Summary
Overview
Work History
Education
Skills
Certification
Websites
Timeline
Generic

Shruti Srivastava

Gurugram

Summary

Cyber Risk and Regulatory professional with 11+ years of experience in IT risk management, governance, and compliance across industries including Oil & Gas, Manufacturing, Banking, Government, and Global Conglomerates. Strong expertise in SOX ITGC testing, third‑party/vendor risk assessments, SWIFT CSCF, ISO 27001, NIST, and CIS frameworks.

Experienced in leading end‑to‑end risk and compliance engagements, supporting audit readiness, managing risk exceptions, updating security policies, and delivering practical remediation recommendations. Proven ability to work with global stakeholders, conduct on‑site and remote assessments, and manage and mentor teams. Recognized for a structured, risk‑based approach and clear communication with both technical and business teams.

Overview

12
12
years of professional experience
1
1
Certification

Work History

Associate Manager

Accenture
Gurugram
08.2021 - Current
  • Led Cyber Risk & Regulatory engagements for global clients in Oil & Gas, Manufacturing, Banking, Government, and Conglomerates.
  • Led and delivered SWIFT CSCF assessments across banks and non‑banking entities, identifying compliance gaps and providing prioritized remediation roadmaps.
  • Performed SOX ITGC testing and risk assessments for multiple clients, ensuring alignment with ISO 27001, NIST, COSO, and CIS standards.
  • Conducted 3rd party/vendor security assessments, managing risk findings, remediation tracking, and risk exception governance (RAF creation and approvals).
  • Built and maintained Unified Control Frameworks (UCFs) using Accenture accelerators, updated client security policies, standards, and audit documentation.
  • Enhanced organizational security culture by leading security awareness initiatives, focusing on phishing simulations to mitigate risks.
  • Traveled onsite to Abu Dhabi to conduct cyber risk assessments and currently manage a team of 10, guiding their skill development and security learning.

Information Security Consultant

Tata Consultancy Services
Bangalore
08.2019 - 08.2021
  • Conducted ISO 27001‑based security risk assessments and kept documentation and knowledge articles up to date to support continuous improvement and risk reduction.
  • Supported governance, risk, and compliance (GRC) across multiple projects by tracking security vulnerabilities and collaborating with application owners and global infrastructure teams to ensure timely fixes within agreed SLAs.
  • Managed Incident and Change Management activities per ITIL practices, coordinating with various teams to ensure service continuity and effectively support project needs.
  • Facilitated Agile activities including sprint planning, daily standups, retrospectives, stakeholder meetings, and demos.

Sr. Information Security Analyst

Deutsche Bank
Pune
10.2017 - 08.2021
  • Collaborated with senior security and business leaders to align information security requirements with new initiatives across various business teams.
  • Helped develop and maintain information security policies and procedures, performed risk assessments, reviewed control effectiveness, and supported ongoing improvements in line with ISO 27001 standards.
  • Managed desktop applications and endpoint security, partnering with application owners and utilizing Microsoft patching, SCCM, and Defend point to ensure system security and compliance.
  • Managed the end‑user device lifecycle, addressed end‑of‑life systems, and coordinated with testing and deployment teams to ensure timely patching.
  • Compiled and distributed global compliance reports to highlight security risks, patch status, and policy compliance across regions.

Sr. Analyst

HCL Technologies
Noida
08.2014 - 10.2017
  • Led team of 11 in IT asset management for large banking project, ensuring accurate tracking aligned with client requirements.
  • Streamlined IT operations by implementing ITIL best practices and utilizing JIRA and Confluence for task tracking and documentation.
  • Troubleshot endpoint security issues, resolving Symantec Antivirus problems and restoring system connectivity using Sylink Replacer.

Education

Cathedral Sr. Sec School - Science

Cathedral Sr. Sec School
Lucknow

B.tech -

A. P. J. Abdul Kalam Technical University
Lucknow

Skills

  • Governance, Risk & Compliance (GRC)
  • Cyber Risk Assessments
  • Audit Readiness & Regulatory Compliance
  • Internal/ External Audits
  • SOX ITGC Testing
  • Third‑Party & Vendor Risk Management
  • Risk Exception
  • On‑site & Offshore Engagement Delivery
  • Team Management & Mentoring
  • Client & Stakeholder Management
  • Documentation, Reporting & Executive Presentations

Certification

  • Certified Information Security Manager (CISM)
  • CompTIA Security+
  • ISO 27001 Lead Auditor
  • SWIFT Certified Assessor
  • Certified ScrumMaster (CSM)
  • ITIL Foundation Level
  • Microsoft Certified Azure Fundamentals
  • AWS Cloud Practitioner
  • GCP - Associate Cloud Engineer

Websites

Timeline

Associate Manager

Accenture
08.2021 - Current

Information Security Consultant

Tata Consultancy Services
08.2019 - 08.2021

Sr. Information Security Analyst

Deutsche Bank
10.2017 - 08.2021

Sr. Analyst

HCL Technologies
08.2014 - 10.2017

Cathedral Sr. Sec School - Science

Cathedral Sr. Sec School

B.tech -

A. P. J. Abdul Kalam Technical University

Similar Profiles

CREATE PROFILE
Shruti Srivastava