Mayank K.

Experience

• 

  Usha International

  Jun 2012 - Aug 2012

  Internship Trainee

  • Responsible for observing the activities of the fellow employees to learn about various management and administrative techniques.• Responsible for ensuring the standards of the products and making necessary amendments and improvements wherever required.• Required to meet sale targets of the company and ensuring that deadlines are met.• Responsible for solving vendor queries and ensuring that there is no scope for any complaint or mistake.• Required to do the necessary paperwork and understand the trends of sales.• To do research about the company & its vendor in order to prepare a report on a specific topics.• Responsible for visiting sales programs or meets and learning about the management techniques from a wider angle or view. Show less

• 

  Wipro Limited

  Aug 2014 - Feb 2018

  • Information Security Policy Management – Supports the development and maintenance ofcorporate Information Security related policies and procedures• Monitor Access Management activities to ensure segregation of duties• Documenting risk analysis and controls and evaluates control design and continuous controlimprovement.• Monitoring of computing platform compliance with security policies and directives.• Assisting stakeholders with recommendations to address key control deficiencies.• Contributing to the teams’ continuous improvement efforts.• Evaluating management responses to ensure remediation tasks adequately address identifiedgaps.• Conducting information security assessment of information systems as per our methodology Show less • Participating in design of quality standards. • Providing trend data to Operations management team & leadership.• Using quality monitoring data management system to compile and track performance at team and individual level. • Participating in client programs to identify customer needs and expectations. • Providing actionable data to various internal support groups as needed. • Providing feedback to team leaders and managers. • Preparing and analyzing internal and external quality reports for management review. Show less • Responsible for developing superior understanding of client plan provisions, identify opportunities for knowledge enhancement and deliver to high standards of quality and timeliness.• Demonstrating sound understanding of client plan provisions and responding to client needs in a timely fashion.• Ensuring knowledge of current set of policies and supporting documents to the team members.• Conducting daily huddles and status meetings.• Ensuring on-time and accurate delivery of all tasks as per Service Level Agreements by team members.• Adaptability and Flexibility, Coaching and Recognition, Cross-cultural Competence.• Delivering on new/ adhoc tasks in order to meet client/ internal goals promptly.• Creating/ updating SOP where and when required . Work with other supporting groups to enhance procedures and eliminate wastage.• Efficiently setting goals and work on so as to avoid any escalations and maintain the relevancy and quality while providing service to the clients. Show less • Responsible for processing all activities related to client queries, while meeting and exceeding client Service Level Agreements.• Prioritizing work as required in order to effectively respond to client needs.• Ensuring knowledge of current set of policies and supporting documents.• Following all predefined procedures, adheres to all the process guidelines and ensures that performance parameters are met and/ or exceeded against SLA targets.• Participating & contributing in daily huddles and status meetings.• Ensuring on-time and accurate delivery of all tasks as per Service Level Agreements.• Adaptability and Flexibility, Coaching and Recognition, Cross-cultural Competence. Show less

  • Process Risk Champion

    Oct 2017 - Feb 2018

  • Senior Quality Specialist

    May 2016 - Oct 2017

  • Senior Process Executive

    Feb 2015 - Oct 2016

  • Process Associate

    Aug 2014 - Feb 2015
• 

  Planetcast Media Services Limited

  Apr 2018 - Nov 2019

  Data Privacy & Information Security Executive

  • Designing, implementing & assisting in auditing controls which sustain Security & Privacy policy framework based on GDPR | CCPA | ePrivacy Directive (European Union) | COSO Framework | SSAE 18 SOC-2 Compliance | ISO 27701:2019 (PIMS) | ISO 45001:2018 (OH&S) | ISO 27001:2013 (ISMS).• To develop and maintain Security & Privacy in the organization through compliance adherence to Policies | Audit checklist | BCP Checklist | Scope Statement | Statement of Applicability | Risk Analysis & Assessment.• To work closely with different Team/ departments of the organization to check for adherence of compliance's and to assist in continually improving the level of compliance adhered. • To update the hardening checklist for the organization based on CIS benchmark & NIST standards whichever controls are applicable.• To Perform Risk Assessment | Business Impact Analysis | Data Protection Impact Assessment (DPIA).• To Conduct Security & Privacy training sessions to the leadership & Management which include all the compliance's adhered in the organization like ISO | SSAE 18 SOC-2 | COSO | GDPR | CCPA | PDPA| PIPEDA.• Mapping of various compliance's like ISO 27001:2013 | ISO 27701:2019 | ISO 45001:2018 | SSAE 18 SOC 2 | COSO | GDPR | CCPA | PDPA | PIPEDA.• Assisting the Software team to implement Privacy & Security by formulating checklists to adhere to the Privacy by Design, Privacy by Default & Security in Software Development Life Cycle (SDLC).• To conduct external Audits and assist Certification Bodies, Clients or Third party auditors in conducting an effective audit of the organization by collaborating with internal teams. Show less

