Balavikram Sivasankaran Email & Phone Number

Information security professional with over 6 years' experience in techno-functional leadership roles at Big4 Firm. A passionate learner and active contributor, with skills in Governance, Risk & Compliance, Information Security, and Internal/Third-party Auditing which have helped me excel consistently, ensuring client satisfaction and forging robust client partnerships. Always ready to embrace challenges and opportunities to learn and grow further.Key Achievements:* Performed Highly proficient Risk Management and Internal Audits professional serving clients across technology, automotive, and manufacturing sectors.* Expert in performing internal risk assessments based on Risk Management Frameworks.* Excel at conducting internal audits in line with ISO standards.* Experienced in implementing ISO/IEC 27001, SOCRs, and CSA CCM Standard for clients in technology and FinTech sectors.* Skilled in identifying key risks and gaps in security capabilities.* Proven ability in assessing organizational maturity and developing strategic initiatives to improve security posture.* Successfully draft policies and procedures aligning with framework regulations.* Led enterprise-wide risk management programs across various industries.* Established Unified Control Framework inclusive of ISMS, BCMS, SOC1, SOC2, and Privacy standards/frameworks/regulations.* Adept at conducting IT audits in various process areas including change management, access management, backup & restoration, batch processing, and incident & problem management.* Skilled in reviewing security configurations across diverse technology platforms (server, databases, network and security devices), hosted in physical and cloud environments (AWS/Azure).* Executed data center assessments focusing on network, business continuity/disaster recovery, and physical & environmental safeguards.* Navigated compliance processes to obtain certifications for security in CSA STAR Registry.* Successfully developed and conducted information security awareness programs for organizations including executive leadership and senior management.Familiar Environments: IT audit frameworks and methodologies - SSAE18/ISAE3402 - SOC1 | TSP100/ISAE3402 - SOC2 | SOXInternational standards: ISO/IEC 27001 | ISO/IEC 22301 | ISO/IEC 27017 | NIST CSF / 800-53Other standards / regulations: RBI NBFC Master Direction | Cloud Security Alliance - Cloud Control Matrix | CIS Benchmarks | CERT-IN incident Management | HiTRUST | GDPR | CCPA