Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Timeline
Personal Information
Generic

AKILANDESWARI ASOKAN

Chennai

Summary

CISA-certified IT Governance, Risk, and Compliance (GRC) professional with over 8 years of experience supporting global enterprises in designing and implementing IT security controls, compliance, and risk management frameworks. Expertise includes ISO/IEC 27001, NIST, SOC 2, GDPR, privacy frameworks, SaaS security controls, third-party risk management, and regulatory assurance programs. Proven ability to translate complex regulatory and technical requirements into audit-ready business processes aligned with commercial objectives. Recognized as a trusted partner to senior stakeholders, auditors, regulators, and customers, fostering collaboration and ensuring compliance excellence.

Overview

11
11
years of professional experience
1
1
Certification

Work History

CYBERSECURITY RISK ANALYST

INGRAM MICRO SSC PRIVATE LIMITED, CHENNAI
CHENNAI
09.2023 - Current
  • Support design, implementation, and on-going management of enterprise IT Controls & Compliance frameworks for a global organization.
  • Lead Third-Party Risk Assessments for the onboarding vendors and Annual Vendor Reviews for the existing Suppliers, including security due diligence, risk scoring, and remediation tracking aligned with ISO 27001 and NIST.
  • Manage customer security assessments and independent third-party attestations to meet contractual and certification obligations as agreed by the Supplier.
  • Evaluate technology procurement requests to determine Cyber security Assessment (CSA) requirements for SaaS and vendor on boarding.
  • Standardize and enhance risk metrics, dashboards, to measure cyber security risk posture.
  • Conduct continuous monitoring of vendors using BitSight ratings, producing quarterly executive-level risk reports.
  • Maintain and update policies, standards, and procedures under the Policy Governance Framework in collaboration with cross-functional teams.

SENIOR ANALYST – TECHNOLOGY SECURITY DELIVERY

ACCENTURE CONSULTING, CHENNAI
CHENNAI
09.2021 - 09.2023
  • Delivered IT risk, availability, and resiliency assessments for multinational clients across Asia, Middle East, UK, and Automotive sectors.
  • Performed Business Impact Analysis (BIA)-driven availability assessments covering IT and OT systems.
  • Executed Risk Control Self-Assessments (RCSA) and identified control gaps with actionable remediation plans.
  • Supported TISAX audits and post-merger security risk assessments for newly acquired entities.
  • Contributed to enterprise control framework operations, including policy attestations, standards mapping, and SWIFT attestations.
  • Audited backup, disaster recovery, and business continuity controls against ISO 27001 and client frameworks.
  • Led UAE NESA to ISO 27001 control mapping initiatives.
  • Responded to external regulatory and audit queries, ensuring timely and accurate evidence submission.
  • Designed and executed enterprise phishing simulation campaigns to strengthen security awareness.

SENIOR EXECUTIVE – VENDOR RISK MANAGEMENT TEAM

HCL TECHNOLOGIES, CHENNAI
CHENNAI
11.2019 - 09.2021
  • Conducted remote and onsite third-party risk assessments for global vendors supporting HCL and their clients.
  • Classified vendors using risk tiering models based on data sensitivity, service criticality, Physical and Network access levels.
  • Assessed vendor controls using SOC 2 Type II reports.
  • Performed contractual security clause reviews to ensure regulatory and information security compliance.
  • Documented risk findings, tracked remediation actions, and prepared executive risk assessment reports.
  • Prepared risk acceptance memos, vendor summaries, and management presentations aligned with vendor’s risk appetite.

INFORMATION SECURITY CONSULTANT – THIRD-PARTY RISK ASSESSMENT

TATA CONSULTANCY SERVICES (TCS), CHENNAI
CHENNAI
02.2016 - 11.2019
  • Utilized Hiperos Platform to understand the engagement details of the vendor through the Infosec questionnaire.
  • Prepared risk acceptance memos, vendor summaries, and management presentations aligned with vendor’s risk appetite.
  • Assessed vendor controls using SOC 2 Type II reports, ISO 27001.

