Bayt.com

Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
karthikeyan ganesan, GRC Manager

karthikeyan ganesan

GRC Manager·DAMAC Properties

United Arab Emirates

Bachelor's degree, Industrial Engineering

Work experience

Total years of experience: 19 years, 11 months

GRC Manager

September 2024 - Present

DAMAC Properties

Dubai, United Arab Emirates

September 2024 - Present

Currently working at DAMAC Properties, leading end-to-end implementation of ISO 27001 across data centers and group entities, with core operations in real estate.
Single-handedly drove multiple certifications including ISO standards, PCI DSS, and Saudi regulatory frameworks (ECC & CCC) for data centers.
Led enterprise-wide data privacy initiatives, implementing robust privacy frameworks and ensuring compliance across group companies.
Company industry:
Real Estate
Job role:
Information Technology

Assistant manager IT Audit & Advisory

July 2021 - Present

KPMG

Manama, Bahrain

July 2021 - Present

Provide advisory and assesments based on frameworks/standards like COBIT, ITIL, GDPR, PDPL, ISO 27001 etc.
➢ Lead Internal audit engagements independently and simultaneously for diverse clientele
➢ Examine internal IT controls, evaluate the design and operational effectiveness, determine exposure to risk, and develop remediation strategies.
➢ Conduct efficient and effective IT audit procedures.
➢ Communicate complex technical issues in simplified terms to the relevant staff.
➢ Perform regular audit testing and provide recommendations.
➢ Review, evaluate, and test IT application controls and General Controls.
➢ Provide recommendations and guidance on identified security and control risks.
➢ Develop a strong understanding of business and system processes.
Company industry:
Management Consulting
Job role:
Information Technology

Senior Information Security Consultant

May 2022 - September 2024

Paramount Computer systems

Dubai, United Arab Emirates

May 2022 - September 2024

Worked at Paramount Computer Systems, contributing to governance, risk, and compliance (GRC) initiatives across multiple client environments.
Played a key role in implementing ISO 27001 frameworks, strengthening information security controls and organizational compliance.
Supported policy development, risk assessments, and audit readiness, ensuring alignment with regulatory and industry standards.
Company industry:
Cyber & Network Security
Job role:
Information Technology

IT GRC consultant

July 2019 - December 2021

Gulf International Bank (GiB)

Manama, Bahrain

July 2019 - December 2021

Implementing information security, governance, risk and compliance for IT functions; ensuring adherence to GRC Processes

IT Policy and process design, development, implementation and custodianship in line with the bank/Organization Group policies, Regulatory, Information security and Data Privacy requirements.

Drive and Manage Risk and Controls Self-Assessment and Controls Testing

Drive and Manage Internal Audits, External IT Audits, Certification Audits and Third-party Assessments

Define, monitor and report on IT-Risk & Governance KPIs and metrics in-line with IT objectives

Evaluate regularly the IT, Information security and Data Privacy risks, and maintain continued awareness of the business and risk profiles and changes in the operating environment and financial markets that may give rise to emerging risks.

Assist in IT risk mitigation efforts and defining controls, including the submission of relevant evidences to internal and external control/regulating bodies.

Managing application security, network security, Data Privacy and vendor security risk assessment

Liaising with Business Units and reviewing all information security plans for business continuity planning and IT disaster recovery

Working with DR team, maintaining department documentation, scheduling and coordinating mock recovery tests

Conducting a robust continuity exercise comprised of a table-top exercise testing overarching contingency plans

Conduct business impact analysis, risk assessments of critical systems and business functions
Company industry:
Banking
Job role:
Information Technology

IT GRC consultant

August 2018 - July 2019

Abudhabi Islamic bank

Abu Dhabi, United Arab Emirates

August 2018 - July 2019

Implementing information security, governance, risk and compliance for IT functions; ensuring adherence to GRC Processes

IT Policy and process design, development, implementation and custodianship in line with the bank/Organization Group policies, Regulatory, Information security and Data Privacy requirements.

Drive and Manage Risk and Controls Self-Assessment and Controls Testing

Drive and Manage Internal Audits, External IT Audits, Certification Audits and Third-party Assessments

Define, monitor and report on IT-Risk & Governance KPIs and metrics in-line with IT objectives

Evaluate regularly the IT, Information security and Data Privacy risks, and maintain continued awareness of the business and risk profiles and changes in the operating environment and financial markets that may give rise to emerging risks.

Assist in IT risk mitigation efforts and defining controls, including the submission of relevant evidences to internal and external control/regulating bodies.

Liaising with Business Units and reviewing all information security plans for business continuity planning and IT disaster recovery


Conduct business impact analysis, risk assessments of critical systems and business functions
Company industry:
Financial Services
Job role:
Information Technology

IT risk Management consultant

October 2017 - August 2018

Wipro technologies

Bengaluru, India

October 2017 - August 2018

Evaluate regularly the IT, Information security and Data Privacy risks, and maintain continued awareness of the business and risk profiles and changes in the operating environment and financial markets that may give rise to emerging risks.

Assist in IT risk mitigation efforts and defining controls, including the submission of relevant evidences to internal and external control/regulating bodies.

