Sanjay K Gawari
Senior Manager - Information Security | GRC | ISMS | BCMS | PCI DSS | IT Risk & Compliance | Fintech & Banking Security
Navi Mumbai,MH
Summary
Dynamic professional committed to enhancing a robust Governance, Risk, and Compliance (GRC) environment within a forward-thinking organization. Expertise in managed services, risk assessment, compliance operations, policy implementation, and control monitoring drives a focus on organizational resilience. Dedicated to fostering effective risk governance and continuous improvement while ensuring adherence to regulatory and industry standards. Passionate about ongoing professional development and delivering measurable value through disciplined, ethical, and proactive approaches.
Overview
20
20
years of professional experience
6
6
Certifications
Work History
Senior Manager Information Security
Financial Software & Systems Pvt. Ltd.
04.2024 - Current
- Oversaw adherence to organizational policies and controls for infrastructure and application security, ensuring strict compliance with industry standards such as ISO 27001, ISO 23001, SOC, PCI DSS, and ISO 27701.
- Conducted comprehensive organization-wide assessments to verify compliance, report nonconformities, and address discrepancies in regulatory or ISM frameworks, including security incidents, to senior stakeholders.
- Led internal audits in alignment with applicable compliance standards and regulatory requirements, ensuring continuous alignment with security protocols, and industry best practices.
- Conducted audits by verifying the proper collection and analysis of audit logs from all monitored systems, identifying potential security threats, and ensuring robust incident response protocols.
- Developed and refined incident response plans for various cyber-attack scenarios, ensuring preparation for any security event.
- Evaluated security requirements, implementing appropriate technical solutions to ensure compliance with industry frameworks such as ISO 27001, SOC, PCI DSS, and ISO 27701.
- Delivered comprehensive training programs on information security and cybersecurity to employees, fostering a security-conscious culture through regular awareness sessions.
- Led comprehensive risk assessments for software applications and solutions requested by internal teams, ensuring alignment with organizational security policies, and compliance requirements.
- Managed and maintained the organization’s risk registry, proactively monitoring and reporting on the status of compliance with established security protocols.
- Provided expert consultation on security best practices, specifically focused on implementing robust security controls within environments, ensuring data protection and regulatory compliance.
- Established strong relationships with clients and stakeholders, ensuring long-term partnerships and repeat business.
GRC Manager - ATM Network & Operation
Financial Software & Systems Pvt. Ltd.
04.2021 - 03.2024
- Governed ATM network operations in alignment with PCI DSS requirements by implementing robust monitoring controls, ensuring continuous compliance with organizational SLAs, regulatory mandates, and security standards across multi-bank environments.
- Led ATM security incident governance, ensuring timely triage, risk assessment, root-cause analysis, and closure of incidents to reduce operational risk, and strengthen control effectiveness.
- Monitored compliance with transaction security protocols, implementing controls to safeguard against fraud, cyber threats, and unauthorized access across ATMs and backend systems.
- Ensured high-availability governance by reviewing uptime metrics, operational dashboards, and vendor performance, aligning service delivery with contractual and regulatory expectations.
- Maintained operational risk documentation, incident logs, mitigation actions, and escalation records to support internal, external, and regulatory audits.
- Collaborated with cross-functional teams (IT security, regulatory teams, and vendors) to ensure continuous compliance with RBI security guidelines and ATM infrastructure best practices.
Assistant Manager - Compliance & Audit
Financial Software & Systems Pvt. Ltd.
01.2018 - 03.2021
- Developed and maintained key GRC documentation, including SOPs, Risk Assessments (RA), Business Impact Analysis (BIA), Business Continuity Plans (BCP), and Disaster Recovery (DR drill) reports, strengthening the enterprise risk management posture.
- Ensured compliance with regulatory and industry standards, including RBI ATM security guidelines and PCI DSS requirements, through evidence validation and audit submissions.
- Led internal audits for ATM monitoring services under FSS-Net, identifying compliance deviations, recommending control improvements, and ensuring timely remediation.
- Defined the audit governance framework for ATM cash verification processes, establishing risk-based audit scopes, checklists, and reporting mechanisms.
