Shan Shane Varikkattu

Associate Consultant

Mumbai, Maharashtra, India6 yrs 10 mos experience
Most Likely To Switch

Key Highlights

  • Expert in cybersecurity frameworks and compliance.
  • Proven track record in risk management across multiple sectors.
  • Strong background in business operations and technology management.
Stackforce AI infers this person is a Cybersecurity and Risk Management expert with experience in BFSI and Telecom sectors.

Contact

LinkedIn

Skills

Core Skills

CybersecurityRisk ManagementData PrivacyBusiness Continuity

Other Skills

Amazon Web Services (AWS)Analytical SkillsBrand AwarenessBusiness AnalysisBusiness Continuity Management (BCMS)Business Continuity PlanningBusiness Impact AnalysisCloud SecurityCompliance DocumentationData AnalysisData VisualizationDecision-MakingEnterprise Risk ManagementEvent MarketingFinancial Statement Analysis

About

Engineer with an MBA in Technology Management, working at the intersection of business operations and cybersecurity. I have experience in implementing and sustaining security and compliance programs across large, distributed environments. Over the years, I’ve supported clients in the BFSI, Insurance, Telecom and IT/ITES sectors in strengthening their security posture through frameworks such as ISO 27001 (ISMS), NIST CSF, Third-Party Risk Management (TPRM), and Business Continuity (BCMS). I have also contributed to GDPR-related data privacy governance activities, ensuring alignment between business workflows and regulatory expectations. Earlier in my career, I worked in retail operations where I supported audit, workforce enablement, shrinkage controls and process improvement across multiple store locations — which helped me develop a practical, business-aligned approach to risk and compliance. I enjoy bringing structure to complex problems, enabling teams through clear documentation and governance, and improving operational maturity step by step. Always open to meaningful learning, collaboration and conversations around cybersecurity, governance and enterprise risk.

Experience

Ey

Consultant

May 2023Present · 2 yrs 10 mos · Mumbai, Maharashtra, India

  • Technology Consulting – Cybersecurity & Risk (BFSI, Telecom, Insurance)
  • 1) ISO 27001 – Information Security Management System (ISMS)
  • Led ISMS implementation and maintenance for a Telecom client aligned to ISO 27001:2013 & 2022.
  • Performed risk assessments, developed risk treatment plans, and ensured ongoing compliance across domains.
  • Conducted process walkthroughs with system owners to identify control gaps and improvement areas.
  • Managed internal audits, awareness sessions, and Management Review Meetings, ensuring timely closure of audit findings.
  • Supported development and review of cybersecurity policies, Standards, SOPs, and compliance documentation.
  • Implemented cloud security controls within ISMS scope to safeguard sensitive cloud-hosted information.
  • Conducted gap assesment for NIS2 implementation.
  • 2) Third-Party Risk Management (TPRM)
  • Conducted vendor risk assessments, evaluating security posture of third parties and outsourcing risks.
  • Supported development of TPRM risk scoring models, remediation tracking, and reporting.
  • 3) Privacy & Data Protection (ISO 27701)
  • Supported privacy governance activities aligned to ISO 27701, including personal data flow understanding.
  • Assisted in preparing privacy risk registers and mapping privacy to security controls.
  • Documented RoPA, DFDs and PDIs for 10+ processing activities.
  • 4) Business Continuity Management (BCMS – ISO 22301)
  • Supported review and maturity assessment of Business Continuity Plans aligned to ISO 22301.
  • Assisted in coordinating BCP awareness sessions, evidence collection, and audit readiness activities.
  • 5) NIST Cybersecurity Framework (NIST CSF)
  • Performed assessments against NIST CSF and IRDAI guidelines for a global health services client.
  • Contributed to designing and improving GRC workflows, control testing, and compliance dashboards.
  • Reviewed and enhanced cloud security and cybersecurity policies to ensure alignment with NIST CSF and regulatory standards.
ISO 27001Third Party Risk Management (TPRM)Privacy & Data ProtectionBusiness Continuity Management (BCMS)NIST Cybersecurity Framework (NIST CSF)Cybersecurity+1

Leadflux martech

Social Media Optimization Intern

Apr 2022Jun 2022 · 2 mos · Ahmedabad, Gujarat, India

  • Helping IT and SAAS companies to drive business through Social Media Engagement.
  • Build strategies to create Personal Branding.
  • Using Marketing Automation for Lead generation.
  • Using LinkedIn marketing for Inbound leads.
  • Enabling Clients to scale up their business exponentially through Digital Marketing Strategies.

