Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
Generic

VAISHAKH KARUNAKARAN

Hyderabad

Summary

Experienced and results-oriented Lead Information Security Analyst with over 10 years of expertise in cybersecurity governance, vendor risk management, regulatory compliance, and IT audit facilitation. Proven success in executing vendor security assessments, leading compliance initiatives aligned with HIPAA, PCI-DSS, ISO 27001, and GDPR, and improving enterprise risk postures across cloudfirst and regulated environments. Known for delivering actionable risk insights, managing third-party assessments, and influencing executive decision-making through detailed control evaluation and strategic advisory.

Overview

11
11
years of professional experience
4
4
years of post-secondary education
5
5
Certifications

Work History

Lead Information Security Analyst

Providence Global Center
Hyderabad, Telangana
11.2022 - Current
  • Performed and led vendor security risk assessments (TPAs) for 100+ biomedical devices, SaaS platforms, and enterprise software, ensuring compliance with HIPAA, PCI-DSS, ISO 27001, and Providence's internal control frameworks.
  • Developed detailed risk evaluation reports, proposed remediation strategies, tracked resolution status, and escalated unresolved risks to executive leadership.
  • Reviewed and adjudicated information security policy exceptions, balancing operational continuity with risk acceptance procedures and presenting findings to the CISO.
  • Facilitated internal IT audits and external assessments by coordinating evidence collection, conducting control walkthroughs, and managing audit remediation plans.
  • Executed mobile and digital application onboarding risk reviews to ensure security and privacy controls were embedded in design.
  • Supported third-party risk governance efforts in collaboration with Legal, Procurement, and GRC teams to evaluate supplier posture, implement risk treatment plans, and ensure timely execution.
  • Authored incident response reports with root cause analysis and preventive action plans for major security events.
  • Led compliance training initiatives across departments to build awareness of emerging threats, regulatory mandates, and Providence's security expectations.
  • Created dashboards and operational metrics for leadership to measure IT risk, compliance performance, and control maturity.
  • Advised leadership on compliance with HIPAA, PCI-DSS, ISO 27001, GDPR for integrating them into IT operations and vendor governance.

Senior Supplier Management Analyst

Synchrony
08.2019 - 10.2022
  • Managed end-to-end lifecycle of over 40 global CTO suppliers, focusing on contract compliance, risk mitigation, and performance optimization.
  • Designed and implemented supplier governance frameworks, including due diligence, insurance verification, performance tracking, and background checks.
  • Conducted regular supplier audits and compliance assessments in alignment with FFIEC, SSAE16, and internal risk frameworks.
  • Built executive dashboards to visualize supplier risks, SLA performance, and compliance posture.
  • Negotiated risk clauses in supplier contracts and led initiatives to embed operational efficiency and diversity in supplier engagement.
  • Trained internal teams on supplier compliance and regulatory expectations, supporting a consistent audit-ready culture.

Senior Specialist - Fraud Underwriter

Synchrony
06.2016 - 08.2019
  • Fraud detection, Credit Processing & Customer Service Specialist
  • Processed credit applications during outbound calls for PSCC clients, implementing robust fraud controls to
    ensure secure transactions.
  • Handled inquiry suppression, credit denial information requests, and facilitated credit limit increases, ensuring
    compliance and customer satisfaction.
  • Served as a part-time trainer for three batches, delivering effective training to enhance team performance and
    operational knowledge.
  • Created detailed reports on key performance indicators, providing actionable insights for senior leadership
    to support strategic decision-making.
  • Leveraged advanced proficiency in Microsoft Office Suite (Word, Excel, Outlook) to streamline documentation
    and reporting processes.

Officer Cadet (Short Service Commission)

Indian Army
04.2014 - 03.2016
  • Indian Army Officer (Short Service Commission)
  • Selected as an Indian Army Officer through the Service Selection Board (SSB) in Bhopal, January 2014,
    demonstrating leadership potential and rigorous aptitude.
  • Enrolled in the Short Service Commission Batch - 99 at Officers Training Academy, Chennai, undergoing
    intensive military training to develop strategic and operational skills.
  • Medically discharged due to an injury sustained during training, concluding service with honor and resilience.

Education

Bachelor of Engineering - Electronics and Communication

Jawaharlal Nehru Technological University
01.2009 - 01.2013

Skills

  • Information Security Governance

  • Vendor Risk Management

  • Third-Party Security Reviews

  • Pre-Contractual Risk Assessments

  • IT Audit Readiness

  • Evidence Collection

  • Policy Exception Management

  • Risk Identification & Mitigation

  • Risk Acceptance Processes

  • Executive Reporting

  • Cloud Security Oversight

  • Incident Response

  • Audit support

  • Security awareness training

  • SIEM management

Certification

Certified in Risk and Information Systems Control (CRISC), ISACA

Timeline

Lead Information Security Analyst

Providence Global Center
11.2022 - Current

Senior Supplier Management Analyst

Synchrony
08.2019 - 10.2022

Senior Specialist - Fraud Underwriter

Synchrony
06.2016 - 08.2019

Officer Cadet (Short Service Commission)

Indian Army
04.2014 - 03.2016

Bachelor of Engineering - Electronics and Communication

Jawaharlal Nehru Technological University
01.2009 - 01.2013

Similar Profiles

CREATE PROFILE
VAISHAKH KARUNAKARAN