Highly skilled IT Governance, Risk, and Compliance (ITGRC) professional with over 6+ years of experience in managing Third-Party Risk Management (TPRM), implementing ISO 27001 standards, ensuring compliance with SOX, IT General Controls (ITGC), and building Information Security Management Systems (ISMS). Expertise in PCI DSS, HIPAA, HITRUST, NIST frameworks, and SOC audits. Adept at mitigating risks, developing security strategies, and maintaining regulatory compliance to safeguard organizational assets.
Overview
8
8
years of professional experience
Work History
IT Security Analyst
Smart Beings Software Innovations Pvt Ltd
08.2020 - Current
The Risk Consultant is responsible for identifying, analyzing, and mitigating risks to safeguard organizational operations, assets, and data.
This role involves assessing potential risks, developing mitigation strategies, and ensuring compliance with regulatory frameworks and internal policies.
The ideal candidate will possess strong analytical skills, industry knowledge, and expertise in risk management methodologies.
The Security Specialist is responsible for designing, implementing, and maintaining an organization's security framework to protect sensitive information, systems, and infrastructure from cyber threats.
This role requires expertise in threat detection, risk assessment, incident response, and compliance with regulatory standards.
The ideal candidate will work closely with IT teams, management, and external partners to ensure robust security measures are in place and consistently optimized.
ROLES & RESPONSIBILITIES:
Design and execute vendor risk assessment frameworks for onboarding and monitoring third-party relationships.
Evaluate third-party compliance with security and privacy regulations such as ISO 27001, PCI DSS, and GDPR.
Monitor third-party risk postures through questionnaires, audits, and vulnerability assessments.
Develop remediation plans for identified vendor risks and ensure follow-through to resolution.
Develop and implement comprehensive IT governance frameworks to align with organizational objectives and regulatory requirements.
Conduct risk assessments to identify, evaluate, and mitigate potential IT risks.
Establish and maintain GRC tools to streamline risk and compliance management.
Draft, update, and enforce IT policies, procedures, and controls to meet industry standards and best practices.
Collaborate with stakeholders to drive organizational compliance and risk strategies.
Lead ISO 27001 implementation projects, including gap analyses, control selection, and risk treatment plans.
Develop and maintain Information Security Management Systems (ISMS) documentation, including Statement of Applicability (SoA) and Risk Treatment Plans.
Conduct internal audits to ensure ISO 27001 compliance and prepare for external certification audits.
Deliver security awareness training and ensure organization-wide adherence to ISO standards.
Boven Technologies Pvt Ltd
Process Associate
07.2017 - 07.2020
Respond to customers via live chat or email, often managing multiple sessions simultaneously.
Provide prompt, accurate and well‑structured written responses.
Troubleshoot and resolve issues, or escalate when needed.
Maintain chat logs and update CRM / ticketing systems accordingly.
Prioritize urgent chats, ensure timely follow‑up, and aim for high satisfaction rates.
Develop strong product/service knowledge to support effective resolution.
Collaborate with team leads and colleagues to meet targets and maintain quality standards.
Participate in training sessions on new processes, products, and best practices in customer service.
Adhere to company policies, SLAs, and quality standards in all communications.
Attend periodic feedback sessions and contribute to continuous process improvement.
Lead SERVICE ANALYST - RESILIENCY MANAGER at Societe Generale Global Solutions Center Pvt Ltd, Bangalore | Bangalore, INDIALead SERVICE ANALYST - RESILIENCY MANAGER at Societe Generale Global Solutions Center Pvt Ltd, Bangalore | Bangalore, INDIA