• 

  PRIVACY VIRTUOSO GLOBAL

  Nov 2019 - Feb 2020

  Cyber Security Consultant

  • Design audit plans and evidence gathering exercise• Formulate an enterprise level project plan for regulatory audits• Conduct cyber security assessments against SAMA CSF 1.0• Create final reports for regulator to review• Suggest control changes on non-compliance of sections• Assess the BCM readiness and DR effectiveness (RPO and RTO audits)• Training the staff on best practices of compliance audit planning & strategyIn addition to this, I was responsible to create enterprise level privacy risk management plans and mitigation strategy. This project involved complex stakeholder management between, regulator, auditee and third-party OEM/VENDORS. This covered 4 locations and 12 entities as IN SCOPE institutions. Show less

• 

  Dunnhumby

  Mar 2020 - Jun 2020

  Security Operations Analyst

  • To manage the information Security Supplier Assurance, ensuring each step is completed within SLA• To manage any risk mitigations associated with suppliers, both internally and with the suppliers themselves.• By Tracking, reporting and managing mitigation of organizational risk• Providing input into the continuous improvement of the Supplier Assurance and risk management processes.• By providing day to day support on security solutions ensuring an environment that meets the defined Corporate Security objectives.• To provide single point of contact for internal security related queries and issues that help with operations, remediation, and audit activities.• Respond to, investigate and resolve security events in line with incident management processes to quickly help mitigate and reduce negative impact to the company.• Support the delivery of key security processes including access and identity management with the objective of implementing industry best practices within the organization.• By providing an advisory role to individuals and project teams on the implications of IT security in day to day operations.• To conduct vulnerability audits and assessments and manage and resolve any issues found. Show less

• 

  UZIO

  Jun 2020 - now

  •To define, implement and maintain ISMS and PIMS in compliance with frameworks, standards, and regulations such as ISO 27001, 22301, 27701, SOC, SSAE 18, GDPR, NIST, CCPA, HIPAA•Maintain SOC 1 & 2 compliance, monitor and report effectiveness to the management, manage the audit process•To observes changes in national and global regulations affecting information security, data privacy and make recommendations on the need for policy changes and updating the organizational plans to be at par with the regulatory requirements•Align customer and internal information security and Data Privacy objectives to the ISMS and PIMS•Respond to RFX of prospects and customers of UZIO and support the calls with prospects and clients for security and Privacy related questions•Respond to information security assessments performed by UZIO clients•Monitor and fulfil client contractual (MSA) information security and data privacy obligations•Coordinating and liaising internal functions with vendors for network and application security assessments and penetration tests, security code tests (web, mobile, web service, etc.)•Perform the Third-party Risk Assessment (TPRM) of Critical Vendors•Conduct Information Security and Data Privacy awareness and training programs for the employees as part of their induction and regular awareness•Plan and co-ordinate BCP and DR tests•Liaise with security vendors, suppliers, service providers and external resources for new security tools for improving security and privacy•Oversee information security incident management and data privacy breach management process for incident reporting, containment, resolution, and root cause analysis•Work with internal stakeholders such as DevOps, Application product, Finance, HR, Admin, IT, Legal for implementing controls for the respective functions and ensuring the continuous operating effectiveness of the controls•Work with IT, DevOps, and Application teams on technical implementations. Show less •Maintain SOC 1 & 2 compliance, monitor and report effectiveness to the management, manage the audit process.•Align customer and internal information security and Data Privacy objectives to the ISMS and PIMS•Respond to RFX of prospects and customers of UZIO and support the calls with prospects and clients for security and Privacy related questions•Respond to information security assessments performed by UZIO clients•Monitor and fulfil client contractual (MSA) information security and data privacy obligations•Coordinating and liaising internal functions with vendors for network and application security assessments and penetration tests, security code tests (web, mobile, web service, etc.)•Perform the Third-party Risk Assessment (TPRM) of Critical Vendors•Conduct Information Security and Data Privacy awareness and training programs for the employees as part of their induction and regular awareness•Plan and co-ordinate BCP and DR tests•Work with internal stakeholders such as DevOps, Application product, Finance, HR, Admin, IT, Legal for implementing controls for the respective functions and ensuring the continuous operating effectiveness of the controls•Work with IT, DevOps, and Application teams on technical implementations. Show less

  • Manager - Information Security & Privacy

    Jan 2023 - now

  • Deputy Manager - Information Security & Privacy

    Jun 2020 - Dec 2022