Summary
Overview
Work History
Education
Skills
Websites
Certification
Training
Accomplishments
Timeline
Generic
Vaisakh B. P

Vaisakh B. P

Bangalore

Summary

Dynamic cybersecurity professional with extensive experience at Shell PLC, excelling in third-party risk management and compliance. Proven track record in implementing robust assurance strategies and enhancing security ratings. Skilled in IT audits and cross-functional collaboration, driving continuous improvement in governance and risk frameworks. Recognized for outstanding contributions to organizational security initiatives.

Overview

14
14
years of professional experience
1
1
Certification

Work History

Snr. IDT Assurance Advisor

Shell PLC
07.2020 - Current
  • Part of Shell global supplier assurance team and ensure compliance to all TPRM and Outsourcing relevant regulations (GDPR, DORA, HIPAA)
  • Extensive knowledge in SOC reporting and compliance monitoring of third-party controls.
  • Experience with audits (external and/or internal) and their preparation
  • Defined and implemented process for third-party risk management in Shell using industry standard tools such as SecurityScorecard and BitSight.
  • Cybersecurity risk assessments performed for business-critical suppliers using security rating platforms. Also, Provide comprehensive assurance to the organization regarding IT risks.
  • Manage the document and information flow needed to support the activities
  • Supporting a proactive risk and control culture and continuous improvement
  • Define and establish criteria for assessing information/third party risks.
  • Shell global SPOC for managing High risk and medium risk suppliers.
  • Perform ITGCs Testing related to Supplier.
  • Collaborate with cross-functional teams to enhance the overall risk management framework.
  • SME for supplier/vendor GRC program in Shell which includes implementation of new TPRM practices.
  • Support various risk management and compliance related activities by providing consultation with responsible Business Units within Shell.
  • Conduct awareness training to the Shell’s IT suppliers for keep up to date on supply chain risks.

Assistant Manager – Cybersecurity

Price Waterhouse Coopers (India)
06.2018 - 06.2020
  • Assistant manager handling critical projects.
  • Cybersecurity assessments for manufacturing firms
  • Ensure third party risk mitigation strategies, advise senior management and executives in understanding and managing Third party risk across multiple domains
  • DFARS end to end audit evaluation for India’s leading IT service firm.
  • Greenfield end to end HIPAA and ISO 27001 implementation- leading healthcare in Asia.
  • End to end assessment on risk & compliance at global stature.
  • Enterprise Risk and Privacy assessment for world’s no.1 Steel manufacturing firm.

Information Security Consultant / Analyst

Lulu Group International (UAE)
06.2016 - 05.2018
  • Governance Risk Compliance Manager
  • Internal System Auditor for LULU Group. (ITGC, ISMS & PCI-DSS)
  • IT projects monitoring and follow-ups.
  • IT Incident and problem Management.
  • PCI DSS Compliance Management.
  • Privacy Impact Analysis for UK operation (GDPR)

Information Security & Compliance

eHosting Datafort (UAE)
05.2015 - 02.2016
  • Company Overview: www.ehdf.com
  • IT Risk assessment and gap analysis.
  • Business Impact Analysis.
  • Internal auditor for service delivery, security, business continuity compliance.
  • Experience in ISO 27001/22301 standards compliance.
  • Security Architecture Review.
  • Balanced scorecard development and its analysis for IMS.

Customer Engineer (ISMS System Administrator)

HCL Infosystems Limited
09.2011 - 04.2014
  • Experience in ISMS audit process owner as system administrator
  • Team leader for Business Continuity Process Tests and Vulnerability tests.
  • Implementing the security policies.
  • Responsible for disaster recovery, closing security loopholes and access levels.
  • Defining and implementing appropriate safeguards to ensure the confidentiality, integrity, and availability of the information assets.
  • Windows Server Installation and post installation processes (2003,2008 & 2012)
  • VMware ESXI, Windows server management
  • Backup management BCP and DR.
  • Patch Management and WSUS
  • Enterprise office suite (O365 and Azure) administration and security hardening.
  • Experience as an Incident, Problem Management Analyst.
  • Experience in RAID technologies and storage concepts

Education

Master of IT management -

University of Wollongong
UAE

B. Tech - Electronics and Instrumentation

MG University
India

Skills

  • Third-Party assurance management (TPRM)
  • IT Audit (External/Internal) & Risk assessment
  • Governance, Risk & Compliance (SOX, ITGC, PCI-DSS, ISO 27001, GDPR, HIPAA, NIS2)
  • SecurityScorecard & BitSight
  • SOC reporting
  • Cross-functional collaboration
  • Process implementation
  • IT general controls
  • Customer service

Certification

  • Certified Information Systems Auditor (CISA, ISACA)
  • Certified Information Security Manager (CISM, ISACA)
  • Certified Data Privacy Solutions Engineer (CDPSE, ISACA)
  • Certified Information Security Risk Assessor (SISA)
  • Certified Payment Card Industry Security Implementer (SISA)
  • ITIL Version 3.0 Foundation Certified
  • Automating Third Party Risk Management with SecurityScorecard

Training

  • HCL internal ISO 27001:2013 certification training.
  • IT Infrastructure training (HCL, Hyderabad)
  • ITILV3 Foundation. HCL internal training, Pondicherry.
  • HCL internal trainings (RAID, Storage, DCIB, VMware, Windows 2008).
  • CISRA Training (From SISA InfoSec, Dubai)
  • PCI DSS Training (From SISA InfoSec, Dubai)

Accomplishments

  • CIO/VP award for bring up Shell’s score high on various security rating platforms.
  • Identified as emerging talent in Shell
  • Implemented IT helpdesk portal for Lulu by integrating ITIL framework
  • Implemented Information Security Awareness Program in Lulu
  • PCI-DSS certification for Lulu UAE.
  • Established new policies for HCL Technical Assistance Center for better information security.
  • Successfully completed QMS and ISMS audits for the year’s 2012 and 2013 for HCL.
  • University topper for "Managing IT Resources"

Timeline

Snr. IDT Assurance Advisor

Shell PLC
07.2020 - Current

Assistant Manager – Cybersecurity

Price Waterhouse Coopers (India)
06.2018 - 06.2020

Information Security Consultant / Analyst

Lulu Group International (UAE)
06.2016 - 05.2018

Information Security & Compliance

eHosting Datafort (UAE)
05.2015 - 02.2016

Customer Engineer (ISMS System Administrator)

HCL Infosystems Limited
09.2011 - 04.2014

Master of IT management -

University of Wollongong

B. Tech - Electronics and Instrumentation

MG University
Vaisakh B. P