Bayt.com

Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Shoaib khan, Manager – Technology and Risk

Shoaib khan

Manager – Technology and Risk·Northern Trust

India

Master's degree, Information technology

Work experience

Total years of experience: 17 years, 3 months

Manager – Technology and Risk

October 2023 - Present

Northern Trust

Pune, India

October 2023 - Present

• Led a 2LoD control testing team; managed end-to-end test cycles including design and operational effectiveness.
• Reduced regulatory findings by 90% through proactive risk remediation planning.
• Delivered comprehensive control documentation and risk tracking tools, improving audit response by 30%.
• Facilitated cross-department collaboration with 1LoD and 2LoD teams, improving delivery timelines.
Company industry:
Banking

Senior Security Risk Analyst

January 2022 - October 2023

Snowflake

Pune, India

January 2022 - October 2023

• Directed Third-Party Risk Management (TPRM) for 500+ vendors; ensure 100% compliance with ISO/NIST/SOC2.
• Implemented a scalable TPRM framework, cutting risk exposure by 70%.
• Reduced third-party incidents by 80% and audit gaps by 40%, enhancing operational resilience.
Company industry:
Catering, Food Service, & Restaurant

IT Risk and Control Analyst

January 2019 - January 2022

UBS

Pune, India

January 2019 - January 2022

• Performed application and database scans to identify potential exposure of Personally Identifiable
Information (PII) and Confidential/Client Identifiable Data (CID).
• Conducted in-depth application risk assessments to evaluate vulnerabilities and compliance with
internal risk management frameworks.
• Supported internal and external IT audits, including SOX and other regulatory compliance audits,
ensuring timely response to audit requests and remediation of findings.
• Conducted GDPR compliance checks across applications and systems handling personal data to
ensure adherence to privacy regulations.
• Executed IT General Controls (ITGC) testing to validate the design and operating effectiveness of
key IT controls.
Company industry:
Banking

InfoSec & Risk Consultant

November 2017 - January 2019

NBIZ / Credence One (UAE)

Pune, India

November 2017 - January 2019

• Delivered ISO 27001 and PCI-DSS compliance for banking and public sector clients.
• Built security policies, frameworks, and managed ISMS lifecycle achieving full certification.
• Advised on risk posture and compliance to national standards (NESA, ISR).
Company industry:
Computer Hardware & High-Tech Manufacture

Manager – Information Security

May 2017 - December 2017

Capita India

Pune, India

May 2017 - December 2017

• Spearheaded cybersecurity program including risk assessments, internal audits, and certification support.
• Drove full ISO 27001 and PCI-DSS compliance, managing cross-functional teams and project budgets.
Company industry:
Insurance & TPA

Lead – Information Security

December 2013 - January 2017

Wipro Technologies

Pune, India

December 2013 - January 2017

• Acted as IT Consultant for BFSI clients, managing compliance, audits, and network security across geographies.
• Oversaw onsite projects in Singapore; led InfoSec implementation aligned with global benchmarks.
Company industry:
IT Services

Security Analyst

January 2012 - December 2013

Tech Mahindra

Pune, India

January 2012 - December 2013

TPRM, third party and vendor risk management.
ISO27001, SOC2 Control testing, SOX ITGC controls review. Internal Audit. Documents review and provide recommendations.
Company industry:
IT Services
Job role:
Security

Security Consultant

January 2010 - January 2011

Orient Technologies

Mumbai, India

January 2010 - January 2011

• Handled techno commercial role for the IT security devices portfolio.
• Prepared IT security solutions for end customers. Providing post sales technical support.
Company industry:
IT Services

Tech Support Engineer

January 2009 - January 2010

STP Systems Private Ltd

Pune, India

January 2009 - January 2010

• Provided post sales technical support for Firewalls (Fortinet, Juniper).
• Prepared the documentation for the technical support team.
• Managing SLA for the resolution provided for the D-link networking appliances.
Company industry:
Internet & E-commerce

Technical Support Engineer

January 2008 - January 2009

D-Link India Ltd.

