Rajnish Behari Lal
IT Risk Management Professional
New Delhi
Summary
Experienced Senior IT Auditor with over 18 years of expertise in IT security audits, risk assessments, and regulatory compliance. Proven track record in enhancing organizational security posture and driving the achievement of business goals through strategic risk management. Skilled in identifying and mitigating IT risks, ensuring compliance with key regulations, and utilizing advanced technologies to improve organizational resilience. Adept at fostering cross-functional collaboration, promoting a proactive risk-aware culture, and contributing to the long-term stability and growth of the organization.
Overview
21
21
years of professional experience
5
5
Certifications
Work History
Associate General Manager (R&C)
HCL Technologies
Delhi
03.2019 - Current
- Conducted comprehensive IT risk assessments, identifying vulnerabilities and potential threats, ensuring that critical IT assets are protected, and minimizing the risk of costly disruptions
- Implemented risk prioritization strategies that allocated resources efficiently, optimizing the organization's ability to respond to high-impact risks, thereby reducing potential financial losses and operational downtime
- Enhanced the security posture of the organization by developing and implementing robust risk mitigation measures, which improved business continuity and safeguarded sensitive data
- Ensured compliance with key industry regulations (GDPR, ISO/IEC 27001), enabling the organization to avoid regulatory penalties, protect customer trust, and support global business expansion
- Fostered a risk-aware culture across the organization through training and awareness programs, empowering employees to identify and address potential threats proactively and contributing to overall organizational resilience
- Handled problematic customers and clients to assist lower-level employees and maintain excellent customer service.
- Supported business development by collaborating with sales teams to identify opportunities for growth and expansion in the market.
- Played an instrumental role in acquiring new clients by representing the company at industry events, building relationships with potential customers, and showcasing the organization''s capabilities.
- Facilitated successful project completion by overseeing project timelines, coordinating cross-functional teams, and monitoring progress closely.
- Recruited, hired, and trained initial personnel, working to establish key internal functions and outline scope of positions for new organization.
- Mentored and developed team members through regular feedback, training sessions, and performance evaluations.
- Identified areas for improvement within operations using data analysis techniques while recommending practical solutions to drive positive results.
- Collaborated with senior leadership to develop organizational strategies that aligned with company goals and objectives.
Data Protection Officer
BLS International Services Ltd.
Dellhi
06.2018 - 03.2019
- Conducted IT risk assessments that ensured compliance with GDPR, safeguarding organizational data and reducing the risk of data breaches, which could lead to reputational damage and financial penalties
- Developed and implemented robust data protection policies and procedures, which improved internal controls, promoted secure data management practices, and aligned with global best practices
- Collaborated with business teams to align data protection efforts with organizational goals, improving operational efficiency and ensuring that data security supported rather than hindered business growth
- Served as the primary point of contact for all inquiries related to customer privacy rights under GDPR regulations, promptly addressing requests for access or deletion of personal information.
- Implemented key performance metrics to monitor data protection initiatives, driving continuous improvement and ensuring that the organization met evolving regulatory requirements
- Oversaw third-party vendor relationships to ensure their compliance with company data protection standards and legal requirements.
- Collaborated with legal, IT, and HR departments to establish a cohesive data protection strategy across the organization.
- Reviewed and updated company privacy notices regularly to maintain transparency with customers about how their personal information was being processed and protected.
- Worked closely with IT teams to ensure secure data disposal methods were employed when deleting sensitive information from systems or devices.
- Assisted in the design of new software applications or digital services that incorporated robust privacy protections from inception through implementation.
- Ensured regulatory compliance with GDPR and other relevant data privacy laws through continuous monitoring and updating of internal processes.
- Developed staff training programs for best practices in handling sensitive information, resulting in decreased incidents of accidental data leaks.
- Performed risk analyses to identify appropriate security countermeasures.
Infosec Consultant, Auditor, and Trainer
Self-employed
Delhi
06.2016 - 05.2018
- Provided risk assessment and audit services to various clients, identifying vulnerabilities and implementing mitigation strategies that significantly reduced the likelihood of data breaches, financial losses, and reputational harm
- Conducted security awareness training programs, educating staff on cybersecurity best practices and empowering employees to act as the first line of defense, reducing human error-related security incidents
- Collaborated with clients to continuously improve their risk management frameworks, leading to more resilient operations and better alignment with regulatory requirements
- Conducted comprehensive risk assessments for improved cybersecurity strategies and informed decision making.
- Managed successful cybersecurity audits, ensuring adherence to industry standards and regulations.
- Established trusted relationships with key stakeholders by delivering reliable consultation services on information security best practices.
- Optimized clients'' security policies and procedures to streamline operations while maintaining a strong security posture.
