Greater Kolkata Area
B.Tech, MBA, M.Phil with 18+ yrs top MNC experience (as strategist/consultant/mentor) in Accenture, TCS, Wipro, Volkswagen, Capgemini, IBM, Avanade etc [corporates] & UEH Vietnam, Symbiosis, UEM, IEM, JIS, SNU, Techno, TNI, NSEC, SXU, Don Bosco [academia] etc. KEY FOCUS AREAS: - Management Consulting & Corporate Training - Cyber Aware Business Leadership - Strategic Management in Digital Age - Responsible AI Adoption - Project & Program Management, Leadership skills - Marketing & Sales Excellence - Human AI-enabled Governance, Risk & Compliance - Information Security Strategy - Data Privacy & Protection, Data Analytics - Cyber Resilience & Business Continuity - Hackathon & CTF KEY TECHNICAL SKILLS: - ISO 27001, 27005, 31000, 22301, 27701, 42001 - TOGAF, SABSA, COBIT, CSA STAR, AI/ML, GenAI - GDPR, DPDPA, LGPD, PIMS, DPIA, CIPP, DCPLA, PCI DSS, RBI/SEBI - ISMS, SOX, SOC2, NIST, CIS - OHSAS 18001, Lean Six Sigma, ITIL - CISA, CISM, CISSP, Ethical Hacking - PMP, PRINCE2, Agile TOP ACCOMPLISHMENTS: - Expanding FHCC to top global clients across USA, EU, Asia Pacific and Middle East geo - Conducted 600+ immersive workshops (onsite & online) for PAN Indian and global clients - Achieved 15% productivity boost by effective coaching - Created 150+ reusable knowledge assets covering topics from Business Management, IT, AI & Info security - Mentored 1000+ experienced professionals, freshers and students - Coached 100+ corporate leaders and CXOs though Leadership Development Programs - Conducted 900+ interviews (E/B-school campus hire & laterals) KEY ACCOLADES (last 5 yrs): - CF100 Cyber Fraternity Award (2025-26) - WOCS Cyber Pinnacle Award (2025) - HALL OF FAME: Symbiosis University (2020) & SCIT (2025) - Next100 CIO Award (2025) - Nasscom DSCI Flash Mentor (2025) - I&D Changemaker & Stewardship Award (2022, 2025) - Super Mentor Award (2023, 2024) - Client Value Creation Award (2023, 2024) PASSION: Published Author (18 books), Public Speaking (500+ hours) LITERARY AWARDS: - Sahitya Akademi Puraskar (Gujarat, 2023) - Padma Shri (nominated 2020) - Karimov Award (Kyrgyzstan, 2022) - Apolon Sirmiensis (Serbia, 2021) - Power is U (USA, 2018) Invited Guest Speaker by Times of India, Telegraph, ABP, Kolkata Police, BigFM, Silent Voice London radio, PRSI, Symbiosis, Narsee Monjee institute, IEM College, George Telegraph, Boston Institute of Analytics etc. To know more about my public profile, please visit my social media handles. Email: [email protected]
Build Fly High #FHCC group and lead the security function. We offer professional mentoring and consulting services on AI-powered Information Technology & Security solutions. Visit our website for more details. www.flyhighgroup.in KEY AREAS OF WORK: - Management Consulting & Corporate Training: Ensure readiness for statutory regulations & AI governance laws Focus Areas: Human AI-enabled Infosec Management, Governance, Risk & Compliance, Data Privacy & Protection - Strategic Risk Governance: Shift from reactive to predictive leadership Focus Areas: Board oversight, Risk appetite alignment, Risk scenario planning - Cyber Security, Fraud Detection & Risk Analytics : Reduce financial, operational & reputational cyber risks and frauds Focus areas: Fraud Detection Analytics, Ransomware resilience, AI model risks, Third-party risk, Cloud exposure - Secure Digital Transformation: Make AI, Cloud, Automation safe to adopt Focus areas: AI governance, DevSecOps, Data security - Cyber Resilience & Business Continuity: Focus areas: Incident response maturity, Zero Trust adoption, Backup integrity, Recovery readiness - Security Culture & Human Risk Index: Build cyber-aware workforce Focus areas: Phishing resistance, Insider threat reduction, Executive cyber literacy - Offering Development: Develop reusable assets & accelerators built with compliant AI tools Focus areas: ISMS Gap Assessment, Internal Audit Checklist, Risk Management, Compliance, GRC, Client Data Protection, GDPR & Third Party Risk Management (TPRM), Data Privacy, Data Obfuscation & Masking, Data Loss Prevention (DLP), Cloud Security, Data/Cyber Security Intelligence (DSI), Vendor Risk Assurance (VRM), Functional Safety, Metaverse & Responsible AI. - CSR: Raise Cyber Safety awareness as President of 'Public Safety & Security Council, Bengal'
Managing end to end cyber risk and regulatory services for my clients, as a senior consultant.
