Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

VIVEK CHALLA

Hyderabad,TG

Summary

Dynamic Information Security professional with extensive experience at Protecte Academy, specializing in ISO 27001 compliance and risk management. Proven track record in developing robust ISMS frameworks and conducting comprehensive risk assessments. Adept at enhancing organizational security posture through effective change management and security awareness initiatives.

Overview

8
8
years of professional experience
1
1
Certification

Work History

GOVERNANCE & RISK MANAGEMNET TRAINING

PROTECTE ACADEMY
Greater Noida
01.2025 - 04.2025
  • Information Security & ISO 27001 ImplementationDeveloped and implemented Information Security Management System (ISMS) Scope documents tailored to organizational needs, ensuring alignment with ISO 27001 standards.
  • Authored comprehensive Information Security Policies, defining purpose, scope, and ISMS objectives to establish robust security frameworks.
  • Defined roles and responsibilities, creating RACI matrices to clarify accountability and streamline processes.
  • Conducted risk assessments by identifying critical assets, potential threats, and vulnerabilities; evaluated likelihood and impact to build risk matrices.
  • Established risk management strategies based on organizational financial resources, operational resilience, and strategic objectives, determining risk capacity, tolerance, and appetite.
  • Applied risk treatment methodologies (Mitigate, Transfer, Avoid, Accept) using ISO 27001 controls across Organizational, People, Technological, and Physical domains, as outlined in the Statement of Applicability (SoA).
  • Ensured compliance with legal and regulatory requirements, including GDPR, HIPAA, and PCI DSS, and aligned with NIST frameworks for U.S. clients.
  • Performed and reviewed SOC 1 and SOC 2 (Type 1 and Type 2) reports to validate control effectiveness.
  • Developed and enforced Change Management and Security Awareness Training programs to enhance organizational security posture.
  • Conducted annual policy reviews and updates, or as triggered by significant organizational changes, to maintain ISO 27001 compliance.
  • Designed and executed Internal Audit Plans, scheduling audits, assigning roles, and addressing findings through root cause analysis and preventive action plans within defined timelines.
  • Created and maintained Risk Registers to document and monitor risks, ensuring proactive mitigation and control application.

GOVERNANCE & POLICY RESEARCH

Self Employed
Hyderabad
06.2017 - 12.2024

Education

Bachelor of Technology - Mechanical Engineering

Sri Chaitanya Junior College (Intermediate)
Hyderabad
05-2017

Skills

  • Information Security Management system(ISMS)
  • GRC
  • TPRM
  • Risk assessment and treatment plan
  • Regulatory compliance
  • ISO 27001 Compliance
  • NIST
  • PCIDSS, GDPR, and HIPAA
  • GRC
  • Change management
  • Security awareness
  • Internal/ External auditing
  • Cyber Security
  • SOC 1 and SOC 2 Type 1 and 2
  • Continuous Improvement(PDCA cycle)
  • Risk Register
  • GRC Tools (ARCHER,KY3P and Process Unity)
  • Third-Party Risk Assessments
  • Vendor due diligence
  • Contract and SLA Review
  • Third-Party Lifecycle Management
  • Onboarding and Offboarding Assessments
  • Security Questionnaires (SIG, CAIQ, etc)
  • Outsourcing Risk

Certification

  • Certified as Infofmation Security Management System(ISMS) Lead Implementer (ISO 27001:2022)
  • Certified in Governance and Risk Management Training

Languages

Telugu
First Language
English
Proficient (C2)
C2

Timeline

GOVERNANCE & RISK MANAGEMNET TRAINING

PROTECTE ACADEMY
01.2025 - 04.2025

GOVERNANCE & POLICY RESEARCH

Self Employed
06.2017 - 12.2024

Bachelor of Technology - Mechanical Engineering

Sri Chaitanya Junior College (Intermediate)

Similar Profiles

  • Tiffini Oporto

    Tiffini OportoTiffini Oporto

    Student Advisor / Learning Network at Astravo Online Academy, Colorado Digital Academy, and Colorado Virtual AcademyStudent Advisor / Learning Network at Astravo Online Academy, Colorado Digital Academy, and Colorado Virtual Academy

  • Bryan Dixon

    Bryan DixonBryan Dixon

    Executive Staff Member at LCD Academy - Learning, Caring, And Development AcademyExecutive Staff Member at LCD Academy - Learning, Caring, And Development Academy

  • SAILI HERNANDEZ

    SAILI HERNANDEZSAILI HERNANDEZ

    Principal at Somerset Academy Bay and Somerset Academy KendallPrincipal at Somerset Academy Bay and Somerset Academy Kendall

  • AVINASH NAROTE

    AVINASH NAROTEAVINASH NAROTE

    Security Consultant - Information Security at Tech MahindraSecurity Consultant - Information Security at Tech Mahindra

  • KusumaBhargavi Guttikonda

    KusumaBhargavi GuttikondaKusumaBhargavi Guttikonda

    Trust &Safety Analyst at AccentureTrust &Safety Analyst at Accenture

CREATE PROFILE
VIVEK CHALLA