Manager (Authentication)
UIDAI
Delhi
09.2015 - 05.2016
- Managed authentication processes to ensure secure and efficient identity verification for Aadhaar users, protecting the integrity of critical government services
- Conducted in-depth risk assessments and implemented necessary controls, strengthening the organization's authentication systems and preventing identity fraud and system vulnerabilities
- Worked with cross-functional teams to enhance authentication mechanisms, improving user experience while simultaneously reducing security risks and increasing trust in the Aadhaar platform
Project Director
HCL InfoTech Ltd
Delhi
06.2010 - 09.2015
- Led large-scale IT projects with a focus on risk management, ensuring that projects were delivered on time, within budget, and without compromising security
- Conducted proactive risk assessments that identified potential project risks early, reducing the likelihood of project delays, cost overruns, and operational failures
- Collaborated with business stakeholders to align project deliverables with organizational goals, driving project success and ensuring that the results met the company's long-term strategic objectives
Infrastructure Analyst
Religare Macquarie Private Wealth
Mumbai
12.2008 - 09.2009
- Conducted infrastructure risk assessments, identifying vulnerabilities that could disrupt business operations or lead to security breaches, and implemented corrective actions to ensure system reliability
- Collaborated with internal teams to enhance infrastructure security, ensuring that critical assets were protected and minimizing the risk of service outages
Asst. Manager – Service Operations
Rediff.com
Mumbai
02.2006 - 12.2008
- Managed service operations to ensure high availability and performance of IT systems, which directly contributed to operational continuity and improved customer satisfaction
- Conducted risk assessments to identify and mitigate operational risks, improving service reliability and reducing the impact of potential IT failures on business operations
State Coordinator - IT Services Team
HR Services Ltd
Bhopal
01.2004 - 01.2006
- Coordinated IT services across the state, ensuring consistent service delivery and minimizing operational disruptions due to IT failures
- Collaborated with regional teams to implement IT solutions that aligned with local business needs, reducing inefficiencies and improving service quality
Education
Master of Technology (M.Tech) -
RGPV (M.P)
Bachelor of Engineering (B.E) -
Pt. Ravishankar Shukla University - (CG)
Skills
IT Risk Assessment
undefinedCertification
Certified Information Systems Auditor (CISA)
Accomplishments
Recognized as
o ‘Brand Ambassador' of HCL Infotech Ltd. for Gold Standards
o ‘Transformer' for contribution in evolving Risk Management program.
o ‘Ace Employee' for client management and team leadership
o ‘Innovator' for mentorship and team management.
Additional Information
Major Project Details
- ISNP audit of Health Insurers as per IRDA guidelines.
- IT Risk assessment of major Health insurance players.
- IT Risk Assessment for United Nations affiliated organization.
- SOX preparation program (ITGC) for Rediff.com
- Risk Assessment in Implementation Projects of major EMS tools.
- Biometric Device Certification with STQC and UIDAI
- Aadhaar Integration and Onboarding Audit checks
- e- NBA Project (National Board for Accreditation)
- Data Centre Development for M.P Govt and Rediff.com
- Strategy Paper on Proliferation of UIDAIs Auth. Services in India
Other Engagements
- Mentoring and CISA/CRISC/CISM Training sessions for IT Audit Professionals on behalf of ISACA New Delhi Chapter
- Mentoring and Training sessions for Project Management Professionals
- Inter-ministerial Aadhaar Seeding and Authentication Workshops
- Personal CISA trainings
Timeline
Associate General Manager (R&C)
HCL Technologies
03.2019 - Current
Data Protection Officer
BLS International Services Ltd.
06.2018 - 03.2019
Infosec Consultant, Auditor, and Trainer
Self-employed
06.2016 - 05.2018
Manager (Authentication)
UIDAI
09.2015 - 05.2016
Project Director
HCL InfoTech Ltd
06.2010 - 09.2015
Infrastructure Analyst
Religare Macquarie Private Wealth
12.2008 - 09.2009
Asst. Manager – Service Operations
Rediff.com
02.2006 - 12.2008
State Coordinator - IT Services Team
HR Services Ltd
01.2004 - 01.2006
Master of Technology (M.Tech) -
RGPV (M.P)
Bachelor of Engineering (B.E) -
Pt. Ravishankar Shukla University - (CG)
Similar Profiles
Srinivasan NandagopalSrinivasan Nandagopal
ETL Lead /Onshore Technical Business Analyst at HCL Technologies India & HCL Technologies NZ LtdETL Lead /Onshore Technical Business Analyst at HCL Technologies India & HCL Technologies NZ Ltd
Pooja SaxenaPooja Saxena
Senior Analyst at HCL Technologies Pvt. Ltd, HCL technologies Pvt LtdSenior Analyst at HCL Technologies Pvt. Ltd, HCL technologies Pvt Ltd
GIRISH KORIGIRISH KORI
Senior Software Test Engineer / Technical Leader at HCL Technologies Ltd. & HCL GMBHSenior Software Test Engineer / Technical Leader at HCL Technologies Ltd. & HCL GMBH
Abhishek KumarAbhishek Kumar
Data Engineer/Technical Lead at HCL Technologies Limited (HCL Tech)Data Engineer/Technical Lead at HCL Technologies Limited (HCL Tech)
Manvendra KumarManvendra Kumar
Manager- Finance & Costing at Genpact India Private LimitedManager- Finance & Costing at Genpact India Private Limited