Post Job Free
Sign in

Cyber Security Information

Location:
Pontiac, MI
Posted:
December 07, 2024

Contact this candidate

Resume:

Nidhi Srivastava

Cyber-Security Risk & Compliance Consultant

: 248-***-**** : *****************@*****.*** : LinkedIn

: Oakland, MI

Results-driven information security Risk & Compliance Consultant with a proven track record in managing cyber security risks and ensuring regulatory compliance across diverse industries. Adept at leading internal and external audits, developing effective security programs, and driving technology projects to successful completion. Skilled in aligning IT processes with international standards, including SOX, GDPR, PCI DSS, and ISO 27001, to enhance organizational security posture.

AI for Information security • Fedramp Knowledge• Data Protection & Compliance • Cyber security Audits (SOC, IAM) Vendor Risk Assessment • GDPR Compliance & Data Protection • LAN/WAN/Voice/Security Systems Design Encryption & Access Management • Cloud Infrastructure (AWS) • IT Service Management (ISO 20001) Incident Response • Stakeholder & Client Relations • Data Center Optimization • Hacking & Penetration Testing tools

Career Achievements

Successfully improved compliance rates to 95% by initiating control uplift programs focused on encryption and privileged access management, achieving a 90% compliance level in those areas.

Developed and implemented a comprehensive vendor risk assessment framework aligned with NIST/PCI DSS guidelines. This process included rigorous evidence collection against required controls, ensuring vendors met compliance standards.

Implemented ISO 27002 controls within a company to achieve a successfully ISO 27001 certification.

Assisted IAM SMEs in a key migration project by effectively managing incident queues, investigating conditions, and applying approved remediations, leading to timely resolution of complex incidents.

Demonstrated expertise in Active Directory Users and Groups, SQL scripting to support critical migration initiatives and solve user issues to completion with excellent follow-up and reporting skills.

Designed a role-based access management program to clarify role segregation and prevent unauthorized access to critical applications. Established defined access rules and reduced risks associated with privilege escalation by 70%.

Collaborated with CISO team members to create a comprehensive security training program, covering technical aspects of encryption, penetration testing, access management, and best practices. This initiative accelerated application onboarding and achieved 100% compliance in ISO examinations for employees.

Monitored incident queues and applied approved remediations, growing in proficiency with system knowledge and complexity under mentorship by IAM SMEs.

Designed a role-based access management program to clarify role segregation and prevent unauthorized access to critical applications. Established defined access rules and reduced risks associated with privilege escalation by 70%.

Led an initiative to identify and encrypt sensitive database passwords previously stored in plaintext. This proactive measure significantly reduced critical findings over two consecutive years, enhancing overall data security and compliance by 90%.

Created and drafted Cloud information security policies for cloud infrastructure for smooth deployment of applications.

Professional new skills acquired are data analytics in cyber security.

Hold prestigious certifications like CISA, PMP and CISM, COMPTIA SYSA+.

Professional Experience

Deutsche Bank – Pune, MH July 2021 — April 2024

Assistant Vice President

Managed internal and external audits to ensure compliance with SOC standards, ISO 27001, leading investigations, documenting variances, and aligning findings with company policies.

Identified critical vulnerabilities and implemented control enhancements to strengthen organizational security.

Provided guidance on IT application ownership, security, and compliance as Assistant Vice President, promoting a culture of accountability.

Worked on risk remediations and reductions of critical risks within the organizations.

Collaborate with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments, and other planning documents.

analyze, evaluate, and enhance information systems facilitating the business internal control process

Support the development and maintenance of cybersecurity policies, standards, procedures, and guidelines in accordance with the firm’s business and cybersecurity objectives.

Notable Achievements:

Onboarding of critical applications with full compliance to ISO and SOC standards in short span of time.

Successfully implemented critical controls across applications for better security.

MasterCard Technologies Ltd – Pune, MH January 2020 — July 2021 Senior Project Manager

Developed detailed audit reports and established robust internal audit programs, streamlining the audit process for thorough evaluations.

Achieved full compliance and minimized project risks by effectively managing risk, compliance, and project quality through regular assessments and timely corrective actions.

Analyze, evaluate, and enhance information systems facilitating the business internal control process.

Notable Achievements:

Designed and implemented comprehensive audit programs that streamlined processes and ensured rigorous evaluations, leading to enhanced compliance and operational efficiency. Evaluation of threats, mitigation and incident analysis using penetration tools

Launched new initiative to achieve full compliance with SOC standards and minimize project risks through proactive risk management and regular assessments.

