Ashrav Jain

Associate Consultant

Bengaluru, Karnataka, India6 yrs 3 mos experience

Highly StableAI Enabled

Key Highlights

5+ years in Information Security and Risk Management.
Led global third-party risk assessments at KPMG.
ISO/IEC 27001:2013 Lead Auditor certified.

Stackforce AI infers this person is a Cybersecurity and Risk Management expert in the B2B sector.

Contact

Skills

Core Skills

Third-party Risk Management (tprm)Vendor Risk ManagementGovernance, Risk, And Compliance (grc)Red Team TestingTechnical Support

Other Skills

AI Risk GovernanceAccess ManagementArtificial Intelligence (AI)AuditingBMC RemedyBug HuntingBurp SuiteBusiness ContinuityCOBITClient Requirement AddressingContinuous MonitoringCybersecurity ControlsData ProtectionHardware MaintenanceIPR

About

As an Information Security professional with 5+ years of experience, I specialize in strengthening organizational resilience through risk management, third-party risk governance, and cybersecurity strategies. My expertise spans Third-Party Risk Management (TPRM), Information Security Governance, Compliance, Privacy, and Internal IT Audits. I have successfully led global third-party risk assessments and vendor risk monitoring, including continuous monitoring using tools like BitSight and managing vendor adverse events. My work extends to contract reviews covering Cybersecurity, AI, and Business Continuity/Disaster Recovery (BCP/DR), as well as performing TPRM assessments in areas of Cyber, AI, and BCM. With hands-on experience in conducting IT audits for ISO 27001:2013 compliance, developing and reviewing security policies aligned with NIST CSF and ISO 27001, and performing privacy and information security audits, I bring a comprehensive and detail-oriented approach to risk management and compliance. I hold certifications as an ISO/IEC 27001:2013 Lead Auditor and ISC² Certified in Cybersecurity (CC), and have been recognized for my performance with multiple awards at KPMG, including Awesome Ace of the Month, Kudos, and MegaStar. Driven by a proactive mindset and a passion for enabling secure business operations, I strive to deliver measurable value by enhancing security posture, ensuring compliance, and supporting strategic business objectives. Let’s connect to discuss cybersecurity, risk management, TPRM, or potential collaborations.

Experience

S&p global

Senior Analyst

Feb 2025 – Present · 1 yr 1 mo · Bengaluru, Karnataka, India · Hybrid

At S&P Global, I serve as a Senior Analyst in Vendor Risk Management, specializing in end-to-end Third-Party Risk Management (TPRM). In this role, I:
Conduct business-as-usual (BAU) risk assessments and periodic vendor recertifications.
Perform continuous monitoring of third parties using leading risk intelligence platforms.
Manage vendor adverse events and escalations, ensuring timely resolution and risk mitigation.
Review vendor contracts with a focus on cybersecurity controls, business continuity (BCP/DR), data protection, and AI risk governance.
Ensure compliance with internal policies and regulatory frameworks, strengthening overall vendor risk posture.

Vendor Risk ManagementThird-Party Risk Management (TPRM)Risk AssessmentsContinuous MonitoringVendor Contract ReviewCybersecurity Controls+3

Kpmg global services (kgs)

Associate Consultant

Dec 2020 – Jan 2025 · 4 yrs 1 mo · Bengaluru, Karnataka, India

At KPMG, I successfully led global Third-Party Risk Assessments, focusing on critical domains such as access control, asset management, and data privacy across industries including Financial Services, Healthcare, Telecommunications, and Consulting. My role involved conducting IT audits to ensure ISO 27001:2013 compliance, developing and reviewing security policies aligned with NIST CSF and ISO 27001 frameworks, and executing internal audits for privacy and information security. This experience strengthened my expertise in Governance, Risk, and Compliance (GRC), IT Audit, and Third-Party Risk Management (TPRM).

Third-Party Risk AssessmentsIT AuditsISO 27001:2013 ComplianceSecurity Policies DevelopmentNIST CSFInternal Audits+2

Altered security solutions pvt. ltd.

Security Engineer

Sep 2020 – Nov 2020 · 2 mos · Bhopal, Madhya Pradesh, India

I was involved in creating and managing virtual labs for CRTP and CRTE certifications, supporting users in gaining hands-on red team testing experience. My responsibilities included designing labs from scratch for red team assessments, providing technical support related to access and troubleshooting, and assisting users during their testing process. Additionally, I managed exam scheduling, provisioned lab access for candidates, and ensured smooth execution of certification exams.

Virtual Labs ManagementRed Team TestingTechnical SupportAccess ManagementTroubleshooting

Niit technologies

Technical Support Executive

May 2017 – Jun 2018 · 1 yr 1 mo · Bhopal Area, India

I was part of the technical support team for a government client, where I contributed to the successful implementation of software solutions while ensuring smooth operations through ongoing support. My role included assisting with software deployment, providing end-to-end hardware and software maintenance, and addressing client requirements to enhance system performance and reliability.

Technical SupportSoftware DeploymentHardware MaintenanceClient Requirement Addressing