Summary
Overview
Work History
Education
Skills
Timeline
background-images

SARAT CHANDRA

Bengaluru

Summary

Highly skilled IT Governance, Risk, and Compliance (ITGRC) professional with over 6+ years of experience in managing Third-Party Risk Management (TPRM), implementing ISO 27001 standards, ensuring compliance with SOX, IT General Controls (ITGC), and building Information Security Management Systems (ISMS). Expertise in PCI DSS, HIPAA, HITRUST, NIST frameworks, and SOC audits. Adept at mitigating risks, developing security strategies, and maintaining regulatory compliance to safeguard organizational assets.

Overview

8
8
years of professional experience

Work History

IT Security Analyst

Smart Beings Software Innovations Pvt Ltd
08.2020 - Current
  • The Risk Consultant is responsible for identifying, analyzing, and mitigating risks to safeguard organizational operations, assets, and data.
  • This role involves assessing potential risks, developing mitigation strategies, and ensuring compliance with regulatory frameworks and internal policies.
  • The ideal candidate will possess strong analytical skills, industry knowledge, and expertise in risk management methodologies.
  • The Security Specialist is responsible for designing, implementing, and maintaining an organization's security framework to protect sensitive information, systems, and infrastructure from cyber threats.
  • This role requires expertise in threat detection, risk assessment, incident response, and compliance with regulatory standards.
  • The ideal candidate will work closely with IT teams, management, and external partners to ensure robust security measures are in place and consistently optimized.


ROLES & RESPONSIBILITIES:

  • Design and execute vendor risk assessment frameworks for onboarding and monitoring third-party relationships.
  • Evaluate third-party compliance with security and privacy regulations such as ISO 27001, PCI DSS, and GDPR.
  • Monitor third-party risk postures through questionnaires, audits, and vulnerability assessments.
  • Develop remediation plans for identified vendor risks and ensure follow-through to resolution.
  • Develop and implement comprehensive IT governance frameworks to align with organizational objectives and regulatory requirements.
  • Conduct risk assessments to identify, evaluate, and mitigate potential IT risks.
  • Establish and maintain GRC tools to streamline risk and compliance management.
  • Draft, update, and enforce IT policies, procedures, and controls to meet industry standards and best practices.
  • Collaborate with stakeholders to drive organizational compliance and risk strategies.
  • Lead ISO 27001 implementation projects, including gap analyses, control selection, and risk treatment plans.
  • Develop and maintain Information Security Management Systems (ISMS) documentation, including Statement of Applicability (SoA) and Risk Treatment Plans.
  • Conduct internal audits to ensure ISO 27001 compliance and prepare for external certification audits.
  • Deliver security awareness training and ensure organization-wide adherence to ISO standards.

Boven Technologies Pvt Ltd

Process Associate
07.2017 - 07.2020
  • Respond to customers via live chat or email, often managing multiple sessions simultaneously.
  • Provide prompt, accurate and well‑structured written responses.
  • Troubleshoot and resolve issues, or escalate when needed.
  • Maintain chat logs and update CRM / ticketing systems accordingly.
  • Prioritize urgent chats, ensure timely follow‑up, and aim for high satisfaction rates.
  • Develop strong product/service knowledge to support effective resolution.
  • Collaborate with team leads and colleagues to meet targets and maintain quality standards.
  • Participate in training sessions on new processes, products, and best practices in customer service.
  • Adhere to company policies, SLAs, and quality standards in all communications.
  • Attend periodic feedback sessions and contribute to continuous process improvement.
  • Handle inbound/outbound calls to address customer queries (orders, billing, deliveries, account issues).
  • Offer troubleshooting support or escalate complex cases to higher support tiers.
  • Maintain a professional, empathetic tone to ensure customer satisfaction.
  • Log each interaction accurately in the CRM system.
  • Follow up where needed to close pending customer issues.
  • Meet performance targets such as average handling time, call resolution rate, and customer satisfaction score.

Education

Bachelor of Technology -

Jagruthi College of Engineering
Hyderabad, India
06-2016

Skills

  • IT Governance, Risk, and Compliance (ITGRC)
  • Third-Party Risk Management (TPRM)
  • ISO 27001 Implementation and Audits
  • Sarbanes-Oxley Act (SOX) Compliance
  • IT General Controls (ITGC) Testing and Monitoring
  • Information Security Management Systems (ISMS) Development
  • PCI DSS Compliance
  • HIPAA and HITRUST Certification Processes
  • NIST Cybersecurity Framework (CSF)
  • SOC 1, SOC 2 Audits
  • Risk Assessment and Mitigation
  • Security Awareness Training
  • Vendor Risk Management and Assessments
  • Policy and Procedure Development

Timeline

IT Security Analyst

Smart Beings Software Innovations Pvt Ltd
08.2020 - Current

Boven Technologies Pvt Ltd

Process Associate
07.2017 - 07.2020

Bachelor of Technology -

Jagruthi College of Engineering
SARAT CHANDRA