Shruti Srivastava
Gurugram
Summary
Experienced Security & GRC Professional with over 10 years of expertise in security compliance, risk assessment, and governance across sectors like banking, oil & gas, and global conglomerates. Skilled in implementing industry frameworks such as ISO 27001, NIST CSF, SWIFT CSCF, SOX ITGC, and CSA CCM, with a strong track record in ITGC audits, cybersecurity risk assessments, and maturity model development.
Certified Scrum Master with hands-on experience in Agile delivery, vulnerability management, and cloud compliance. Strong background in program and operations management, team leadership, and stakeholder collaboration. Seeking a leadership role to drive strategic risk management and strengthen organizational security posture.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Associate Manager
Accenture
Gurugram
08.2021 - Current
- Conducted IT General Controls (ITGC) risk assessments aligned with the SOX (Sarbanes-Oxley) framework, identifying control gaps and delivering actionable mitigation strategies to ensure compliance and strengthen internal controls.
- Conducted multi-framework risk assessments across SWIFT CSCF, ISO 27001, and NIST CSF standards for clients in banking, oil & gas, and multinational conglomerates, including Accenture Internal and Asia-based enterprises.
- Designed and implemented maturity models for SWIFT-related risk, developed a Unified Control Framework (UCF) integrating ISO 27001 and NIST CSF, and drove NIS2-aligned cybersecurity strategy to support regulatory readiness and resilience.
- Deployed on-site in Abu Dhabi to lead ITGC and cybersecurity risk assessments based on COSO model and CIS benchmarks; developed mitigation plans, facilitated stakeholder workshops, and delivered executive presentations highlighting key risk areas.
- Performed pre-go-live cybersecurity and data protection assessments for infrastructure, cloud, and application projects; authored detailed risk reports and compliance reviews to ensure secure deployment.
- Managing and mentoring a cybersecurity team of 8, providing ongoing training, technical guidance, and oversight to ensure effective risk management across business-critical initiatives.
Information Security Consultant
Tata Consultancy Services
Bangalore
08.2019 - 08.2021
- Ensured effective governance, risk, and compliance (GRC) across multiple projects by proactively managing security vulnerabilities within defined SLAs, coordinating with application owners and global infrastructure teams to drive timely resolution.
- Conducted risk assessments based on the ISO 27001 Information Security framework and maintained updated knowledge base articles to support continuous improvement and risk mitigation efforts.
- Adhered to ITIL practices by owning and managing Incident and Change Management processes, collaborating cross-functionally with stakeholders to ensure service continuity and project alignment.
- Certified Agile Scrum Master: Led Agile ceremonies including sprint planning, daily stand-ups, retrospectives, stakeholder meetings, and product demos, fostering team collaboration and driving iterative delivery.
Sr. Information Security Analyst
Deutsche Bank
Pune
10.2017 - 08.2019
- Collaborated with senior stakeholders including Chief BISOs, Divisional BISOs, and COO representatives to support new initiatives and advise on information security requirements across business units.
- Contributed to the development and maintenance of corporate Information Security policies and procedures, documented risk assessments, evaluated control design, and supported continuous control improvements in alignment with ISO 27001 standards.
- Managed and supported desktop applications, coordinated with application owners, and performed system updates using Microsoft patching, SCCM, and Defendpoint tools to ensure endpoint security and compliance.
- Oversaw end-user device lifecycle management, identified and addressed end-of-life systems, analyzed SCCM logs to troubleshooting issues, and collaborated with packaging, testing, and deployment teams to ensure timely and effective patch application.
- Generated and delivered global compliance reports on a periodic basis, providing visibility into risk posture, patch status, and policy adherence across regions.
Sr. Analyst
HCL Technologies
Noida
08.2014 - 10.2017
- Led a team of 11 members, managing end-to-end IT asset management for a major banking project, ensuring accuracy, compliance, and operational efficiency.
- Improved IT operations and service delivery by implementing industry best practices, including ITIL processes and standardized control frameworks; utilized tools like JIRA and Confluence for project tracking and knowledge management.
- Developed and distributed performance dashboards and delivery reports (daily, weekly, and monthly) aligned with client requirements, driving transparency and accountability across service delivery metrics.
- Troubleshot and resolved endpoint security issues related to Symantec Antivirus, using Sylink Replacer to restore communication between user systems and antivirus servers.
Education
Cathedral Sr. Sec School
LucknowB.tech -
A. P. J. Abdul Kalam Technical University
LucknowSkills
- Governance, risk, and compliance
- IT Internal Audits
- ISO 27001 LA
- NIST CSF
- SWIFT CSCF
- SOX Framework
- Risk assessment
- CIS
- ITGC
- ITIL
- Certified Scrum Master (CSM) Agile Project Management
- Cloud Compliance (CSA CCM)
Certification
- Certified Information Security Manager (CISM)
- CompTIA Security+
- ISO 27001 Lead Auditor
- SWIFT Customer Security Control Framework
- Certified ScrumMaster (CSM)
- ITIL Foundation Level
- Microsoft Certified Azure Fundamentals
- AWS Cloud Practitioner
- GCP - Associate Cloud Engineer
WEBSITES, PORTFOLIOS AND PROFILES
https://www.linkedin.com/in/shruti-srivastava-08361456
Timeline
Associate Manager
Accenture
08.2021 - Current
Information Security Consultant
Tata Consultancy Services
08.2019 - 08.2021
Sr. Information Security Analyst
Deutsche Bank
10.2017 - 08.2019
Sr. Analyst
HCL Technologies
08.2014 - 10.2017
Cathedral Sr. Sec School
B.tech -
A. P. J. Abdul Kalam Technical University
Similar Profiles
Amanjot Kaur LambaAmanjot Kaur Lamba
Workday Integration Consultant at AccentureWorkday Integration Consultant at Accenture
Sumit PatilSumit Patil
SAP Security and GRC Consultant at AccentureSAP Security and GRC Consultant at Accenture
Sajal BhardwajSajal Bhardwaj
People Advisor Analyst, HRBP at AccenturePeople Advisor Analyst, HRBP at Accenture
Priyanka GhoshPriyanka Ghosh
Instructional Design Analyst at AccentureInstructional Design Analyst at Accenture
Bhoomika SachdevaBhoomika Sachdeva
Assistant Manager - Human Resources at StashfinAssistant Manager - Human Resources at Stashfin