Shaik Mohiuddin
GRC Analyst at UltraViolet Cyber- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
Topline Score
Bio
Credentials
-
ISO 27001 Lead Auditor - Information Security Certification
Independent Global CertificationDec, 2021- Oct, 2024 -
Vendor Risk Management (VRM) Fundamentals
ServiceNowDec, 2021- Oct, 2024 -
Third Party Risk Management
SecurityScorecardNov, 2021- Oct, 2024 -
Azure Fundamentals
MicrosoftSep, 2020- Oct, 2024 -
Introduction to Cyber Security
CiscoMay, 2020- Oct, 2024 -
ISC2 CC
(ISC)²Apr, 2023- Oct, 2024 -
Aviatrix certified engineer
Aviatrix -
Third-Party Risk Management Expert
OneTrust
Experience
-
UltraViolet Cyber
-
United States
-
Computer and Network Security
-
100 - 200 Employee
-
GRC Analyst
-
Sep 2022 - Present
Roles and Responsibility: • Knowledge on applying ISO 27001 controls like Network Security Diagrams, Network Security, Business Continuity and IT Disaster Recovery, Physical Security, Password Management, Asset Management, Information Security Policy. • Reviewing & assessing documents SOX SOC1, SOC2, PCI DSS, and ISO27001. • Strong understanding of the TPRM framework, Risk Management, Information Security practices with 3 lines of defense. • Strong knowledge of main Information Security standards and framework (NIST series, ISO 27000 series). • Knowledge on IT General Controls (ITGC) Audit/Review like Logical Security, Backup and Incident Management, Patch Management, Information Security. • Knowledge of performing qualitative/quantitative risk assessments. • Good knowledge of privacy regulations such as GDPR, CCPA, etc. • Reviewing & assessing documents SOX SOC1, SOC2, PCI DSS, and ISO27001. • Maintain risk register and ensure risks are monitored and managed • Effectively communicate with key stakeholders to risk mitigation plans • Good knowledge in ServiceNow GRC. • Assists with aggregation, analysis, and reporting of security risk metrics. • Identifies, evaluates, recommends, and monitors risk treatment plans. • Strong understanding of cyber security best practices, IT processes, and incident remediation. Show less
-
-
-
EY
-
Entertainment Providers
-
1 - 100 Employee
-
Associate Consultant
-
Apr 2022 - Sep 2022
Roles and Responsibility: • Knowledge on applying ISO 27001 controls like Network Security Diagrams, Network Security, Business Continuity and IT Disaster Recovery, Physical Security, Password Management, Asset Management, Information Security Policy. • Reviewing & assessing documents SOX SOC1, SOC2, PCI DSS, and ISO27001. • Strong understanding of the TPRM framework, Risk Management, Information Security practices with 3 lines of defense. • Strong knowledge of main Information Security standards and framework (NIST series, ISO 27000 series). • Knowledge on IT General Controls (ITGC) Audit/Review like Logical Security, Backup and Incident Management, Patch Management, Information Security. • Knowledge of performing qualitative/quantitative risk assessments. • Good knowledge of privacy regulations such as GDPR, CCPA, etc. • Reviewing & assessing documents SOX SOC1, SOC2, PCI DSS, and ISO27001. • Maintain risk register and ensure risks are monitored and managed • Effectively communicate with key stakeholders to risk mitigation plans • Good knowledge in ServiceNow GRC. • Assists with aggregation, analysis, and reporting of security risk metrics. • Identifies, evaluates, recommends, and monitors risk treatment plans. • Strong understanding of cyber security best practices, IT processes, and incident remediation. Show less
-
-
-
DXC Technology
-
United States
-
IT Services and IT Consulting
-
700 & Above Employee
-
Associate professional software engineer
-
Jun 2020 - Apr 2022
Roles and Responsibility: Worked with information security audit team to complete quarterly audits in scope as per annual calendar Assisted in preparation of audit reports and circulated to stakeholders undergoing audits Supported leads in policy creation and reviewed them as assigned on periodic basis Work with different teams technical and non-technical, to evaluate and continuously improve security and compliance posture Performing Third Part Risk assessments on the suppliers/vendors Participate in the development of security and awareness training in conjunction with other members of the Security Team Identifies, evaluates, recommends, and monitors risk treatment plans. Strong understanding of cyber security best practices, IT processes, and incident remediation. Show less
-
-
Education
-
Muffakham Jah College Of Engineering And Technology
Bachelor's degree, Electronics and communication Engineering -
VNRVJIET
Diploma, ECE