Deepti Bhatia
Practice Head - Managed Security Services at CyRAACS™- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
Topline Score
Bio
Dheeraj Guruprasad
Deepti has been an extremely knowledgeable and resourceful colleague and senior of mine. As a senior, she mentored and guided me with the utmost patience and dedication. As a colleague, she was approachable, enthusiastic and an all round team player. I have had a wonderful experience of working with her and have had the pleasure of knowing her as a friend, colleague and senior.
Akhil Verma, CISSP, PMP, CISA, CISM, CIPM, CCSK
Deepti is true professional and very hard working. She is thorough in Infosec concept. While she is good advisor, at the same time she is good listener. Before providing solutions, she analyze issue thoroughly and then look for suitable remedy.
Dheeraj Guruprasad
Deepti has been an extremely knowledgeable and resourceful colleague and senior of mine. As a senior, she mentored and guided me with the utmost patience and dedication. As a colleague, she was approachable, enthusiastic and an all round team player. I have had a wonderful experience of working with her and have had the pleasure of knowing her as a friend, colleague and senior.
Akhil Verma, CISSP, PMP, CISA, CISM, CIPM, CCSK
Deepti is true professional and very hard working. She is thorough in Infosec concept. While she is good advisor, at the same time she is good listener. Before providing solutions, she analyze issue thoroughly and then look for suitable remedy.
Dheeraj Guruprasad
Deepti has been an extremely knowledgeable and resourceful colleague and senior of mine. As a senior, she mentored and guided me with the utmost patience and dedication. As a colleague, she was approachable, enthusiastic and an all round team player. I have had a wonderful experience of working with her and have had the pleasure of knowing her as a friend, colleague and senior.
Akhil Verma, CISSP, PMP, CISA, CISM, CIPM, CCSK
Deepti is true professional and very hard working. She is thorough in Infosec concept. While she is good advisor, at the same time she is good listener. Before providing solutions, she analyze issue thoroughly and then look for suitable remedy.
Dheeraj Guruprasad
Deepti has been an extremely knowledgeable and resourceful colleague and senior of mine. As a senior, she mentored and guided me with the utmost patience and dedication. As a colleague, she was approachable, enthusiastic and an all round team player. I have had a wonderful experience of working with her and have had the pleasure of knowing her as a friend, colleague and senior.
Akhil Verma, CISSP, PMP, CISA, CISM, CIPM, CCSK
Deepti is true professional and very hard working. She is thorough in Infosec concept. While she is good advisor, at the same time she is good listener. Before providing solutions, she analyze issue thoroughly and then look for suitable remedy.
Credentials
-
Certified Information Systems Auditor(CISA)
ISACAMar, 2019- Nov, 2024 -
ISO 27001-Lead Auditor
BSINov, 2015- Nov, 2024 -
Certified Information Systems Security Professional (CISSP)
(ISC)²
Experience
-
CyRAACS™
-
India
-
IT Services and IT Consulting
-
100 - 200 Employee
-
Practice Head - Managed Security Services
-
May 2018 - Present
1. CISO Service – Business Function • Led the business practice for CISO Services, managing the P/L for the service line, defining the framework for CISO service delivery and defining the key parameters for program management and its performance indicators. • As the CISO lead the Information Security programs for multiple clients in various industries like e-commerce, Technology Products, CPG, NBFC’s etc. • Define requirements and framework for program management and governance for… Show more 1. CISO Service – Business Function • Led the business practice for CISO Services, managing the P/L for the service line, defining the framework for CISO service delivery and defining the key parameters for program management and its performance indicators. • As the CISO lead the Information Security programs for multiple clients in various industries like e-commerce, Technology Products, CPG, NBFC’s etc. • Define requirements and framework for program management and governance for managed security/CISO services comprising of security operations (SOC), VAPT and GRC activities. • Represent the CISO office for board meetings and strategy discussions. and present the metrics for measuring the performance of the security program. • Manage information security and technology risks for an organization and evaluate if any new technologies to be implemented to address the risk. • Manage audit programs based on requirements of ISO 27001, PCI DSS, SOC 2 for multiple clients 2. Third party Risk Management • Define the framework for Third Party Risk Management for multiple NBFC and banking institutions • Manage Third party risk assessment for the vendors of