Summary
Overview
Work History
Education
Skills
Websites
Certification
Languages
Personal Information
Timeline
AdministrativeAssistant

Ravi Kant Tripathi

Noida

Summary

I may not be an extraordinary person, but capable of accomplishing extraordinary things when the need arises. As an information security professional, prioritising comprehension of industry standards like PCI-DSS, IRAP, NIST, BCP-DR, DPDP Act, GDPR, and ISO27001 is crucial for compliance and risk management. Strict adherence to these standards as an auditor & Implementor ensures the maintenance of a secure organisational environment.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Lead Security Auditor

Prescient Security
06.2025 - Current
  • Leading SOC 2 and ISO 27001 audit programs, ensuring compliance and effective risk management.
  • Conducting internal and external audits, driving security governance, and strengthening organizational security posture.
  • Collaborating with stakeholders to implement controls, oversee remediation, and maintain certification readiness.

Information Security & Privacy Officer

Fynd Retail Technologies
08.2022 - 06.2025
  • Conducted SOC2 audits, Application & Cloud Security assessments, and implemented ISO27001 and PCI standards in realm of cybersecurity and compliance.
  • Specialised in risk management, overseeing secure application onboarding to ensure resilient operational environment.
  • Performed comprehensive third-party risk assessments to evaluate and mitigate potential security risks.
  • Evaluated Business Continuity Planning (BCP) measures, ensuring organisation's preparedness for potential disruptions.
  • Expertise in integrating GDPR, DPDP Act, and privacy frameworks, emphasising robust data protection and regulatory compliance.

GRC Associate

Cognizant
06.2021 - 08.2022
  • Conducted comprehensive risk assessments for 3rd party app developers, evaluating and mitigating security risks.
  • Ensured seamless interoperability of systems and applications.
  • Implemented HIPAA compliance measures for healthcare-related projects, demonstrating commitment to safeguarding sensitive healthcare information.
  • Contributed to various Governance, Risk, and Compliance (GRC) functions, ensuring holistic approach to risk management and regulatory adherence.

GRC Specialist

HCL Technologies
09.2019 - 05.2021
  • Conducted 'IRAP' audits for Australian Cyber Security, meticulously assessing security controls and ensuring compliance.
  • Implemented ISO 27001:2013 standards for robust information security.
  • Actively engaged in various Governance, Risk, and Compliance (GRC) functions, emphasising compliance and effective risk management.
  • Conducted IT General Controls (ITGC) audits to evaluate efficiency of IT controls.
  • Ensured seamless adherence to PCI-DSS requirements, demonstrating commitment to secure payment transactions.
  • Maintained strict compliance with privacy requirements across all initiatives.

InfoSec Engineer

PineLabs
12.2018 - 07.2019
  • Conducted security audits for payment processors, evaluating and enhancing security controls.
  • Ensured PCI-DSS compliance for processes in India and Malaysia, securing payment transactions.
  • Contributed to risk management and Business Continuity Planning-Disaster Recovery (BCP-DR) activities, fortifying organisational resilience.
  • Conducted IT General Controls (ITGC) audits, systematically assessing and optimising effectiveness of IT controls.
  • Specialised in risk management and conducted thorough audits for banks, ensuring robust security measures.

Associate Consultant

Panacea Infosec Pvt Ltd
08.2017 - 11.2018
  • Led PCI-DSS audits for clients across diverse industries, assessing compliance with payment card industry standards.
  • Prepared comprehensive Reports on Compliance (ROCs) and conducted Self-Assessment Questionnaire (SAQ) assessments.
  • Conducted thorough scope and gap assessments for clients, ensuring comprehensive understanding of security postures.
  • Implemented ISO 27001 audits to evaluate and fortify information security controls.
  • Conducted IT General Controls (ITGC) audits, systematically assessing and enhancing effectiveness of IT controls.
  • Specialised in conducting audits for wide array of industries including Banking, Healthcare, Payment Processor, Manufacturing, Oil & Gas Industries, Aviation, Hotels, and BPO/KPO sectors.

Education

MBA - undefined

Barkatullah University
04.2018

Bachelors of Engineering - undefined

RGPV
06.2014

High School Diploma - undefined

MP.Board
05.2010

Skills

  • Risk Management
  • Vulnerability Management
  • Cloud Security
  • DPDP and GDPR Implementation
  • Business Continuity & Disaster Recovery
  • ITGC, PCI-DSS, IRAP and ISO27001 Standards
  • NIST Frameworks

Certification

  • CISA, 2019-08-01
  • CISM, 2023-02-01
  • ISO27001, 2021-04-01

Languages

Spanish
English
Hindi

Personal Information

Title: Information Security and Privacy Officer

Timeline

Lead Security Auditor

Prescient Security
06.2025 - Current

Information Security & Privacy Officer

Fynd Retail Technologies
08.2022 - 06.2025

GRC Associate

Cognizant
06.2021 - 08.2022

GRC Specialist

HCL Technologies
09.2019 - 05.2021

InfoSec Engineer

PineLabs
12.2018 - 07.2019

Associate Consultant

Panacea Infosec Pvt Ltd
08.2017 - 11.2018

MBA - undefined

Barkatullah University

Bachelors of Engineering - undefined

RGPV

High School Diploma - undefined

MP.Board
Ravi Kant Tripathi