Nov 2020 – Mar 2024 · 3 yrs 4 mos · Noida, Uttar Pradesh, India · On-site

• 🚀 Leading the Security Compliance & Privacy function at Innovaccer Inc.—one of the fastest-growing Health Tech SaaS unicorns.
• ✅ Built the Compliance function from the ground up, reporting directly to the compliance committee.
• 🌍 Driving compliance and privacy programs across the US, UK, EU, and Middle East.
• 🔐 Hands-on management of audits and frameworks including HITRUST, HIPAA, FedRAMP, SOC 2, GDPR, UK-DPA, SOx, ISO 27001, and more.
• 🏢 Successfully transitioned audit operations from boutique firms to Big 4 auditors.
• 📄 Streamlined and enhanced policies, procedures, and governance tools to strengthen our control environment.
• 🤝 Collaborate closely with internal teams and external vendors, ensuring thorough third-party risk assessments.
• 📋 Support regulatory and compliance inputs for customer RFPs and partner engagements.

Nov 2017 – Nov 2020 · 3 yrs · Noida Area, India · On-site

• 💼 Spearheaded complex global IT Audit & Compliance programs at Aon, covering SOx, SOC1, GDPR, PCI, HIPAA, and more.
• 🌐 Managed end-to-end IT risk and compliance across regions, engaging with internal/external auditors, regulators, and C-level leadership.
• 📊 Delivered timely updates to executives and stakeholders, ensuring transparency and alignment on IT risk posture.
• 🔄 Automated labor-intensive compliance processes, improving efficiency and audit readiness.
• 🤝 Partnered across functions to remediate audit findings and ensure adherence to internal controls, legal, and regulatory requirements.
• 📋 Supported policy exception management and guided corrective actions across global teams.
• 🌍 Led and expanded a global team across the US, EMEA, and APAC—scaling capabilities and team footprint.
• 📈 Optimized compliance delivery by onboarding a Big 4 firm and redefining the operating model, tools, and governance.
• 🔧 Ensured seamless integration with Aon’s policies and standards during multiple acquisitions and divestitures.

Oct 2016 – Nov 2017 · 1 yr 1 mo · Mumbai, Maharashtra, India · On-site

• 📌 Played a key role in establishing the Enterprise Technology Audit team in India.
• 🌏 Led IT regulatory reviews across India and Asia Pacific, ensuring compliance with local mandates.
• 🧩 Planned and managed IT internal audits across Enterprise Technology and multiple business lines and geographies.
• 📚 Identified training needs and contributed to the development of impactful training programs.
• ⚙️ Part of the pioneering agile IT internal audit project—now adopted globally within the Internal Audit function.

Oct 2011 – Oct 2016 · 5 yrs · Gurugram, Haryana, India · On-site

• 🔍 Led multiple client engagements across IT Internal Audit, SOX Compliance, SOC Reporting (ISAE 3402 & SSAE 16), ISO 27001, SAP GRC, Oracle SoD, and Enterprise Risk Management.
• 🛠️ Spearheaded setup and management of IT operations teams and Managed Services functions.
• 📊 Conducted application/process control reviews, software asset management implementations, and controls transformation initiatives.
• 📈 Ensured quality delivery and risk compliance while aligning engagements with client needs and firm strategy.
• 🤝 Built strong client relationships, influencing key stakeholders and identifying improvement opportunities in business processes.
• 📚 Supported proposal development, knowledge sharing, solution design, and marketing collateral creation.
• 👥 Managed teams effectively—providing real-time feedback, mentoring, and driving collaboration to ensure timely and high-quality engagement outcomes.

Jul 2008 – Oct 2011 · 3 yrs 3 mos · Mumbai and Gurgaon · On-site

• 🔹 Led diverse IT assurance and compliance engagements, including ITGC reviews, ISO 27001 post-implementation assessments, application controls, SOX, SAS 70, ERP audits, and regulatory reviews (RBI, SEBI, etc.).
• 🔹 Mentored teams and contributed to practice development and management initiatives.
• 🔹 Proactively identified business development opportunities to drive growth.

Feb 2008 – Jul 2008 · 5 mos · Mumbai, Maharashtra, India · On-site

• 🔹 Spearheaded Vendor Risk Management (TPISA) assessments across the western region for a leading MNC bank.
• 🔹 Led ISO 27001:2005 implementations and conducted post-implementation reviews.
• 🔹 Executed IT internal audits for major FMCG clients.
• 🔹 Directed ITGC, SOX, SAS 70, ERP, and regulatory compliance reviews (RBI, SEBI, etc.).
• 🔹 Coached teams and contributed to practice development and business growth initiatives.

Dec 2004 – Feb 2008 · 3 yrs 2 mos · Mumbai, Maharashtra, India · On-site

• 📄 Reviewed and validated U.S. home loan applications, preparing underwriting reports to support loan sanction decisions.
• 📊 Prepared department MIS and Risk Control Self-Assessment (RCSA) reports to strengthen internal controls.
• 🔐 Ensured compliance with organizational security policies by guiding and reviewing key processes.
• ⚙️ Identified automation opportunities and collaborated with cross-functional teams for successful implementation.
• 🚀 Drove operational efficiency and risk mitigation through continuous process improvements.

Sep 2003 – Dec 2004 · 1 yr 3 mos · Mumbai, Maharashtra, India · On-site

• 📞 Served as Subject Matter Expert for resolving customer queries across multiple telecom circles.
• 🚀 Contributed to the pilot launch of Prepaid and Fixed Wireless services.
• 👥 Led team operations including training new hires, preparing MIS reports, and supporting day-to-day management activities.