- Conducted third-party vendor audits to ensure due diligence, contractual compliance, operational controls, and risk mitigation, as per bank policies.
- Performed onsite compliance inspections at ATMs and vaults to validate adherence to cash-management controls, physical security standards, and operational risk parameters.
- Strengthened field-level governance by identifying vulnerabilities in cash flow and ATM operational processes, and implementing corrective and preventive actions.
Compliance Team Lead - Contain Distribution
Financial Software & Systems Pvt. Ltd.
02.2008 - 12.2017
- Established governance controls for EJ and Contain Distribution operations by designing and implementing strategic operational frameworks aligned with banking compliance and security standards.
- Performed network maintenance and system upgrades, including service packs, patches, and hot fixes.
- Led risk assessments for distribution processes, identifying control gaps, operational vulnerabilities, and compliance deviations, and ensuring the implementation of corrective actions.
- Enhanced compliance posture by collaborating with IT, HR, Security, and Operations teams to standardize procedures, reduce operational risks, and improve adherence to regulatory and bank-specific guidelines.
- Governed data security protocols for EJ files and sensitive transaction logs, ensuring confidentiality, integrity, and availability, in line with information-security best practices.
- Monitored SLA, regulatory, and quality adherence across cross-functional teams, ensuring consistent compliance with client governance expectations.
- Developed audit-ready processes for EJ distribution, maintaining documentation, evidence trails, and process controls to support internal and external audits.
- Implemented process improvements that reduced operational risk and improved compliance alignment across large-scale, multi-bank EJ distribution environments.
Governance Executive - Cash Audit & Compliance
Brinks Arya India Pvt. Ltd
11.2005 - 02.2008
- Conducted onsite audits and compliance inspections of ATM locations to ensure adherence to physical security standards, cash-handling controls, and bank regulatory requirements.
- Ensured compliance in cash replenishment processes through strict adherence to SOPs, documentation protocols, and chain-of-custody controls, to minimize operational and financial risks.
- Implemented preventive controls for ATM downtime and operational inefficiencies by coordinating maintenance activities, and ensuring timely reporting of risks or deviations.
- Maintained cash reconciliation accuracy, ensuring audit readiness, and compliance with standard banking cash-management guidelines.
- Monitored ATM performance incidents and maintained compliance logs, ensuring risk mitigation, timely resolution, and alignment with operational and regulatory guidelines.
- Oversaw liquidity and cash management operations.
Education
Diploma - Financial Management
Welingkar Institute for Technology and Management
Mumbai05.2004
Bachelor of Commerce - Computer and IT
Mumbai University
Mumbai, Maharashtra05.2003
Skills
Information Security Management
BCMS implementation expertise
Internal audit testing
Cross-functional team coordination
Third-party risk assessment
Regulatory compliance expertise
Policy formulation
Risk assessment strategy
Security control assessment
Monitoring compliance standards
Incident monitoring
Operational efficiency enhancement
Accomplishments
- Best Employee Award - FY 2008: Govern and successfully implemented EJ Project at SBI Bank Data centre.
- KUDOS AWARDS – FY 2014: File-X Application implementation and Presentation.
- Best Team Award FY 2022: Circle of Excellence award for maintaining good governance.
- Champion Award - FY 2023: Successful completion of PCI DSS Certification & IOB Bank TLS activity.
Certification
ISO/IEC 23001 Business Continuity Management Systems, 03/2025
Timeline
Senior Manager Information Security
Financial Software & Systems Pvt. Ltd.
04.2024 - Current
GRC Manager - ATM Network & Operation
Financial Software & Systems Pvt. Ltd.
04.2021 - 03.2024
Assistant Manager - Compliance & Audit
Financial Software & Systems Pvt. Ltd.
01.2018 - 03.2021
Compliance Team Lead - Contain Distribution
Financial Software & Systems Pvt. Ltd.
02.2008 - 12.2017
Governance Executive - Cash Audit & Compliance
Brinks Arya India Pvt. Ltd
11.2005 - 02.2008
Bachelor of Commerce - Computer and IT
Mumbai University
Diploma - Financial Management
Welingkar Institute for Technology and Management