Risk & Compliance SME & ServiceNow GRC BA with 14+ years of experience enabling enterprise-wide Governance, Risk & Compliance transformation through structured requirement analysis, process optimization, and platform-enabled solutions. Skilled in translating organizational vision into actionable strategy, enabling high-performing and resilient GRC operations that drive enterprise-wide alignment and measurable business outcomes. Experienced in leading end-to-end GRC technology implementations, spanning requirement elicitation, process mapping, solution validation, architecture review, project governance, and cross-functional team leadership. Adept at collaborating with cross-functional stakeholders to define governance frameworks, Data model, Process Risk Control inventory improvement, and compliance workflows while enhancing operational efficiency, automation, and governance visibility.
Overview
12
12
Certificates
13
13
years of professional experience
Work History
Sr Architect | Technology and People Management
Marlabs Innovation Private limited
02.2026 - 06.2026
Led end-to-end GRC technology initiatives and engaged with Business Stakeholders in requirement gathering across different functions Risk, Compliance, IT, Legal, and Finance to support scalable GRC tech implementations.
Defined GRC technology governance frameworks and steered continuous improvement initiatives that strengthened Operational resilience by 30%, and improved system uptime to 99%.
Engaged with stakeholders to understand their needs and context and present a tailored solution.
Approached Project Task with a strategic Mindset & spot opportunities to create Values.
Translated Regulatory Compliance and Risk requirements into structured Workflows, Data models, Process Risk Control Mapping as per Industry Standards, and functional specifications for platform enablement.
Standardized Process–Risk–Control hierarchy and harmonized siloed processes to improve governance consistency and compliance readiness.
Served as a bridge between Internal & External Stakeholders. Managed & engaged with stakeholders to drive results.
Conducted workshops, requirement walkthrough, stakeholder discussions & sign off to validate GRC Use Cases and ensure alignment with enterprise GRC objectives and Business Requirements.
Proposed Tactical and Strategic Solutions to Stakeholders aligning with Enterprise Goals and Platform Architecture.
Supported testing cycles (UAT/SIT), deployment readiness, and post-implementation optimization for GRC modules.
Enabled real-time governance visibility by defining reporting requirements and dashboards for risk, controls, vulnerabilities, and compliance status.
Led cross-functional teams to deliver the project on time and within budget constraints.
Second VP - Technology and Process Standardization
Northern Trust
11.2024 - 04.2025
Established Governance Framework and Operating Model, driving process improvements and achieving 30% operational efficiency gains across the program.
Oversaw complex GRC technology initiatives, managing project risks, leadership communications, and escalations while delivering high impact problem solving outcomes that improved enterprise wide operational efficiency by 40%.
Led process optimization, automation, and transformation initiatives, using performance metrics and business insights to deliver 30% measurable operational improvements and sustained efficiency gains.
Identified critical customer pain points and enhanced the end to end customer journey through workflow automation, resulting in up to 50% efficiency improvement and significantly improved service performance.
Defined KPIs and Service Standards to institutionalize operational excellence and strengthen performance governance.
Led technology modernization across GRC processes, improving platform efficiency and elevating enterprise reporting quality for CIO/CRO level decision making.
Supported cross functional teams in requirements gathering, user story creation, and process flow mapping to design scalable, compliant, and future ready GRC solutions.
Collaborated with leadership to solve complex GRC problem statements through analytics driven reporting, improving leadership reporting efficacy by 50%.
Defined GRC Technology Governance Frameworks and drove continuous improvement initiatives to reduce manual effort, enhance automation, and strengthen platform resilience.
Supported regulatory and audit readiness by ensuring control traceability, documentation quality, and alignment with compliance and regulatory standards.
Senior Architect – Delivery | Project Management
Cognizant
02.2024 - 10.2024
• Developed and managed the GRC TPRM program, building the project plan, business case, and product roadmap for TPRM implementation, while establishing strong cross functional collaboration with the Governance function to ensure alignment and successful delivery.
• Developed GRC strategy and multiyear roadmaps to optimize costs, strengthen governance, and accelerate enterprise compliance maturity.
• Owned and managed enterprise wide GRC dashboards for leadership and regulatory reporting, enabling data driven decision making through analytical insights and governance aligned reporting.
• Established strong cross functional collaboration with Product Managers, Sponsors, Business teams, Implementation teams, and Business Analysts to deliver project outcomes successfully, guided by well-defined KPIs and performance measures.
• Led requirement gathering sessions with Executives, Sponsors, Compliance teams, and Technology teams to define GRC workflows, assessments, and reporting needs.
