Utkarsh Joshi
GRC Engineer
Bangalore
Summary
I am a cyber security professional skilled at third party risk management and cyber governance and strategy, currently working as Senior Security Engineer at Synopsys.
Overview
4
4
years of professional experience
Work History
Senior Security Engineer
Synopsys
11.2022 - Current
- Conducting risk assessments of third-party vendors, evaluating factors such as cybersecurity controls, regulatory compliance, and operational resilience.
- Developing and maintaining comprehensive risk profiles for each vendor, identifying potential vulnerabilities and recommending risk mitigation strategies.
- Collaborating with internal stakeholders, including procurement, legal, IT, and compliance teams, to ensure alignment on risk management objectives and requirements.
- Monitoring ongoing vendor performance and compliance with contractual obligations, conducting periodic reviews and assessments as necessary.
- Staying abreast of industry trends, regulatory developments, and emerging risks in third-party relationships, providing insights and recommendations to enhance effectiveness of the TPRM program.
Associate Consultant
KPMG Global Services
03.2020 - 11.2022
- Conducting vendor risk assessments to identify risks and assigned risk ratings for each identified risk based on impact and likelihood of the risk
- Conducting comprehensive security assessments by comparing vendor security questionnaires with industry leading practices and frameworks to identify gaps and provide recommendations for improvement
- Developing and uplifting security policies and standard for leading industry clients against standard (FFIEC, NIST, ISO, PCI, and UCF) for security principle, and provided recommendations to improve the organization's risk posture
- Mapping compliance framework and conducting gap assessment of various client's information security policies, standards, and controls against multiple standards (FFIEC, NIST, ISO, PCI, and UCF) for security principle, and provided recommendations to improve the organization's risk posture
- Primarily responsible for assessing documentation provided by the client and reviewing interview data to identify the client's current maturity state
- Performing Internal Security Audit to measure and improve the firm's cyber security posture
Research Intern
MNIT (NIT Jaipur)
- Understanding threats caused by malicious browser extensions and botnets- Performed top 10 OWASP attacks
- Researched on BOTNETS and malicious browser extension
- Also learned some penetration tools
- Successfully did research on botnets, OWASP and web penetration.
Intern
Manipal University
- VOIP security- Performed various kinds of attacks on VOIP clients and did research on DDOS attack and man in the middle attack
- Successfully traced the threshold of the VOIP client and its vulnerabilities.
Education
B.Tech - Computer and Communication Engineering
Manipal University
Jaipur, India 01.2015 - 2019.04
Skills
Timeline
Senior Security Engineer
Synopsys
11.2022 - Current
Associate Consultant
KPMG Global Services
03.2020 - 11.2022
B.Tech - Computer and Communication Engineering
Manipal University
01.2015 - 2019.04
Research Intern
MNIT (NIT Jaipur)
Intern
Manipal University
Similar Profiles
Jixiang DingJixiang Ding
Senior ASIC Verification Engineer at SynopsysSenior ASIC Verification Engineer at Synopsys
Elin IssaviElin Issavi
Sr. Event Manger at SynopsysSr. Event Manger at Synopsys
Sai Vivek PidaparthiSai Vivek Pidaparthi
Associate Network Engineer at SynopsysAssociate Network Engineer at Synopsys