Summary
Overview
Work History
Education
Skills
Certifications
Timeline
Generic
Rishabh Kapoor

Rishabh Kapoor

New Delhi

Summary

With nearly four years of diverse experience in Third Party Risk Management (TPRM), IT General Controls (ITGC), and Cyber and Strategic Risk at Deloitte USI and EY GDS, I possess a strong background in key areas such as third-party risk management, cyber-strategic planning, strategic risk analysis, information security risk management, cybersecurity audits, ITGC, SOX compliance, and project management.

As an effective consultant, I excel in communicating with individuals across various age groups and backgrounds. My keen eye for detail allows me to quickly identify areas for improvement and recommend strategies that help businesses achieve their objectives. I am passionate about empowering clients across sectors to develop robust security programs that safeguard their most sensitive data.

I approach every challenge with positivity, enthusiasm, empathy, and critical thinking, ensuring that I bring value to every project I undertake.

Overview

2025
2025
years of professional experience
4039
4039
years of post-secondary education
2
2
Languages

Work History

Senior, Cybersecurity

EY GDS
08.2024 - Current
  • Conducted regular check-ins with mentees to monitor progress and adjust strategies as needed for success.
  • Led a team to build process improvement strategies to better collaborate with the client stakeholders for the efficient completion of the third-party security and privacy risk assessments.
  • Collaborated on enhancing the vendor assessment questionnaire to address cybersecurity risks and compliance requirements, ensuring it effectively evaluates vendors' security measures and protocols. This improvement aimed to strengthen the overall risk management strategy and foster secure, trustworthy partnerships.
  • Created concise privacy/security reports recapping data sharing methodologies along with risk attributes.
  • Developed and enforced cloud security policies and procedures, enhancing the security posture of cloud environments across the organization.
  • Led a team of assessors to ensure efficient project delivery by coordinating workflows, fostering clear communication, and establishing performance benchmarks.
  • Mentored team members and implemented best practices to streamline assessment processes, resulting in improved accuracy and timely project outcomes.
  • Performed comprehensive control testing to assess the effectiveness of IT General Controls, ensuring compliance with regulatory standards and organizational policies.
  • Conducted third-party risk assessments and oversaw client engagements on a global scale.
  • Analyzed test results and generated reports for senior management, providing actionable insights and supporting informed decision-making regarding IT risk management.

Consultant, Cybersecurity

Deloitte US - India offices
5 2021 - 08.2024
  • Led a team to build process improvements strategies to better collaborate with the client stakeholders for the efficient completion of the third party security & privacy risk assessments
  • Performed comprehensive control testing to assess the effectiveness of IT General Controls, ensuring compliance with regulatory standards and organizational policies.
  • Researched emerging technologies to add value to current offerings
  • Created concise privacy/security reports recapping data sharing methodologies along with risk attributes
  • Conducted research survey to know most common challenges being faced by team, based on which prepared/implemented multiple process improvement strategies
  • Assessed design and implementation of security controls in areas of data privacy, cloud computing, access controls, network security, risk management, operational and security procedures, business continuity, and other information security domains to assess security measures of clients' vendors
  • Supported technology design, testing and execution by providing research- based product and process knowledge
  • Worked on third party risk assessments and managed client engagement on global level
  • Delivered presentations and training sessions for new members joining project team in order to provide them background about project/work
  • Delivered PowerPoint presentations to the team on ISO 27001/SOC 2 Type 2 Report/Cloud Security
  • Performed reviews on third party assessment (TPA) reports for other analysts and recommended modifications to quality review team's workflow
  • Provided technical and functional recommendations based on project requirements
  • Evaluated diverse organizational systems to identify workflow, communication, and resource utilization issues
  • Brainstormed with interdepartmental personnel to drive continuous technical improvements
  • Reviewed internal systems and organized training plans to address areas in need of improvement
  • Onboarded and managed new client accounts to boost retention rates
  • Provided guidance and shared knowledge with the team members and participated in performing procedures focusing on complex, judgmental and specialized issues
  • Demonstrated project management skills, inspired teamwork and responsibility with engagement team members
  • Assisted the leadership in driving the business development process on existing/new client engagements by gathering appropriate resources, and in proposal preparation
  • Assisted in creating innovative insights for clients, adapt methods & practices to fit operational team needs.

Management Intern

Dentsu Aegis Network
11.2019 - 12.2019
  • Helped multiple key clients in developing marketing strategy
  • Did data mining to analyze market trend
  • Helped in developing tool called OOHZONE for designing marketing strategy
  • Developed relationships with wide range of employees, customers and vendors
  • Collaborated with industry professionals to learn internal business processes and best practices.

Management Trainee

Amul
05.2019 - 07.2019
  • Established open and professional relationships with team members and distributors which facilitated communication, quickly resolving issues, and conflicts
  • Conducted market research to understand market trend of Fast-Moving Consumer Goods (FMCG) market
  • Strategized to increase sales of Amul's ice-cream products by 10%
  • Assisted established management staff with operational oversight, business development, and process improvement strategies
  • Purchased or requisitioned supplies and equipment to facilitate timely delivery of services
  • Acted with integrity, honesty and knowledge to promote culture of the organisation.

Education

MBA: Operations Management -

New Delhi Institute of Management

Bachelor of Technology: Electronics And Network Security -

Bharati Vidyapeeth - College of Engineering
Pune, India

Skills

Third Party Risk Management

Cloud Security

Strategic Planning

Cloud Computing

Team Leadership & Development

Information Protection / Security

Client Relationships

GenAI

ITGC

ISO 27001:2013 Lead Implementer

HIPAA

OSI layer and protocols

Security architecture design and review

Privacy, Governance and reporting

Incident management, disaster recovery and business continuity management

Cryptography

Certifications

ISO 27001:2013 Lead Implementer

ISC2 Certified in Cybersecurity

AWS Certified Cloud Practitioner

ISO 27032 Lead Cyber Security Manager

Certificate of Cloud Security Knowledge V4 (CCSK)

Certified ScrumMaster

Oracle Cloud Infrastructure Certified Architect Associate

Google Cloud Certified Cloud Digital Leader

OCI Generative AI Certified Professional


Timeline

Senior, Cybersecurity

EY GDS
08.2024 - Current

Management Intern

Dentsu Aegis Network
11.2019 - 12.2019

Management Trainee

Amul
05.2019 - 07.2019

Consultant, Cybersecurity

Deloitte US - India offices
5 2021 - 08.2024

MBA: Operations Management -

New Delhi Institute of Management

Bachelor of Technology: Electronics And Network Security -

Bharati Vidyapeeth - College of Engineering

Similar Profiles

CREATE PROFILE
Rishabh Kapoor