Football, Cricket, Dance and a Pro-Gamer
Avrajyoti Hore
Information Security Auditor
Bangalore
Summary
Dedicated and detail-oriented Information Security Auditor with almost a decade of experience. Eager to carry out an independent appraisal of the effectiveness of the security policies, procedures, and standards by which organization's financial, physical and information resources are managed, acting as a facilitator in business risk management and carrying out value for money reviews, thereby assisting the management and the trustees of the organization in the effective discharge of their responsibilities.
Overview
10
10
years of professional experience
16
16
years of post-secondary education
1
1
Certificate
1
1
Language
Work History
Information Security Auditor
RWS
Bangalore
09.2019 - Current
- Perform Internal ISMS audits for all the locations in the certification scope (8 locations) and different processes across RWS.
- Worked with framing the Information Security policies, procedures, process documents.
- Schedule meetings with the process owners to confirm remediation plans are being developed along with the need for mitigating controls if necessary.
- Performed numerous GAP assessments for different processes and locations to aid them to be ISO certified.
- Supported in the SOC 2 type 2 audit for the internal cloud operations part of RWS.
- Assisted RWS in achieving ISO 27001 and ISO 9000 external certification.
- Maintaining the Non-Conformity tracker and track the NC’s raised external/internal till closure.
- Worked on Vendor Risk assessment. Set up the entire VRM process from scratch.
- Currently working on building the entire risk management process for the organization along with the internal audit.
Senior GRC Consultant
Mindtree Ltd
Bangalore
05.2017 - 08.2019
- Worked for CompuCom and WK (Wolters Kluwer)
- Audit of Logical security controls of the applications based on the compliance requirement of ISO & PCI.
- Perform Firewall Review Quarterly to meet the PCI Compliance.
- Assist client in SOC 1 and SOC 2 as when required by the clients
- Conduct Risk assessments for the 3rd party applications and identify the gaps & recommended controls and ensured that new applications do not bring additional risks to the organization.
- Assisted the client in achieving ISO 27001 and ISO 20000 external certification.
- Create RFP for different clients and to present our service delivery.
- Assisted the GRC Manager or the InfoSec team Lead in conducting internal audits, SOC Audits, SOX, ISO 27001, ISO 20000, ISO 9000, etc.
- Worked with framing the ISO policies, procedures, process documents.
Internal Auditor
HSBC Technology and Services
Pune, Maharashtra
03.2015 - 02.2017
- Worked for Project Core Banking (Retail Processing Systems) in Mainframes later switched to the Information Security team of HSBC.
- Maintaining the proper logs and the security incident count of all the reviewed tickets.
- Corrective Action & preventive action (CAPA), Gap analysis, lessons learned, keep track of trainings.
- Maintain and review of all the external Non Conformities logged and follo up on them using a GRC tool.
- Host a quarterly management review meeting for ISO.
- Update the policy, procedure, role description, process documents.
- Reviewing the CRs, TRs, PRs actively.
- Be a part of the ISO 9001 and 27001 external audit.
Software Engineer
IGATE GLOBAL SOLUTIONS
Pune, Maharashtra
09.2013 - 02.2015
- Project MetLife A&H Production Management (CHARLIE, PW); Type : Insurance.
- Understanding the functionalities and creating the business logic as per customer specifications.
- Investigating the inventory and records and monitoring scheduled jobs/reason for failures.
- Work with the process owners to get all the evidence required during any audit.
- Create or update policy documents.
- Preparation of effective test cases to facilitate testing.
- Understanding the corporate and government policies.
Education
Bachelor of Engineering - Electrical And Electronics
M.S.Ramaiah Institute of Technology
Bangalore, India 04.2009 - 05.2013
Class 12
Army Public School, Bengdubi
Siliguri, India 04.2007 - 03.2009
Class 10 -
Don Bosco School
Siliguri, India 03.1997 - 03.2007
Skills
ISO 27001, ISO 9000, ISO 31000, ISO 20000
Accomplishments
- Insurance domain training from IGATE
- ISO 27001 LA certification
- Attended multiple workshops for ISMS, Risk Management and BCP/DRP
- Studied full CISA and CRISC course .
- Attended AGILE and SCRUMMASTER training.
- ITGC and SOC certification.
Certification
ISO 27001 Lead Auditor and ITGC
Interests
Timeline
ISO 27001 Lead Auditor and ITGC
07-2021
Information Security Auditor
RWS
09.2019 - Current
Senior GRC Consultant
Mindtree Ltd
05.2017 - 08.2019
Internal Auditor
HSBC Technology and Services
03.2015 - 02.2017
Software Engineer
IGATE GLOBAL SOLUTIONS
09.2013 - 02.2015
Bachelor of Engineering - Electrical And Electronics
M.S.Ramaiah Institute of Technology
04.2009 - 05.2013
Class 12
Army Public School, Bengdubi
04.2007 - 03.2009
Class 10 -
Don Bosco School
03.1997 - 03.2007
Similar Profiles
Khalid AbdullahKhalid Abdullah
SSC Finance-Subject Matter Expert-O2C at RWSSSC Finance-Subject Matter Expert-O2C at RWS
Kyrah BetseyKyrah Betsey
Quality Rater at RWSQuality Rater at RWS
Jessey PfeifferJessey Pfeiffer
Search Quality Rater at RWSSearch Quality Rater at RWS
Michele SchlapferMichele Schlapfer
Human Resources Generalist at RWSHuman Resources Generalist at RWS
Muskan JainMuskan Jain
Associate – Bid Management at Subex Ltd.Associate – Bid Management at Subex Ltd.