multiple organization like a bank, NBFC. 3. Information Security Maturity Assessments and Security Architecture Review • Conducted Security Architecture review for organizations in Banking and Financial industries (BFSI), Manufacturing and Logistic Industry. • Provided recommendations as projects to be implemented in the organization to improve the maturity of the Information Security controls implemented 4. Client Relationship Management and Project profitability • Developed and nurtured client relationships and won multiple deals contributing to revenue as repeat business • Developed and implemented the project management methodology for organisation in line with PMI standards improving the project cost, quality, and time adherence. • Deliver projects maintaining project profitability for the business line. Show less 1. CISO Service – Business Function • Led the business practice for CISO Services, managing the P/L for the service line, defining the framework for CISO service delivery and defining the key parameters for program management and its performance indicators. • As the CISO lead the Information Security programs for multiple clients in various industries like e-commerce, Technology Products, CPG, NBFC’s etc. • Define requirements and framework for program management and governance for… Show more 1. CISO Service – Business Function • Led the business practice for CISO Services, managing the P/L for the service line, defining the framework for CISO service delivery and defining the key parameters for program management and its performance indicators. • As the CISO lead the Information Security programs for multiple clients in various industries like e-commerce, Technology Products, CPG, NBFC’s etc. • Define requirements and framework for program management and governance for managed security/CISO services comprising of security operations (SOC), VAPT and GRC activities. • Represent the CISO office for board meetings and strategy discussions. and present the metrics for measuring the performance of the security program. • Manage information security and technology risks for an organization and evaluate if any new technologies to be implemented to address the risk. • Manage audit programs based on requirements of ISO 27001, PCI DSS, SOC 2 for multiple clients 2. Third party Risk Management • Define the framework for Third Party Risk Management for multiple NBFC and banking institutions • Manage Third party risk assessment for the vendors of multiple organization like a bank, NBFC. 3. Information Security Maturity Assessments and Security Architecture Review • Conducted Security Architecture review for organizations in Banking and Financial industries (BFSI), Manufacturing and Logistic Industry. • Provided recommendations as projects to be implemented in the organization to improve the maturity of the Information Security controls implemented 4. Client Relationship Management and Project profitability • Developed and nurtured client relationships and won multiple deals contributing to revenue as repeat business • Developed and implemented the project management methodology for organisation in line with PMI standards improving the project cost, quality, and time adherence. • Deliver projects maintaining project profitability for the business line. Show less
-
-
-
EY
-
United Kingdom
-
IT Services and IT Consulting
-
700 & Above Employee
-
Senior
-
Oct 2016 - May 2018
Check compliance with various SOX and SOC requirements by conducting audits for client’s IT applications involved in generation of financial statements • FAIT, SOX Audits Responsibilities: o Manage multiple engagements to conduct ITGC Audits, FAIT audits of the client’s IT environment. o Develop project plans and calendars to conduct Assessments for the clients o As a subject matter expert identify strategy for the risks rising due to the gaps identified during the… Show more Check compliance with various SOX and SOC requirements by conducting audits for client’s IT applications involved in generation of financial statements • FAIT, SOX Audits Responsibilities: o Manage multiple engagements to conduct ITGC Audits, FAIT audits of the client’s IT environment. o Develop project plans and calendars to conduct Assessments for the clients o As a subject matter expert identify strategy for the risks rising due to the gaps identified during the audits/assessments. o As the Lead Senior on the audit team, lead audits/walkthroughs and manage the audit teams. o As part of integrated audits perform control testing to conclude on the operating effectiveness of the controls o Mentor the audit team members and help them enhance their audit skills. • SOX Preparedness Responsibilities: o Assist clients in assessing their SOX preparedness. o Coach the team to perform gap analysis for client’s current processes with the requirements for SOX. o Advice the client on mitigating controls for