Symbiosis institute of digital & telecom management (sidtm), pune

2 roles

Media and Content Head - Sports Council

Promoted

Jan 2022Apr 2023 · 1 yr 3 mos · Pune, Maharashtra, India

Associate member - Sports Council

Aug 2021Jan 2022 · 5 mos · Pune, Maharashtra, India

Samsung india

Samsung Executive Consultant

Jun 2018Oct 2020 · 2 yrs 4 mos · Bengaluru, Karnataka, India

  • Led governance and operational audits for Samsung’s first pilot retail project in Bangalore, ensuring adherence to SOPs, brand standards, and compliance protocols.
  • Monitored asset inventory and control accuracy, strengthening accountability and reducing stock discrepancies through regular verification and reporting.
  • Evaluated team KPIs and performance metrics, identifying process gaps and implementing remediation plans to improve sales closure efficiency and customer satisfaction.
  • Conducted surprise store inspections and compliance reviews, assessing visual merchandising, customer-service delivery, and operational risk adherence.
  • Trained and coached sales staff on policy compliance, quality standards, and customer-experience best practices, reinforcing a culture of continuous improvement and governance alignment.

Decathlon sports india

Sport Leader

Aug 2017Apr 2018 · 8 mos · Bengaluru, Karnataka, India

  • Inventory Management for Artengo and Kipsta Department.
  • Consulting clients for the right solution/products.
  • Competitive analysis to position the SKUs to targeted customer.
  • Handling Objections and closing the deal.

Education

Symbiosis Institute of Digital & Telecom Management (SIDTM), Pune

MBA

Jan 2021Jan 2023

Alliance University

Bachelor of Technology - B.Tech — Electronics and Communications Engineering

Jan 2014Jan 2018

Ryan International School, Noida

Science

Jan 2006Jan 2012

Stackforce found 100+ more professionals with Cybersecurity & Risk Management

Explore similar profiles based on matching skills and experience

Palak Arora

Palak Arora

Senior Product Security Engineer

at Cisco

Bengaluru, India7 yrs 3 mos exp
Penetration TestingVulnerability Assessment
Barbara Karuth-Zelle

Barbara Karuth-Zelle

Member of the Board of Management and Chief Operating Officer (COO) of Allianz SE

at Allianz

Munich, Germany31 yrs 9 mos exp
Executive ManagementInnovation ManagementBusiness TransformationIT OperationsClaims Management
Kumar Nallathamby

Kumar Nallathamby

VP Cybersecurity Risk

at Fidelity Investments

New York, United States27 yrs 1 mo exp
CybersecurityRisk ManagementSoftware DevelopmentProject ManagementSystems Engineering
Swetha K

Swetha K

Compliance Lead

at interface.ai

Noida, India8 yrs 3 mos exp
Osama Bin Faiz

Osama Bin Faiz

Cyber Security Specialist + GTM Lead (APMEA)

at Wipro

Dubai, United Arab Emirates7 yrs 3 mos exp
Cybersecurity Risk AdvisoryData PrivacyDevSecOpsGRC ManagementGovernance, Risk & Compliance
SR

Shradha Suman R.

Contract Analyst

at Pramata

Bengaluru, India3 yrs exp
Analytical SkillsCompliance ManagementContract ManagementLegal ResearchLegal Writing
Saujanya Dev

Saujanya Dev

Head of Risk & Compliance

at CRED

Bengaluru, India14 yrs 8 mos exp
Advisory ServicesAuditCompliance ManagementGovernance Risk Compliance (GRC)IT Risk Management
Samrat Kishor

Samrat Kishor

Partner

at Golden Next Ventures

Gurugram, India18 yrs exp
Audit & AttestationBlockchainBusiness DevelopmentCybersecurityDigital Transformation