Scribd Logo
Upload

Welcome to Scribd!

  • Ashwini Singh - Cybersecurity Consultant

    Uploaded by

    sanjib parida
    10 views4 pages

    Original Title

    Ashwini Singh - Cybersecurity Consultant[144]

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views4 pages

    Ashwini Singh - Cybersecurity Consultant

    Uploaded by

    sanjib parida

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Cybersecurity Consultant – Ashwini Singh (Strategy and Risk Advisory (SRA))

    She has around 15 years of work experience in Information Security and cyber
    security consulting, privacy and data protection regulations, cloud security,
    vendor risk management, business continuity, cyber maturity assessment and
    governance of information security.
    Summary
    She has experience in implementation and maintenance of ISO 27001:2013,
    ISO 31000:2018(RMF), NIST CSF, define and establish acceptable and
    achievable CSF-KPI’s, metrics to monitor and report the effectiveness of
    deployed controls, conduct internal audit and Client Audit as per the
    requirement.

    Educational ➢ Bachelor’s Degree in Arts


    Qualification
    Certifications ➢ CISA
    ➢ ISO 9001:2015 Lead Auditor
    ➢ ISO 27001:2013 Lead Auditor
    ➢ CRiSP – Certified Risk info. Sec Professional
    ➢ CLIP - Certified Lead Implementer Professional for BS 10012:2017
    Personal Information Management System including General Data
    Privacy Regulations (GDPR))
    ➢ ITIL V3– Axelos, Malaysia
    ➢ Diploma in Sea Cargo and Customs Management – IRCTM Mumbai.

    Detailed She has understanding and knowledge of the following domain-specific


    Experience & repositories of practice information. These are used in conjunction with NII’s
    Expertise custom-methodology for approaching each assignment
    ➢ Standards / Frameworks / Good Practices
    • EU-GDPR – Implementation and Compliance review Audit
    • ISO 27001 / 27002: 2013 - ISMS
    • ISO 27018 – Cloud Privacy
    • ISO 22301:2012 – Business continuity Management systems

    Network Intelligence Pvt.Ltd.


    204 Ecospace IT Park, Off Old Nagardas Road, Andheri (E), Mumbai 400069, India
    T +91 22 49711576, +91 2226392628, +91 2226399353
    GSTIN - 27AABCN6183F1ZE
    ➢ AUDIT: Includes Banks, Contact Centre/Call Centre,
    Telecommunications, Software companies, Pharmaceuticals,
    infrastructure, 3rd Party, Manufacturing units and IT Audits) Plan
    Schedule and Perform Audit with Clients, Customers, other team
    members and external Auditors. Finalizing audit issues, document and
    report audit activities and results. Provide audit assurances regarding
    process effectiveness and efficiency.
    ➢ IMPLEMENTATION: Implement and Facilitate certification and client’s
    audits requirements like ISO (ISO 9001, ISMS 27001, ISO 31000, ITSM),
    PCI DSS, HIPAA, GDPR/PDPA. NIST CSF. Risk Management, Data privacy
    and Compliance as per the project requirement. Working knowledge of
    COBIT and AML. Sound understanding of SOCR (Service Organizations
    Controls Report)
    ➢ COMPLIANCE MANAGEMENT: Quality control through Compliance
    regulations and Compliance testing with client specific laws, Regulatory
    compliance, Statutory requirements, and contractual requirements.
    Define and manage internal policies related to Data Security and Data
    Protection.
    ➢ RISK MANAGEMENT: Good understanding in technical platforms,
    oversee drive and monitor the risk management activities which
    includes Risk Identification, Risk Assessment, Rik Mitigation, Risk
    Monitoring and Risk Reporting. Understand and assess relevant
    business operation’s processes risks by highlighting process
    performance, improvement initiatives and goals and manage the
    significant business risks, both external and internal, those impact the
    process.

    DATA GOVERNANCE: Implement, Monitor and Control data


    governance program. Ensuring privacy, confidentiality, and appropriate
    access accountability for and ownership of data. Implement internal
    rules for data use and Minimize the risk. Regularly auditing the policies

    Network Intelligence Pvt.Ltd.


    204 Ecospace IT Park, Off Old Nagardas Road, Andheri (E), Mumbai 400069, India
    T +91 22 49711576, +91 2226392628, +91 2226399353
    GSTIN - 27AABCN6183F1ZE
    and controls that are put into place. Monitor compliance with GDPR or
    other data protection law. Raise awareness and provide training.
    ➢ ISO 27001 Implementation and Certification Maintenance: -
    • Risk Assessment for IT assets: Risk register
    • Risk Assessment implementation in Logic Manager Software
    • Preparing GRC Dashboard
    • Creating Policies, Standards, Guidelines and Procedures
    • Delivering all Information Security requirement
    ➢ Internal Audits
    Successful execution of multiple Internal Audits for varied BFSI and IT
    clients for validating compliance with ISO 27001:2013 and RBI IT
    Guidelines including detailed reporting and building comprehensive
    dashboards for the same.
    ➢ SWIFT Audit
    • Hands-on experience in conducting SWIFT CSP audit
    • Conducting gap assessment against the mandatory and
    advisory controls
    • Extended support in remediation of non-conformance gaps
    ➢ Vendor Risk Assessment and Third party audits based on the various
    framework and the best practices of the industry:

    • Checklist Preparation
    • Risk Assessment Audit
    • Reporting

    ➢ Project Planning and Management Related


    • Planned and managed projects involving management
    framework design and implementation, internal security
    reviews, and security awareness programs
    • Understanding of Scope
    • Project planning (ASANA, Logic Manager etc)
    • Managing risk and issues

    Network Intelligence Pvt.Ltd.


    204 Ecospace IT Park, Off Old Nagardas Road, Andheri (E), Mumbai 400069, India
    T +91 22 49711576, +91 2226392628, +91 2226399353
    GSTIN - 27AABCN6183F1ZE
    ➢ System Audit as per SEBI framework
    ➢ HIPAA
    • Gap Assessment
    • Risk Assessment
    • Policy and Procedure review and update as per HIPAA security
    rule standard and implementation requirement, Help in
    Developing, Implementing and maintenance of and adherence
    to privacy policies and procedures regarding use and handling
    of Protected health information.
    Interpersonal ➢ Experience in dealing with senior and middle management, system
    Skills administrators, auditors, clients, employees, etc.

    ➢ Very strong commitment to values and quality of deliverables

    Significant ➢ Lead and executed ISMS ISO 27001:2013 projects


    InfoSec projects ➢ Implemented PCI DSS projects

    ➢ Lead and Implemented NIST CSF projects

    ➢ GDPR Implementation and consultation projects

    ➢ Conducted Infrastructure Audits

    ➢ HIPAA Implementation projects

    ➢ System Audit

    ➢ SOX Compliance

    ➢ Swift Audit

    Network Intelligence Pvt.Ltd.


    204 Ecospace IT Park, Off Old Nagardas Road, Andheri (E), Mumbai 400069, India
    T +91 22 49711576, +91 2226392628, +91 2226399353
    GSTIN - 27AABCN6183F1ZE

    You might also like