Dhairya Giri

Focus Area:

• Financial Services Sector Go to Market Leader and Compliance competency Lead for Strategy, Risk, Compliance and data protection in cyber security practice.
• Practice and competency development
• Global Client relationship management
• RFP Response and Project Budgeting
• Delivery Excellence and Team Management

Professional Experience:

• Managed Program governance and led workshops to Implement ISMS (ISO 27001) worldwide for leading global marketing communications organization covering more than 600 agencies across world.
• Led Enterprise IT Governance implementation for one of the largest governmental institutions in the United Arab Emirates (UAE).
• Project Management for consultancy engagements on Privacy framework implementation based on GDPR and various other Data Protection standards (PDP/27701) for multiple clients.
• Developed and implemented Enterprise Security Architecture including risk management and cybersecurity frameworks and processes based on NIST, ISO 27001/27701/20000/22301 for multiple Data Centre's , Utility and BFSI organizations across EMEIA region.
• Managed planning and project management for multiple cyber security assessments and compliance control testing for various Banking clients based at Americas region.
• Driven cyber security initiative for flagship initiative under Digital India in areas of Security Governance, Risk & Compliance , IT Infrastructure assessment, SOC/SIEM review , Threat and Vulnerability Management.
• Project Management for implementation of eMail for Government of India for 5 million government employees.
• Performed Cyber maturity assessment based on NIST/ ISO 27001 and creation of security strategy, roadmap, RACI, KPIs/KRIs development for various clients including Government departments, world's largest philanthropy organization.
• Engagement Manager and Team lead for engagement to review internal controls for global not for profit organization (From United Nation) for Philippines and Samoa location, process included review of IT controls assessment from operational effectiveness as well as design prospective.
• Delivered Cyber security and Incident response training at multiple global cyber drills events organized by International Telecommunication Unit (ITU).
• Implemented ISMS/ISO 27001 and ISO 20000 involving risk assessments, policy and procedure preparation, SOA, Internal and external audit, certifications and surveillance audit for client having 40 locations.
• Managed publication of various thought leaderships on Cyber Security and business development handouts for setting up of Cyber Security Incident Response team.
• Drove performance of staff by creating incentives and positive work atmosphere and administering recognition and rewards programs.
• Managed recruitment team and educated and mentored new team members.

Focus Areas:

• Cyber Strategy and target operating model
• IT General Controls Audits
• Drafted Policies and Procedures based on ISO27001/NIST/22301
• Risk based control design, benchmarking, implementation
• Third Party Assessments

Professional Experience:

• Performed Risk based control design, benchmarking, implementation, evaluation, mitigation and deficiency reporting for controls covering IT and business process controls;
• Managed IT audits, undertaking testing of IT general controls across various sectors and covering wide range of organizations in terms of both size and complexity.
• Team lead for Third Party Assessment on behalf of US Conglomerate which had outsourced its processes to leading IT Organization in India and China.
• Defined and implemented IT operational procedures and provided practical background needed to successfully adopt control environment that is required to comply with government regulations.
• Performed IT Risk Assessment Reviews for major global banks and corporate examining and advising on control improvement and testing design and operating effectiveness of key IT controls.
• Conducted Information Security Audit for one of Nationalized bank in India.
• Conducted SAS 70/ ISAE 3402 and SOX review for international location (China) of leading BPO. Engagement involved design and evaluation of significant controls in IT environment for all significant locations and business units.
• Led and coordinated several IT Audit engagements as part of financial audit support covering general IT controls and business process controls for multiple sectors.
• Selected for Secondment to KPMG, Singapore. During my tenure in Singapore worked on multiple FS clients of KPMG Singapore involved in IT general control Review as part of statutory audits.