ADITYA SARANGAPANI

Mumbai, India • +91-976**-***** • adajkv@r.postjobfree.com • www.linkedin.com/in/adityasarangapani

CISO / CRO

Senior management professional with over 16 years of experience in setting up, leading and managing delivery of multiple risk management assignments for global organisations across multiple industry verticals.

Skilled in various aspects of Information Security Risk Management, Information Security Audits and Control Testing, Compliance to ISO 27001 and BS10012 standards, SOX 404 Assessments and Remediation, Information Security Policies and Procedures and Enterprise Risk Management.

Proven ability in end to end management of information security projects as well as management of day-to-day operations for the governance team.

Implement various process improvement initiatives in enhancing architecture for security information and event management.

Aligned technology architecture with security architecture as well as business strategy with existing information security requirements to optimize security of personal information across the organization

Well versed in installation and configuration of multiple security products including implementation of Information Security Policies and Procedures for the organization.

Efficient Team Leader & Player, combining communication, interpersonal & problem solving skills with analytical, decision making and leadership capabilities to enhance organizational objectives.

SKILL-SET

Information Security Management Information Security Audits Compliance Management / Risk Mitigation

Change Management / Project Management Customer Relationship Management Cross Functional Team Coordination

WORK EXPERIENCE

General Manager – Information Security, May 2017 to date

VFS Global Services (Mumbai, India)

Highlights:

Actively involved in managing continuation of all ISMS certifications like ISO 27001.

Working on IT-Grundschutz (from the German Federal Office of Information Security) certification.

Key Responsibilities:

•Spearhead operations of the Information security team in maintaining security and privacy of personal data submitted by applicants for the global operations across all 5 continents.

•Render support to Head – Information Security to manage all global Information Security requirements as the second-in-command.

•Guide global teams in in managing information security and compliance initiatives, identification, reporting and mitigation of information security risks.

•Assess effectiveness of controls implemented and suggested improvements. Manage functional requirements like Vendor Negotiations, Vendor Management, Budget Management and Stakeholder Management.

•Coordinate with the Global Data Protection Officer to ensure compliance to privacy laws in all countries of operations including GDPR and BS 10012 certification.

Information Security Officer, Jun 2012 – May 2017

Head – Enterprise Risk Management, Jan 2013 – Mar 2016

Liberty Videocon General Insurance (Now Liberty General Insurance) (Mumbai, India)

Key Responsibilities:

•Functioned as Information Security officer involved in setting up the Information Security function from start-up and before commencement of commercial operations.

•Involved in design and development of information security policies, procedures and Risk Management Framework based on ISO 27001 principles and Liberty Mutual Group standards.

•Rendered subject matter expertise to cater to business and regulatory information risk management and governance requirements.

•Set up and managed Information Security requirements for another Liberty Mutual group company in India, Liberty Data Analytics as their de facto CISO.

•Represented the organization in managing vendor relationships and pricing negotiations, budget including management, stakeholder management and reporting to senior management and Board.

•Worked with the regulator to define cyber-security guidelines for the Insurance industry.

•Assigned additional role to setup and implement the Enterprise Risk Management and Governance programs.

•Managed the achievement of risk targets for organisational business units.

•Assisted the Board in developing and implementing the Risk Management Framework and Anti-Fraud provisions.

Senior Consultant, Sep 2009 – Jun 2012

Axis Risk Consulting Pvt Ltd. (Now Genpact Enterprise Risk Management) (Mumbai, India)

Key Responsibilities:

•Involved in end to end management of delivery of global customer assignments covering IS Audits, Technology Risk Management, Segregation of Duties Analysis, System Configuration Assessments and SOX 404 Compliance Audits.

PREVIOUS ASSIGNMENTS

Assistant Systems Analyst, Tata Consultancy Services Ltd. (TCS), Mumbai, India (Aug 2005 – Aug 2009)

Associate Consultant, Heat Consultants Pvt Ltd (Aug 2000 – May 2003)

EDUCATION

•MBA in Operations Management and Systems Management, Welingkar Institute of Management, 2005

•Bachelor of Engineering in Mechanical Engineering, Mumbai University

•Diploma in Advanced Computing, CDAC

TRAINING & CERTIFICATIONS / WORKSHOPS

•Certified Information Systems Auditor (CISA), ISACA

PERSONAL PARTICULARS

•Languages: English, Hindi, Tamil, Marathi. Basic knowledge of French, German and Spanish

Contact this candidate