Paritosh Shrivastava
Bengaluru
Summary
Certified ISO 27001 Lead Auditor with over three years of experience in internal audits, governance, risk management, and third-party risk assessments. Expertise in managing ISMS audits and ensuring compliance with ISO 27001 and SOC 2 standards. Skilled in risk mitigation and policy development, maintaining a continuous compliance posture across organizations.
Overview
1
1
Certification
Work History
INFORMATION SECURITY ENGINEER
Tech Mahindra
Bengaluru
- Conducted internal audits across IT, HR and finance departments to ensure compliance with ISO 27001 standards.
- Conducted risk assessments to identify threats and vulnerabilities in computer networks.
- Maintained and reviewed ISMS policies including Information Security, Access Control, Incident Management, Risk Management, Third-Party Risk Assessment, and Business Continuity policies in line with ISO 27001.
- Managed third-party risk assessments (TPRA) by evaluating vendors' SOC 2 reports, ISO certifications, security questionnaires, and compliance posture to maintain compliance with industry standards and regulations.
- Facilitated security and compliance awareness sessions for employees.
- Evaluated sensitive data handling processes for compliance with GDPR and internal policies.
QA TESTER
Tech Mahindra
Bengaluru
- Involved in test case/script designing based on business requirements.
- Coordinate with the onshore and offshore teams to understand the requirements.
- Creating test scenarios and executing test cases to verify the system's behavior.
- Collaborated with developers to identify and resolve defects using Jira tool.
- Managed bug tracking systems efficiently, ensuring all issues were logged, prioritized, and resolved in a timely manner.
SALESFORCE ADMIN
Tech Mahindra
Bengaluru
- Experience in both Salesforce Classic and Lightning.
- Supported more than 150 end users related to user management, ensuring smooth daily operations and system availability.
- Manage user access and permissions to ensure data security compliance.
- Configured various contact-us forms and live chats as per market requirements.
- Running monthly compliance checks, like user recertification, ad-hoc user recertification, access management tools, and many more.
Education
Gandhi Institute For Technological Advancement
01-2019
Skills
- Internal Audit
- Risk Assessment
- ISO 27001 compliance
- Security Controls
- Governance, Risk, and Compliance (GRC)
- Information Security Management System (ISMS)
- Vendor Security Evaluation
- TPRA Knowledge
- Security Awareness Training
- Manual Testing
- Jira
Certification
- ISO 27001:2022 Lead Auditor
- ISTQB Foundation Level
Accomplishments
Pat on the Back Award - Recognized for consistently delivering high-quality work and meeting timelines.
Best Team Award – Recognized for exceptional commitment, passion, and collaborative delivery of objectives.
Timeline
INFORMATION SECURITY ENGINEER
Tech Mahindra
QA TESTER
Tech Mahindra
SALESFORCE ADMIN
Tech Mahindra
Gandhi Institute For Technological Advancement