Jagdish Ragothaman Rao

Associate Consultant

Bengaluru, Karnataka, India34 yrs 2 mos experience

Key Highlights

  • Over 20 years of experience in IT Audit and Compliance.
  • Led successful implementation of ISO 27001 across multiple organizations.
  • Recognized for enhancing e-Governance processes in tax administration.
Stackforce AI infers this person is a seasoned expert in IT Audit and Compliance within the Financial and Government sectors.

Contact

LinkedIn

Skills

Core Skills

Data PrivacyCompliance ManagementInformation Security ComplianceRisk ManagementIt AuditInformation Security ManagementIt Service ManagementRegulatory ComplianceIt Risk ManagementService Delivery ManagementTax AuditProject Management

Other Skills

UAE data protection lawsGDPRrisk assessmentsprivacy awareness trainingPCI DSSISO 27001:2013HIPAAHITRUSTsecurity auditsISMS policiessecurity testing toolsIT controlsaudit planninginfrastructure auditsISMS implementation

About

 Self Motivated, Dynamic and an accomplished professional with cumulative experience of over 20 years’ in Tax Audit , IT Infrastructure Management ,Information Security and Audit.  Flexible and versatile – Poised and competent with demonstrated ability to easily transcend cultural differences.  Thrive in deadline-driven environments.  Hold Merit of winning appreciations for initiating process enhancement moves of E-Governance project ACES by CBEC(Central Board of Excise and Customs & Service Tax) to full fruition.  Proven Leadership and people management skills in project execution.

Experience

34 yrs 2 mos
Total Experience
4 yrs 3 mos
Average Tenure
--
Current Experience

Paramount computer systems

Data Privacy Analyst - Paramount Computer Systems on assignment to FAB Bank Abudhabi

May 2023Apr 2025 · 1 yr 11 mos

  • FAB Bank in GRC area -performed the role of -Data Privacy Consultant
  • Lead the development and implementation of data privacy policies, ensuring compliance with UAE data protection laws, GDPR, and global banking regulations.
  • Conduct privacy risk assessments to identify gaps and recommend risk mitigation strategies.
  • Oversee Data Subject Access Requests (DSARs) and ensure timely responses in accordance with regulatory requirements.
  • Collaborate with Legal, Compliance, IT, and Risk teams to embed privacy-by-design principles in banking operations.
  • Develop and deliver privacy awareness training programs for employees and senior management.
  • Manage third-party vendor assessments, ensuring compliance with data privacy standards and contractual obligations.
  • Support the implementation of data loss prevention (DLP) strategies and encryption technologies to safeguard sensitive information.
  • Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs) for new products and services.
  • Monitor regulatory changes in data protection laws across the UAE and international jurisdictions, advising stakeholders on necessary adjustments.
  • Provide expert guidance on cross-border data transfers, ensuring alignment with legal frameworks and best practices.
Data PrivacyUAE data protection lawsGDPRrisk assessmentsprivacy awareness trainingCompliance Management

Rolling rock software pvt ltd

Information Security Compliance Manager

Oct 2020Nov 2022 · 2 yrs 1 mo · Bangalore Urban, Karnataka, India · On-site

  • Key Responsibilities & Achievements:
  • Regulatory & Compliance Management:
  • Spearhead compliance initiatives for PCI DSS, ISO 27001:2013 (ISMS), HIPAA, and HITRUST, ensuring full adherence to industry standards and regulatory requirements.
  • Conduct risk assessments and gap analysis to identify vulnerabilities and recommend remediation strategies.
  • Oversee external and internal security audits, ensuring audit readiness and successful certification renewals.
  • Develop and enforce ISMS policies and procedures, aligning security frameworks with business objectives.
  • Security Testing & Monitoring:
  • Perform software security testing using industry-leading tools, including:
  • Languard – Vulnerability scanning and patch management.
  • CheckMarx – Static Application Security Testing (SAST) for code vulnerabilities.
  • SonarQube – Continuous code quality and security analysis.
  • Burp Suite – Web application security testing.
  • Sumo Logic-based SIEM monitoring – Log analysis, threat detection, and incident response.
  • Data Leakage Prevention (DLP) Monitoring – Implemented Sophos to monitor and prevent unauthorized data exfiltration.
  • Azure Microsoft Cloud Security Monitoring – Ensured security compliance for cloud environments through continuous monitoring and configuration audits.
  • Security Awareness & Risk Mitigation:
  • Conduct information security training programs for employees and management to promote cybersecurity best practices.
  • Develop and enforce incident response protocols to minimize risk exposure.
  • Implement and manage risk assessment frameworks, evaluating potential security threats and mitigation plans.
  • Documentation & Policy Management:
  • Draft, review, and maintain comprehensive ISMS policies, procedures, and guidelines to support compliance efforts.
  • Ensure documentation aligns with industry best practices and regulatory expectations.
PCI DSSISO 27001:2013HIPAAHITRUSTrisk assessmentssecurity audits+4

