Open to opportunities

Aman Arora

@amanarora1

Message

Experienced Information Security Manager with a focus on risk management.

India

Message

What I'm looking for

I am looking for a challenging role that allows me to leverage my expertise in information security and risk management while contributing to an organization's long-term goals.

I am an ambitious Information Security Manager with over 17 years of experience in the field, specializing in risk management, compliance, and auditing. My current role at PricewaterhouseCoopers (PwC) involves managing a third-party risk management program for a global technology client, where I conduct ISO-based audits and support remediation plans. I am passionate about enhancing security measures and aligning them with organizational goals.

Throughout my career, I have successfully conducted security assessments across various sectors, ensuring compliance with regulatory requirements such as ISO 27001:2013 and NIST CSF. My previous experience at HCL Technologies and Wipro has equipped me with a robust understanding of security frameworks and the ability to identify and mitigate risks effectively. I have a proven track record of delivering comprehensive reports and recommendations to clients, helping them strengthen their security posture.

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Experience

Work history, roles, and key accomplishments

Current

Manager: Cyber Security, Risk Advisory

Current

PwC AC (Kolkata) Private Ltd.

May 2022 - Present (3 years 6 months)

Currently managing a third-party risk management program for a global technology client, including cloud vendor assessments and ISO-based audits. Supporting PwC UK
's internal audit function by performing various cybersecurity and security improvement audits for U.K.-based clients.

Third Party Risk Management ISO 27001 NIST CSF NESSA Security Auditing Risk And Compliance (GRC) Management

Manager: Delivery Compliance Office

HCL Technologies Limited

Apr 2021 - Apr 2022 (1 year)

Performed and managed security compliance assessments for diverse clients, playing a significant role in the 'second line of defense' for risk and compliance. Conducted security testing of IT/IS controls based on the ISO27K1 framework and evaluated client contractual review services.

Security Compliance Risk Management ISO 27001

Technical Lead: ITRO

Wipro Limited

Jan 2019 - Apr 2021 (2 years 3 months)

Supported client accounts with various compliance activities for IT environments and risk assessments at distinct functional levels. Managed VA compliance, Infra Server Hardening, Patch compliance, SOC compliance, and handled complete Security Exception management.

IT Compliance Risk Assessment Patch Management SOC

Senior Business Analyst-GRC

Tech Mahindra Limited

Feb 2012 - Jan 2019 (6 years 11 months)

Managed Third-Party Risk Management frameworks for pharmaceutical, automobile, and oil and gas industries, including risk categorization, detailed due diligence, and red flag reporting. Monitored and measured vendor health, managed assessment status reports, and ensured SLA adherence.

Third Party Risk Management

Senior Design Engineer

Infosys Limited

Jan 2008 - Feb 2012 (4 years 1 month)

Designed, tested, and performed 3D modeling and drafting of structural parts for various aircraft of different OEM companies. Analyzed and fixed control points to avoid product failure and identified deviations as part of the analysis phase.

3D Modeling