Professional Documents
Culture Documents
Seasoned Cyber Security Professional with nearly 10 years of experience in multiple domains like information
security, network security. Worked with multiple clients across sectors to design effective strategies to help
them in their cyber security endeavours.
TECHNICAL SKILLS
➢ Regulatory Contractual Audit Compliance
➢ Data Protection and Privacy
➢ Third Party / Vendor Risk Management
➢ ISO 27001:2013 Implementation and Audit Compliance
➢ IT Risk Management and Transformation
➢ Policy, Procedures Framework maintenance.
➢ Cyber Maturity Assessment
➢ IT infrastructure security
➢ Security Device Management
➢ VAPT
SOFT SKILLS
➢ Project Management
➢ Strategic Thinking
➢ Proposal Building
➢ Leadership and Motivation
➢ Learning & Development
➢ Team Player
AUDITS HANDLED
➢ Internal & External audit ISO 27001:2013
➢ Regulatory audit – RBI
➢ Cyber Security Audit, Third Party Vendor Audit, Application Review Audit. UIDAI Audit, SAR.
➢ IT audits, Operational audits
PROFESSIONAL EXPERIENCE
➢ Leads compliance Audits related to ISO 27001 and other compliance initiatives from an IT regulatory
compliance and security perspectives
➢ Drive all internal and external audits, regulatory audits and serve as an SME to address audit
requirements.
➢ Acts as a Lead and Point Of Contact for ISMS audits and other risk assessments as they arise. Review
audit evidence supplied by IT divisions to determine compliance prior to the submission of audit
evidence to external parties.
➢ Follow up on issues that identified during audit checks to verify completion of the improvement plan.
➢ Maintain procedural/process documentation surrounding existing IT business processes for
compliance.
➢ Logging and tracking of the entire bank internal and external audit, regulatory audit observations
through issue management portal.
➢ Audit reporting and dashboarding for CISO and CIO.
➢ Lead multiple engagements, enabling clients with their ISMS implementation, certification,
And sustenance.
➢ Performed multiple third-party risk assessments for the company in accordance with requirements of
the ISO 27001:2013 standard.
➢ Responsible for the execution and completion of the assigned audit as per the finalised engagement
plan within agreed timeliness
➢ Preparation and consolidation of all audit observations in the audit report within agreed timeliness
➢ Ensuring that sufficient information is identified, analysed, evaluated and recorded to achieve the
audit objectives
➢ Maintain accurate records to support and satisfy audit trails.
➢ Assessing information technology compliance with policies, procedures and standards and
Measuring system performance towards achieving management's goals and objectives.
➢ Ensuring that sufficient information is identified, analysed, evaluated and recorded to achieve the
audit objectives.
➢ Ensure that the internal audit activity maintains its independence and objectivity
➢ Authored policy and procedure documents for a respected financial institution to meet their security
and ISMS conformance objectives.
➢ Implemented the ISMS standard’s requirements for current employer’s internal SOC operations.
➢ Ensure sufficient evidence in audit working papers and file
➢ Providing regular updates to the infosec team about information security gaps raised and remediated
identified in internal / external audits.
➢ Start to End program management and execution for third party information security assessments
(TPISA) services to client businesses that outsource technology and operations to third party vendors in
India to ensure that the outsourced services are governed by the same client processes and procedures.
➢ Ensuring that sufficient information is identified, analysed, evaluated and recorded to achieve the audit
objectives.
➢ Acts as a Lead and Point Of Contact for ISMS audits and other risk assessments as they arise.
➢ Lead multiple engagements, enabling clients with their ISMS implementation, certifications.
➢ Maintain accurate records to support and satisfy audit trails
➢ Ensure sufficient evidence in audit working papers and file.
➢ Performed multiple third-party risk assessments for the company in accordance with requirements of
the ISO 27001:2013 standard.
➢ Defining rules in firewalls as per user requirement by taking proper approvals and
troubleshooting about the same.
➢ Following organizational change control for determining vulnerabilities and risks analysis for
new changes on the network security devices and then implementing the same as per
approvals.
10 May 2012 to 10 December 2013 ITFS Pvt Ltd and Adecco India Pvt Ltd
Network Engineer (L1 Engineer)
➢ Managing LAN services across all over TCL offices (Including Domestic & International TCL
network).
➢ Following up with vendor/IT Support Staff for issue resolution and update the ticket.
EDUCATION
B.E. in Information Technology, Mumbai University.
PERSONAL DETAILS
➢ Date of Birth : 26 February 1985
➢ Marital Status : Married