Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic
ROHITASHWA SINGH

ROHITASHWA SINGH

Lead Information Security Auditor
Gurgaon

Summary

As a Certified Cyber Security Auditor with a passion for Information Security, I have been fortunate enough to work with a variety of organizations in assessing their security risks and implementing effective strategies to mitigate them. With my experience in Third Party and Internal Audit, I have a strong understanding of the importance of maintaining a secure and compliant environment.

Having worked in this field over 6 years, I have honed my skills in conducting comprehensive risk assessments and identifying potential vulnerabilities in systems and processes.

I believe in keeping up-to-date with the latest industry trends and best practices to ensure that my auditee is well-equipped to combat any potential threats. My goal is to not only identify and address security gaps, but also to educate and empower them to proactively protect their valuable assets.

Apart from my technical skills, I also bring to the table strong communication and project management abilities. Working with cross-functional teams and stakeholders, I strive to create a collaborative and efficient environment to achieve desired outcomes.

Overview

6
6
years of professional experience
3
3
Certifications
2
2
Languages

Work History

Lead IT/IS Internal Auditor

Nokia Solutions And Networks India Pvt. Ltd.
01.2023 - Current
  • Applied critical thinking skills to analyze complex IT landscape (like Microsoft PowerApps, Robotic Process Automation (RPA), Data Centers, Offshore Development Centers (ODCs), manufacturing plants, Research and Development (R&D) labs, internal software repositories etc.), resulting in practical solutions that drove business improvements.
  • Managed audits focusing on detailed reviews of business processes (like risk management processes, secure development of products, identity and access management processes, hardware and software asset management, vulnerability management etc.) to identify opportunities for risk reduction and security control optimization.
  • Provided valuable insights to management by presenting clear and concise audit findings, developing action plans to address identified issues, promoting timely resolution of audit findings and contributing to informed decision-making processes.
  • Participated in special projects as requested by senior leadership, providing subject matter expertise on internal controls and risk management practices.
  • Contributed to a positive work environment by collaborating effectively with colleagues across all levels of the organization.


Senior Consultant, Business Consulting

Ernst & Young
07.2019 - 01.2023
  • Conducting VAPT exercises on client’s Website, Server, Network Infrastructure and mobile applications including providing necessary guidance to IT Team during implementation phase.
  • Information Security Management System (ISMS) policy making and implementation for clients in food processing, manufacturing and healthcare industries.
  • IT General Control creation and implementation for client’s critical processes.
  • Leading multiple engagements while managing our teams as well as client expectations
  • Presented findings and recommendations to executive-level stakeholders, effectively communicating key insights and action plans.

Associate Consultant, Cyber Security

Arrka Infosec Pvt. Ltd.
06.2018 - 07.2019


  • Conducting VAPT on client’s Website, Server, Firewall and mobile applications.
  • Conducting Network, Permission, SDK and Security Analysis in conjunction with GDPR Compliance team.
  • Developing Automation Scripts for conducting VAPT and Privacy Testing exercise with minimal human intervention.

Education

Integrated B.Tech. (CS) + LLB (Hons) -

University of Petroleum And Energy Studies
Dehradun, India
04.2018

Skills

ISMS (ISO 27001) compliance

undefined

Certification

BSI Certified ISMS Lead Auditor (ISO 27001:2013)

Timeline

Lead IT/IS Internal Auditor

Nokia Solutions And Networks India Pvt. Ltd.
01.2023 - Current

Senior Consultant, Business Consulting

Ernst & Young
07.2019 - 01.2023

Associate Consultant, Cyber Security

Arrka Infosec Pvt. Ltd.
06.2018 - 07.2019

Integrated B.Tech. (CS) + LLB (Hons) -

University of Petroleum And Energy Studies
BSI Certified ISMS Lead Auditor (ISO 27001:2013)
HP Certified Android Developer
Oracle Certified Java Developer
ROHITASHWA SINGHLead Information Security Auditor