Akash Purohit — Operations Associate

I am a Cyber Security professional with over 15 years of experience focused on risk management and controls in cloud and enterprise environments. Currently, I work as a Manager for Cloud & Emerging Risk and Controls at Commonwealth Bank of Australia, where I oversee security governance across AWS, Azure, and Google Cloud platforms. My expertise includes IT risk assessment, compliance automation, security architecture, and data protection. Over the years, I have developed and implemented security frameworks that safeguard critical assets, ensure compliance with regulatory standards, and support business needs without compromising flexibility. Some of the core skills I bring to the table are: 🔹Cloud security risk assessments and control implementation 🔹Governance, risk, and compliance automation 🔹Identity and access management and Zero Trust security models 🔹Vendor risk management and audit readiness 🔹Security policy development and threat mitigation 🔹Automation of compliance processes to improve efficiency I am passionate about applying practical security solutions that enhance organizational resilience and reduce risk exposure. I enjoy mentoring teams and engaging with professionals who share an interest in cybersecurity and risk management. If you would like to connect or discuss cybersecurity strategies, emerging risks, or potential collaborations, please feel free to reach out. I am always open to meaningful conversations and expanding my professional network.

Stackforce AI infers this person is a Cyber Security expert with extensive experience in FinTech and cloud security governance.

Location: Bengaluru, Karnataka, India

Experience: 15 yrs 6 mos

Skills

Cloud Security Risk Management
Cyber Risk Management
Governance, Risk Management, And Compliance (grc)
Information Security Governance
Automation
Data Security
Enterprise Security
Network Security
Technology Risk

Career Highlights

Over 15 years of experience in Cyber Security.
Expert in cloud security risk assessments and compliance automation.
Proven track record in implementing security frameworks.

Work Experience

Commonwealth Bank

Manager Cloud & Emerging Risk & Controls (1 yr 2 mos)

Grab

Senior Cyber Security Risk and Compliance Strategist (2 yrs 6 mos)

Senior Information Security Engineer (2 yrs 10 mos)

Dhani

Enterprise Security Lead (3 mos)

BNY Mellon

Tech Lead information security (1 yr 5 mos)

Capgemini

Network Security Consultant (2 yrs)

Tech Mahindra

Network Administrator (5 yrs 6 mos)

Education

Cyber security for Leaders at Indian School of Business

Bachelor's degree at Ravenshaw University

Akash Purohit

Operations Associate

Bengaluru, Karnataka, India15 yrs 6 mos experience

Highly StableAI Enabled

Key Highlights

Over 15 years of experience in Cyber Security.
Expert in cloud security risk assessments and compliance automation.
Proven track record in implementing security frameworks.

Stackforce AI infers this person is a Cyber Security expert with extensive experience in FinTech and cloud security governance.

Contact

akash.purohit1989@gmail.com LinkedIn

Skills

Core Skills

Cloud Security Risk ManagementCyber Risk ManagementGovernance, Risk Management, And Compliance (grc)Information Security GovernanceAutomationData SecurityEnterprise SecurityNetwork SecurityTechnology Risk

Other Skills

2nd Line IT SupportAI riskAccess ControlAssessment StrategiesAudit ReportsAuditingCSPMCisspCloud ComputingCloud SecurityCommunicationCompliance ManagementCompliance PCIContinuous Integration and Continuous Delivery (CI/CD)Control Testing

About

Experience

Commonwealth bank

Manager Cloud & Emerging Risk & Controls

Jan 2025 – Present · 1 yr 2 mos · Bengaluru, Karnataka, India · Hybrid

Serve as strategic risk advisor to the CTO, driving cloud governance across AWS, Azure, and GCP.
Design and implement technical and procedural controls, perform risk assessments, and lead mitigation planning for new cloud and AI services.
Lead AI and security risk assessments to enhance control effectiveness in hybrid environments.
Champion security-first culture, mentoring teams and embedding secure practices in operations.
Drive Agile delivery of security initiatives using JIRA & Scrum, accelerating risk remediation.
Partner with InfoSec, Engineering, and Architecture teams to enhance control effectiveness and track remediation progress.
Leverage IBM OpenPages to automate compliance workflows and high-impact risk assessments.

