BU Head - Compliance and Testing services

Lead consultant heading the entire Risk and Compliance team globally. Working as a Techno- Business lead my area of expertise includes but not limited to auditing and managing all the PCI suite of standards, Privacy and regulatory compliances, SWIFT assessments, SOC 2 ,Information security audits, pre-sales, etc. Also as a lead trainer I’ve trained closed to 500+ cyber security professionals across the world w.r.t. PCI DSS implementations. Also an active speaker with ISACA chapter, PCI SSC and the payment brands.

Working as a Techno Business Consultant. Actively involved in Pre-sales and closing deals along with executing projects. Also a lead trainer for the CPISI workshops and i've trained close to 200+ information security professionals across the world. Also a speaker in various conferences organised by Visa and Mastercard. Currently Heading the RAPAC region from the delivery perspective. Involved in Payment Card Industry and Payment Application Data Security Standard, ISO 27001 Controls Gap Analysis, ISMS & Risk Analysis & Management Practices like OCTAVE and ISO 27005, Information Security Audit and Network Security.Been a part of multiple projects relating to Payment Brands, Payment Gateways, Cinemas, Third Party Processors, ATM Applications, IT Companies, Software Development, E-commerce and M-commerce organizations, Tele Communications and BPOs. Summary of projects include:Trainer for the CPISI workshops conducted by SISA information security across the globe which certify professionals on how to implement PCI DSS.PCI DSS Compliance Assessments to help organizations ensure the safe handling of cardholder information at every step.Preparation of Report on Compliance for One of the biggest banks in the Middle East, Largest Tele Communication Provider, One of the Leading Payment Brand, The Leading BPOs in India & Philippines, Payment Gateways, Third Party Processors, E-commerce, M-commerce which provide details about the entity’s environment and the assessment methodology, and documents the entity’s compliance status for each PCI DSS Requirement.ISO 27001 Gap Analysis Assessment and Technical Risk Assessment with the help of ISMS and OCTAVE methodology for Leading Tele Communication ProviderQuality Checks of various Audit Reports like Report on ComplianceTraining program for the newcomers for making them understand the PCI DSS and other requirements

Involved in Payment Card Industry and Payment Application Data Security Standard, ISO 27001 Controls Gap Analysis, ISMS & Risk Analysis & Management Practices like OCTAVE and ISO 27005, Information Security Audit and Network Security.Been a part of multiple projects relating to Payment Brands, Payment Gateways, Cinemas, Third Party Processors, ATM Applications, IT Companies, Software Development, E-commerce and M-commerce organizations, Tele Communications and BPOs. Summary of projects include:Trainer for the CPISI workshops conducted by SISA information security across the globe which certify professionals on how to implement PCI DSS.PCI DSS Compliance Assessments to help organizations ensure the safe handling of cardholder information at every step.Preparation of Report on Compliance for One of the biggest banks in the Middle East, Largest Tele Communication Provider, One of the Leading Payment Brand, The Leading BPOs in India & Philippines, Payment Gateways, Third Party Processors, E-commerce, M-commerce which provide details about the entity’s environment and the assessment methodology, and documents the entity’s compliance status for each PCI DSS Requirement.ISO 27001 Gap Analysis Assessment and Technical Risk Assessment with the help of ISMS and OCTAVE methodology for Leading Tele Communication ProviderQuality Checks of various Audit Reports like Report on ComplianceTraining program for the newcomers for making them understand the PCI DSS and other requirements

• PCI DSS assessments to help organizations in securing cardholder data• Onsite audits, consulting and remediation support in identifying a feasible solution to meet PCI DSS requirements• Conducting risk assessment as per ISO 27005 and OCTAVE• Drafting Information Security Policy and supporting procedures• Drafting various audit reports• Performing Quality Check for Audit reports• Giving demo’s on SISA Assistant (an in house developed tool for performing risk assessment and compliance management on PCI DSS v3.1) to various clients across the world • Active Support to SISA’s sales team during initial client interactions and pre sales activities.• Involved in training the new joinees internally on PCI DSS v3.0, v3.1 and also on various other audit environments • Performed the Entertainment Tax audit (E-Ticket) for PVR cinemas as per the requirements of the Commercial Tax Department