Swati Sharma
Lead Information Security Office
Delhi
Summary
Strategic information security leader with over 15 years of experience in enterprise data protection and security governance. Skilled in developing comprehensive security programs that align technical requirements with business objectives. Served as Lead InfoSec Officer at Amazon, overseeing global security initiatives and managing a team of 25+ professionals across multiple regions. Demonstrates expertise in designing and implementing enterprise-wide security frameworks compliant with GDPR, CCPA, and industry regulations.. Proven track record of developing and executing data protection strategies in cloud and hybrid environments. Deep technical background in cloud security and emerging technologies, such as AI risk management, complemented by active CISSP, CRISC, and multiple advanced security certifications. Known for translating complex security requirements into actionable strategies while fostering strong stakeholder relationships and promoting a culture of security awareness. Successfully navigated complex regulatory landscapes to ensure regulatory compliance for licensed businesses across global markets, enabling business growth through robust security practices.
Overview
15
15
years of professional experience
6
6
years of post-secondary education
8
8
Certifications
2
2
Languages
Work History
Lead FSI Compliance India
AWS, Amazon Web Services
08.2024 - Current
- Spearheaded efforts to embed compliance awareness throughout the organization by developing engaging educational materials and resources.
- Coordinated responses to regulator inquiries and examinations, ensuring accurate information was provided promptly and effectively.
- Championed a collaborative approach between departments in addressing complex compliance issues, fostering a cohesive decision-making process.
- Evaluated emerging regulatory trends to anticipate potential impacts on the organization''s operations and risk profile.
- Provided expert consultation on various aspects related to regulatory changes, supporting informed decision-making across the organization.
- Prepared records and data for regular audits.
- Delivered subject matter expertise for internal and external customers on compliance best practices and quality control.
- Formulated detailed recommendations based on audit findings to support annual planning and definition of goals.
- Liaised with clients to identify and target inefficiencies in areas of risks and business controls, process gaps and workflow discrepancies.
- Collaborated with contract team to review client contracts and facilitate personnel compliance training.
- Advised division leaders of regulatory risks in business processed and provided recommendations for improvement.
- Backed data security and information privacy efforts.
- Presented findings from compliance audits to senior management, recommending strategies for continuous improvement in controls and processes.
- Monitored ongoing developments in industry best practices, integrating innovative solutions into existing systems for enhanced compliance management capabilities.
Lead Information Security Officer
AMAZON
10.2021 - 08.2024
- Lead security governance for Amazon's Stores, Devices, and Other (SDO) organizations, developing and implementing comprehensive security policies and standards
- Data Classification and Governance, Building Automation for data classification at scale
- Oversaw vendor risk management efforts, ensuring third-party providers met organizational security requirements before granting access to sensitive data or systems.
- Coordinated with external auditors to ensure successful completion of annual regulatory compliance audits.
- Conducted risk assessments for critical business processes, identifying areas requiring additional safeguards or procedural improvements.
- Served as the organization''s point of contact for all matters related to information security, liaising with external partners and law enforcement agencies as necessary.
- Manage global team of 25+ security professionals, driving security initiatives across multiple business units
- Own Global Software Supply Chain Risk program and CISO functions for MENA and Singapore regions
- Develop and implement automation solutions for security and data classification programs
- Oversee regulatory security compliance for licensed businesses across global markets
- AI Governance and Policy Management
- Evaluated emerging technologies for their potential impact on the organization''s security posture, recommending appropriate solutions as needed.
- Cultivated relationships with key stakeholders across both technical and non-technical departments, ensuring a cohesive approach to information security efforts.
