Open to opportunities

Geethu Jayan

@geethujayan

Message

CISA-certified technology risk consultant specializing in IT audit and ISMS assurance.

India

Message

What I'm looking for

I’m looking to lead IT audit and risk management engagements—strengthening ISMS and IT controls through ISO 27001, NIST CSF, and COBIT-aligned assurance, partnering with stakeholders to deliver clear findings and remediation outcomes.

I’m a Certified Information Systems Auditor® (CISA) with over 9.2 years of experience leading IT audit and risk management projects across India, the Middle East, Australia, the UK, Egypt, Türkiye, Algeria and the US. I deliver complex assurance work with strong team leadership, stakeholder engagement, and high-quality audit execution.

Throughout my career, I’ve worked extensively on Governance, Risk, and Compliance Services (GRCS) and Information Security Management System (ISMS) implementations. My expertise includes SOX IT audits, SOC 1 & 2 attestations, ITGC reviews, cybersecurity assessments, and risk-based IT audits—focused on identifying control gaps, recommending remediation strategies, and strengthening IT governance.

In my current role as a Senior IT Auditor, I deliver IT and Information Security audits aligned with COBIT 5, ISO 27001 and NIST, including IT application controls across supply chain, finance and logistics processes. I also conduct audits covering IAM, network security, incident response, vulnerability management and ITGCs, working extensively with Microsoft Dynamics 365 and Oracle while coordinating effectively with stakeholders.

Experience

Work history, roles, and key accomplishments

Current

Senior IT Auditor

Current

Abdul Latif Jameel

Dec 2025 - Present (6 months)

Delivered IT and information security audits across multiple countries aligned with COBIT 5, ISO 27001, and NIST. Performed IT application controls testing and evaluated IAM, network security, incident response, vulnerability management, and ITGCs for enterprise environments using Microsoft Dynamics 365 and Oracle ERP.

ISO 27001 NIST CSF ITGC IAM Network Security Incident Response Vulnerability Management Microsoft Dynamics 365 Oracle ERP

Assistant Manager

KPMG India

Jul 2022 - Nov 2025 (3 years 4 months)

Led SOX testing engagements in a PCAOB-regulated environment and managed a 12-member team for a UK-based consumer healthcare client, ensuring compliance with internal control standards. Also led GITC/IS and ITGRC audits (including NBFC/FinTech and oil & gas) and performed SOC 1 and SOC 2 attest audits under ISAE 3402/SSAE 18 across India and Australia.

PCAOB GITC IS Audits SOC Stakeholder Management

Lead IT Auditor

Lulu Financial Group

Jan 2020 - Jul 2022 (2 years 6 months)

Prepared audit charters and plans to support compliance with central bank regulations across APAC and Middle East regions covering twelve countries. Conducted ISO 27001-aligned risk assessments, developed 20+ security policies, and executed/reporting GITC over four domains and IT application controls (ITAC) across seven departments.

ISO 27001 NIST CSF GITC IT業務処理統制 (ITAC)GRC Regulatory Compliance Audit Planning

Information Security Analyst

Kenz Engineering Services

Jul 2016 - Nov 2018 (2 years 4 months)

Implemented an Information Security Management System (ISMS) and performed asset-based risk assessments to build risk control matrices. Supported business continuity planning and IT disaster recovery implementation.

Business Continuity Disaster Recovery Information Security Governance Risk Control

Research Associate

IIITM Kerala

Nov 2012 - Jun 2015 (2 years 7 months)

Conducted cybersecurity and web security workshops and supported security training and awareness. Helped set up a virtual lab environment to support hands-on security learning.

Cybersecurity Training Web Security Security Awareness Security Curriculum Support