BUSINESS PROCESS LEAD (RISK & CONTROLS)

TATA CONSULTANCY SERVICES (TCS), BENGALURU
BENGALURU
07.2015 - 01.2016
  • Performed Fund Accounting operations across financial services processes for a global banking client.
  • Ensured all evidence and screenshots were audit-compliant and revised process Standard Operating Procedures to maintain audit readiness.
  • Resolved discrepancies in final fund NAV and executed reconciliation of original and dummy funds, ensuring financial integrity and audit readiness.

Education

Post Graduate Diploma in Management - PGDM

THIAGARAJAR SCHOOL OF MANAGEMENT
MADURAI
01.2014

Bachelor of - Computer Science

SHRIMATHI INDIRA GANDHI COLLEGE
TRICHY
01.2011

Skills

  • Third-Party Risk Management (TPRM)
  • ISO/IEC 27001:2022 Implementation & Audit
  • NIST CSF & Risk Management Framework
  • Risk Assessments & Risk Mitigation Programs
  • SaaS Security & Cloud Compliance
  • Information Security Metrics & KPIs
  • Policy Governance & Control Frameworks
  • Audit Management & Regulatory Response
  • GRC Tools & Platforms (Vanta, Archer, ServiceNow, Hiperos, Metrics Stream, Bitsight)

Accomplishments

  • Star Performer – Business Resiliency Program (TCS)
  • Best Performer – Vendor Risk Assessments (HCL Technologies)
  • Multiple client commendations for accelerated assessment delivery

Certification

  • ISO 42001 Lead auditor Certification 2025
  • Certification on GDPR and NIST implementation 2025
  • Certified Information and Systems Auditing from ISACA(CISA) 2024
  • CRiSP certification from BSI Training Academy 2018

Timeline

CYBERSECURITY RISK ANALYST

INGRAM MICRO SSC PRIVATE LIMITED, CHENNAI
09.2023 - Current

SENIOR ANALYST – TECHNOLOGY SECURITY DELIVERY

ACCENTURE CONSULTING, CHENNAI
09.2021 - 09.2023

SENIOR EXECUTIVE – VENDOR RISK MANAGEMENT TEAM

HCL TECHNOLOGIES, CHENNAI
11.2019 - 09.2021

INFORMATION SECURITY CONSULTANT – THIRD-PARTY RISK ASSESSMENT

TATA CONSULTANCY SERVICES (TCS), CHENNAI
02.2016 - 11.2019

BUSINESS PROCESS LEAD (RISK & CONTROLS)

TATA CONSULTANCY SERVICES (TCS), BENGALURU
07.2015 - 01.2016

Bachelor of - Computer Science

SHRIMATHI INDIRA GANDHI COLLEGE

Post Graduate Diploma in Management - PGDM

THIAGARAJAR SCHOOL OF MANAGEMENT

Personal Information

Title: IT GRC | Cyber security Risk & Compliance | ISO 27001 | SOC | Third-Party Risk Management

Similar Profiles

  • Shane AlvesShane Alves

    Cybersecurity Risk Analyst at University of FloridaCybersecurity Risk Analyst at University of Florida

  • Uwem EssienUwem Essien

    Cybersecurity Risk Analyst at Gelson's CorporationCybersecurity Risk Analyst at Gelson's Corporation

  • Mohiuddin ShaikMohiuddin Shaik

    Senior GRC Analyst at UltraViolet CyberSenior GRC Analyst at UltraViolet Cyber

  • VIVEK CHALLAVIVEK CHALLA

    GOVERNANCE & RISK MANAGEMNET TRAINING at PROTECTE ACADEMYGOVERNANCE & RISK MANAGEMNET TRAINING at PROTECTE ACADEMY

CREATE PROFILE
AKILANDESWARI ASOKAN