Managing application security, network security, Data Privacy and vendor security risk assessment
Company industry:
IT Services
Job role:
Information Technology

IT Service Management Consultant

May 2015 - April 2017

Tech Mahindra Ltd

Chennai, India

May 2015 - April 2017

Establishing and implementing company policies & procedures based on ITIL and ISO standards, governing corporate Information security

Conducting information security risk assessments and managing resolutions for information security incidents

Consulting and assisting Software Projects on Process Improvements, Risk Management, Productivity improvements, Defect Analysis, Metrics definition, Metrics planning and Metrics analysis
Company industry:
IT Services
Job role:
Information Technology

Process Consultant

May 2014 - January 2015

Dubai Port World

United Arab Emirates

May 2014 - January 2015

Managing process related facilitations and conducting audits based on CMMI DEV L5, ISO 9001, ISO 27001, ITIL & DP World QMS standards

Conducting Information security assessments and managing resolutions for information security issues

Driving and leading organization-wide implementation of CMMI
Company industry:
Shipping
Job role:
Information Technology

Quality Management Consultant

January 2013 - May 2014

Larsen & Toubro Infotech Limited

India

January 2013 - May 2014

Establishing and Implementing Quality Management system, Information security Management system and IT service Management system

Conducting Internal audits and Driving external audit and assessments with respect to ISO 9001, ISO 27001, ITIL, CMMI and COBIT
Company industry:
IT Services
Job role:
Information Technology

Quality Management systems lead

December 2011 - December 2012

Onward eServices Limited

Chennai, India

December 2011 - December 2012

Establishing and Implementing Quality Management system, Information security Management system and IT service Management system
Company industry:
IT Services
Job role:
Information Technology

Senior lead Assurance

May 2011 - December 2011

Infosys

Chennai, India

May 2011 - December 2011

Establishing and Implementing Process performance models for IT Projects

Conducting Internal audits and Driving external audit and assessments with respect to ISO 9001, ISO 27001, ITIL, CMMI and COBIT
Company industry:
IT Services
Job role:
Information Technology

Senior Associate

June 2008 - April 2011

Cognizant Technology Solutions

Chennai, India

June 2008 - April 2011

Establishing and Implementing Quality Management system, Information security Management system and IT service Management system

Conducting Internal audits and Driving external audit and assessments with respect to ISO 9001, ISO 27001, ITIL, CMMI and COBIT

Create and Implement Process performance models based on CMMI high maturity practices

Establish and maintain process tailoring and project processes for IT Projects
Company industry:
IT Services
Job role:
Accounting and Auditing

Senior Executive Quality Management Systems

November 2006 - June 2008

Zylog Systems Ltd

Chennai, India

November 2006 - June 2008

Establishing and Implementing Quality Management system, Information security Management system and IT service Management system

Conducting Internal audits and Driving external audit and assessments with respect to ISO 9001, ISO 27001 & CMMI
Company industry:
IT Services
Job role:
Management

Management systems Consultant

November 2005 - November 2006

Nathan & Nathan consultants Private Limited

Chennai, India

November 2005 - November 2006

Consulting and training on Quality Management systems and Information security Management system

Consulting clients for end-to-end implementation of management systems and standards
Company industry:
Automotive Dealership & Distributor
Job role:
Consulting

Education

College of Engineering, Guindy, Anna UniversityCentral Polytechnic

January 2000

January 2000

Bachelor's degree, Industrial Engineering

India

GPA (percentage): 70%

GPA (percentage): 70%

Industrial engineering

Skills

COBIT
Expert
COBIT
Expert
Information Security
Expert
Information Security
Expert
IT Audit
Expert
IT Audit
Expert
IT Governance
Expert
IT Governance
Expert
Risk Management
Expert
Risk Management
Expert
ISO 9000
Expert
ISO 9000
Expert
ITIL
Expert
ITIL
Expert
CONSULTING
Intermediate
CONSULTING
Intermediate
DISASTER RECOVERY PLANNING
Intermediate
DISASTER RECOVERY PLANNING
Intermediate
INFORMATION SECURITY
Intermediate
INFORMATION SECURITY
Intermediate
MANAGEMENT
Intermediate
MANAGEMENT
Intermediate
IT Audit
Expert
IT Audit
Expert
COBIT
Expert
COBIT
Expert
Business continuity Management
Expert
Business continuity Management
Expert
CISA - certified information systems auditor
Expert
CISA - certified information systems auditor
Expert
IT Governance
Expert
IT Governance
Expert
Data Privacy Management
Expert
Data Privacy Management
Expert
IT Risk Management
Expert
IT Risk Management
Expert
Information Security
Expert
Information Security
Expert
Risk Management
Expert
Risk Management
Expert

Languages

English

Expert

Hindi

Expert

Tamil

Native Speaker

Memberships

ISACA

Partcipant

January 2019

ISC2

member

July 2025

Training and Certifications

Certifications
CISSP
ISC2
Jul 2024
ITIL Intermediate
Jan 2014
ISO 22301 BCMS lead auditor
Aug 2021
Show credentials
ISO 27701 data privacy management
Aug 2021
Show credentials
CISA
Jan 2020 - Jan 2025
Show credentials

Hobbies and interests

Partcipating in social forum and networking