Summary
Overview
Work History
Education
Skills
Timeline
Generic
Shivam Joshi

Shivam Joshi

Associate Consultant
Bengaluru

Summary

Experienced Associate Consultant in Information Security with strong communication skills and a demonstrated history of two years in advising and assessing clients on their information security posture and maturity. Skilled in Vulnerability Assessment and Penetration Testing (VAPT), Cybersecurity, IT General Controls (ITGC), and Application Audit. Experienced in identifying and mitigating security risks, ensuring compliance with industry standards and regulations and at analyzing complex systems and implementing effective security measures.

Overview

2
2
years of professional experience

Work History

Associate Consultant

Ernst & Young
07.2023 - Current
  • Demonstrated the ability to navigate complex IT environments, implementing and enhancing control processes to ensure the security, availability and integrity of critical systems and data.
  • Evaluated SOC reports for SaaS applications for controls around asset management, backup and restoration, continuous vulnerability management, data encryption, secure development lifecycle (SDLC), secure configuration management, third party risk management and malware protection.
  • Performed security assessments and control framework designing for clients.
  • Performed SOX and ICFR audits related to General IT Controls (Manage Change, Manage Access and Manage Operations).
  • Performed controls rationalization assessments and offering advisory to clients.

Senior Analyst

Ernst & Young
08.2022 - 06.2023
  • Performed qualitative and quantitative risk assessment for clients and provided risk treatment options.
  • Evaluated if overall outstanding risks were within the organizations risk appetite.
  • Performed regulatory compliance audits based on Reserve Bank of India (RBI) guidelines for prepaid payment instruments.
  • Performed IT general control testing across three domains - Manage Change, Manage Access and Manage Operations.

Assistant Cyber Security Analyst

Drcbs Cyber Security Service Pvt Ltd
04.2022 - 07.2022
  • Implemented ISO 27001:2013 across multiple government clients.
  • Performed comprehensive vulnerability assessments on networks, systems, and applications using various tools and methodologies.
  • Identified and prioritized vulnerabilities based on severity, exploitability, and potential impact.
  • Conducted simulated attacks to identify vulnerabilities and weaknesses in systems and applications.
  • Exploited and identified vulnerabilities to demonstrate potential risks and assessed the effectiveness of existing security measures.
  • Documented the vulnerabilities and penetration testing procedures, findings, and recommendations.

Education

Bachelor of Technology - Computer Science

Poornima University
Jaipur, India
04.2001 -

Skills

undefined

Timeline

Associate Consultant

Ernst & Young
07.2023 - Current

Senior Analyst

Ernst & Young
08.2022 - 06.2023

Assistant Cyber Security Analyst

Drcbs Cyber Security Service Pvt Ltd
04.2022 - 07.2022

Bachelor of Technology - Computer Science

Poornima University
04.2001 -

Similar Profiles

CREATE PROFILE
Shivam JoshiAssociate Consultant