Summary
Overview
Work History
Education
Skills
Websites
Certification
Disclaimer
Trainings And Seminars
Roles And Responsibilities
Timeline
Generic
Neha Bakshi

Neha Bakshi

Gurugram

Summary

With over 14 years of experience in Governance, Risk, and Compliance (GRC), Risk management and Data Privacy , I bring strong expertise in technology risk oversight, third-party risk assessments, and Risk and Control Self-Assessments (RCSA). I have led cross-functional engagements to evaluate control design and effectiveness related to data security, system availability, and infrastructure integrity, with a credible challenge mindset.

My work includes executing structured, data-driven risk reviews and providing insights on technology and cybersecurity risks through exploratory analysis using SQL and Excel. I have actively contributed to strengthening oversight mechanisms by integrating control testing and issue tracking processes across second-line functions.

In addition, I have supported the development and review of Information Security/data privacy policies, conducted privacy impact assessments, and advised on compliance with evolving privacy regulations such as DPDPA , in collaboration with legal and IT teams.

Overview

15
15
years of professional experience
1
1
Certification

Work History

Senior Manager

SBI Cards
05.2022 - Current

Senior Consultant

Factspan Analytics
03.2021 - 04.2022

Senior Advisor – Data and Privacy

Infosys Limited
03.2015 - 02.2021

Programmer Analyst

Cognizant Technology Solutions
01.2014 - 03.2015

Associate Consultant

Capgemini India Pvt. Ltd.
10.2010 - 12.2013

Education

B.Tech - Information Technology

SRM University
Chennai, Tamil Nadu
05.2010

Skills

  • Initiative taker
  • Goal-setting capabilities
  • Methodical
  • Focused
  • Quick learner
  • Adaptable
  • Hardworking
  • Enthusiastic
  • Strong analytical mindset
  • Communication and Documentation skills
  • Self-motivated
  • Leadership skills
  • Interpersonal skills
  • Effective in team settings
  • Effective in independent tasks
  • Go-getter attitude

Websites

Certification

  • Certified Information Security Manager (CISM)
  • Certified Data Privacy Solutions Engineer (CDPSE)
  • Certified Payment Industry Security Implementor (CPISI – PCI DSS, ID-224046)
  • Data Security Council of India Certified Privacy Professional (DCPP)
  • Udemy Certifications: ISO 31000 -Operational Risk Management, Network Security, ISO27001:2022

Disclaimer

I hereby declare that the above-furnished information is true to the best of my knowledge and belief.

Trainings And Seminars

  • ISO 31000 - Risk Management
  • Network Security
  • Cloud Security
  • Enterprise Risk Management
  • Data Privacy
  • Agile and Kanban
  • ITIL Awareness
  • AWS Cloud Practitioner
  • Introduction to Agile
  • Introduction to Analytics
  • Insurance Domain
  • Data Warehousing

Roles And Responsibilities

  • Lead and coordinate Risk and Control Self-Assessments (RCSA) across technology and business functions, providing credible challenge on control design and operational effectiveness related to data security, availability, and architecture.
  • Perform comprehensive third-party risk assessments, including onboarding due diligence, RFP evaluations, and ongoing monitoring, ensuring vendor compliance with internal security standards and regulatory expectations.
  • Drive cross-functional collaboration with Legal, IT, Information Security, Compliance, and Risk teams to assess, escalate, and remediate control gaps or emerging risks.
  • Actively participate in working groups and governance committees, supporting structured decision-making, risk oversight, and policy alignment initiatives.
  • Maintain and regularly update data protection, cybersecurity, and risk management policies and procedures to reflect changes in regulatory requirements and internal controls.
  • Align business processes and operational practices with evolving regulatory mandates such as the Data Privacy Act of India (DPDPA, 2023), GDPR, UIDAI guidelines, and other applicable privacy and risk standards.
  • Conduct Data Privacy Impact Assessments (DPIAs) for high-risk processes and systems.
  • Manage and support internal and external IT audits, coordinate evidence collation, and drive mitigation of identified risks.
  • Facilitate recurring meetings and stakeholder touchpoints, including issue resolution forums, stand-ups, and risk remediation planning sessions.

Timeline

Senior Manager

SBI Cards
05.2022 - Current

Senior Consultant

Factspan Analytics
03.2021 - 04.2022

Senior Advisor – Data and Privacy

Infosys Limited
03.2015 - 02.2021

Programmer Analyst

Cognizant Technology Solutions
01.2014 - 03.2015

Associate Consultant

Capgemini India Pvt. Ltd.
10.2010 - 12.2013

B.Tech - Information Technology

SRM University

Similar Profiles

CREATE PROFILE
Neha Bakshi