Summary
Overview
Work History
Education
Skills
Languages
Timeline
Academicsandcertifications
Teammanagement
Personal Information
Objective
Certifications
Team/People management
Roles And Responsibilities
Personal Information
AccountManager
AVINASH NAROTE

AVINASH NAROTE

Security Consultant
Hyderabad,TG

Summary

Experienced and results-driven Information Security Professional, specializing in compliance, risk management, and safeguarding organizational assets. Skilled in performing gap assessments for newly integrated accounts, ensuring seamless alignment with ISMS standards. Demonstrates expertise in developing and enhancing security programs, as well as designing and implementing measures to achieve PCI DSS compliance. Proficient in conducting security assessments, managing external audits (ISO 27001, SOC 2, SOC 1, PCI DSS, NIST), and leading incident response protocols to mitigate risks effectively. Adept in delivering security training and awareness programs, driving business continuity management, Demonstrates excellence in team leadership, mentoring, and fostering collaboration to achieve organizational goals. Strong background in handling cross-functional teams, delegating tasks, and promoting a positive and productive work environment. Committed to maintaining high standards of information security while driving operational excellence and organizational resilience.

Overview

16
16
years of professional experience

Work History

Security Consultant - Information Security

Tech Mahindra
08.2014 - Current
  • Led the end-to-end delivery of security practices and processes, ensuring operational governance and regulatory compliance across multiple locations
  • Spearheaded security awareness campaigns, achieving 100% employee participation and fostering a culture of security consciousness
  • Provided SME guidance to Data Security Guardians and contributed to compliance governance to security standards
  • Analyzed security threats and implemented risk mitigation strategies
  • Identified, analyzed, and mitigated security threats, implementing proactive risk management strategies to safeguard business operations
  • Ensured Information Security compliance for the entire BSG International accounts cluster, covering 150+ accounts across the IND, US & EU regions.
  • Managing external/supplier audit and to ensure there is no Non-Compliances/Breach of contract for the Account Incident Management: Analysis of incidents, recommending/ initiating/ tracking corrective, and preventive actions at the location Represent ISG at customer meetings, security presentations at the location
  • Handling location ISG service request as per ISG service Catalogue Meeting and exceeding Customer Expectations on Information Security Requirements
  • Strengthened Business Continuity Planning (BCP) and Disaster Recovery (DR) preparedness across managed accounts, improving resilience
  • Convened the Information Security Management Forum biannually, reporting key security risks and effectiveness insights to senior leadership
  • Communicate the Information Security Group Policy, Security Programs to the organization through ongoing Security Training and Awareness Regularly
  • Regularly communicated Security Objectives for improvement plans to stakeholders and support functions
  • Timely reporting of security metrics of the customer business unit and location to the relevant stakeholders
  • Delivered end-to-end implementation of ISO 27001, ISO 27701, and compliance with legal, statutory, and contractual security requirements across diverse business verticals., spread over geographies
  • Audit/Gap Assessment Risk based, standard based, contract-based audits and gap assessments
  • Coordinated to complete the PCI DSS certification for 15+accounts including India, Philippines, and UK locations.

Team Lead

Tech Mahindra
05.2009 - 08.2014
  • Trained new team members by relaying information on company procedures and safety requirements.
  • Coached team members in techniques necessary to complete job tasks.
  • Enhanced overall team performance by providing regular coaching, feedback, and skill development opportunities.
  • Collaborated with other department leads to streamline workflows, improve interdepartmental coordination, and achieve business goals collectively.
  • Conducted regular progress reviews with individual team members to identify areas for improvement and provide guidance on career development opportunities.
  • Influenced positive change within the organization through strategic thinking, innovation, problem-solving abilities, and consistent leadership style.

