Mar 2025 – Present · 1 yr

• Spearheading the corporate Information Security function, covering across the enterprise and subsidiaries.
• Successfully implemented and sustained ISO/IEC 27001 certification, including metrics and reporting framework.
• Designed and executed the organization's Information Security roadmap aligned with business strategy.
• Established enterprise-wide security governance, including policies, standards, and procedures.
• Leading BCP strategy design and execution; developed the Cyber Crisis Management Plan.
• Implemented SOC (Security Operations Center) and Incident Management Framework.
• Conducted IT risk assessments, cloud security reviews, and third-party risk management (TPRM).
• Ensured compliance with ISO 27001, ISO 27701 BRSR, statutory, NHA, IRDA, RBI, and corporate regulatory requirements.
• Conducted internal/external VAPT for web/mobile apps, APIs, and network infrastructure.
• Provided security consulting for digital transformation initiatives including mobile apps, web platforms, and APIs.
• Overseeing IT audits, control self-assessments, and CAPA management.
• Led data privacy program and internal privacy compliance frameworks aligned with DPDPA Act.
• Led security architecture reviews for enterprise applications and infrastructure.
• Developed and delivered company-wide InfoSec awareness programs (e-learning, phishing simulations, IS handbook, etc.).
• Engaged with senior leadership and Apex committee for strategic InfoSec decisions.
• Managed InfoSec budgets, resourcing, and skill planning.
• Directed security for national initiatives including Ayushman Bharat Health Account under NDHM (Govt. of India).
• Implemented dark web monitoring and brand protection across web, social media, and marketplaces to proactively mitigate threats.

Jan 2022 – Feb 2025 · 3 yrs 1 mo

• Leading corporate information security function of Bajaj Finserv Health Limited.
• Established & implemented enterprise wide information security program covering 1000+ users.
• Driving ISO 27001 implementation and sustenance.
• Successfully implemented ISO 27001 and accomplish certification and sustenance.
• Through proactive approach minimized security risks & incidents and improved compliance.
• Playing a key role in establishing the InfoSec function and execution of Apex committee
• recommendations.
• Strategic alignment with organization strategy.
• Reviews with Sr. Executives
• Developed IS roadmap
• Designed ISO 27001 metrics & reporting framework
• Budget & manpower planning
• Security consulting for Digital Transformation initiatives MobileApp, Web Applications and API
• Designed enterprise BCP program
• Architecture reviews
• Cloud security risk assessment
• Ensuring compliance with statutory, Corporate, BRSR, ISO
• Established Data Privacy program
• Oversee function wise Control Self Assessments, all IT audits & CAPA tracking/closure
• Development and enforcement of Security policies, procedures & standards
• Ensuring System/Network/App Sec compliance
• Successful implementation of SOC-security operations center
• Established Incident Management Framework
• Established Cyber Crisis Management Plan
• External and Internal VAPT(Web App, Mobile App, API, Network devices)
• Performing IT Risk Assessments, designed and implemented Third Party Risk Management
• Taken initiative of company Brand Protection - Website, Social Media, Mobile Apps, Marketplace
• etc.
• Designed & delivered InfoSec Trainings (e-Learning) and Awareness Initiatives (Screensavers,
• Posters, Inductions, IS Handbooks, Quiz, Phishing Simulations)
• Application Security for Ayushman Bharat Health Account by NDHM(Govt of India)

Jun 2020 – Dec 2021 · 1 yr 6 mos

• Information Security Administrator