Summary
Overview
Work History
Education
Skills
Websites
Certification
Languages
Awards
Hobbies and Interests
Personal Information
Timeline
Generic

AMRENDRA SINHA

Pune,Maharashtra

Summary

Goal-oriented cybersecurity techno-leader with over 15 years of extensive experience in IT, cybersecurity, governance, risk & compliance (GRC), and project management. Skilled in leading cross-functional teams, overseeing security operations, implementing risk mitigation strategies, and aligning security practices with business goals. Demonstrated track record of successfully managing audits, deploying enterprise-wide security solutions, and crafting effective IT policies.

Overview

15
15
years of professional experience
1
1
Certification

Work History

Manager - Head of Security

WIBMO (PayU)
03.2025 - Current
  • Manage internal and external audits to ensure organizational compliance with security and regulatory standards.
  • Lead and coordinate bank audits as part of a fintech security product company.
  • Ensure adherence to global compliance frameworks including GDPR, PCI-DSS, PCI-3DS, DORA, SOX, ISO 27001, and ISO 22301.
  • Drive Third-Party Risk Management (TPRM) programs to ensure all vendors meet required security standards.
  • Oversee Vulnerability Assessments and Penetration Testing (VAPT) and ensure timely remediation of vulnerabilities.
  • Conduct quarterly steering committee meetings, ensuring all updated documents are reviewed and approved.
  • Review customer agreements from a Governance, Risk, and Compliance (GRC) perspective to ensure inclusion of appropriate legal and security clauses.
  • Manage end-to-end security team hiring, capability building, and leadership of cybersecurity programs.
  • Provide strategic oversight for security operations and governance initiatives across the organization.

Technical Information Security Officer

DWS (Deutsche Bank Group)
10.2023 - 03.2025
  • Program managed the 10+ Application Management Lifecycle, ensuring comprehensive security checks during onboarding.
  • Oversaw change management processes, meticulously documenting technical changes in Jira and Confluence.
  • Managed security risks through the Racer tool, achieving timely closure of VAPT vulnerabilities.
  • Conducted quarterly access management and reconciliation, significantly enhancing the organization's security posture.
  • Volunteered in ESG and CSR initiatives.
  • Developed plans to safeguard computer files against modification, destruction, or disclosure.
  • Conducted security audits to identify vulnerabilities.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Encrypted data and erected firewalls to protect confidential information.

GRC Consultant

Freelancer
11.2022 - 10.2023
  • Developed comprehensive policies, procedures, and guidelines for clients in alignment with ISO27001 standards.
  • Assisted clients with Third-Party Risk Management (TPRM) forms to enhance customer management processes.
  • Conducted training sessions to educate clients on compliance and risk management, improving their operational efficiency.
  • Looked at current and new merchants and individual sales to evaluate fraud, chargeback and compliance risks.
  • Passionate about learning and committed to continual improvement.

Manager - Security Engineering

Tsys - Global Payments
09.2021 - 11.2022
  • Managed a security engineering team of 30 across Pune and Manila, enhancing operational efficiency.
  • Oversaw the configuration and maintenance of critical network security tools, including IPS, IDS, and DLP.
  • Actively engaged in incident response activities, improving response times and reducing security incidents.
  • Spearheaded hiring initiatives and security awareness programs, fostering a culture of security within the organization.

Cybersecurity Project Manager & GRC Manager

Novac Technologies
03.2019 - 03.2021
  • Managed Risk Governance and Compliance initiatives for a fintech company, ensuring adherence to ISO 27001 and ISO 22301 standards.
  • Conducted comprehensive internal audits across IT, HR, Admin, Product, and Finance teams to identify and mitigate risks.
  • Collaborated with cross-functional teams to implement RBI and IRDA guidelines, enhancing regulatory compliance and operational efficiency.

Cybersecurity Project Manager

Tata Communications
09.2018 - 11.2018
  • Spearheaded the ArcSight implementation project, defining purpose, goals, and feasibility to enhance cyber security measures.
  • Developed comprehensive project plans, timelines, and risk management documents, ensuring effective resource allocation.
  • Coordinated cross-functional teams for hardware and software installations, achieving project milestones on schedule.
  • Created a lessons learned document, ensuring stakeholder needs were met and paving the way for future projects.
  • Identified plans and resources required to meet project goals and objectives.

