K

Krishna Chintalapudi, M. Tech, CISSP

CEO

Vizianagaram, Andhra Pradesh, India5 yrs 8 mos experience
Highly Stable

Key Highlights

  • Achieved 40% reduction in cyber risks through effective vulnerability management.
  • Led successful SOC 2 and ISO 27001 audits with zero major findings.
  • Empowered over 100 students through hands-on cybersecurity training.
Stackforce AI infers this person is a Cybersecurity Expert specializing in GRC and Cloud Security for tech-first organizations.

Contact

LinkedIn

Skills

Core Skills

GrcVulnerability ManagementCompliance ManagementCyber-securityTrainingApplication SecurityVaptSecurity Awareness

Other Skills

Cybersecurity StrategyCloud Security SolutionsRBVMInformation AssuranceRisk AssessmentInformation SecurityGitHubCustomer ExperienceLinuxData PrivacyDPDPACyber ResiliencePersonally Identifiable Information (PII)GovernanceRisk Management

About

I have spent nearly nine years immersed in the world of cybersecurity, helping tech companies navigate the complexities of building robust security programs. My journey began as a Security Researcher at Seconize, where I dove into vulnerability management and compliance initiatives. This hands-on experience shaped my understanding of real-world risks and regulatory requirements, an understanding I carry into every project today. My approach centers on creating structured programs that align with business priorities while being measurable. Currently working as a Fractional CISO & Compliance Program Advisor, I partner with tech-first organizations to design and mature their security frameworks across various environments. One of my proudest achievements was leading a team that delivered SaaS CSPM solutions across six industries - fintech being one of them, resulting in a remarkable 40% reduction in cyber risks. It’s incredibly rewarding to see how our efforts translate into tangible security improvements for our clients. I have also had the pleasure of sharing my knowledge through training sessions for over 100 engineering students across multiple institutions. Whether it’s conducting hands-on VAPT training or serving as a guest speaker at industry events, I believe that empowering the next generation is vital for fostering innovation in cybersecurity. Outside of work, I enjoy staying connected with the community through workshops on ethical hacking and network security. It’s fulfilling to see young minds engage with these critical topics, it reminds me why I chose this path in the first place. If you're interested in discussing cybersecurity challenges or exploring collaboration opportunities within GRC or cloud security spaces, feel free to reach out via email at iam@krishnachintalapudi.in Let’s connect and see how we can work together to enhance security practices. Skills: Vulnerability Management | GRC | Cloud Security | Compliance Initiatives | Risk Assessment | Team Leadership

Experience

5 yrs 8 mos
Total Experience
5 yrs 4 mos
Average Tenure
4 mos
Current Experience

Self-employed

Fractional CISO & Compliance Program Advisor - GRC, Vulnerability Management

Dec 2025Present · 4 mos · Remote

  • Fractional CISO & Compliance Program Advisor, CISSP & ISO 27001:2022 LA, ~9 years of experience, partnering with tech-first organizations to design, assess, and mature security programs across cloud, product, and enterprise environments. Since November 2025, operating independently to help founders, CISOs, and security leaders close the gap between audit checklists and real-world attack surface reduction.
  • Led end‑to‑end implementations of SOC 2, ISO 27001, and other GRC initiatives, including risk assessments, control design, internal audits, Access Control and audit readiness for fast scaling teams. Core focus areas include security architecture, vulnerability assessment and management, cloud and container security, secure SDLC, and policy/governance advisory for product and platform organizations.
  • Providing independent security and compliance advisory to SaaS and technology organizations requiring structured security programs and audit readiness.
  • Supporting leadership teams with:
  • Security & compliance program design (SOC 2, ISO 27001, GRC)
  • Risk assessment and governance structuring
  • Incident readiness and tabletop simulations
  • Customer and enterprise security assurance
  • Fractional CISO support for scaling organizations
  • Engagements are focused on aligning security decisions with business growth, customer trust, and regulatory expectations.
  • Competencies: Cybersecurity Strategy, Vulnerability Management, Cloud Security Solutions, Compliance Management, GRC
Cybersecurity StrategyVulnerability ManagementCloud Security SolutionsCompliance ManagementGRC

Seconize

3 roles

Senior Security Researcher - Cloud, Application & API Security, GRC, SOC 2 & ISO 27001 Compliance

