Vaibhav Sirohi
Noida
Summary
Professional having a strong expertise in IT Risk management with experience in IT general controls (ITGC) compliance and testing, IT Audit & Risk assessment, Third party Risk assessment. Possess strong knowledge on Detailed Risk assessment (Internal & Third party), IT Audit, Issue Management, ITGC and Agile practices
Overview
5
5
years of professional experience
1
1
Certification
Work History
Tech Risk Analyst
HCL Technologies
03.2022 - Current
- Responsible for Risk Management activities and for managing the risk score within the desired risk appetite level.
- Monitoring, Addressing & Testing IT General and application controls including SOX controls and general controls.
- Documenting and testing the design appropriateness and operating effectiveness of ITGC and ITAC.
- Managing remediation for Risk assessment, ITGC and ITAC test findings & ensure timely closure as per risk rating and organization's standard.
- Monitoring & Tracking Penetration Test findings & Vulnerability scan findings
- Provide management and stakeholders with timely, well-written reports
- Have worked on Third party risk assessment with SOC 2 (Type 1, Type 2, Type 3) report, ISO 27001, ISO 27002 and TPCRA assessment report
- Responsible for Agile ceremonies
- Responsible for managing and meeting the project deliverables.
Customer Journey Expert
Care Health Insurance
11.2021 - 03.2022
- Assisting team to perform Business impact assessments and Detailed risk assessment for applications
- Guiding the tribe for maintaining the overall risk score of 2.4 for the tribe
- Collaborate with cross functional teams to ensure alignment with regulatory requirements and industry standards
- Led control testing initiatives, identifying, and addressing weaknesses to enhance IT security and compliance
Analyst
NoBroker.com
01.2020 - 08.2021
- Gathering and analyzing of evidence to make controls compliant for IT Risk measurement protocol (ITRMP) in scope applications
- Performing Business impact assessments and Detailed risk assessment with application SMEs to make related risk control compliant
- Performing CISO 30 risk assessment with Tech security team and application SME for Security event monitoring
Education
MBA -
ICFAI, IBS
03.2020
Bachelor of Science -
SRM
05.2017
Skills
- IT Risk Management
- IT Security Assessments
- ITGC & ITAC
- Control testing methodologies
- Risk assessment and management
- GRC & Risk Mitigation
- Third Party Risk Management
Certification
- ISO/IEC 27005:2022. Information Security risk Management.
- Implementing the NIST Risk Management Framework.
Additionalinformation
www.linkedin.com/in/vaibhav-sirohi-890546151, English, Bilingual or Proficient (C2)
Timeline
Tech Risk Analyst
HCL Technologies
03.2022 - Current
Customer Journey Expert
Care Health Insurance
11.2021 - 03.2022
Analyst
NoBroker.com
01.2020 - 08.2021
Bachelor of Science -
SRM
MBA -
ICFAI, IBS
Similar Profiles
Srinivasan NandagopalSrinivasan Nandagopal
ETL Lead /Onshore Technical Business Analyst at HCL Technologies India & HCL Technologies NZ LtdETL Lead /Onshore Technical Business Analyst at HCL Technologies India & HCL Technologies NZ Ltd
Pooja SaxenaPooja Saxena
Senior Analyst at HCL Technologies Pvt. Ltd, HCL technologies Pvt LtdSenior Analyst at HCL Technologies Pvt. Ltd, HCL technologies Pvt Ltd
GIRISH KORIGIRISH KORI
Senior Software Test Engineer / Technical Leader at HCL Technologies Ltd. & HCL GMBHSenior Software Test Engineer / Technical Leader at HCL Technologies Ltd. & HCL GMBH
Abhishek KumarAbhishek Kumar
Data Engineer/Technical Lead at HCL Technologies Limited (HCL Tech)Data Engineer/Technical Lead at HCL Technologies Limited (HCL Tech)
Prashant KashyapPrashant Kashyap
Consultant at TATA CONSULTANCY SERVICESConsultant at TATA CONSULTANCY SERVICES