Infosys Ltd – Pune, MH Jul 2018 – Jan 2020

Project Manager

Conducted comprehensive audits of network infrastructure and security protocols, identifying vulnerabilities and designing effective remediation plans to enhance security posture.

Designed and implemented a secure network infrastructure that adheres to industry best practices and compliance requirements, ensuring resilience against cyber threats and facilitating successful ISO, PCI DSS, SOC 1 and SOC 2 audits.

Strengthened organizational security standards by overseeing team operations and conducting audits on end-user terminations, effectively deactivating access privileges in systems like Active Directory within IAM frameworks.

Notable Achievements:

Supervised the planning and execution of network services for Data Center Transformation and Consolidation projects, achieving seamless integration and optimal performance milestones while delivering all projects on time and within budget.

Coordinated comprehensive audits of network infrastructure and security protocols, identifying critical vulnerabilities and implementing remediation plans, which resulted in improved organizational security posture and successful PCI DSS, SOC 1 and SOC 2 audits.

Wipro Technologies – Pune, MH Jul 2014 – Jan 2017

Senior Consultant - Technology Management /Consulting

Administered complex technology projects within the BFSI sector, aligning deliverables with client needs and international standards to ensure high-quality outcomes.

Oversaw audits on data systems, maintained documentation standards, and performed quality analyses to ensure compliance with regulatory requirements.

Delivered comprehensive network security consulting by implementing advanced security protocols and risk management strategies, including risk assessments and threat modeling.

Notable Achievements:

Supervised multifaceted technology procurement initiatives in the BFSI sector, resulting in the seamless implementation of innovative programs that enhanced operational efficiency and compliance with industry regulations.

Executed comprehensive audits and quality assessments on data management systems, significantly improving information integrity and aligning security protocols with regulatory requirements, ultimately achieving a 30% reduction in compliance-related incidents. Evaluation of threats, mitigation and incident analysis using penetration tools.

Vodafone Cellular Ltd – Pune, MH Jan-July 2014

Assistant Manager (Telecom) in Pre-sales

Managed project timelines and pre-sales tasks, ensuring timely delivery in the telecommunications sector.

Collaborated with top leadership, including AVPs and VPs, to strategize and cultivate new business ventures.

Strengthened client connections through detailed communication and needs assessments, identifying opportunities for adopting various telecom solutions.

Played a pivotal role in creating business proposals, RFPs, and RFIs by leveraging diverse knowledge and extensive research to present innovative ideas.

Notable Achievements:

Streamlined project schedules and delivery timelines for pre-sales tasks, leading to a 25% increase in timely project completions, which enhanced customer satisfaction and strengthened client relationships.

Spearheaded the integration of advanced telecom solutions, including combo and speech analytics systems, resulting in a 30% boost in customer satisfaction scores and an expanded client adoption rate of new technologies.

Tech Mahindra Ltd – Pune, MH April 2010 – Jan 2014

Technical Solution Architect Team Lead

Led the coordination of data center projects, overseeing network service planning, design, setup, and implementation of ITIL-compliant processes to enhance operational efficiency.

Conducted comprehensive IT audits and risk assessments, aligning findings with group policies to identify and mitigate new risks based on industry standards.

Implemented ISO 27001-compliant Information Security Management Systems (ISMS) for multiple clients, streamlining security processes to ensure alignment with international standards.

Developed and delivered tailored technical presentations on network and security solutions, effectively supporting sales teams and consultants during client engagements.

Notable Achievement:

Initiated the design, engineering, and installation of LAN, WAN, voice, and security systems for all US IBM sites, resulting in a fully integrated and robust network infrastructure with 100 % BCP DR and redundancy.

Achieved success through implementation of ISO 27001 resulting in 95% compliance across privileged access and Cryptography

Delivered network and infrastructure projects worth 10 million dollars for the company on time.

Initiated network training and security programs resulting in 100% compliance across information security awareness and less phishing simulation failures.

Previous Experience- Assistant Manager Bajaj Allianz Life Insurance July 2006- April 2010

Education

Master of Science, Information Technology Management (Cyber security and Analytics)

Oakland, MI

Master of Business Administration

Mumbai University – India

Bachelor of Engineering in Electronics & Telecommunications

Pune University – India

Honor and Award

Appreciation for bringing a significant revenue deal

Thanks A Zillion

Awarded for innovation in IT for the healthcare sector (2nd Place)

Mobile ECG Analysis System Innovation

Awarded for innovation in IT for the banking sector (2nd Place)

Speech Analytic System Innovation

Recognized for two business proposals that generated new business for TechMahindra

Innovator of the Month



Contact this candidate