Vaisakh B. P
Bangalore
Summary
Dynamic cybersecurity professional with extensive experience at Shell PLC, excelling in third-party risk management and compliance. Proven track record in implementing robust assurance strategies and enhancing security ratings. Skilled in IT audits and cross-functional collaboration, driving continuous improvement in governance and risk frameworks. Recognized for outstanding contributions to organizational security initiatives.
Overview
14
14
years of professional experience
1
1
Certification
Work History
Snr. IDT Assurance Advisor
Shell PLC
07.2020 - Current
- Part of Shell global supplier assurance team and ensure compliance to all TPRM and Outsourcing relevant regulations (GDPR, DORA, HIPAA)
- Extensive knowledge in SOC reporting and compliance monitoring of third-party controls.
- Experience with audits (external and/or internal) and their preparation
- Defined and implemented process for third-party risk management in Shell using industry standard tools such as SecurityScorecard and BitSight.
- Cybersecurity risk assessments performed for business-critical suppliers using security rating platforms. Also, Provide comprehensive assurance to the organization regarding IT risks.
- Manage the document and information flow needed to support the activities
- Supporting a proactive risk and control culture and continuous improvement
- Define and establish criteria for assessing information/third party risks.
- Shell global SPOC for managing High risk and medium risk suppliers.
- Perform ITGCs Testing related to Supplier.
- Collaborate with cross-functional teams to enhance the overall risk management framework.
- SME for supplier/vendor GRC program in Shell which includes implementation of new TPRM practices.
- Support various risk management and compliance related activities by providing consultation with responsible Business Units within Shell.
- Conduct awareness training to the Shell’s IT suppliers for keep up to date on supply chain risks.
Assistant Manager – Cybersecurity
Price Waterhouse Coopers (India)
06.2018 - 06.2020
- Assistant manager handling critical projects.
- Cybersecurity assessments for manufacturing firms
- Ensure third party risk mitigation strategies, advise senior management and executives in understanding and managing Third party risk across multiple domains
- DFARS end to end audit evaluation for India’s leading IT service firm.
- Greenfield end to end HIPAA and ISO 27001 implementation- leading healthcare in Asia.
- End to end assessment on risk & compliance at global stature.
- Enterprise Risk and Privacy assessment for world’s no.1 Steel manufacturing firm.
Information Security Consultant / Analyst
Lulu Group International (UAE)
06.2016 - 05.2018
- Governance Risk Compliance Manager
- Internal System Auditor for LULU Group. (ITGC, ISMS & PCI-DSS)
- IT projects monitoring and follow-ups.
- IT Incident and problem Management.
- PCI DSS Compliance Management.
- Privacy Impact Analysis for UK operation (GDPR)
Information Security & Compliance
eHosting Datafort (UAE)
05.2015 - 02.2016
- Company Overview: www.ehdf.com
- IT Risk assessment and gap analysis.
- Business Impact Analysis.
- Internal auditor for service delivery, security, business continuity compliance.
- Experience in ISO 27001/22301 standards compliance.
- Security Architecture Review.
- Balanced scorecard development and its analysis for IMS.
Customer Engineer (ISMS System Administrator)
HCL Infosystems Limited
09.2011 - 04.2014
- Experience in ISMS audit process owner as system administrator
- Team leader for Business Continuity Process Tests and Vulnerability tests.
- Implementing the security policies.
- Responsible for disaster recovery, closing security loopholes and access levels.
- Defining and implementing appropriate safeguards to ensure the confidentiality, integrity, and availability of the information assets.
- Windows Server Installation and post installation processes (2003,2008 & 2012)
- VMware ESXI, Windows server management
- Backup management BCP and DR.
- Patch Management and WSUS
- Enterprise office suite (O365 and Azure) administration and security hardening.
- Experience as an Incident, Problem Management Analyst.
- Experience in RAID technologies and storage concepts
Education
Master of IT management -
University of Wollongong
UAEB. Tech - Electronics and Instrumentation
MG University
IndiaSkills
- Third-Party assurance management (TPRM)
- IT Audit (External/Internal) & Risk assessment
- Governance, Risk & Compliance (SOX, ITGC, PCI-DSS, ISO 27001, GDPR, HIPAA, NIS2)
- SecurityScorecard & BitSight
- SOC reporting
- Cross-functional collaboration
- Process implementation
- IT general controls
- Customer service
Certification
- Certified Information Systems Auditor (CISA, ISACA)
- Certified Information Security Manager (CISM, ISACA)
- Certified Data Privacy Solutions Engineer (CDPSE, ISACA)
- Certified Information Security Risk Assessor (SISA)
- Certified Payment Card Industry Security Implementer (SISA)
- ITIL Version 3.0 Foundation Certified
- Automating Third Party Risk Management with SecurityScorecard
Training
- HCL internal ISO 27001:2013 certification training.
- IT Infrastructure training (HCL, Hyderabad)
- ITILV3 Foundation. HCL internal training, Pondicherry.
- HCL internal trainings (RAID, Storage, DCIB, VMware, Windows 2008).
- CISRA Training (From SISA InfoSec, Dubai)
- PCI DSS Training (From SISA InfoSec, Dubai)
Accomplishments
- CIO/VP award for bring up Shell’s score high on various security rating platforms.
- Identified as emerging talent in Shell
- Implemented IT helpdesk portal for Lulu by integrating ITIL framework
- Implemented Information Security Awareness Program in Lulu
- PCI-DSS certification for Lulu UAE.
- Established new policies for HCL Technical Assistance Center for better information security.
- Successfully completed QMS and ISMS audits for the year’s 2012 and 2013 for HCL.
- University topper for "Managing IT Resources"
Timeline
Snr. IDT Assurance Advisor
Shell PLC
07.2020 - Current
Assistant Manager – Cybersecurity
Price Waterhouse Coopers (India)
06.2018 - 06.2020
Information Security Consultant / Analyst
Lulu Group International (UAE)
06.2016 - 05.2018
Information Security & Compliance
eHosting Datafort (UAE)
05.2015 - 02.2016
Customer Engineer (ISMS System Administrator)
HCL Infosystems Limited
09.2011 - 04.2014
Master of IT management -
University of Wollongong
B. Tech - Electronics and Instrumentation
MG University
Similar Profiles
M Sujitha ReddyM Sujitha Reddy
Data Analytics Consultant at Shell PLCData Analytics Consultant at Shell PLC
Syed NyamtullaSyed Nyamtulla
CLOUD IT ADVISOR at Shell PLCCLOUD IT ADVISOR at Shell PLC
Sumukh C BSumukh C B
Sr.Analytics Engineer at Shell PLCSr.Analytics Engineer at Shell PLC
RAGHUNANDAN M N BRAGHUNANDAN M N B
Senior Operations Engineer at Thomson Reuters International Service Private LimitedSenior Operations Engineer at Thomson Reuters International Service Private Limited
Krithika SelvanayagamKrithika Selvanayagam
Associate Success Guide at SalesforceAssociate Success Guide at Salesforce