May 2023 – Jun 2024 · 1 yr 1 mo · Bengaluru, Karnataka, India · On-site

• Developed and executed risk-based annual IT audit plans across Navì Group entities, aligning with organizational goals and emerging risk areas.
• Conducted IT audits independently or in collaboration with external auditors, assessing controls, operational efficiencies, and compliance with policies and regulations across Navì Group entities.
• Provided clear and concise IT audit reports with actionable recommendations for senior management within Navì Group.
• Coordinated IT General Controls (ITGC) and IT Application Controls (ITAC) audits for Navì Group, ensuring compliance with industry standards and regulatory requirements set by RBI, SEBI, and IRDAI.
• Established collaborative relationships across Navì Group entities and actively contributed to key business decisions.
• Stayed abreast of industry standards and regulatory requirements set by RBI, SEBI, and IRDAI, updating audit plan accordingly to address the needs of Navì Group

Dec 2022 – Apr 2023 · 4 mos · Bengaluru, Karnataka, India

• building and leading the compliance team
• Manage PCI DSS Implementation and Certification (Level 1 and SAQ-D).
• Handle external Auditors (PCI QSA, ITGC Auditors, Third party/Partner Auditors)
• Be the focal point for all IT and Information Security regulations applicable to the company.
• Remediate audit gaps by coordinating with all the teams.
• ISO 27001 Implementation.
• SAR DL audits and TPAP/PPI audits execution
• RBI and NPCI Guideline/regulations Implementation.

Nov 2020 – Dec 2022 · 2 yrs 1 mo · Bengaluru, Karnataka, India

Aug 2019 – Nov 2020 · 1 yr 3 mos · Bengaluru, Karnataka, India

• To know technical aspects of Infobip’s products and solutions.
• To have an excellent overview of the business and are up-to-date with the latest industry trends as well as the competition.
• To understand client’s business, knowing exactly which of our products can help them evolve their business.
• To act as a go-to person in presales team for security-related assignments such as security questionnaires and helping the team in the RFP process.
• To constantly align with Corporate Security and Privacy office and Legal department.
• To ensure that all projects are delivered on-time, within scope and within budget.
• To develop project scopes and objectives, involving all relevant stakeholders and ensuring technical feasibility.
• To have good understanding of the Security/network infrastructure within Infobip and specific to region.
• To have clear knowledge of the technical security and compliance issues within the company.
• To conduct internal audit reviews for ISO 27001 certification.
• To be Regional point of contact for the global CISO.

Apr 2018 – Aug 2019 · 1 yr 4 mos

• Roles and Responsibilities:
• PCI-DSS implementation for Banks, ODCs, BPOs
• PCI DSS Consultation
• Information Security Consulting
• Risk Assessment
• Information Security Awareness Training
• CPISI Training

Apr 2017 – Mar 2018 · 11 mos

Jul 2016 – Apr 2017 · 9 mos

• Worked in the Risk and Compliance team for performing PCI DSS compliance audits.
• Possess strong knowledge on compliance standards like PCI DSS, PA DSS and ISO 27001.
• Conducted gap assessment audit and risk assessments for leading payment gateways, E-commerce and M-commerce merchants, issuing service providers, telecom service providers, pre-paid card management for banks.
• Conducted vulnerability assessments for organizations with different payment card environments.
• Conducting Web Application Penetration Testing (both Manual as well as Automated)
• Exposure in security assessments of Mobile applications (Android/iPhone/ Blackberry etc).
• Relevant knowledge of conducting Vulnerability assessments and Penetration Testing of Network and Servers.
• Hands-on experience of Penetration Testing tools such as Metasploit, Kali Linux distribution tools
• Ability to take complete ownership of the project.
• Good verbal and written communication
• Innovative mind and go get attitude

Sep 2014 – Jul 2016 · 1 yr 10 mos · Bengaluru Area, India

• Perform Identity and access management activities.
• Have working knowledge of individual IDs, Generic IDs, Shared IDs, Privilege IDs.
• Have knowledge of password management, password expiry, basic minimum password guidelines.
• Execute and track security process related activities including User ID management.
• Coordinate & track the completion of scheduled IAM related activities
• Support peers and team leaders to achieve UID related SLA of IAM processes