As a Senior Consultant in User Access Provision Design, I play a critical role in ensuring secure, compliant, and efficient access management across the client's enterprise applications. I lead initiatives to streamline access provisioning processes, develop standard operating procedures (SOPs), and engage with application owners to gather requirements and assess access risks. Leveraging AI-based tools, we enhance automation, analytics, and decision-making in access governance. Key Responsibilities: * Access Provisioning & Governance: - Oversee and optimize user access provisioning workflows across multiple platforms (e.g., SAP, Active Directory, cloud apps). - Ensure compliance with internal policies and external regulations (e.g., SOX, GDPR, ISO etc). - Conduct periodic access reviews and recertifications using AI-driven analytics. * SOP Development: - Draft, review, and maintain comprehensive SOPs for access provisioning, de-provisioning, and role-based access controls. - Collaborate with cross-functional teams to align SOPs with business and audit requirements. - Integrate AI-based documentation tools to automate SOP updates and version control. * Stakeholder Engagement: - Conduct structured interviews with application owners and business stakeholders to understand access needs, critical roles, and segregation of duties (SoD) risks. - Translate business requirements into technical access control configurations. - Present findings and recommendations to senior leadership. * AI-Driven Automation & Analytics: - Utilize AI tools (e.g., identity analytics platforms, NLP-based documentation assistants) to enhance provisioning accuracy and reduce manual effort. - Implement machine learning models to detect anomalous access patterns and recommend role optimizations. - Evaluate and deploy AI-based chatbots or virtual assistants for user access requests and FAQs.
Bake in the power of Artificial Intelligence in Cybersecurity & Data Privacy practices for leading APAC markets - India, Singapore, Japan, Malaysia, Thailand, Indonesia, Philippines, Hongkong, Australia, New Zealand & China. Key Responsibilities: - Offer expert Security Posture Assessment, Contextual Data Intelligence, Cloud Asset Discovery, Sensitive Data Scanning, data security, governance, privacy & responsible AI services to global clients. - Provide end-to-end services such as cybersecurity strategy, enterprise implementation, program management & operational managed services. - Help clients to rapidly accelerate the secure adoption of AI technologies like : AI Model Discovery, AI Model Assessment, Data AI & Mapping, Data AI Controls & Regulatory Compliance. - Provide a streamlined ability through bundled technology and service packages to quickly get started and achieve desired outcomes around data security, privacy, governance, & responsible AI objectives. - Assure Responsible Gen AI Governance by enabling commitment to providing visibility, governance, and controls to the growing GenAI data frontier. - Trained 100+ resources across key regions in North America, Europe, and India who can provide expert experience, strategy, and global support to client's implementation programs. - I am a campus recruiter and empaneled interviewer for lateral hires. Tool Expertise: Securiti.AI, Collibra, Hyperproof, OneTrust, Varonis etc. Security Certification: Certified ISO 42001 Lead Implementer Key Skills in Global Privacy & Security Regulations: Australian AI Action Plan (2021), GDPR, Indian DPDPA (2023), Indian IT Act 2000, Indian NITI Ayog AI Principles (2021), Singapore The Cybersecurity Act 2018 (CSA), Malaysia Cyber Security Act 2024 (CSA), Indonesia Electronic Information and Transactions (EIT Law), Thailand Personal Data Protection Act B.E. 2562 (2019), Japan Social Principle of Human Centric AI (2019), Japan AI Governance Guidelines (2022)
Managing Global Client Information Security assessments (as part of sales team) for Avanade, a Fortune500 conglomerate of Accenture & Microsoft; focused on the Microsoft platform with artificial intelligence, business analytics, cloud, application services, digital transformation, modern workplace, security services, technology and managed services offerings. Provide Security sales support (RFP, MSA/SOW review, TPRM / Vendor Risk Assessment, Gap Assessment questionnaire response etc) of Avanade's Global Client Information Security. Key Areas: Compliance to ISO 27001, ISO 27701, PCI DSS, SOC 2 Type II, GDPR, LGPD, Sales & Solutioning Top Achievements: - Guinness World Record Holder for completing and displaying highest number of Microsoft Power Platform digital certificates (July'22). - Got recognized in People section of ICYMI monthly digest (Jan'22 issue), published from Mexico. - Guinness Record holder for Microsoft Power Platform program
Responsible for complete ownership of GRC activities (ISO 27001 & GDPR) for an European (French) fashion client, which is world's largest cosmetics company. Key activities include: Risk Assessment, Governance Reviews, Compliance checks, conduct Physical Security walkthroughs, User access review, ensure Client Data Protection, conduct Security awareness drives, support GDPR compliance, own all GRC related Client deliverables, drive Patching/AV/PAM compliance and risk reporting, Public & Private Cloud security etc. Domain: Cyber Security Consulting, Hazmap, Ethical Hacking
Security consulting assignment for a reputed bank based in Singapore. Key Areas: ISO 27001, PCI DSS Compliance
Promoted to Team Lead (Security Consultant). Responsible for complete ownership of offshore project management for a North America (NA) based media client, which is world's second-largest broadcasting and cable television company by revenue. Key activities include: Staffing, Planning, Budgeting, Resource planning, Client relationship building, Delivery scheduling, Quality assurance, Assessments and Reviews. Domain: Cyber Security Consulting Key Areas: ISO 27001 (ISMS), SOX 302 (fraud analytics and controls), SOX 404 (Credit control risk management), Threat Intelligence, Security Monitoring, AWS & Azure Security
Worked as a visiting lecturer and taught subjects like Vulnerability Assessment & Penetration Testing for ISS batches.