AI riskSecurity AutomationProject ManagementProblem SolvingCloud Security Risk ManagementCyber Risk Management+1

Grab

2 roles

Senior Cyber Security Risk and Compliance Strategist

Jul 2022 – Jan 2025 · 2 yrs 6 mos · Bengaluru, Karnataka, India · Hybrid

As Senior Security Risk & Compliance Strategist at Grab, I led the automation of governance, risk, and compliance (GRC) processes for control testing and monitoring, which significantly improved efficiency.
By implementing AI-driven frameworks, I enhanced the visibility and reporting of compliance metrics, allowing for more proactive risk management. I also managed vendor risk, policy compliance, and maintained dashboard evidence aligned with standards such as PCI DSS, SOC 2, SWIFT, and NIST.
Working closely with auditors, I helped streamline compliance reviews and strengthen our overall security posture. Additionally, I supported product teams by integrating security controls and key risk indicators throughout the development lifecycle to ensure ongoing compliance and risk mitigation.
Achievements:
Automated control testing workflows that increased audit efficiency.
Introduced data-driven compliance frameworks, enhancing operational oversight.
Strengthened vendor management processes, reducing associated risks.
Improved remediation tracking and risk reporting across multiple teams.

Information Security GovernanceControl assessmentSWIFT AUDITTechnology RiskVulnerability AssessmentPolicy Development+39

Senior Information Security Engineer

Apr 2019 – Feb 2022 · 2 yrs 10 mos · Petaling Jaya, Selangor, Malaysia

As a Senior Information Security Engineer at Grab Malaysia, I improved data protection by leveraging DLP, CASB, and proxy tools to safeguard sensitive information effectively. I led security assessments aimed at implementing Zero Trust security models across both cloud and network environments.
In addition, I defined governance policies to enforce security standards and support threat mitigation efforts. I also coordinated closely with cross-functional teams on vulnerability management and security incident response to ensure timely and effective handling.
Achievements:
Implemented Zero Trust initiatives, improving overall network security posture
Strengthened data loss prevention mechanisms, reducing exposure to sensitive data leaks
Enhanced security governance policies that improved response to emerging threats

Technology RiskVulnerability AssessmentPolicy DevelopmentNetwork Security2nd Line IT SupportRegulatory Audits+41

Dhani

Enterprise Security Lead

Feb 2022 – May 2022 · 3 mos · Remote

As Enterprise Security Lead at Dhani Loans, I managed enterprise security governance with a strong focus on endpoint protection and data loss prevention (DLP). I enforced identity and access management (IAM) controls, including multi-factor authentication and mobile device management, to ensure robust security across the organization.
My work involved aligning security practices with regulatory compliance requirements and Zero Trust principles, strengthening our overall defense posture. Additionally, I developed secure mobile access policies that balanced business needs with risk minimization.
Achievements:
Established stronger IAM and endpoint protection controls, reducing security incidents.
Successfully aligned security controls with RBI cybersecurity compliance standards.
Developed and implemented mobile security policies, improving user experience and protection.

Data SecurityTechnology RiskVulnerability AssessmentNetwork SecurityEnterprise SecurityRegulatory Audits+45

Bny mellon

Tech Lead information security

Oct 2017 – Mar 2019 · 1 yr 5 mos · Pune, Maharashtra, India

As Lead Cyber Architecture at The Bank of New York Mellon Technology, I conducted network security architecture reviews to identify weaknesses and strengthen controls.
I defined and enforced security standards and policies across multiple geographical locations to ensure consistent protection. Additionally, I managed risk-based control implementation using RSA Archer to maintain regulatory compliance effectively.
Achievements:
Developed consistent security architecture standards used across multiple sites
Led network control assessments that reduced identified risks
Successfully governed risk-based control projects in line with industry regulations

Technology RiskNetwork SecurityProject DeliveryCommunicationFirewallsStakeholder Management+19

Capgemini

Network Security Consultant

Sep 2015 – Sep 2017 · 2 yrs · Pune

As a Network Security Engineer at Capgemini, I configured and maintained firewall, proxy, and router setups to secure corporate networks effectively. I also delivered customized security solutions tailored to address specific vulnerabilities and network risks.
Achievements:
Resolved critical network vulnerabilities through targeted security measures
Improved firewall and proxy configurations enhancing network defense layers

Network SecurityFirewallsStakeholder ManagementProblem SolvingPresentationsWeb Application Firewalls+4

Tech mahindra

Network Administrator

Mar 2010 – Sep 2015 · 5 yrs 6 mos · Pune Area, India

As a Network Administrator at Tech Mahindra, I maintained Cisco network devices to ensure reliability and maximize uptime. Additionally, I implemented security controls to protect production systems and minimize downtime.
Achievements:
Consistently maintained network availability supporting critical business functions
Introduced security controls that reduced network-related incidents

FirewallsStakeholder ManagementProblem SolvingPresentationsMicrosoft OfficeDocumentation