Ravi Kant Tripathi
Noida
Summary
I may not be an extraordinary person, but capable of accomplishing extraordinary things when the need arises. As an information security professional, prioritising comprehension of industry standards like PCI-DSS, IRAP, NIST, BCP-DR, DPDP Act, GDPR, and ISO27001 is crucial for compliance and risk management. Strict adherence to these standards as an auditor & Implementor ensures the maintenance of a secure organisational environment.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Lead Security Auditor
Prescient Security
06.2025 - Current
- Leading SOC 2 and ISO 27001 audit programs, ensuring compliance and effective risk management.
- Conducting internal and external audits, driving security governance, and strengthening organizational security posture.
- Collaborating with stakeholders to implement controls, oversee remediation, and maintain certification readiness.
Information Security & Privacy Officer
Fynd Retail Technologies
08.2022 - 06.2025
- Conducted SOC2 audits, Application & Cloud Security assessments, and implemented ISO27001 and PCI standards in realm of cybersecurity and compliance.
- Specialised in risk management, overseeing secure application onboarding to ensure resilient operational environment.
- Performed comprehensive third-party risk assessments to evaluate and mitigate potential security risks.
- Evaluated Business Continuity Planning (BCP) measures, ensuring organisation's preparedness for potential disruptions.
- Expertise in integrating GDPR, DPDP Act, and privacy frameworks, emphasising robust data protection and regulatory compliance.
GRC Associate
Cognizant
06.2021 - 08.2022
- Conducted comprehensive risk assessments for 3rd party app developers, evaluating and mitigating security risks.
- Ensured seamless interoperability of systems and applications.
- Implemented HIPAA compliance measures for healthcare-related projects, demonstrating commitment to safeguarding sensitive healthcare information.
- Contributed to various Governance, Risk, and Compliance (GRC) functions, ensuring holistic approach to risk management and regulatory adherence.
GRC Specialist
HCL Technologies
09.2019 - 05.2021
- Conducted 'IRAP' audits for Australian Cyber Security, meticulously assessing security controls and ensuring compliance.
- Implemented ISO 27001:2013 standards for robust information security.
- Actively engaged in various Governance, Risk, and Compliance (GRC) functions, emphasising compliance and effective risk management.
- Conducted IT General Controls (ITGC) audits to evaluate efficiency of IT controls.
- Ensured seamless adherence to PCI-DSS requirements, demonstrating commitment to secure payment transactions.
- Maintained strict compliance with privacy requirements across all initiatives.
InfoSec Engineer
PineLabs
12.2018 - 07.2019
- Conducted security audits for payment processors, evaluating and enhancing security controls.
- Ensured PCI-DSS compliance for processes in India and Malaysia, securing payment transactions.
- Contributed to risk management and Business Continuity Planning-Disaster Recovery (BCP-DR) activities, fortifying organisational resilience.
- Conducted IT General Controls (ITGC) audits, systematically assessing and optimising effectiveness of IT controls.
- Specialised in risk management and conducted thorough audits for banks, ensuring robust security measures.
Associate Consultant
Panacea Infosec Pvt Ltd
08.2017 - 11.2018
- Led PCI-DSS audits for clients across diverse industries, assessing compliance with payment card industry standards.
- Prepared comprehensive Reports on Compliance (ROCs) and conducted Self-Assessment Questionnaire (SAQ) assessments.
- Conducted thorough scope and gap assessments for clients, ensuring comprehensive understanding of security postures.
- Implemented ISO 27001 audits to evaluate and fortify information security controls.
- Conducted IT General Controls (ITGC) audits, systematically assessing and enhancing effectiveness of IT controls.
- Specialised in conducting audits for wide array of industries including Banking, Healthcare, Payment Processor, Manufacturing, Oil & Gas Industries, Aviation, Hotels, and BPO/KPO sectors.
Education
MBA - undefined
Barkatullah University
04.2018
Bachelors of Engineering - undefined
RGPV
06.2014
High School Diploma - undefined
MP.Board
05.2010
Skills
- Risk Management
- Vulnerability Management
- Cloud Security
- DPDP and GDPR Implementation
- Business Continuity & Disaster Recovery
- ITGC, PCI-DSS, IRAP and ISO27001 Standards
- NIST Frameworks
Certification
- CISA, 2019-08-01
- CISM, 2023-02-01
- ISO27001, 2021-04-01
Languages
Spanish
English
Hindi
Personal Information
Title: Information Security and Privacy Officer
Timeline
Lead Security Auditor
Prescient Security
06.2025 - Current
Information Security & Privacy Officer
Fynd Retail Technologies
08.2022 - 06.2025
GRC Associate
Cognizant
06.2021 - 08.2022
GRC Specialist
HCL Technologies
09.2019 - 05.2021
InfoSec Engineer
PineLabs
12.2018 - 07.2019
Associate Consultant
Panacea Infosec Pvt Ltd
08.2017 - 11.2018
MBA - undefined
Barkatullah University
Bachelors of Engineering - undefined
RGPV
High School Diploma - undefined
MP.Board
Similar Profiles
Paul MaraisPaul Marais
Derivatives Broker at Prescient SecurityDerivatives Broker at Prescient Security
Erik CarterErik Carter
All Source Intelligence Analyst, Contractor at ManTech International Corporation / Prescient Edge LLCAll Source Intelligence Analyst, Contractor at ManTech International Corporation / Prescient Edge LLC
Gerret FortuinGerret Fortuin
Senior Fund Administrator - Transfer Agency at Prescient Fund Services IrelandSenior Fund Administrator - Transfer Agency at Prescient Fund Services Ireland
Prashant KashyapPrashant Kashyap
Consultant at TATA CONSULTANCY SERVICESConsultant at TATA CONSULTANCY SERVICES
Amartya SharmaAmartya Sharma
Web Analyst at Munivar Online Pvt LtdWeb Analyst at Munivar Online Pvt Ltd