Results-driven GRC and Internal Audit professional with a strong background in the financial industry.
Offering 3+ years of expertise in ensuring regulatory compliance, risk management, and internal controls to optimize organizational performance.
Adept at ensuring compliance with industry standards such as ISO 27001, GDPR, SOC 2 Type 2, and HIPAA within cloud and on-premise infrastructures.
Proven track record in conducting comprehensive internal audits, identifying risks, and implementing effective controls to safeguard company assets. Possess a keen eye for detail and exceptional analytical skills, enabling precise risk assessments and compliance assessments.
Completed an MSc in Cybersecurity with First Class Honours from DBS, Ireland, September 2022 – August 2023.
Overview
7
7
years of professional experience
8
8
years of post-secondary education
3
3
Certifications
Work History
Information Security Analyst
Scrut Automation
Dublin
2022.12 - 2023.07
Spearheaded the cloud security initiative to achieve ISO 27001 certification, developing and implementing security controls tailored to cloud environments.
Ensured compliance with GDPR regulations for cloud-based data processing, conducting data impact assessments and implementing privacy measures.
Orchestrated the successful completion of SOC 2 Type 2 audits for cloud services, collaborating with cloud providers and internal teams to address trust services criteria.
Implemented comprehensive security measures in cloud environments to comply with HIPAA requirements, safeguarding protected health information (PHI).
Assisted in the preparation and documentation required for ISO 27001 and GDPR certification audits related to cloud services.
Provided guidance on the configuration and usage of cloud security tools, such as IAM (Identity and Access Management) and encryption services.
Senior Manager – Audit Lead
Suryoday Small Finance Bank
Navi Mumbai
2021.05 - 2022.06
Lead the implementation and maintenance of ISO 27001 (ISMS), PCI-DSS and RBI CSF ensuring full compliance with industry standards and regulations.
Maintained all documentation supporting ISMS, PCI-DSS and Regulatory compliance including Business Continuity, Incident Response, Privacy and Risk Management Plan.
Collaborated with IT and cross-functional teams to develop and execute remediation plans, enhancing security measures and mitigating risks.
Responsible for monitoring risk findings, remediate resolutions including development and execution of corrective action plans and ensure follow-on reporting and monitoring.
Actively liaise with senior management, presenting audit findings and recommendations, and offering strategic insights to improve overall risk management.
Manager - Endpoint & Mobile Security
Reserve Bank Information Technology
Navi Mumbai
2019.06 - 2021.02
ReBIT is set up by Reserve Bank of India (RBI) for it's IT and Cyber Security needs & to ensure cyber-resilience of Indian Banking.
Developed and implemented endpoint security strategies, resulting in a 30% reduction in security incidents and successful defense against advanced cyber threats.
Assisted in the development of security policies and procedures for endpoint and mobile security.
Collaborated with IT teams to establish and enforce security policies for mobile devices, promoting a secure BYOD (Bring Your Own Device) environment.
Assisted in the development of secure web and mobile application guidelines and standards to mitigate security risks.
Collaborated with developers to ensure the integration of security features during the development lifecycle.
Senior Project Engineer
Wipro Technologies
2014.01 - 2019.01
Conducting vulnerability scanning on internal and external systems to identify and mitigate identified vulnerabilities using QualysGuard.
Responsible for design and implementation of endpoint protection solutions like McAfee, Symantec and Trend Micro endpoint security.
Responsible for design and implementation of database and access security solution like Forcepoint DLP, Imperva and Mcafee Database Activity Monitoring and CISO NAC.
Monitor and analyze security logs and alerts from endpoints and databases, identifying and responding to potential security incidents in real-time.
Perform incident response and investigation, determining the root cause of security incidents and implementing measures to prevent recurrence.
Develop and maintain comprehensive documentation related to security operations procedures and best practices.
Education
Master of Science - Cybersecurity
Dublin Business School , Dublin
2022.09 - 2023.09
Master of Science - Information Technology
Vellore Institute of Technology, Vellore
2014.12 - 2019.01
Bachelor of Science - Computer Science
Pillai's College of Arts, Science & Commerce, Mumbai
2011.06 - 2014.04
Skills
ISO 27001, GDPR, SOC 2 Type 2, HIPAA Compliance
undefined
Certification
ISO 27001 Lead Auditor
Timeline
Information Security Analyst - Scrut Automation
2022.12 - 2023.07
GDPR Foundation
2022-12
Dublin Business School - Master of Science, Cybersecurity
2022.09 - 2023.09
Senior Manager – Audit Lead - Suryoday Small Finance Bank
2021.05 - 2022.06
ITIL Framework
2020-10
ISO 27001 Lead Auditor
2020-05
Manager - Endpoint & Mobile Security - Reserve Bank Information Technology
2019.06 - 2021.02
Vellore Institute of Technology - Master of Science, Information Technology
2014.12 - 2019.01
Senior Project Engineer - Wipro Technologies
2014.01 - 2019.01
Pillai's College of Arts, Science & Commerce - Bachelor of Science, Computer Science
2011.06 - 2014.04
Similar Profiles
Karthick PonnurajKarthick Ponnuraj
Database Marketing Specialist at Scrut AutomationDatabase Marketing Specialist at Scrut Automation