Jayant Mali
Consultant at Deloitte
Karad
Summary
Experienced ISO 27001 Lead Auditor and Security Consultant with over 3 years of expertise in information security. Specializes in risk assessments, TPRM, PCI DSS, GDPR compliance, and internal audits. Proficient in developing security policies, delivering information security awareness training, and ensuring adherence to industry standards. Skilled in implementing and managing security frameworks, mitigating risks, and enhancing third-party vendor management. Certified ISO 27001 Lead Auditor with a strong dedication to safeguarding organizations against evolving cyber threats.
Overview
4
4
years of professional experience
3
3
years of post-secondary education
1
1
Certification
Work History
Consultant
Deloitte
Pune
09.2023 - Current
- Conducted gap assessment and addressed identified gaps for the Data Protection and Privacy Act (DPDPA) compliance.
- Contributed to the implementation of the VDA framework, achieving various maturity levels across multiple domains.
- Performed internal control testing for information security (IS) and IT-related controls.
- Led the gap assessment and improvement initiatives for ISO 27001:2022 migration.
- Developed internal awareness training materials based on organization-specific controls.
- Prepared internal documentation, including project proposals and analysis of client requirements.
- Collaborated with cross-functional teams to successfully deliver comprehensive solutions for clients.
- Evaluated client needs and expectations, establishing clear goals for each consulting engagement.
Associate Cyber Security
Black Box
Mumbai
02.2022 - 09.2023
- Conducted internal audits based on the ISO 27001 standard.
- Designed policies and procedure documents for various regulatory requirements.
- Performed risk assessments and risk treatment to identify and mitigate potential security risks.
- Delivered Information Security Awareness Trainings.
- Implemented the conversion of ISO 27001:2013 to ISO 27001:2022.
- Assessed various PCI DSS scoped applications, incorporating controls received from auditors.
- Conducted onsite Third-Party Risk Management (TPRM) audits.
- Developed and implemented comprehensive TPRM checklists to evaluate and monitor third-party vendors, ensuring compliance with regulatory requirements and industry standards.
- Collaborated with cross-functional teams to identify and mitigate potential risks associated with third-party relationships, resulting in enhanced vendor selection and ongoing risk mitigation strategies.
Associate Information Security Consultant
Risk Quotient Consultancy
Mumbai
08.2021 - 02.2022
- Designed and implemented policy and procedure documents for various compliance standards.
- Worked on risk acceptance documentation for risks identified during risk assessments, VAPT processes, etc.
- Created various checklists for different departments to ensure compliance with requirements.
- Conducted information security awareness training and user awareness campaigns.
- Conducted Third-Party Risk Management (TPRM) audits.
- Increased organizational awareness of cybersecurity threats by delivering engaging employee training sessions on safe online practices.
Assoicate Intern
ProcessLOGIX Consulting
Pune
05.2021 - 08.2021
- Designed and implemented policy and procedure documents for ISO 27001:2013.
- Captured process flows and identified personal data within the context of GDPR.
- Created and maintained a comprehensive process flow and personal data register for various processes, ensuring compliance with GDPR requirements.
- Conducted Data Protection Impact Assessments (DPIA) to identify and mitigate risks associated with the processing of personal data.
Intern
TechAryans
Pune
02.2021 - 04.2021
- Worked on updating policy and procedure documents and conducted annual reviews.
- Created security awareness training modules and conducted security awareness trainings.
- Supported staff members in their daily tasks, reducing workload burden and allowing for increased focus on higher-priority assignments.
Education
MCA -
Government College of Engineering
Karad, India 06.2018 - 06.2021
Skills
ISO 27001
IT Audit
Data Privacy
Control Testing
TPRM
Risk Assessment
Compliance Management
Awareness and Training
MS office
Client requirements assessment
Project management
Certification
ISO/IEC 27001:2013 Lead Auditor
Timeline
Consultant
Deloitte
09.2023 - Current
Associate Cyber Security
Black Box
02.2022 - 09.2023
ISO/IEC 27001:2013 Lead Auditor
02-2022
Associate Information Security Consultant
Risk Quotient Consultancy
08.2021 - 02.2022
Assoicate Intern
ProcessLOGIX Consulting
05.2021 - 08.2021
Intern
TechAryans
02.2021 - 04.2021
MCA -
Government College of Engineering
06.2018 - 06.2021
Similar Profiles
Sijimol JoySijimol Joy
Tax Consultant at DeloitteTax Consultant at Deloitte
Albert Laurentiu IonAlbert Laurentiu Ion
Junior Information Technology Consultant at DeloitteJunior Information Technology Consultant at Deloitte
Mandisa MhlabaMandisa Mhlaba
Administrator Support Assistant at DeloitteAdministrator Support Assistant at Deloitte
Heather LoganHeather Logan
Senior Consultant, Tableau SME/Server Administrator at DeloitteSenior Consultant, Tableau SME/Server Administrator at Deloitte
PRIYANKA KAMBALEPRIYANKA KAMBALE
Assistant Clerk at Pinewood international high schoolAssistant Clerk at Pinewood international high school