Functional Skills
Project Management
Compliance and risk
Program Management
Cybersecurity
Risk Governance
Risk Management
Software Skills
G Suite
Microsoft Office
Microsoft Excel
Microsoft PowerPoint
Microsoft Word
Sector Experience
Business Services
Healthcare
Manufacturing
Retail
Technology
Languages
English
Hindi
Notable Clients
Abbott Laboratories
CDK Global
CDW
Kohl's
Big 4 Accounting
Fortune 500
Top Consulting Firms
Experience
Oread Risk & Advisory LLC
Management Consulting
Director
12/2018 - Present
Served as lead consultant to SMB and mid-market clients, developing tailored cybersecurity strategies, governance frameworks, and security maturity roadmaps aligned to NIST CSF, NIST 800-53/171, CMMC 2.0 and ISO 27001.
Directed multiple SOC 1, SOC 2 and HIPAA readiness and attestation engagements across industries including finance, healthcare, and SaaS.
Conducted vendor risk evaluations, and internal audits to ensure regulatory compliance.
Designed enterprise-wide information security and IT governance policies, including change management and secure code practices.
Delivered board-level reporting on compliance gaps and remediation strategy, enabling measurable improvements in audit scores.
Spearheaded risk assessments for supply chain and third-party vendor ecosystems, establishing repeatable methodologies and tooling.
Directed multiple SOC 1, SOC 2 and HIPAA readiness and attestation engagements across industries including finance, healthcare, and SaaS.
Conducted vendor risk evaluations, and internal audits to ensure regulatory compliance.
Designed enterprise-wide information security and IT governance policies, including change management and secure code practices.
Delivered board-level reporting on compliance gaps and remediation strategy, enabling measurable improvements in audit scores.
Spearheaded risk assessments for supply chain and third-party vendor ecosystems, establishing repeatable methodologies and tooling.
Zebra Technologies
Management Consulting
Lead Consultant
5/2016 - 12/2018
Re-engineered information security policy lifecycle aligned with NIST-CSF, in collaboration with cross-functional teams (IT, Legal, Supply Chain).
Launched vendor and project risk assessment programs, significantly improving third-party risk visibility and response capabilities.
Built and maintained security risk registers and compliance scorecards across business units, integrating NIST CSF metrics.
Orchestrated phishing simulation and awareness campaigns, achieving marked improvement in user behavior metrics.
Led GDPR and Privacy Shield readiness assessments and advised on compliance strategy for IT systems.
Acted as liaison between IT security and business units, translating business needs into actionable security architecture decisions.
Launched vendor and project risk assessment programs, significantly improving third-party risk visibility and response capabilities.
Built and maintained security risk registers and compliance scorecards across business units, integrating NIST CSF metrics.
Orchestrated phishing simulation and awareness campaigns, achieving marked improvement in user behavior metrics.
Led GDPR and Privacy Shield readiness assessments and advised on compliance strategy for IT systems.
Acted as liaison between IT security and business units, translating business needs into actionable security architecture decisions.
Protiviti
Management Consulting
Senior Manager
9/2014 - 3/2016
Led ITGC and SOX assessments for IPO readiness engagements and post-public clients.
Conducted pre/post system implementation audits, data privacy reviews, DR/BC planning, and vendor risk assessments.
Designed enterprise-wide GRC frameworks for clients across healthcare, retail, and manufacturing.
Developed client risk remediation roadmaps and IT compliance programs with measurable risk reduction outcomes.
Conducted pre/post system implementation audits, data privacy reviews, DR/BC planning, and vendor risk assessments.
Designed enterprise-wide GRC frameworks for clients across healthcare, retail, and manufacturing.
Developed client risk remediation roadmaps and IT compliance programs with measurable risk reduction outcomes.
HSNi
Other
IT Audit Director
8/2013 - 8/2014
Directed enterprise IT audit strategy including PCI-DSS, SOX, and risk-based audits.
Built risk register and remediation plan used to improve GRC posture across multiple business units.
Managed internal and external stakeholder relationships to ensure timely, aligned compliance initiatives.
Built risk register and remediation plan used to improve GRC posture across multiple business units.
Managed internal and external stakeholder relationships to ensure timely, aligned compliance initiatives.
Kraft Heinz
Other
IS Audit Manager
5/2009 - 8/2013
Led global audit engagements including data privacy, application security, and disaster recovery.
Developed data analytics roadmap that enhanced audit coverage and efficiency.
Supported FCPA investigations, SOC reviews, and vendor compliance audits.
Implemented enterprise-wide audit tools and managed SOX compliance program.
Developed data analytics roadmap that enhanced audit coverage and efficiency.
Supported FCPA investigations, SOC reviews, and vendor compliance audits.
Implemented enterprise-wide audit tools and managed SOX compliance program.
Schawk, Inc.
Information Technology
IS Audit Manager
3/2006 - 10/2008
Designed and executed global IT SOX programs using COBIT and COSO frameworks.
Aligned IT audit plans with financial audit strategy to improve control reliability and audit efficiency.
Aligned IT audit plans with financial audit strategy to improve control reliability and audit efficiency.
Deloitte
Other
Senior Consultant
7/2004 - 3/2006
Led IT risk reviews and conducted IT audits including SOX across mainframe and ERP environments for Fortune 500 clients.
Developed and implemented SOPs for change management, IT security, and operations.
Developed and implemented SOPs for change management, IT security, and operations.
Ernst & Young (EY)
Management Consulting
Senior Consultant
1/1998 - 7/2004
Delivered full SDLC and project management services for ERP, CRM, BI, and infrastructure projects.
Led QA/testing initiatives and change management strategy across IT and business units.
Led QA/testing initiatives and change management strategy across IT and business units.