Promoted

Sep 2022Nov 2025 · 3 yrs 2 mos · Remote

  • Led audit, security operations, and customer success teams (6 members, 3 customer-facing) in delivering SaaS CSPM solutions focused on vulnerability management, compliance, and TPRM across 6+ industries (fintech, BFSI, healthcare).
  • Directed ISO 27001:2022 and SOC 2 Type 2 audits as internal Lead Auditor, achieving 98% compliance with zero major findings and 35% security posture improvement
  • Implemented NIST SP 800-53 (all 20 control domains) and ISMS frameworks, remediating 75% of gaps in 90 days to enhance risk mitigation and audit readiness.
  • Managed cross-functional projects, ensuring timely delivery and effective communication with stakeholders
  • Managed 15+ cross-functional projects on time, using consultative approach to build executive relationships and boost client retention by 70%
RBVMInformation AssuranceVulnerability ManagementCompliance Management

Security Researcher - Cloud, Application & API Security

Promoted

Jul 2020Sep 2022 · 2 yrs 2 mos · Remote

  • Delivered hands-on VAPT training sessions to 100+ engineering students across 3+ academic institutions, building foundational skills in vulnerability assessment and penetration testing.
  • Served as guest speaker at 3+ events, raising cybersecurity awareness and promoting modern security practices to diverse audiences of students and professionals.
Cyber-securityInformation SecurityTraining

Security Researcher - Application Security & VAPT

Apr 2020Jun 2020 · 2 mos · Remote

  • Conducted VAPT activities for internal and Customer applications, Thick client app Security assessment, Mobile app assessment, and Cloud Security Configuration.
  • Collaborated with cross-functional teams to identify vulnerabilities
  • Implemented security best practices to ensure data protection and prevent cyber threats.
GitHubCustomer ExperienceApplication SecurityVAPT

Freelance (self employed)

Security Researcher

Mar 2017Mar 2020 · 3 yrs · India

  • Conducted security awareness training sessions for engineering students, emphasizing cybersecurity fundamentals and safe online practices.
  • Organized interactive workshops and guest lectures on ethical hacking and network security.
  • Designed engaging training materials and hands-on activities to enhance student understanding and participation.
Information SecurityLinuxSecurity AwarenessTraining

Cse department, mvgr college of engineering

2 roles

Internship

May 2016Jul 2016 · 2 mos · Vizianagaram Area, India

  • Worked in CSE Department, MVGR College of Engineering, performed course outcome analysis for students of about 6 batches

Internship

May 2015Jul 2015 · 2 mos · Vizianagaram Area, India

  • Worked in CSE Department, MVGR College of Engineering, performed course outcome analysis for students of about 6 batches

Education

MVGR College of Engineering

Masters of Technology (M.Tech.) — Computer Networks & Information Security

Jan 2014Jan 2017

Miracle Educational Society

Bachelor of Technology (B.Tech.) — Computer Science Engineering

Jan 2010Jan 2014

Stackforce found 100+ more professionals with Grc & Vulnerability Management

Explore similar profiles based on matching skills and experience

KT

Kashish Tayal

Consultant II

at Deloitte

Delhi, India4 yrs 9 mos exp
Governance, Risk Management, and Compliance (GRC)SAP Security
Shreya Das

Shreya Das

Technical Consultant - Risk and Compliance

at IBM

Bengaluru, India4 yrs 1 mo exp
IT Risk ManagementRisk Management
Praveen Kumar

Praveen Kumar

Technical Program Manager

at Dell Technologies

Bengaluru, India17 yrs 4 mos exp
Technical Program managementInfoSec
Mitchell T.

Mitchell T.

Founder

at securemetrics.

Phoenix, United States5 yrs 5 mos exp
Ajeet kerure

Ajeet kerure

Security analyst in ISG

at Tech Mahindra

Pune, India4 yrs 1 mo exp
VAPTApplication SecurityVulnerability Assessment
MR

MANSI RASTOGI

Senior Security Architect

at Accenture in India

Gurugram, India6 yrs 9 mos exp
IT AuditIT Service ManagementIncident ManagementSecurity ArchitectureVulnerability Management
Anubhav Sharma

Anubhav Sharma

Sr. Operations Security Manager

at Sopra Steria

Noida, India15 yrs 8 mos exp
Information Security Management SystemsGovernance, Risk & ComplianceSecurity Incident ResponseService DeliverySecurity Architecture
Abishek P

Abishek P

Security Engineer

at Scybers

Chennai, India11 mos exp
GovernanceRisk ManagementProgrammingScripting