Summary
Overview
Work History
Education
Skills
Websites
Languages
Timeline
Generic
Mark Sequeira

Mark Sequeira

Information Security & Compliance Specialist
Mumbai

Summary

Experienced Compliance and Information Security Specialist with over 7 years of expertise in:

SOC 2 Audits
ISO 27001:2013 ISMS
CSA Star Level 2
PCI DSS Self-Assessment
IT General Controls (ITGC) Review
Third-Party Risk Management (TPRM)
Data Privacy and GDPR
Data Protection Impact Assessments (DPIA)
Internal Audits and Compliance Reviews

Overview

8
8
years of professional experience
4
4
years of post-secondary education

Work History

Information Security & Compliance Specialist

BrowserStack
04.2024 - Current

1. Ensuring regulatory compliance across product development.
2. Developing and implementing tailored compliance policies and procedures.
3. Conducting risk assessments and implementing strategies to mitigate compliance risks.
4. Managing product testing and certification processes to meet safety and regulatory standards.
5. Leading internal audits and monitoring compliance metrics to drive continuous improvement.
6. Providing training and fostering a culture of compliance across departments.
7. Handling incident response and investigations, ensuring prompt corrective actions.
8. Collaborating cross-functionally to integrate compliance into all stages of the product lifecycle.
9. Overseeing vendor and supplier compliance to uphold standards and mitigate risks.
10. Evaluating products before General Availability (GA) to ensure compliance with regulatory requirements and internal policies.

  • Assessed fees related to registration of property-related documents

Senior Information Security & Compliance Specialist

BrowserStack
9 2021 - 03.2024
  • 1. Conducted Internal SOC 2 audits, ensuring compliance with industry standards.
    2. Assisted in achieving CSA Star Level 2 certification for enhanced information security.
    3. Managed External audits, facilitating smooth audit processes.
    4. Reviewed Master Services Agreements (MSA) and Data Processing Agreements (DPA) for security compliance.
    5. Communicated with customers to address information security concerns.
    6. Conducted Data Protection Impact Assessments (DPIA) for new products.
    7. Led Third-Party Vendor Risk Assessments to evaluate security risks.
    8. Managed Internal Compliance initiatives to meet industry standards and regulatory requirements.
    9. Implemented Data Loss Prevention (DLP) measures to safeguard sensitive information.

Assistant Manager

Deloitte
06.2021 - 08.2021

Led SOC Reporting (SSAE 18 / ISAE 3402) engagements and IT controls assurance:

  • Directed teams in executing timely SOC Reporting engagements for IT service providers and manufacturing clients.
  • Managed testing of controls across operations management, network security, access management, and configuration management domains.
  • Conducted security configuration reviews on diverse IT systems (Windows, UNIX, Linux, AS/400, SQL, Oracle).
  • Oversaw reviews of Logical Security, Change Management, Physical Security, and Environmental safeguards for critical financial applications.
  • Provided leadership and guidance to ensure compliance and security best practices.

Consultant

Deloitte
09.2019 - 05.2021

Collaborated on SSAE 18 / ISAE 3402 SOC Reporting engagements:

  • Reviewed controls for Infrastructure Management and Application Development services at top IT providers.
  • Tested operations management, network security, access management, capacity management, and configuration controls.
  • Evaluated security configurations on Windows, UNIX, Linux, AS/400, SQL, and Oracle systems.
  • Assessed design and effectiveness of Logical Security, Change Management, Physical Security, and Environmental safeguards for critical financial applications at IT and manufacturing leaders.

Cyber Security Analyst

BDO
02.2018 - 08.2019
  • Performed Application security assessment for major public sector banks of India
  • Performed internal and external vulnerability assessment and penetration testing of servers and configuration audit of network devices and servers on banking applications for one of major public sector banks
  • Performed ITGC review for various clients based in Media and entertainment, construction, Telecom and IT industry
  • Audits included effective review of internal IT processes, management review meetings, risk assessment etc
  • Conducted vendor risk management reviews for multiple public and private sector banks of the country.

IT Associate

Raychem RPG (P) Ltd.
04.2017 - 01.2018

Supported ISO 27001:2013 implementation in a major manufacturing industry, focusing on:

  • Building Information Asset Registers
  • Conducting Information Security Risk assessments
  • Preparing ISO 27001:2013 ISMS Documentation
  • Implementing ISMS Security Controls and conducting Internal Audits

Conducted independent IT risk assessments across operational and IT processes, including:

  • Establishing a threat vulnerability repository
  • Identifying threats, vulnerabilities, and existing controls
  • Evaluating and assessing risk severity
  • Implementing risk mitigating controls
  • Assessing residual risk

Education

Bachelor of Engineering - BE - Electrical, Electronic and Communications Engineering

St. Francis Institute Of Technology
01.2012 - 01.2016

Skills

ISO 27001

Websites

Languages

English
Bilingual or Proficient (C2)
Hindi
Bilingual or Proficient (C2)
Marathi
Bilingual or Proficient (C2)

Timeline

Information Security & Compliance Specialist

BrowserStack
04.2024 - Current

Assistant Manager

Deloitte
06.2021 - 08.2021

Consultant

Deloitte
09.2019 - 05.2021

Cyber Security Analyst

BDO
02.2018 - 08.2019

IT Associate

Raychem RPG (P) Ltd.
04.2017 - 01.2018

Bachelor of Engineering - BE - Electrical, Electronic and Communications Engineering

St. Francis Institute Of Technology
01.2012 - 01.2016

Senior Information Security & Compliance Specialist

BrowserStack
9 2021 - 03.2024

Similar Profiles

CREATE PROFILE
Mark SequeiraInformation Security & Compliance Specialist