Kinal Shah

Experience

• 

  IIFL (India Infoline Group)

  Jun 2010 - Jul 2012

  Technical Assistant

  • Helped company manage trading platform and supported mass affluent and high net worth clients.

• 

  HDFC Bank

  Aug 2012 - Jun 2017

  Operations Manager

  • Spearheaded internal audit teams in PCI Compliance Audits.• Part of Internal Audit Advisory Committee, helped business understand audit and compliance requirements• Assisted business team to understand security findings and create and implement a remediation plan. • Provide guidance to different teams for closing critical infrastructure, network and application security vulnerabilities reported in 3rd party security audit. • Provided consultation on Cybersecurity Risk Management and ensured all business operations are aligned with organization’s policies and standards.• Optimized operations by evaluating existing functions to identify improvement areas and increase service values.• Mentored new hires for the Bank by providing them training and education. Part of cybersecurity awareness drive. Show less

• 

  NCC Group

  Jun 2018 - Sept 2018

  Security Intern

  • Served as key contributor on cloud portals, API endpoints and Salesforce back-end vulnerability assessment penetration testing.• Utilize postman and burpsuite to assess vulnerability and review source codes of Cloud Web Services APIs, console as well as configuration reviews.• Conduct vulnerability assessments of OpenIDC and OAuth 2.0 implementation and integration.• Deliver code review and cryptoanalysis of encryption algorithm implementation and validation of best practices.• Identify and mitigate application and network security vulnerabilities, implement security in all SDLC phases, implement cryptographic controls and develop remediation techniques. Show less

• 

  Costco Wholesale

  Oct 2018 - Nov 2019

  IS Compliance Analyst 3

  • Proven experience in completing the PCI DSS Report on Compliance (RoC) and Attestation of Compliance (AOC) for Costco Wholesale for Corporate as well as International Facilities• Recommending, documenting and monitoring the implementation of any prescribed corrective actions resulting from Readiness Assessment to get Report on Compliance ( ROC) • Performing risk analysis and risk management for compliance-based initiatives.• Accountable for identifying & tracking risks, assessing impact, and executing mitigation plans.• Tracking monitoring detecting and remediation of vulnerabilities and actively working on Vulnerability Management Initiative - The Goal of getting clean scans.• Working on Risk Remediation initiatives to mitigate the identified gaps for implementation of new business proposal or technology.• Actively participating in Security Awareness and Training Program and initiative for national as well as international facilities. Show less

• 

  Oracle

  Dec 2019 - now

  Proven experience working on PCI-DSS, HITRUST , ISO , SOC and other Information Security Compliance programExperience working with Third Party Auditors on different industry accepted compliance standards.Have thorough understanding about the Cloud Environment and application of compliance standards in Cloud Environment.

  • Principal Compliance Specialist

    Sept 2022 - now

  • Regulatory Compliance Senior Specialist

    Dec 2019 - now