Mumbai, India

January 2008 - January 2009

• Provided technical support to the end customers using Dlink appliances via Phone calls and
emails.
• Managing SLA for the resolution provided for the D-link networking appliances.
• Leading the team of 8 to meet customer support requirements.
Company industry:
Computer Hardware & High-Tech Manufacture

Education

United Business Institute

January 2012

January 2012

Master's degree, Information technology

India

GPA (percentage): 80%

GPA (percentage): 80%

International MBA in Information technology from United Business Institute, Belgium (2012) (Distance Learning)

UBI- United Business School

January 2012

January 2012

Bachelor's degree, Information Technology

Belgium

Bansal College of Engineering Bhopal

January 2007

January 2007

Bachelor's degree, Electronics & Communications

India

GPA (percentage): 54%

GPA (percentage): 54%

B.E. in Electronics & Communications from Bansal College of Engineering Bhopal (2007)

BCE- RGTU

January 2007

January 2007

Bachelor's degree, Electronics

India

Skills

IT Audit
Expert
IT Audit
Expert
Risk Management
Expert
Risk Management
Expert
Compliance
Expert
Compliance
Expert
Risk Analysis
Expert
Risk Analysis
Expert
IT Governance
Expert
IT Governance
Expert
CYBER SECURITY
Intermediate
CYBER SECURITY
Intermediate
GOVERNANCE RISK MANAGEMENT AND COMPLIANCE
Intermediate
GOVERNANCE RISK MANAGEMENT AND COMPLIANCE
Intermediate
PROJECT RISK MANAGEMENT
Intermediate
PROJECT RISK MANAGEMENT
Intermediate
CYBER GOVERNANCE
Intermediate
CYBER GOVERNANCE
Intermediate
REGULATORY PROCESS
Intermediate
REGULATORY PROCESS
Intermediate
NIST CYBERSECURITY FRAMEWORK CSF
Intermediate
NIST CYBERSECURITY FRAMEWORK CSF
Intermediate
PAYMENT CARD INDUSTRY PCI DATA SECURITY STANDARDS
Intermediate
PAYMENT CARD INDUSTRY PCI DATA SECURITY STANDARDS
Intermediate
GENERAL DATA PROTECTION REGULATION GDPR
Intermediate
GENERAL DATA PROTECTION REGULATION GDPR
Intermediate
Risk Management
Expert
Risk Management
Expert
CISA
Expert
CISA
Expert
IT Auditor
Expert
IT Auditor
Expert
GRC
Expert
GRC
Expert
Information security
Expert
Information security
Expert
Security Audits
Expert
Security Audits
Expert
ISMS
Expert
ISMS
Expert
CISSP
Expert
CISSP
Expert
ISO 27001
Expert
ISO 27001
Expert
Cyber Security
Expert
Cyber Security
Expert
Risk and Complaince
Expert
Risk and Complaince
Expert
Security Consultant
Expert
Security Consultant
Expert
INFORMATION SECURITY MANAGEMENT
Intermediate
INFORMATION SECURITY MANAGEMENT
Intermediate
INFORMATION TECHNOLOGY AUDITS
Intermediate
INFORMATION TECHNOLOGY AUDITS
Intermediate
BANKING
Intermediate
BANKING
Intermediate
ENTERPRISE RISK MANAGEMENT ERM
Intermediate
ENTERPRISE RISK MANAGEMENT ERM
Intermediate
LEADERSHIP
Intermediate
LEADERSHIP
Intermediate
COORDINATING
Intermediate
COORDINATING
Intermediate
CROSS FUNCTIONAL COLLABORATION
Intermediate
CROSS FUNCTIONAL COLLABORATION
Intermediate
REGULATORY REQUIREMENTS
Intermediate
REGULATORY REQUIREMENTS
Intermediate
IT Audit
Expert
IT Audit
Expert
Compliance
Expert
Compliance
Expert
Risk Analysis
Expert
Risk Analysis
Expert
IT Governance
Expert
IT Governance
Expert

Languages

Hindi
Expert
English
Expert
Urdu
Expert
German
Beginner

Training and Certifications

Certifications
Juniper JNCIA, JNCIS
Fortinet NSE 1 & 2
CPISI (PCI-DSS)
ISO 27001 Lead Auditor
CGRC
CISM
CISA
CISSP
ISO-27001 LA
CPISI- PCIDSS
CGRC
CISSP
CISM
May 2020
CISA
Jul 2016

Hobbies

  • Knowledge upgrade, reading books