Jan 2025 – Present · 1 yr 4 mos · Bengaluru, Karnataka, India · Hybrid

• Led GRC initiatives in a team structure , achieving successful ISO 27001 and ISO 9001 audits and enhancing compliance maturity for Information security, Privacy and Business continuity.
• Exposure to working onshore in Netherlands during external audits.
• Executed IT and risk assessments, reducing audit gaps and improving control effectiveness across systems.
• Ensured GDPR compliance by implementing robust data privacy frameworks and safeguarding PII.
• Strengthened GRC posture by implementing compliance system into ServiceNow platform and automating manual processes like customer assessments/enquiries, control monitoring, risk management, audit compliance etc.
• Delivered actionable risk insights to stakeholders, accelerating remediation and improving risk posture via compliance dashboards and performance analytics in ServiceNow.
• Assisted in compliance due diligence during M&A and take ownership of post-merger integration activities.
• Worked on technical IT controls like developing agentic AI bot for compliance, DLP, Sentinel and Purview to ensure robust IT security.

Oct 2023 – Jan 2025 · 1 yr 3 mos · Bengaluru, Karnataka, India · Hybrid

• Conduct vendor assessments, risk management, GAP analysis, control compliance, and application security assessments.
• Lead security incident investigations, risk mitigation plans, and strategic security developments.
• Advise the global IT team in cloud security and IT changes to comply with security requirements.
• Audit internal processes for ISO27001, ISO9001, GDPR, and other European standards.
• Perform security assessments, run awareness sessions, and develop security policies.
• Provide threat analytics, respond to security incidents, ensure business continuity, and maintain compliance standards.
• Improving AI governance by focusing on information security and data privacy while onboarding AI services.