Aditi Nayak
Cyber Security- Auditor
Summary
With a robust background in Information and Cyber security coupled with deep expertise in Data Privacy, I am well-equipped to add more value to this prospective role. My experience in conducting comprehensive risk assessments for third party vendors including a thorough understanding of keys regulations such as GDPR and ISO 27001 has facilitated in enhanced protection of sensitive data and reduced exposure to threats. Additionally, my ability to collaborate with cross functional teams including Legal, Procurement and Business ensures that risk management strategies are integrated across the organization. Motivated to further learn, grow and excel in the Information Security Industry.
Overview
6
6
years of professional experience
5
5
years of post-secondary education
3
3
Certifications
Work History
Third Party Risk Management- Team Lead
Barclays
Pune
12.2021 - Current
- I am currently working as a Team Lead in Third Party Risk Management and Oversight. As part of the job role, I have performed Information and Cybersecurity risk assessment and Audit for all the Suppliers for Barclays which includes both end to end onsite and remote assurance and CyberGRX assessments as well.
- This role also involves managing risk remediation requests and provide SME approvals related to all critical third parties across various Business Units within the Bank.
- Have also performed Contract negotiation from Infosec perspective as part of Supplier's annual contract renewal and service change which has been helpful to provide a holistic overview of the Supplier Assurance lifecycle from onboarding to exit
- Performed Internal Audits facing the regulators which led to collaboration with various Business teams.
- Have also performed Society for Worldwide Interbank Financial Telecommunications (SWIFT) Customer Security Programme (CSP) Attestation for hundreds of Corresponding banks to analyze the Banks' security posture to safeguard from cyber frauds.
- Currently pursuing IAPP- CIPM certification as I have keen interest in Data Privacy which is backed by my previous experience and would like to explore opportunities in this domain as well.
Advisor
Atal Bihari Institute of Good Governance and Policy Analysis
BHOPAL, MADHYA PRADESH
03.2021 - 11.2021
- Currently working with Madhya Pradesh Government and UNDP, India for an assessment study for empowering rural women through e-governance initiatives under Digital India Mission.
- Produced detailed research and reports outlining key issues and proposed solutions based on project objectives.
- Partnered with local and national level organizations to provide specialized planning support to diverse populations with unique needs.
Consultant
KPMG India
Pune
02.2019 - 12.2020
- I have been part of the KPMG IT Risk Consulting team and as part of my job profile, have worked on end to end projects related to Data Privacy and Protection [General Data Protection Regulation (GDPR), Dubai Data Protection Act, Singapore Data protection Act and Personal Data Protection Bill (PDPB)], Third-Party Risk Management and ISO 27001 assessment.
- Was responsible for creating Third Party risk assessment (TPRM) reports, gap assessment reports, based on walkthrough with different business heads.
- I was also responsible for handling client queries related to various Data Protection Laws of the world majorly due to my expertise in this domain. This helped me build a healthy relationship with the existing clientele.
- I have also conducted training and awareness sessions on Privacy and Data Protection for clients and Pune Risk Advisory team.
Associate Consultant
Arrka Consulting, Pune
06.2018 - 01.2019
- As part of this job profile, I was responsible for Mapping Business use cases with Privacy Risks and offer Remediation. Performed Mobile Privacy Testing for DSCI (Data security Council of India) for around 50+ mobile applications to check if these comply with the GDPR based Privacy Norms.
- Carried out VPI activity (Visibility over Personal Information) for a couple organizations to obtain visibility over Personal Data residing in the firm.
Education
Master of Science - Cyber Law and Information Security
National Law Institute University
06.2016 - 06.2018
Bachelor of Commerce -
Institute of Excellence in Higher Education
05.2013 - 05.2016
Skills
Policy drafting
Certification
IRCA- BSI- Certified LEAD AUDITOR professional (ISO 27001 :2013)
Accomplishments
Awarded as the best Colleague for Values as part of annual Townhall 2023.
