll Learn
- How to bridge silos between security, GRC, and engineering teams.
- Why automation and continuous control monitoring are the future of compliance.
- What “practical controls” really mean in modern DevSecOps environments.
- How empathy and communication transform security culture.
- Why compliance should follow great security engineering, not lead it.
- Real-world examples from Chime’s approach to product security.
This podcast is brought to you by ComplianceCow — the smarter way to manage compliance. Automate evidence collection, eliminate screenshots, and scale your program with confidence. Learn more: https://www.compliancecow.com
Watch more episodes: https://www.compliancecow.com/podcast
Connect With Our Guest:
Mukund Sarma | Deputy CISO and Head of Product Security | Chime
Connect on LinkedIn: https://www.linkedin.com/in/sarmamukund/
Rate, review, and share if you enjoyed the show!
Subscribe to Security & GRC Decoded wherever you get your podcasts:
Spotify: https://open.spotify.com/show/5pigcMwOrYIA6d9OOOsxqr
Apple Podcasts: https://podcasts.apple.com/us/podcast/security-grc-decoded/id1795144450?i=1000736617569