the gaps identified. • SOC Testing/ SOC Reporting Responsibilities: o Identify the key controls for the client and create the CAP o Conduct walkthrough with the client to understand the processes and the current control framework o Supervise the team to perform control testing for the controls identified to conclude on the operating effectiveness of the controls Show less Check compliance with various SOX and SOC requirements by conducting audits for client’s IT applications involved in generation of financial statements • FAIT, SOX Audits Responsibilities: o Manage multiple engagements to conduct ITGC Audits, FAIT audits of the client’s IT environment. o Develop project plans and calendars to conduct Assessments for the clients o As a subject matter expert identify strategy for the risks rising due to the gaps identified during the… Show more Check compliance with various SOX and SOC requirements by conducting audits for client’s IT applications involved in generation of financial statements • FAIT, SOX Audits Responsibilities: o Manage multiple engagements to conduct ITGC Audits, FAIT audits of the client’s IT environment. o Develop project plans and calendars to conduct Assessments for the clients o As a subject matter expert identify strategy for the risks rising due to the gaps identified during the audits/assessments. o As the Lead Senior on the audit team, lead audits/walkthroughs and manage the audit teams. o As part of integrated audits perform control testing to conclude on the operating effectiveness of the controls o Mentor the audit team members and help them enhance their audit skills. • SOX Preparedness Responsibilities: o Assist clients in assessing their SOX preparedness. o Coach the team to perform gap analysis for client’s current processes with the requirements for SOX. o Advice the client on mitigating controls for the gaps identified. • SOC Testing/ SOC Reporting Responsibilities: o Identify the key controls for the client and create the CAP o Conduct walkthrough with the client to understand the processes and the current control framework o Supervise the team to perform control testing for the controls identified to conclude on the operating effectiveness of the controls Show less
-
-
-
Ocwen Financial Solutions Pvt. Ltd. - APAC
-
India
-
Financial Services
-
700 & Above Employee
-
Senior Analyst
-
Apr 2015 - Oct 2016
Information Security Risk and Governance Description: Check compliance with various legal/regulatory/contractual requirements Responsibilities: Manage global ISO 27001 Internal/External Audits Conduct risk assessment for the business unit/Support Function Gap analysis of existing controls for each business unit Develop mitigation strategies to reduce the level of risk to an acceptable limit Third Party Risk Management Description: To check compliance of… Show more Information Security Risk and Governance Description: Check compliance with various legal/regulatory/contractual requirements Responsibilities: Manage global ISO 27001 Internal/External Audits Conduct risk assessment for the business unit/Support Function Gap analysis of existing controls for each business unit Develop mitigation strategies to reduce the level of risk to an acceptable limit Third Party Risk Management Description: To check compliance of vendors with various legal/regulatory/contractual requirements of the organization Responsibilities: Define the Information Security policies for vendors/suppliers To understand the controls implemented by the service provider within the different IT related processes To evaluate the effectiveness of the controls defined by the organization Continuously identify different threats/vulnerabilities with respect to vendor management and develop mitigation strategies for the identified vulnerabilities Incident Management/Exception Management/Policy Violations Description: To check for any incidents resulting in breach of Information Security or deviations from the Information Security Policies and Procedures on a regular basis Responsibilities: Categorize events as incidents based on the parameter defined in policy Monitor the processes for any Incidents or exceptions against defined Information Security policies Issue Policy Violations to individuals violating Information Security Policies Define workflow and requirements to automate and optimize the exception management process Show less Information Security Risk and Governance Description: Check compliance with various legal/regulatory/contractual requirements Responsibilities: Manage global ISO 27001 Internal/External Audits Conduct risk assessment for the business unit/Support Function Gap analysis of existing controls for each business unit Develop mitigation strategies to reduce the level of risk to an acceptable limit Third Party Risk Management Description: To check compliance of… Show more Information Security Risk and Governance