Summary
Overview
Work History
Education
Skills
Certification
Timeline
AdministrativeAssistant
Vaibhav Gupta

Vaibhav Gupta

Information Security Consultant

Summary

Seasoned Information Security Consultant with 5 years of comprehensive experience in cybersecurity, specializing in security assessments, risk management, and incident response. Proven track record of securing diverse IT environments across various industries. Proficient in designing and implementing robust security architectures and ensuring compliance with regulatory standards. Dedicated to continuous learning and staying abreast of emerging threats and security technologies.

Overview

5
5
years of professional experience
5
5
Certifications

Work History

Assistant Manager

KPMG Assurance and Consulting LLP
9 2021 - Current
  • Working as a Assistant Manager in Cybersecurity domain
  • Advised clients on information security best practices, risk management, and regulatory compliance, resulting in a 20% improvement in overall security posture
  • Conducted regular assessments and audits to ensure compliance with NIST 800-53 standards.
  • Developed and implemented customized security policies and procedures aligned with client business objectives and regulatory requirements
  • Implemented and managed security solutions, including firewalls, intrusion detection/prevention systems, and SIEM tools, tailored to client needs and compliance requirements
  • Conducing Security Risk assessment in line with Global standards/best practices like ISO 27001, 22301, COBIT
  • Assessing the Information Security Architecture, conducting detailed Risk Assessment/Preparing RTP- Involved in conducting detailed risk assessment for the Client with preparing RTP for them for closure of risks identified in their system
  • Collaborated with cross-functional teams to integrate security measures into new and existing IT infrastructure and applications.
  • Internal Audits/External Audits: As a ISO27001 LA/LI certified I conducted several Internal Audits for different Clients
  • Privacy: Since I am a GDPR trained professional I am also involved in assessing privacy structure for the Client in terms of GDPR, HIPAA and other laws
  • Plan, Develop and manage Information Security Management System
  • MS Office, GDPR, Data Privacy, Cyber Security, ISO 22301, Contract Review, Risk Management, Risk Assessments, ISO 27001 Implementation, Information Security Management, Business Continuity Management, Basic Networking Concepts

Risk Analyst

HCL Technologies
05.2019 - 09.2021
  • Worked as a part of Risk & Compliance team
  • Conducted Risk assessments- Maintaining and creating risk registers, determining the level of risk, analyzing the risk, proposing mitigation controls
  • As a certified ISO 27001 Certified professional, I was involved in explaining the purpose and the process involved in implementing, operating and monitoring, reviewing and improving an ISMS as defined in ISO 27001
  • Plan, Develop and manage Information Security Management System
  • Have been part of the Data privacy structure throughout, GDPR, HIPAA, CCPA, Laws of the countries (including European Law), PHI, Client interactions with respect to privacy
  • Have been a part of the RFI/RFP Process in the organization
  • Replying to the questionnaires/cyber security assessments, interacting with the Clients directly on the RFPs, part of all the internal discussions with respect to RFPs
  • SOC 1/SOC 2 Reports
  • Also Worked as a part of Business Continuity Management Team
  • Conducted Business Continuity Trainings & Testing activities for different engagements successfully
  • Have been part of the BCM Plan implementation for various projects
  • Exposure to ISO 22301 (BCMS) Standard
  • Reviewed contracts and agreements to identify potential risks and ideal mitigation strategies
  • Produced accurate and timely collections reports, facilitating measurement, decision-making and engagement with customers
  • Encouraged stakeholders to approach assessments analytically and offer unique insights to bring new understanding to risk management programs.

Education

BTECH in Information Technology - Information Security

IEC College of Engineering
Greater Noida, India
05.2017

MBA in Information Technology - Information Technology

Amity University
Noida
05.2019

Skills

Assessing and mitigating risks to information security, including developing risk management strategies and implementing controls to minimize risk exposure

Strong knowledge of industry standards and regulations (eg, GDPR, HIPAA, ISO 27001, ISO 22301, ISO 27701, NIST, COBIT)

Excellent communication and interpersonal skills, with experience in presenting technical information to non-technical stakeholders

Ability to prioritize and manage multiple projects simultaneously in a fast-paced environment

Developing and delivering security awareness programs and training sessions for employees and stakeholders to promote best security practices and compliance security, and cloud security

Certification

ISMS 27001: Lead Auditor

Timeline

Risk Analyst

HCL Technologies
05.2019 - 09.2021

Assistant Manager

KPMG Assurance and Consulting LLP
9 2021 - Current

BTECH in Information Technology - Information Security

IEC College of Engineering

MBA in Information Technology - Information Technology

Amity University

Similar Profiles

CREATE PROFILE
Vaibhav GuptaInformation Security Consultant