Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic
Ravi Kant Tripathi

Ravi Kant Tripathi

Information Security & Privacy
Noida

Summary

I may not be an extraordinary person, but capable of accomplishing extraordinary things when the need arises.

As an information security professional, prioritising comprehension of industry standards like PCI-DSS, IRAP, NIST, BCP-DR, DPDP Act, GDPR, and ISO27001 is crucial for compliance and risk management. Strict adherence to these standards as an auditor & Implementor ensures the maintenance of a secure organisational environment.

Overview

8
8
years of professional experience
15
15
years of post-secondary education
3
3
Certifications
3
3
Languages

Work History

Information Security & Privacy Officer

Fynd Retail Technologies
08.2022 - Current
  • Conducted SOC2 audits, Application & Cloud Security assessments, and implemented ISO27001 and PCI standards in realm of cybersecurity and compliance.
  • Specialised in risk management, overseeing secure application onboarding to ensure resilient operational environment.
  • Performed comprehensive third-party risk assessments to evaluate and mitigate potential security risks.
  • Evaluated Business Continuity Planning (BCP) measures, ensuring organisation's preparedness for potential disruptions.
  • Expertise in integrating GDPR, DPDP Act, and privacy frameworks, emphasising robust data protection and regulatory compliance.
  • Developed robust audit programs to assess internal controls for protecting sensitive information, mitigating risks across the organization.
  • Established strong working relationships with regulators, demonstrating proactive engagement in privacy matters.
  • Achieved efficient vendor management through detailed reviews of their privacy practices and documentation requirements.
  • Conducted thorough risk assessments for the organization, identifying potential data breaches and recommending solutions.
  • Assisted legal teams with privacy-related matters, providing expert testimony and support during litigation proceedings.
  • Provided expert guidance on data processing agreements, safeguarding the company''s interests in third-party collaborations.
  • Managed timely responses to data subject access requests, ensuring compliance with applicable regulations.
  • Optimized IT systems for better security measures by collaborating closely with IT professionals on system updates and improvements.
  • Spearheaded training initiatives to educate employees on privacy laws and best practices, promoting a culture of data protection awareness.
  • Updated record-keeping systems to track consent preferences, ensuring accurate processing of personal data in line with individual choices.
  • Oversaw incident response efforts, conducting investigations and reporting breaches as necessary to regulatory authorities.
  • Enhanced privacy compliance by developing and implementing comprehensive policies and procedures.
  • Launched privacy impact assessments for major projects, minimizing risks associated with personal data processing activities.
  • Developed risk assessment models to identify potential compliance risks.
  • Created and maintained compliant work environment.

GRC Associate

Cognizant
06.2021 - 08.2022
  • Conducted comprehensive risk assessments for 3rd party app developers, evaluating and mitigating security risks.
  • Ensured seamless interoperability of systems and applications.
  • Implemented HIPAA compliance measures for healthcare-related projects, demonstrating commitment to safeguarding sensitive healthcare information.
  • Contributed to various Governance, Risk, and Compliance (GRC) functions, ensuring holistic approach to risk management and regulatory adherence.

GRC Specialist

HCL Technologies
09.2019 - 05.2021
  • Conducted 'IRAP' audits for Australian Cyber Security, meticulously assessing security controls and ensuring compliance.
  • Implemented ISO 27001:2013 standards for robust information security.
    Actively engaged in various Governance, Risk, and Compliance (GRC) functions, emphasising compliance and effective risk management.
  • Conducted IT General Controls (ITGC) audits to evaluate efficiency of IT controls.
  • Ensured seamless adherence to PCI-DSS requirements, demonstrating commitment to secure payment transactions.
  • Maintained strict compliance with privacy requirements across all initiatives.

InfoSec Engineer

PineLabs
12.2018 - 07.2019
  • Conducted security audits for payment processors, evaluating and enhancing security controls.
  • Ensured PCI-DSS compliance for processes in India and Malaysia, securing payment transactions.
  • Contributed to risk management and Business Continuity Planning-Disaster Recovery (BCP-DR) activities, fortifying organisational resilience.
  • Conducted IT General Controls (ITGC) audits, systematically assessing and optimising effectiveness of IT controls.
  • Specialised in risk management and conducted thorough audits for banks, ensuring robust security measures.

Associate Consultant

Panacea Infosec Pvt Ltd
08.2017 - 11.2018
  • Led PCI-DSS audits for clients across diverse industries, assessing compliance with payment card industry standards.
  • Prepared comprehensive Reports on Compliance (ROCs) and conducted Self-Assessment Questionnaire (SAQ) assessments.
  • Conducted thorough scope and gap assessments for clients, ensuring comprehensive understanding of security postures.
  • Implemented ISO 27001 audits to evaluate and fortify information security controls.
  • Conducted IT General Controls (ITGC) audits, systematically assessing and enhancing effectiveness of IT controls.
  • Specialised in conducting audits for wide array of industries including Banking, Healthcare, Payment Processor, Manufacturing, Oil & Gas Industries, Aviation, Hotels, and BPO/KPO sectors.

Education

MBA -

Barkatullah University
Bhopal
07.2016 - 04.2018

Bachelors of Engineering -

RGPV
Bhopal
07.2010 - 06.2014

High School Diploma -

MP.Board
Bhopal
07.2009 - 05.2010

Skills

    Risk Management

undefined

Certification

CISA

Timeline

CISM

02-2023

Information Security & Privacy Officer

Fynd Retail Technologies
08.2022 - Current

GRC Associate

Cognizant
06.2021 - 08.2022

ISO27001

04-2021

GRC Specialist

HCL Technologies
09.2019 - 05.2021

CISA

08-2019

InfoSec Engineer

PineLabs
12.2018 - 07.2019

Associate Consultant

Panacea Infosec Pvt Ltd
08.2017 - 11.2018

MBA -

Barkatullah University
07.2016 - 04.2018

Bachelors of Engineering -

RGPV
07.2010 - 06.2014

High School Diploma -

MP.Board
07.2009 - 05.2010

Similar Profiles

  • Govardhana SR

    Govardhana SRGovardhana SR

    IT Manager - 1 at Fynd Shopsense Retail Technologies Ltd.IT Manager - 1 at Fynd Shopsense Retail Technologies Ltd.

    View Profile
  • Shweta Ayre

    Shweta AyreShweta Ayre

    Software Development Engineer - 2 at Fynd (Shopsense Retail Technologies Limited)Software Development Engineer - 2 at Fynd (Shopsense Retail Technologies Limited)

    View Profile
  • Govardhana SR

    Govardhana SRGovardhana SR

    IT Manager - 1 at Fynd Shopsense Retail Technologies LtdIT Manager - 1 at Fynd Shopsense Retail Technologies Ltd

    View Profile
Ravi Kant TripathiInformation Security & Privacy