• Improved assessment efficiency by 30% through automation of risk control matrices, workflows, and dashboards.
• Partnered with IT, Legal, Compliance, and HR Services to evaluate, select, and implement GRC technology solutions, driving thought leadership and enabling continuous product innovation across the enterprise.
• Acted as the single point of contact between business stakeholders and implementation teams, supporting decision making across solution reviews, architecture reviews, and Project Steering Committee governance discussions, while resolving critical issues through data driven strategies to achieve operational excellence.
• Supported and guided UAT cycles, deployment planning, and post go live optimization, ensuring smooth adoption and continuous improvement of GRC solutions.
• Led requirement gathering and process review for enterprise wide GRC and Security Operations initiatives, collaborating with 15+ cross functional teams, improving process standardization & transformation through Industry frameworks by 30%.
• Managed GRC transformation programs end to end, delivering 95% of milestones on time and reducing implementation defects by 30%.
• Translated compliance and audit requirements into structured workflows, reducing audit remediation timelines by 20% and improving control testing accuracy by 40%.
• Modernized Risk Control Matrix (RCM) and integrated data governance capabilities, improving assessment quality and reducing manual reconciliation effort by 30%.
• Collaborated with cross functional teams to validate GRC solution designs, Architecture reviews, ensuring 100% alignment with enterprise governance standards and reducing rework by 15–20%.
• Streamlined GRC processes to enhance operational efficiency and regulatory adherence, achieving 20–25% reduction in compliance cycle time.
• Leveraged analytics and workflow insights to drive data driven decisions, improving business outcomes by 15–20% and reducing operational bottlenecks.
• Defined KPIs, KRIs, control libraries, and risk taxonomies, enabling standardized assessments and improving reporting accuracy by 35–40% across enterprise functions.
GRC Technology Manager
KPMG Global Services
04.2022 - 08.2022
Steered GRC modules (IRM, Policy) implementations for financial service clients for enterprise-wide risk visibility.
Led cross-functional teams to implement technology solutions and there by reduced operational efficiency and modernization by 50%
Evaluated emerging technologies for potential integration into GRC technology tool ServiceNow there by improving Scalability, Reliability and Efficiency by 60%
Established key performance indicators to measure success of technology implementations.
Translated complex business requirements into tactical and strategic GRC solutions, reducing manual effort and enabling real-time control testing.
Enhanced communication among departments by developing internal communication tools and platforms.
Contributed to the Governance Forum ensuring Enterprise-wide consistency and platforms.
Delivered real-time dashboards and data models for intuitive risk visualization and actionable insights, strengthening decision-making across the organization.
IT GRC Project Lead
Nokia
08.2020 - 03.2022
• Led end to end GRC technology implementations for RSA Archer Project within NOKIA Group, aligning risk and compliance processes with ISO 27001, NIST CSF, SOX, and GDPR, improving control maturity by 25–35% across business units.
• Standardized processes, tools, and technology across Risk, Compliance, IT, and Security, increasing practitioner efficiency by 30% and reducing process deviations by 40%.
• Facilitated key stakeholder workshops to understand project goals and requirements, Steered key solutions, Architecture Review, Implementation effort, Project Planning to improve project efficiency across lifecycle.
• Led cross functional teams of 7 members, ensuring 70% on time delivery and consistent adherence to quality and compliance standards.
• Evaluated project performance data to identify bottlenecks and drive continuous improvement initiatives by building new Metrics aligning with Leadership Strategy, resulting in 15–20% reduction in operational efficiency.
• Established structured communication protocols, improving transparency and stakeholder satisfaction by 30% across project lifecycles.
• Verified quality of deliverables and ensured conformance to specifications, achieving 98% first time approval from clients and audit teams.
Senior Consultant
EY
01.2018 - 12.2018
• Delivered enterprise wide GRC technology implementations across Risk, Compliance, Security Operations, and Audit, achieving 95% on time delivery and reducing implementation defects by 30% through structured project governance.
Facilitated stakeholder meetings to ensure alignment on project goals and deliverables.
• Enabled data driven decision making by modernizing GRC workflows and integrating data governance structures, improving reporting accuracy by 40% and reducing manual analysis time by 25–30%.
• Planned and deployed centralized control libraries and automated workflows, improving audit readiness by 35% and reducing control testing cycle time by 20%.
• Presented executive dashboards with real time visibility into risk posture, compliance gaps, and remediation progress, accelerating leadership decision cycles by 25%.