FSI Compliance Specialist
AMAZON (AWS)
09.2019 - 09.2021
- Company Overview: India
- Led security and compliance initiatives for financial services customers in cloud adoption
- Managed regulatory compliance across RBI, IRDAI, SEBI, PCI DSS, and GDPR frameworks
- Developed security content for marketing and delivery teams
- Supported public policy initiatives in India for security and financial regulated areas
- India
Sr. Specialist Security System/PCI QSA/Sr. Manager
BT PLC
03.2016 - 09.2019
- Company Overview: APAC Region
- Led information security transformation programs across APAC region
- Managed payment regulatory compliance and governance initiatives
- Successfully delivered TLS 1.2 migration for 20+ BT entities, involving 50+ third parties
- Conducted supplier audits and vendor risk assessments for critical service providers
- APAC Region
Associate Principal Consultant
SISA INFORMATION SECURITY PVT LTD
06.2010 - 03.2016
- Company Overview: India
- Delivered 150+ security assessment and compliance projects
- Established and managed privacy and risk assessment organization
- Conducted enterprise risk assessments and control implementation
- Delivered 75+ security training sessions and webinars
- India
Education
Master of Science - Cyber Law and Information Security
IIIT Allahabad
Allahabad 04.2008 - 01.2010
B.Tech - Information Technology
CSAU
UPTU 01.2004 - 01.2008
Skills
- Security Strategy & Governance
- Risk Management
Cloud Security
- Data Protection & Privacy
- Regulatory Compliance
- Policy Framework Development
- PCI DSS
- HIPAA
- GDPR
- SOC 2
Cloud Security
- Supply Chain Risk
Customer due diligence
Information security
Audits management
Contract negotiations
Training and Workshops
Certification
CISSP (Certified Information Systems Security Professional)
Accomplishments
- Featured speaker at PCI SSC CM APAC 2017 and 2018 Meeting
- Published multiple articles in SearchSecurity TechTarget, Express Computer, and PenTest Magazine
- Silver Medal recipient - MS in Information Security, IIIT Allahabad
- Top 3 scorer for CISM Exam, Delhi Chapter ISACA
Technicalexpertise
NIST, ISO 27001/27017/27018, PCI DSS, HIPAA, GDPR, SOC 2, AWS, Cloud Architecture, Security Controls, RBI, IRDAI, SEBI, PCI DSS, GDPR, HIPAA, Enterprise Risk, Vendor Risk, Supply Chain Risk
Training and teaching
Delivered 75+ security training sessions and webinars. Train professional on Information Security, regulatory Compliance, RISK Assessment CISSP, CISM, CRISC etc.
Timeline
Lead FSI Compliance India
AWS, Amazon Web Services
08.2024 - Current
Lead Information Security Officer
AMAZON
10.2021 - 08.2024
FSI Compliance Specialist
AMAZON (AWS)
09.2019 - 09.2021
Sr. Specialist Security System/PCI QSA/Sr. Manager
BT PLC
03.2016 - 09.2019
Associate Principal Consultant
SISA INFORMATION SECURITY PVT LTD
06.2010 - 03.2016
Master of Science - Cyber Law and Information Security
IIIT Allahabad
04.2008 - 01.2010
B.Tech - Information Technology
CSAU
01.2004 - 01.2008
CISSP (Certified Information Systems Security Professional)
CRISC (Certified in Risk and Information Systems Control)
CIPP/E (Certified Information Privacy Professional/Europe)
CCSP (Certified Cloud Security Professional)
CISA (Certified Information Systems Auditor)
CISM (Certified Information Security Manager)
AWS CCP (AWS Certified Cloud Practitioner)
PCI QSA (Payment Card Industry Qualified Security Assessor)
Similar Profiles
Soham KhotSoham Khot
Intern at AWS (Amazon Web Services), Cloud ComputingIntern at AWS (Amazon Web Services), Cloud Computing
Shotaro MiyazakiShotaro Miyazaki
Risk Specialist at AWS, Amazon Web ServicesRisk Specialist at AWS, Amazon Web Services
Megan KeeferMegan Keefer
Event Producer at AWS, Amazon Web ServicesEvent Producer at AWS, Amazon Web Services