Education

Bachelor of Science - Science, Technology

Vinayaka Missions University
Selam, TN /
08.2005

Skills

  • Information security compliance and risk management
  • Security program development and implementation
  • Security awareness and training
  • Security assessments and audits
  • Incident response and management
  • Business continuity management
  • Internal and external ISO 27001 audits
  • Information security policies and procedures
  • Leadership & Mentoring
  • Vulnerability Management
  • PCI DSS Compliance Implementation
  • Working with third-party vendors to ensure their compliance with required standards

Languages

English
Advanced (C1)
Hindi
Advanced (C1)
Telugu
Upper intermediate (B2)
Marathi
Upper intermediate (B2)
Kannada
Advanced (C1)

Timeline

Security Consultant - Information Security

Tech Mahindra
08.2014 - Current

Team Lead

Tech Mahindra
05.2009 - 08.2014

Bachelor of Science - Science, Technology

Vinayaka Missions University

Academicsandcertifications

  • Completed Graduation in BSC (MPC) In 2005.
  • Lead Auditor ISO 27001 Certification from Intertek.
  • PCI DSS Ver 3.2.1 CPISI (Certified Payment Card Industry Security Implementor).
  • Privacy Information Management System ISO 27701:2019 from Intertek.
  • Implementation for Risk Management Guidelines as per ISO 31000: 2018.
  • Certified in Cyber Security (CC) from ISC2.
  • Secured certification in ITIL-V3 in 2018.

Teammanagement

  • Demonstrating the ability to inspire and guide teams toward achieving goals
  • Managed conflict resolution processes, reducing team disputes and promoting a
    positive work culture
  • Creating collaborative and cohesive environments that foster productivity
  • Implemented performance management strategies, resulting growth in team
    productivity
  • Streamlined communication channels between internal teams and external vendors
    for efficient project/Audit coordination
  • Established and maintained strong partnerships with vendors to ensure seamless
    delivery of services during PCIDSS and ISO 27001 audits
  • Acted as a bridge between vendors and stakeholders, ensuring clear understanding of project/Audit requirements

Personal Information

  • Father's Name: N. Dhondiba Rao
  • Date of Birth: 08/23/78
  • Marital Status: Married

Objective

To associate with an organization which progresses dynamically and gives me an opportunity to enhance my skills and be part of the team and lead that excels in work towards growth of the Organization while contributing my best and gives me satisfaction.

Certifications

  • Lead Auditor ISO 27001 Certification from Intertek.
  • PCIDSS CPISI (Certified Payment Card Industry Security Implementor).
  • Privacy Information Management System ISO 27701:2019 from Intertek.
  • Implementation for Risk Management Guidelines as per ISO 31000: 2018.
  • Certified in Cyber Security (CC) from ISC2.
  • Secured certification in ITIL-V3 in 2018.

Team/People management

  • Demonstrating the ability to inspire and guide teams toward achieving goals
  • Managed conflict resolution processes, reducing team disputes and promoting a
    positive work culture
  • Creating collaborative and cohesive environments that foster productivity
  • Implemented performance management strategies, resulting growth in team
    productivity
  • Streamlined communication channels between internal teams and external vendors
    for efficient project/Audit coordination
  • Established and maintained strong partnerships with vendors to ensure seamless
    delivery of services during PCIDSS and ISO 27001 audits
  • Acted as a bridge between vendors and stakeholders, ensuring clear understanding of
    project/Audit requirements

Roles And Responsibilities

  • · Develop and implement information security policies, procedures, and standards
  • · Conduct regular security audits and risk assessments to identify vulnerabilities and weaknesses
  • · Collaborate with IT and other departments to ensure security controls are in place and operating effectively
  • · Provide security awareness training and phishing simulations for employees
  • · Manage and respond to security incidents and breaches, including notification and reporting
  • Develop and maintain compliance reports and dashboards for management and stakeholders
  • Tracking security metrics and benchmarks to measure program effectiveness
  • Lead and manage a team of security professionals to achieve program goals and objectives.
  • Assisted in the creation of BCP document in accordance with team keeping in the view the RTO, RPO, BIA, Damage Assessor etc.

Audits:

  • Coordinated ISMS / PCI DSS / SOC 1,2 /Client audits with external auditors and internal stakeholders.
  • Gathered and prepared audit evidence and documentation
  • Communicated with auditors, management, and stakeholders to ensure successful audit outcomes
  • Tracked and reported on remediation efforts for audit findings and recommendations
  • Reviewed and analyzed audit reports to identify areas for improvement
  • Ensured compliance with industry standards and regulations
  • Implemented process improvements to enhance audit efficiency and effectiveness.

Personal Information

  • Father's Name: N. Dhondiba Rao
  • Date of Birth: 08/23/78
  • Marital Status: Married

Similar Profiles

CREATE PROFILE
AVINASH NAROTESecurity Consultant