Sam M Wilkerson

Business Analyst

Chennai, Tamil Nadu, India4 yrs 10 mos experience

Most Likely To Switch

Key Highlights

Expert in Vulnerability Assessment and Penetration Testing.
Strong foundation in Risk and Compliance management.
Proficient in Digital Forensics and security assessments.

Stackforce AI infers this person is a Cybersecurity expert with a focus on Risk Management and Compliance.

Contact

Skills

Core Skills

Iso 27001General Data Protection Regulation (gdpr)Risk AssessmentIt AuditVulnerability AssessmentDigital ForensicsPenetration Testing

Other Skills

Web Application SecurityMalware AnalysisVulnerability Assessment and Penetration Testing (VAPT)Payment Card Industry Data Security Standard (PCI DSS)U.S. Health Insurance Portability and Accountability Act (HIPAA)FedRAMPSOC 2Contractual Risk TransferThird Party Risk Management (TPRM)Information Security Management System (ISMS)Application SecurityNetworkingNmapMetasploitBurp Suite

About

As a professional with one and half years of experience in Vulnerability Assessment and Penetration Testing (VAPT) and Digital Forensics, I have developed a strong foundation in identifying and analyzing security vulnerabilities, conducting security assessments, and applying remediation measures. Currently, my focus has shifted to Risk and Compliance as well as Information Security Management System (ISMS). In this role, I am responsible for managing and implementing policies and procedures to ensure compliance with regulatory requirements and industry standards. My experience includes utilizing a variety of tools and techniques to perform security testing and conducting digital forensic investigations. I possess excellent communication and interpersonal skills, and I work well both independently and as part of a team. I am committed to staying up-to-date on the latest trends and technologies in cybersecurity to provide the best possible solutions to my organization.

Experience

4 yrs 10 mos

Total Experience

1 yr 7 mos

Average Tenure

1 yr 9 mos

Current Experience

Freshworks

2 roles

Senior Cybersecurity Advisor

Promoted

Jan 2026 – Present · 4 mos

Cyber Security Advisor

Aug 2024 – Jan 2026 · 1 yr 5 mos

ISO 27001General Data Protection Regulation (GDPR)

Hcltech

2 roles

Delivery compliance Analyst

Promoted

Jan 2023 – Jul 2024 · 1 yr 6 mos · Chennai, Tamil Nadu, India

Manages compliance in accordance with client, organizational, and regulatory security requirements.
Executes control assessment evaluations.
Enables offshore consulting support for Physical, Administrative, and Technical security controls to ensure confidentiality, integrity, and availability of IT infrastructure.
Drives Enhanced Compliance Assessments in accordance with ISO 27001:2013 requirements at the engagement level.
Analyzes and highlights risk areas via documented audit reports and flowcharts, providing management with insights on compliance posture.
Oversees the governance of the ISMS (Information Security Management System).

ISO 27001General Data Protection Regulation (GDPR)Risk Assessment

Vendor Risk Management - EXECUTIVE

Sep 2022 – Jan 2023 · 4 mos · Chennai, Tamil Nadu, India

Performing vendor risk Assessments periodically for Critical vendors who are providing services to HCL
Worked efficiently on VRM program through the of GRC tool called Process Unity
Identifing the Critical Risks which are associated with the critial services.
Ensure all vendor relationships are documented in the VRM system and all contracts related to vendors that provide outsourced services are uploaded in the system
Provide analysis and recommendations for identified security exceptions; participate in defining remediation efforts
Act as a subject matter expert to assist the business in identifying and
mitigating risks on their vendor relationships

IT AuditISO 27001

Net access india limited

Information Security Analyst

Jun 2021 – Sep 2022 · 1 yr 3 mos · Chennai, Tamil Nadu, India

Vulnerability Assessment:
Performing VAPT for web applications, Network devices, and Servers based on OWASP and CWE standards.
Creating and publishing Vulnerability Assessment report detailing exposures that were identified, rating the severity of the system, and suggestions to mitigate any exposures and testing known vulnerabilities.
In-depth knowledge of Web Application Vulnerabilities and ability to articulate their impact to clients and support them to fix it.
Followed up for remediation and prioritization of zero-day vulnerabilities
Performing POC for VAPT automated testing tools and implement them in the organization
Risk Assessments:
Conducting Risk assessments for any new technology implementation within our organization group companies on security perspective and publish the report with mitigation control.
Digital Forensics:
Performing email forensics for the phishing emails received and performing Root Cause Analysis.
Performing Malware behavioral analysis in sandbox environments like a cuckoo sandbox.
Performing Forensic analysis by taking memory and hard disk dump of the infected/suspicious behaving systems and providing reports and suggestions to the respective team.