Neeraj Rathi

Experience

• 

  Nirvana Fashion Clothing - India

  Jul 1998 - Sept 2000

  Senior Export Executive

  • Prepared export documents as per the Foreign Trade Policy• Connected with special apparel groups for regular updates

• 

  FedEx

  Nov 2000 - Aug 2002

  Senior Associate (Freight and Duty Tax Billing)

  • Responsible for releasing freight and duty/tax billing to Europe, MiddleEast, and Africa• Updated changes to processes and exceptions received from above-mentioned regions

• 

  WNS Global Services

  Sept 2002 - Feb 2008

  Product Specialist & Trainer (FedEx Process)

  • Handled a team of 103 associates responsible for freight and duty/tax billing for FedEx• Responsible for accurate release of freight and duty/tax billing to Europe, MiddleEast, and Africa• Trained and groomed activities for large teams across the function• Prepared weekly/monthly process dashboard and presented to FedEx

• 

  Wipro BPO

  Feb 2008 - Jan 2014

   Independent ISMS Audits: Conducted audits of the Information Security Management System (ISMS), created comprehensive risk assessment and treatment plans, and provided effective corrective actions. Anomaly Detection System: Designed and implemented an anomaly detection system for various processes, leading to continuous improvement. Key Metrics Presentation: Developed and presented key Information Security metrics to Senior Executive Management, significantly influencing security initiatives. Client Security Services Lead: Acted as the main contact for security services for multiple clients, ensuring seamless communication and robust support. Disaster Recovery and Business Continuity: Developed and rigorously tested plans to address both short- and long-term critical business requirements. Show less

  • Assistant Manager (Risk Management & Compliance)

    Dec 2009 - Jan 2014

  • Team Leader (FedEx Process)

    Feb 2008 - Dec 2009
• 

  Mahindra Special Services Group

  Feb 2014 - Jul 2023

  Consultant

  Optimization: Ensured adherence to industry best practice standards (ISMS (ISO 27001), BCMS (ISO 22301), ITSM (ISO 20000), NIST Cybersecurity Framework) by establishing and implementing governance structures, strategies, policies, and procedures across various sectors.Audit and Assessment: Managed audits and assessments according to industry best practices. Oversaw Information Security Management System (ISMS) ISO/IEC 27001. Supervised Business Continuity Management System (BCMS) ISO 22301. Directed IT Service Management (ITSM) ISO/IEC 20000. Conducted comprehensive IT evaluations through security controls reviews, penetration testing, and compliance assessments with cybersecurity standards and regulations. Performed ITGC assessments to ensure the reliability, integrity, and security of information systems and data. Executed ITCSA Assessments to optimize IT resources, enhance performance, and mitigate risks. Regulatory Compliance: Ensured client compliance with regulatory frameworks such as NCIIPC, IRDA, RBI, and IT Act 2000.Risk Management: Adapting ISO 31000 principles to Identify and assess risks, and develop risk mitigation plans to protect the organization's assets and achieve their objectives with greater confidence and resilience.Security Awareness: Instil a culture of heightened security awareness among clients, their employees, and third-party stakeholders, ensuring a comprehensive understanding of cyber security best practices and proactive recognition of potential threats.Exemplifying proactive leadership: Secured client satisfaction and organizational security through proactive education and strategic relationship-building.Meticulous Project Planning: Led comprehensive project processes, from proposals to certification, ensuring smooth execution and client satisfaction.Harmonizing Teams: Elevated team performance and project success through personalized coaching and fostering collective intelligence. Show less

• 

  Nangia Andersen India Pvt. Ltd.

  Apr 2022 - Oct 2023

  Senior Manager - Cyber Security

  Optimization: Established and implemented governance structures, strategies, policies, and procedures to ensure adherence to industry best practice standards such as ISMS (ISO 27001), BCMS (ISO 22301), ITSM (ISO 20000), ISO 31000, and the NIST Cybersecurity Framework across diverse sectors.Audit and Assessment: Conducted audits and assessments following industry best practices. Managed Information Security Management System (ISMS) ISO/IEC 27001. Oversaw Business Continuity Management System (BCMS) ISO 22301. Supervised IT Service Management (ITSM) ISO/IEC 20000. Performed diverse IT evaluations including Information Technology Cyber Security Assessments (ITCSA) through security controls reviews, penetration testing, and compliance assessments with cybersecurity standards and regulations. Conducted Information Technology General Controls (ITGC) assessments to ensure the reliability, integrity, and security of information systems and data. Executed Information Technology Current State Assessments to help organizations optimize IT resources, enhance performance, and mitigate risks.Regulatory Compliance: Ensured client adherence to regulatory frameworks such as NCIIPC, IRDA, RBI, SEBI, and IT Act 2000.Risk Management: Applied ISO 31000 principles to identify and assess risks, creating strategic risk mitigation plans to protect organizational assets and bolster confidence and resilience.Security Awareness: Promoted cybersecurity awareness among employees, and third parties, ensuring they are informed about best practices and potential threats.Pioneering Leadership: Ensured process assurance, managed issues, maintained effective client relationships, and balanced decision-making to prioritize client satisfaction alongside organizational objectives.Client-Centric: Focused on addressing client needs, handling emerging threats, maintaining open communication, and providing transparent guidance to ensure client satisfaction and project success. Show less

• 

  Angel One AMC

  Oct 2023 - now

  Chief Information Security Officer

   Cybernance: Develop and maintain strong information security governance frameworks, policies, and procedures. Ensure these align seamlessly with the overall business objectives. Risk Management: Implement a three lines of defense model within the risk governance framework. Identify, assess, and manage risks effectively. Develop and execute mitigation strategies. Collaborate with CXOs to report on the cybersecurity status. Regulatory Compliance: Ensure adherence to industry standards and regulations. Protect the organization from potential legal and financial consequences due to non-compliance. Security Architecture: Supervise the design and deployment of a robust security infrastructure. Ensure comprehensive network security, access control, and data protection. Security Solution Evaluations: Continuously assess and advocate for advanced security technologies and tools. Strengthen the organization's security posture through ongoing evaluations. Incident Orchestration: Develop and lead an incident response strategy. Coordinate rapid identification, response, and recovery from security breaches and incidents. Security Consciousness: Foster a strong security culture within the organization. Train and educate the workforce on cyber security protocols and threat awareness. Security Compliance Reviews and Evaluations: Perform internal compliance audits, vulnerability assessments and penetration testing. Proactively identify and address security vulnerabilities to fortify defenses. Financial Governance and Resource Stewardship: Manage the cybersecurity budget efficiently. Optimize resource allocation to ensure effective security initiatives. Reporting and Metrics: Provide reports and KPIs to the board. Ensure thorough oversight of the organization's cybersecurity posture. Interfacing: Align expectations and provide constructive feedback to enhance cybersecurity goals. Foster optimal productivity and morale through clear and consistent communication. Show less