resume

Table of Contents

Experience

Cyber Risk Consultant | Deloitte

Dec/2018 - Present

  • Developed Third-Party Supplier Cyber Risk Management Program for an oil and gas client using NIST CSF, enhancing supplier risk identification, mitigation, and monitoring, resulting in a 40% reduction in supply chain risk.
  • Performed OT Asset Inventory analysis for a medical technology client across 21 USA sites, interviewed 15+ stakeholders, and identified critical gaps in Asset Management. Developed a detailed report with remediation recommendations for review and approval from management.
  • Performed OT third-party risk assessment for a pharmaceutical client, evaluating over 20 vendors against ISO 27001, IEC 62443, and organizational policies, resulting in a 30% improvement in overall vendor compliance.
  • Performed cybersecurity program maturity assessment for a healthcare industry client based on NIST CSF and CMMI model. Identified gaps that led to a 25% improvement in maturity from Level 2 to Level 3, reduced critical risks by 25%, and secured management approval for a 3-year improvement roadmap.

Information Security Analyst | Mahindra SSG

Oct/2016 - Oct/2018

  • Supported ISO 27001 ISMS certification for a dairy industry client by aligning processes, policies, and controls, resulting in enhanced compliance and a 20% reduction in security risks.
  • Performed ISO 27001 Information Security Internal audits to identify risks, resulting in a 30% improvement in compliance and a 25% reduction in security incidents over the following year.
  • Provided information security awareness training to over 50 end users, conducted quarterly sessions, resulting in a 35% reduction in phishing incidents and an 85% satisfaction rate among participants.

MIS Executive | Suntec Web Services

Apr/2015 - Oct/2016

  • Performed vulnerability management, reducing overall risk exposure by 30%, and decreasing average time to remediate critical vulnerabilities from 30 days to 15 days.
  • Administered identity and security access for over 100 users across multiple systems and applications, handled over 50 access incidents annually reducing unauthorized access by 40%.

Skills

IT Governance, Risk and Compliance, ISO 27001 Implementation & Audit, NIST CSF, Vulnerability Management, IAM (Identity and Access Management) Governance, Risk Management and Cyber Maturity Assessments across industry standards and regulations.

Certifications

  • ISO 27001 Lead Auditor Certification
  • SC 900 - Security, Compliance, and Identity Fundamentals

Education

B.Tech (ECE) | 2009 - 2013

  • Punjab Technical University