Northern operating services india

Senior Information Technology Auditor

Aug 2018Jul 2019 · 11 mos · Bangalore Urban, Karnataka, India · On-site

  • Key Responsibilities & Achievements:
  • Audit Planning & Execution:
  • Led the complete IT audit life cycle—including planning, testing, reporting, and issue validation—to assess IT controls and mitigate risks.
  • Conducted risk assessments to identify key IT risks and develop audit plans aligned with industry best practices and regulatory requirements.
  • Performed continuous monitoring of the Risk Universe, identifying emerging IT risks and prioritizing audit areas accordingly.
  • Specific Audit Areas include the following:-
  • Infrastructure & Security Audits:
  • Conducted Disaster Recovery Planning Audits to ensure resilience and business continuity in the event of system failures.
  • Assessed Windows Virtualization Security, including VM configurations, access controls, and hypervisor security.
  • Performed Identity and Access Management (IAM) Audits, evaluating user provisioning, role-based access controls (RBAC), and privileged access management (PAM).
  • Conducted Incident Management and Change Management Audits, ensuring adherence to ITIL best practices and regulatory standards.
  • Evaluated Data Centre Security, including physical security, environmental controls, and access restrictions.
  • Assessed IT interface security for system integrations, ensuring secure data exchange and API security.
  • Audited computer operations security, including batch processing, job scheduling, and event logging.
  • Database & Application Security Audits:
  • Performed Database Backup & Recovery Operations Audits, verifying data integrity, encryption, and retention policies.
  • Conducted Application Security Audits in integrated audits, assessing application security controls, vulnerability management, and secure coding practices.
  • Assessed Secure Software Development Life Cycle (SDLC) compliance, ensuring security is embedded in each development phase.
  • Evaluated Information Systems Capacity Management, ensuring adequate system performance an.
IT auditrisk assessmentsIT controlsaudit planninginfrastructure auditsIT Audit+1

Lakshya cybersecurity labs

Senior Consultant

May 2017Aug 2018 · 1 yr 3 mos · Abudhabi · On-site

  • ISKey Responsibilities & Achievements:
  • Implementation of Information Security Management System (ISMS) – ISO 27001
  • Led the design, implementation, and maintenance of ISMS at UAEU University and Al-Ain, ensuring compliance with ISO 27001:2013 standards.
  • Developed and enforced ISMS policies, procedures, and security guidelines to align with university objectives and UAE cyber regulations.
  • Conducted risk assessments and security gap analysis, identifying vulnerabilities and implementing remediation plans.
  • Managed internal and external ISMS audits, ensuring certification readiness and continuous compliance improvements.
  • Provided training and awareness programs for staff and faculty on ISMS best practices and cybersecurity threats.
  • IT Service Management (ITSM) Implementation
  • Established ITSM frameworks in alignment with ITIL best practices, improving IT service delivery and incident response efficiency.
  • Developed incident, problem, and change management processes, ensuring minimal service disruptions and optimized IT operations.
  • Implemented IT asset management and configuration management to enhance IT infrastructure visibility and control.
  • Coordinated with IT teams to ensure seamless service requests, reducing downtime and improving user experience.
  • Governance, Risk, and Compliance (GRC) Implementation via Archer Application
  • Led the implementation of GRC processes using RSA Archer, automating risk management, compliance tracking, and incident reporting.
  • Configured Archer modules for risk assessment, policy management, issue tracking, and compliance monitoring.
  • Established a centralized risk register, enabling proactive risk identification, assessment, and mitigation strategies.
  • Integrated Archer with ISMS and ITSM frameworks, ensuring a unified approach to risk and compliance management.
ISMS implementationISO 27001risk assessmentsITSM frameworksGRC processesInformation Security Management+1