Technical Project Manager

Novac Technology Solution
05.2017 - 08.2018
  • Developed project plans and managed project scope using methodologies to guide projects from conceptualization to implementation and maintenance.
  • Communicated project plans and progress to key stakeholders and project contributors.
  • Partnered with project team members to identify and quickly address problems.
  • Served as technical liaison, supporting engineering, management, procurement, sales, and marketing, quality assurance and supply base.
  • Managed cybersecurity projects including, PAM, DLP, WAF, and SOC implementation, ensuring robust security measures.
  • Collaborated with technical teams and vendors to conduct proof of concept for security tools, enhancing operational efficiency.
  • Led a team of 5, focusing on their appraisal and goal alignment, fostering a high-performance culture.

Information Security Analyst

Hewlett Packard Enterprise (HPE)
06.2015 - 05.2017
  • Analyzed security alerts using a combination of open-source and internal resources to identify potential threats.
  • Developed and tested SIEM rules, enhancing the efficiency of threat detection processes.
  • Collaborated with the SIEM engineering team to improve log management and architecture, ensuring robust security measures.
  • Actively participated in incident response, documenting alerts and updating IOCs from various intelligence sources.
  • Analyzed network traffic and system logs to detect malicious activities.
  • Gained strong leadership skills by managing projects from start to finish.

Network Engineer

Tata Consultancy Services (TCS)
01.2010 - 06.2015
  • Spearheaded the implementation of Solarwinds network monitoring tools, enhancing network visibility and performance.
  • Successfully integrated five modules, including NPM and SAM, to optimize server and application monitoring.
  • Contributed to a critical data center migration project, ensuring minimal downtime and seamless transition.
  • Executed LAN, WAN, and MAN configurations, utilizing routing protocols such as OSPF and BGP to enhance connectivity.
  • Spearheaded physical racking and cabling of network devices, ensuring organized and efficient setups.
  • Developed and implemented risk management documentation, contributing to improved organizational security and compliance.
  • Managed desktop environments by configuring and troubleshooting Windows and Linux operating systems.
  • Conducted hardware-level diagnostics and repairs, addressing issues with RAM, hard drives, and motherboards.
  • Provided support for applications like Outlook and AS400, enhancing user productivity and system reliability.
  • Contributed to a streamlined IT support process, reducing resolution times by 20%.

Education

MBA -

Liverpool Business School
Online
06.2026

B.Tech. - Electronics & Communication Engineering

Engineering College Bikaner
Bikaner
08.2009

12th -

DAV School
Patna
03.2004

10th -

Sunbeam School
Varanasi
03.2002

Skills

  • Information Security & Risk Management
  • Network & System Administration
  • GRC & Compliance (ISO 27001, RBI, IRDA)
  • Project & Program Governance
  • Security Architecture & Engineering
  • Audit Handling & Vendor Management
  • Team Leadership & Mentoring
  • Incident Management
  • Change Management
  • Asset Management

Certification

  • Lead Auditor ISO/IEC 27001:2013 – BSI
  • CISSP (40-hour training) – ISC2
  • LinkedIn Security Certifications

Languages

English
Hindi

Awards

  • TCS Gems – On-the-Spot Award
  • District Level Bronze Medalist – Taekwondo
  • Tabla Champion – SBI State Zone
  • Blogging Contest Winner
  • Cybersecurity Expert – AntWak Platform

Hobbies and Interests

  • Reading
  • Tabla
  • Writing
  • Music

Personal Information

Date of Birth: 02/07/86

Timeline

Manager - Head of Security

WIBMO (PayU)
03.2025 - Current

Technical Information Security Officer

DWS (Deutsche Bank Group)
10.2023 - 03.2025

GRC Consultant

Freelancer
11.2022 - 10.2023

Manager - Security Engineering

Tsys - Global Payments
09.2021 - 11.2022

Cybersecurity Project Manager & GRC Manager

Novac Technologies
03.2019 - 03.2021

Cybersecurity Project Manager

Tata Communications
09.2018 - 11.2018

Technical Project Manager

Novac Technology Solution
05.2017 - 08.2018

Information Security Analyst

Hewlett Packard Enterprise (HPE)
06.2015 - 05.2017

Network Engineer

Tata Consultancy Services (TCS)
01.2010 - 06.2015

MBA -

Liverpool Business School

B.Tech. - Electronics & Communication Engineering

Engineering College Bikaner

12th -

DAV School

10th -

Sunbeam School
AMRENDRA SINHA