Planned and Managed various events within Barclays CSO team-such as Women in Cyber which is an initiative to train women in cyber security across different departments in the bank.
Collaborated with DSCI, ISACA and ISC2 as part of the Outreach initiative inviting speakers and offering expertise to these organizations.
Have run Recognition initiatives across CSO as Barclays promotes a culture of recognition.
Awarded Rising Star by KPMG-Pune which is a quarterly award for best employee performance in the ITA-RC team.
Being a member of the Employee Council (KPMG, Pune), helped me explore an insight towards putting forth the company’s and employees’ pressing issues on the table, finding a balanced solution to such issues and bringing new ideas to make the practice more employee centric.
Also, received Accolades in KPMG for significant contribution in Sales with the client due to adequate quality of deliverables and received Super Team employee award as well.
Served as a Student Placement Coordinator at NLIU, Bhopal.
Presented paper in BITS PILANI, Hyderabad in the conference held by National Cyber Security and Safety Summit-2017 on the topic “Privacy and Data Protection Laws in India”.
Served as Chief Member of the Advisory Committee of the Alternative Dispute Resolution Cell, NLIU.
Been a Public Relations volunteer for United Nations Development Programme.
Timeline
Third Party Risk Management- Team Lead
Barclays
12.2021 - Current
Advisor
Atal Bihari Institute of Good Governance and Policy Analysis
03.2021 - 11.2021
Consultant
KPMG India
02.2019 - 12.2020
Associate Consultant
Arrka Consulting, Pune
06.2018 - 01.2019
Master of Science - Cyber Law and Information Security
National Law Institute University
06.2016 - 06.2018
Bachelor of Commerce -
Institute of Excellence in Higher Education
05.2013 - 05.2016
Similar Profiles
Paola Di GiuseppePaola Di Giuseppe
VP Project Manager at BarclaysVP Project Manager at Barclays
THANDO JARVISTHANDO JARVIS
Assistant Vice President, Internal Audit at BarclaysAssistant Vice President, Internal Audit at Barclays
Harshwardhan ParasharHarshwardhan Parashar
Delivery Lead at BarclaysDelivery Lead at Barclays
Meher KalraMeher Kalra
Senior Analyst at BarclaysSenior Analyst at Barclays
Peter NghePeter Nghe
<ul><li>Lead a high performing team of Case Managers, Injury Management Advisor and Technical Specialist. Acting as a Third Party Administrator and responsible for the management of the portfolio of Youi CTP Claims.</li><li>My role was to oversee and supervise the day to day operation of the claims team and to ensure that both our Statutory Benefits and Common Law claims portfolio are being managed at a high level and in line with the legislation.</li><li>I am responsible for design and implementation of framework for effective claims strategies to uplift Customer Experience including Business and Regulator deliverables.</li><li>Established and developed strong working relationships with our client Youi to ensure that regular business performance updates are provided, improve reporting and claims governance including risk oversight are being identified.</li><li>Develop new initiatives and ideas to assist with the continuous improvement of claims processes and procedure including the rolling out of such plan to the business.</li></ul> at Employers Mutual Limited<ul><li>Lead a high performing team of Case Managers, Injury Management Advisor and Technical Specialist. Acting as a Third Party Administrator and responsible for the management of the portfolio of Youi CTP Claims.</li><li>My role was to oversee and supervise the day to day operation of the claims team and to ensure that both our Statutory Benefits and Common Law claims portfolio are being managed at a high level and in line with the legislation.</li><li>I am responsible for design and implementation of framework for effective claims strategies to uplift Customer Experience including Business and Regulator deliverables.</li><li>Established and developed strong working relationships with our client Youi to ensure that regular business performance updates are provided, improve reporting and claims governance including risk oversight are being identified.</li><li>Develop new initiatives and ideas to assist with the continuous improvement of claims processes and procedure including the rolling out of such plan to the business.</li></ul> at Employers Mutual Limited