Capgemini india

Senior Consultant-GRC

Jun 2016Nov 2016 · 5 mos · Bangalore · On-site

  • Key Responsibilities & Achievements:
  • SOX & IT General Controls (ITGC) Assessments
  • Conducted SOX (Sarbanes-Oxley) compliance and ITGC assessments for a major European steel magnate (on-site) and a Canadian power company to ensure robust internal controls over financial reporting.
  • Assessed ITGC domains, including access controls, change management, IT operations, and backup & recovery across SAP, Oracle Database, and Solaris OS environments.
  • Reviewed SAP security and access management, ensuring proper role-based access controls (RBAC) and segregation of duties (SoD) compliance.
  • Evaluated Oracle Database security controls, including user authentication, encryption, and audit logging mechanisms.
  • Conducted Solaris OS security assessments, verifying system hardening, patch management, and access restrictions.
  • Worked closely with IT and business stakeholders to remediate control deficiencies and strengthen compliance measures.
  • Provided detailed risk assessments, control effectiveness reports, and recommendations for enhancing IT governance frameworks.
  • Incident Management & Remedy Tool Insights
  • Gained deep insight into Remedy IT Service Management (ITSM) tool, analyzing how infrastructure-related incidents were recorded, tracked, and resolved.
  • Assessed incident management workflows, ensuring alignment with ITIL best practices and regulatory compliance.
  • Evaluated the effectiveness of ticket categorization, escalation procedures, and resolution timelines to improve incident response efficiency.
  • Provided recommendations to optimize incident tracking, reporting, and root cause analysis processes within the Remedy tool.
  • Regulatory Compliance & Reporting
  • Ensured IT control frameworks aligned with SOX 404 requirements, mitigating financial and operational risks.
  • Developed audit reports and executive presentations, summarizing control findings, gaps, and remediation plans.
  • Assisted in external audit coordination, providing necessary documen
SOX complianceITGC assessmentsSAP securityOracle Database securityincident managementRegulatory Compliance+1

Genpact

Lead Consultant

Sep 2012May 2016 · 3 yrs 8 mos · Greater Hyderabad Area · On-site

  • IT Risk Analyst – GE Businesses (EMEA & EMRG)
  • Key Responsibilities & Achievements:
  • IT Risk Register Management: Continuously monitored and maintained the IT Risk Register, ensuring timely identification, assessment, and mitigation of IT risks across EMEA and EMRG regions.
  • Security Policy Development: Authored and updated IT security policies in alignment with regulatory requirements and industry best practices.
  • Risk Controls Monitoring: Implemented and tracked IT security controls to mitigate identified risks, ensuring compliance with corporate governance frameworks.
  • Policy Exceptions & Exemption Management: Managed and documented policy exception requests, coordinating approvals and tracking exemption lifecycles to ensure risk-based decision-making.
  • Audit Readiness & Compliance Tracking: Supported internal and external audits by providing necessary documentation and evidence of security control implementation.
  • Compliance Officer – Capital Markets & IT Managed Services (Global Scope)
  • Key Responsibilities & Achievements:
  • Regulatory Compliance & Risk Management:
  • Led contractual compliance and operational risk assessments, ensuring that IT services met client and regulatory expectations.
  • Conducted end-point security reviews and floor audits, assessing device security, physical security controls, and adherence to corporate security policies.
  • Ensured compliance with corporate and client security policies during onboarding and decommissioning of accounts, mitigating security risks associated with employee transitions.
  • Supported business leads in finalizing RFPs and contracts, ensuring IT compliance clauses were incorporated to protect corporate interests.
  • Assisted business units in client-directed information security audits, facilitating audit responses and remediating security gaps post-assessment.
  • Corporate IT Compliance Audits:
  • Conducted Minimum Compliance Audits for key IT operations, evaluating the following d
IT Risk Managementsecurity policiesaudit readinesscontractual complianceCompliance Management