• Managed multi phase GRC transformation programs from conception to execution, coordinating cross functional teams and ensuring 100% alignment with enterprise governance standards.
• Streamlined GRC processes through workflow automation and modernization, improving operational efficiency by 30% and strengthening regulatory adherence across business units.
• Established enterprise Governance Framework and Operating Model, improving cross functional alignment and driving 30–40% operational efficiency gains across major programs.
• Managed complex transformation initiatives end to end (strategy → design → implementation), delivering 95% on time outcomes and reducing projects risks by 25% through structured governance and stakeholder consensus.
• Led process optimization, automation, and modernization initiatives, leveraging Data and Reporting analytics and workflow insights to achieve 20–30% reduction in manual effort and 35% improvement in process scalability.
• Identified critical customer pain points and redesigned end to end customer journeys, improving customer satisfaction scores by 25% and reducing friction points across service lines.
• Steered organizational transformation and culture change, strengthening accountability, performance discipline, and coaching practices, resulting in 20% uplift in team productivity.
GRC Technology, Automation & Modernization
• Led requirement gathering and process design for enterprise wide GRC and Security Operations programs, collaborating with Risk, Compliance, IT, Legal, and HR.
• Improved Risk Control Self-Assessment (RCSA) efficiency by 30% through automation of risk control matrices, manual workflows, manual assessments, and Excel dashboards.
• Evaluated and implemented GRC technology solutions, Architecture review, ensuring seamless integration and operational readiness by 35%.
• Acted as the single point of contact between business stakeholders and implementation teams, improving requirement clarity and reducing scope creep by 25%.
• Defined KPIs, KRIs, control libraries, and risk taxonomies, enabling standardized assessments and improving reporting accuracy for Leadership & Regulators by 40%.
• Translated compliance and audit requirements into structured workflows, accelerating GRC platform modernization and reducing audit remediation timelines by 20%.
Data Driven insights & Performance Management
• Leveraged Data & Reporting analytics and workflow insights to drive data driven decisions, improving business outcomes, agility and thereby reducing rework by 15–20%.
• Managed cross functional teams across dynamic Banking, Financial Services, Telecommunication, Retail & Govt. organizations, improving collaboration effectiveness by 30% and ensuring seamless delivery across project components.
• Enhanced transparency and communication through structured protocols, improving stakeholder satisfaction by 30% and reducing escalations.
Self-motivated, with a strong sense of personal responsibility.
Education
Bachelor Of Technology - Electrical, Electronics And Communications Engineering
Uttar Pradesh Technical University
Uttar Pradesh
01-2012
Skills
A Technology: ServiceNow IRM/GRC, RSA Archer, Tools: JIRA, Confluence, Power BI, MS Project, Visio
Accomplishments
Led enterprise-wide GRC technology implementations across global financial services.
Streamlined regulatory compliance integration into strategic decision-making (ISO 27001, NIST, GDPR).
Established risk taxonomies, KPIs, and control libraries for standardized assessments.
Delivered board-level dashboards and automated reporting, strengthening governance and resilience.
Reduced audit gaps and SLA breaches through automation of TPRM and vulnerability workflows.
Certification
ISO 27001 Lead Auditor & Implementer Certified Professional (BSI)
Interests
Tech News, Travel, Gardening
Timeline
Sr Architect | Technology and People Management
Marlabs Innovation Private limited
02.2026 - 06.2026
Second VP - Technology and Process Standardization
Northern Trust
11.2024 - 04.2025
Senior Architect – Delivery | Project Management
Cognizant
02.2024 - 10.2024
Senior Manager, Strategy
PWC India
09.2022 - 02.2024
GRC Technology Manager
KPMG Global Services
04.2022 - 08.2022
IT GRC Project Lead
Nokia
08.2020 - 03.2022
Senior Consultant
EY
01.2018 - 12.2018
Multiple Employers
Happiest Minds,Target,WIPRO,PWC EY,Deloitte
03.2013 - 12.2017
Bachelor Of Technology - Electrical, Electronics And Communications Engineering
Uttar Pradesh Technical University
CORE COMPETENCIES
Project Management & Agile Delivery: Review of Demands, Backlogs & lead multi-million-dollar GRC programs
Enterprise GRC Strategy: Aligning with Standards, Frameworks ISO 27001, NIST RMF, SOC2, GDPR, RBI guidelines
Enterprise Architecture, Solution Delivery-Enabling Capability, Risk Compliance Architecture Review, Governance, Frameworks, Standards, Optimization and Modernization to transform Business needs into Scalable Enterprise Solutions.