Vaibhav Gupta
Information Security Consultant
Summary
Seasoned Information Security Consultant with 5 years of comprehensive experience in cybersecurity, specializing in security assessments, risk management, and incident response. Proven track record of securing diverse IT environments across various industries. Proficient in designing and implementing robust security architectures and ensuring compliance with regulatory standards. Dedicated to continuous learning and staying abreast of emerging threats and security technologies.
Overview
5
5
years of professional experience
5
5
Certifications
Work History
Assistant Manager
KPMG Assurance and Consulting LLP
9 2021 - Current
- Working as a Assistant Manager in Cybersecurity domain
- Advised clients on information security best practices, risk management, and regulatory compliance, resulting in a 20% improvement in overall security posture
- Conducted regular assessments and audits to ensure compliance with NIST 800-53 standards.
- Developed and implemented customized security policies and procedures aligned with client business objectives and regulatory requirements
- Implemented and managed security solutions, including firewalls, intrusion detection/prevention systems, and SIEM tools, tailored to client needs and compliance requirements
- Conducing Security Risk assessment in line with Global standards/best practices like ISO 27001, 22301, COBIT
- Assessing the Information Security Architecture, conducting detailed Risk Assessment/Preparing RTP- Involved in conducting detailed risk assessment for the Client with preparing RTP for them for closure of risks identified in their system
- Collaborated with cross-functional teams to integrate security measures into new and existing IT infrastructure and applications.
- Internal Audits/External Audits: As a ISO27001 LA/LI certified I conducted several Internal Audits for different Clients
- Privacy: Since I am a GDPR trained professional I am also involved in assessing privacy structure for the Client in terms of GDPR, HIPAA and other laws
- Plan, Develop and manage Information Security Management System
- MS Office, GDPR, Data Privacy, Cyber Security, ISO 22301, Contract Review, Risk Management, Risk Assessments, ISO 27001 Implementation, Information Security Management, Business Continuity Management, Basic Networking Concepts
Risk Analyst
HCL Technologies
05.2019 - 09.2021
- Worked as a part of Risk & Compliance team
- Conducted Risk assessments- Maintaining and creating risk registers, determining the level of risk, analyzing the risk, proposing mitigation controls
- As a certified ISO 27001 Certified professional, I was involved in explaining the purpose and the process involved in implementing, operating and monitoring, reviewing and improving an ISMS as defined in ISO 27001
- Plan, Develop and manage Information Security Management System
- Have been part of the Data privacy structure throughout, GDPR, HIPAA, CCPA, Laws of the countries (including European Law), PHI, Client interactions with respect to privacy
- Have been a part of the RFI/RFP Process in the organization
- Replying to the questionnaires/cyber security assessments, interacting with the Clients directly on the RFPs, part of all the internal discussions with respect to RFPs
- SOC 1/SOC 2 Reports
- Also Worked as a part of Business Continuity Management Team
- Conducted Business Continuity Trainings & Testing activities for different engagements successfully
- Have been part of the BCM Plan implementation for various projects
- Exposure to ISO 22301 (BCMS) Standard
- Reviewed contracts and agreements to identify potential risks and ideal mitigation strategies
- Produced accurate and timely collections reports, facilitating measurement, decision-making and engagement with customers
- Encouraged stakeholders to approach assessments analytically and offer unique insights to bring new understanding to risk management programs.
Education
BTECH in Information Technology - Information Security
IEC College of Engineering
Greater Noida, India05.2017
MBA in Information Technology - Information Technology
Amity University
Noida05.2019
Skills
Assessing and mitigating risks to information security, including developing risk management strategies and implementing controls to minimize risk exposure
Certification
ISMS 27001: Lead Auditor
Timeline
Risk Analyst
HCL Technologies
05.2019 - 09.2021
Assistant Manager
KPMG Assurance and Consulting LLP
9 2021 - Current
BTECH in Information Technology - Information Security
IEC College of Engineering
MBA in Information Technology - Information Technology
Amity University
Similar Profiles
Pratik SavaratkarPratik Savaratkar
Assistant Manager at KPMG Assurance and Consulting LLPAssistant Manager at KPMG Assurance and Consulting LLP
Phavithraa BPhavithraa B
Cybersecurity Consultant at KPMG Assurance and Consulting Services LLPCybersecurity Consultant at KPMG Assurance and Consulting Services LLP
Anshul BhatiaAnshul Bhatia
Executive (FP&A) at KPMG Assurance & Consulting LLPExecutive (FP&A) at KPMG Assurance & Consulting LLP
Kyra Jade ZambinoKyra Jade Zambino
Assistant Manager at Scotia BankAssistant Manager at Scotia Bank
Luis ColoradoLuis Colorado
Assistant Manager at ZaxbysAssistant Manager at Zaxbys