Description: Check compliance with various legal/regulatory/contractual requirements Responsibilities: Manage global ISO 27001 Internal/External Audits Conduct risk assessment for the business unit/Support Function Gap analysis of existing controls for each business unit Develop mitigation strategies to reduce the level of risk to an acceptable limit Third Party Risk Management Description: To check compliance of vendors with various legal/regulatory/contractual requirements of the organization Responsibilities: Define the Information Security policies for vendors/suppliers To understand the controls implemented by the service provider within the different IT related processes To evaluate the effectiveness of the controls defined by the organization Continuously identify different threats/vulnerabilities with respect to vendor management and develop mitigation strategies for the identified vulnerabilities Incident Management/Exception Management/Policy Violations Description: To check for any incidents resulting in breach of Information Security or deviations from the Information Security Policies and Procedures on a regular basis Responsibilities: Categorize events as incidents based on the parameter defined in policy Monitor the processes for any Incidents or exceptions against defined Information Security policies Issue Policy Violations to individuals violating Information Security Policies Define workflow and requirements to automate and optimize the exception management process Show less
-
-
-
eClerx
-
India
-
Information Technology & Services
-
700 & Above Employee
-
Associate Process Manager
-
2014 - 2015
Roles and responsibilities: • Idnetify client's business objectives, requirements and translating it into project deliverables • Analyze the data patterns generated out of the KPI’s being reported, performing root-cause analysis of the pattern observed • Develop project plans for handling the daily executional and operational tasks • Conduct risk assessment for the project deliverables and develop risk mitigation plans • Identify new scope for business development and… Show more Roles and responsibilities: • Idnetify client's business objectives, requirements and translating it into project deliverables • Analyze the data patterns generated out of the KPI’s being reported, performing root-cause analysis of the pattern observed • Develop project plans for handling the daily executional and operational tasks • Conduct risk assessment for the project deliverables and develop risk mitigation plans • Identify new scope for business development and enhancement • Team Management and provided technical support and guidance to team members and guided new team members to understand project specific coding and process related standards • Client management and relationship building Show less Roles and responsibilities: • Idnetify client's business objectives, requirements and translating it into project deliverables • Analyze the data patterns generated out of the KPI’s being reported, performing root-cause analysis of the pattern observed • Develop project plans for handling the daily executional and operational tasks • Conduct risk assessment for the project deliverables and develop risk mitigation plans • Identify new scope for business development and… Show more Roles and responsibilities: • Idnetify client's business objectives, requirements and translating it into project deliverables • Analyze the data patterns generated out of the KPI’s being reported, performing root-cause analysis of the pattern observed • Develop project plans for handling the daily executional and operational tasks • Conduct risk assessment for the project deliverables and develop risk mitigation plans • Identify new scope for business development and enhancement • Team Management and provided technical support and guidance to team members and guided new team members to understand project specific coding and process related standards • Client management and relationship building Show less
-
-
-
Bosch
-
Germany
-
Software Development
-
700 & Above Employee
-
Information Security Specialist
-
2013 - 2013
Process definition & Maturity Assessment • Defining new processes/refining existing processes & conducting the maturity check for security implementation in organization. Actively Reviewed the existing action plans pertaining to security initiatives in Bosch, conducted maturity survey Process definition & Maturity Assessment • Defining new processes/refining existing processes & conducting the maturity check for security implementation in organization. Actively Reviewed the existing action plans pertaining to security initiatives in Bosch, conducted maturity survey
-
-
Education
-
Symbiosis Centre for Information Technology
Master of Business Administration (MBA), Systems and Information Security -
Arya College Of Engg & I.T
Bachelor of Technology (B.Tech.)
Community