Capgemini business services india limited

Consultant

May 2011Aug 2012 · 1 yr 3 mos · Bengaluru, Karnataka, India

  • Job Profile: Consultant -Information Risk Assurance Services.
  •  Handled 2 phases of Sox Audit of Unilever Japan.
  •  Conducted ISMS Security Audits of 7 BPO Engagements in Capgemini Business Services India Limited.
  •  Service Delivery Management Assurance at client location in Hindustan Unilever Limited based on ITIL v3 framework.
ISMS auditsservice delivery managementITIL frameworkInformation Security ManagementService Delivery Management

Department of revenue - government of india

Central Board of Excise and Customs - Republic of India

Sep 1988May 2011 · 22 yrs 8 mos · Greater Hyderabad Area

  • Job Profile: Tax Auditor and Systems Incharge of EDP Wing.
  •  Audit of Indirect Tax Accounts of Manufacturing Units based on the concept of existing Internal Control Structure of the Organization.
  •  Headed an information processing Centre installed with a Unix Server as Systems Incharge and Administrator.
  •  Performed the Role of Project Coordinator to facilitate planning, execution and implementation of the ACES e-Governance Project and subsequently performed the Role of Identity and Access Manager for the Project.
  •  Apart from the above, disseminated the Security Policy of the Central Board of Excise and Systems by imparting basic information security training to the executive staff of the organization.
  •  Work on Various Quality and process Improvement Projects
tax auditinternal control structuree-Governance project managementTax AuditProject Management

Education

MS University of Baroda

Masters Degree in Biotechnology — Biotechnology

Jan 1986Jan 1988

Nowrosjee Wadia College

Bachelor’s Degree — Chemistry

Jan 1982Jan 1985

Kendriya Vidyalaya

Physics - Chemistry and Mathematics

Stackforce found 100+ more professionals with Data Privacy & Compliance Management

Explore similar profiles based on matching skills and experience

Ronak Kakkad

Ronak Kakkad

AVP - Finance, Compliance & Legal

at QualityKiosk Technologies

Dubai, United Arab Emirates13 yrs 2 mos exp
International TaxMergers & Acquisitions (M&A)Treasury ManagementLegal ComplianceCorporate Tax
Liisa Thomas

Liisa Thomas

Partner and Lead, Privacy and Cybersecurity Practice

at Sheppard Mullin Richter & Hampton LLP

Chicago, United States29 yrs 10 mos exp
CybersecurityPrivacy Compliance
Sheel R Sinha

Sheel R Sinha

General Counsel & Head (Legal Compliance & Ethics) India & South Asia

at JLL India

Gurgaon, India23 yrs 9 mos exp
Corporate Legal CounselLegal AdviceLegal ComplianceLegal CounselLitigation
Palak Arora

Palak Arora

Senior Product Security Engineer

at Cisco

Bengaluru, India7 yrs 5 mos exp
Penetration TestingVulnerability Assessment
Raghavendra Prakash

Raghavendra Prakash

Director, Engineering and Architecture | Chief Architect for Context Delivery Platform

at equationz

Bengaluru, India26 yrs 9 mos exp
Engineering StrategySolution ArchitectureAI GovernanceCloud ModernizationCloud Governance
Thomas Both

Thomas Both

Global & Groupwide Lead | Process & Performance - BPM, Process Analytics, AI & Agentic Automation

at Capgemini Invent

Cologne, Germany26 yrs 1 mo exp
Process AnalyticsProcess Mining
Mohit Bagria

Mohit Bagria

Lead Security Engineer - Cyber Defence

at PropertyGuru Group

Bengaluru, India6 yrs 8 mos exp
Vibhuti Bhatt

Vibhuti Bhatt

Vice President AFC QA

at Deutsche Bank

London, United Kingdom26 yrs 7 mos exp
Anti Money LaunderingFinancial Crime Compliance