K Venkata Reddy Naidu
Hyderabad
Summary
Over 3 years of experience in Information Security, specializing in ISMS, compliance, vendor risk management, audits, and risk assessment. Proven ability to manage risk-based, customer-centric security programs while ensuring compliance with corporate policies and contractual obligations. Skilled in collaborating with cross-functional teams and vendors to implement, manage, and enhance security controls for effective risk mitigation and ongoing compliance.
Overview
3
3
years of professional experience
1
1
Certification
Work History
Information Security GRC & ISO 27001 Compliance Professional
Tata Consultancy Services
12.2021 - Current
- Conduct internal audits across multiple departments to ensure ISO 27001 compliance
- Develop audit reports outlining non-conformities and recommendations for security improvements
- Validate the Statement of Applicability (SoA) to align with security controls
- Monitor and ensure corrective and preventive actions (CAPA) are implemented effectively
- Develop Risk Assessment Methodology based on ISO 31000
- Conduct risk assessments across IT infrastructure, applications, and business processes
- Maintain Risk Registers and ensure continuous risk monitoring
- Lead ISO 27001 implementation across the organization
- Develop, review, and refine security policies and guidelines
- Conduct Business Impact Analysis (BIA) and define asset recovery priorities
- Conduct security awareness programs and phishing simulation exercises
- Train employees on security best practices and risk mitigation
- Assess vendor security risk and ensure third-party compliance
- Work with procurement and legal teams to evaluate vendor security clauses
- Develop annual audit plans and define audit scope
- Present audit findings to senior management and provide strategic recommendations
- Track corrective actions post-audits and ensure timely remediation
- Assist in policy and procedure enhancements to address evolving threats
Education
B.Tech - Electronics and Communication Engineering
Vishnu Institute of Technology
Intermediate -
Aditya Junior College
10th Standard -
Bhashyam High School
Skills
- ISO 27001:2013 & 2022 Frameworks
- ISO 31000 Risk Management Standard
- Information Security & Compliance
- Risk Assessment & Treatment
- Security Audits & Internal Audit Planning
- Vendor Risk Management
- Security Awareness Training
- IT Policies & Procedure Development
- Incident Response & Remediation
- Security Awareness Training
- IT Policies & Procedure Development
- Incident Response & Remediation
Certification
ISO 27001 Lead Auditor (LA), Training Underway
Disclaimer
I hereby declare that the furnished information is true to the best of my knowledge.
Timeline
Information Security GRC & ISO 27001 Compliance Professional
Tata Consultancy Services
12.2021 - Current
Intermediate -
Aditya Junior College
10th Standard -
Bhashyam High School
B.Tech - Electronics and Communication Engineering
Vishnu Institute of Technology
Similar Profiles
Vrunda ChindhadeVrunda Chindhade
HR Manager at Tata Consultancy Services, TCS, Tata Consultancy Services LimitedHR Manager at Tata Consultancy Services, TCS, Tata Consultancy Services Limited
Sreya BasuSreya Basu
Procare Analyst at Tata Steel(Tata Consultancy Services)Procare Analyst at Tata Steel(Tata Consultancy Services)
Arun VArun V
Program Manager at Tata consultancy services | Financial Ombudsman ServicesProgram Manager at Tata consultancy services | Financial Ombudsman Services
Naimish AgnihotriNaimish Agnihotri
Assistant Delivery Manager at Tata Consultancy Services, Global Shared ServicesAssistant Delivery Manager at Tata Consultancy Services, Global Shared Services
GEETHA MADHURI KANTUGEETHA MADHURI KANTU
Analyst at SailPoint IdentityNowAnalyst at SailPoint IdentityNow