kartik ratudi
@kartikratudi
Strategic cybersecurity GRC leader delivering ISO/NIST-aligned risk governance, incident response, and cloud security improvements.
What I'm looking for
I’m a Strategic Information Security Officer focused on safeguarding enterprise-level systems and data. I lead security & technology strategy by developing and communicating an information security roadmap aligned to business objectives, while monitoring architecture, budget, and technology selection for IT security needs.
I build and run Information Security Management Systems (ISMS) and drive compliance through ISO 27001/2022, SOC 2, Cyber Essentials (including Plus), GDPR, HIPAA, and other security frameworks. I also establish cyber resilience capabilities—incident response planning (NIST-aligned playbooks), business impact analysis, recovery testing, and crisis simulations—achieving outcomes like a 4-hour RTO for critical systems and reducing average incident response time by 60% with automated playbooks.
On the technical side, I strengthen cloud security and governance across AWS, Azure, GCP, and Microsoft 365, and I improve security operations through SOC/MSOC leadership, DevSecOps practices, and secure SDLC (SAST/DAST). I’m equally strong in risk management and assurance—security reviews, KRIs/risk tolerance thresholds, third-party and vendor risk management, vulnerability management, and penetration testing—while also leading and mentoring IT/Infosec teams to scale high-performing security programs.
Experience
Work history, roles, and key accomplishments
Sr. Cyber Security GRC Manager
Connells Group
Nov 2025 - Present (8 months)
Developed and executed an enterprise technology risk management strategy and cyber resilience capabilities, including NIST-aligned incident response planning and compliance initiatives (ISO 27001, SOC 2, Cyber Essentials Plus). Led vendor risk, vulnerability management, and penetration testing improvements, achieving a 4-hour RTO and reducing average incident response time by 60%.
Partnered with financial institutions to implement FCA-aligned security frameworks and execute a global cybersecurity strategy resulting in ISO 27001 and SOC 2 certifications. Built and optimized global incident response and a 24/7 Security Operations Centre, including DevSecOps secure SDLC with SAST/DAST tooling and KPI dashboards.
Developed enterprise technology risk management strategy and designed a risk governance framework with KRIs, risk tolerance levels, and business continuity planning. Led compliance and cyber resilience initiatives (ISO 27001, SOC 2, Cyber Essentials Plus) and optimized security operations via third-party SIEM onboarding, supporting SOC operations and vendor risk, vulnerability management, penetrat
Information Security Manager
Eurocom CI Ltd
Mar 2024 - Aug 2024 (5 months)
Implemented ISO 27001:2022 certification from scratch by managing internal audits and Stage 1 and Stage 2 audits. Successfully achieved ISO certification.
Designed and implemented a risk management framework aligned with ISO 27001, NIST, and SOC 2, and conducted risk assessments across technology, data security, and IT infrastructure. Led compliance initiatives and audits for ISO 27001, GDPR, and SOC 2, maintaining risk registers and TPRM programs and delivering risk training to leadership.
Provided cybersecurity risk oversight across networks, cloud environments, and critical infrastructure, aligning controls with NIST, COBIT, ITIL, and ISO 27001. Designed and led cyber defense exercises including business continuity and incident response, managed vulnerability and penetration testing and third-party risk evaluations, and built a 24x7x365 managed security operations center (MSOC).
Founder Director
Logextend Networks
Nov 2018 - Mar 2021 (2 years 4 months)
Established and operated a 24/7 managed security service provider (MSSP) with integrated NOC and SOC capabilities. Delivered OT/ICS-focused security controls across global manufacturing sites and led enterprise compliance efforts including ISO 27001, SOC 2, GDPR, SOX ITGC, achieving 98% compliance with NIST 800-171 and CMMC requirements.
Led multi-tier technical support teams, managed major regional accounts, and delivered training on security policies and customer-specific solutions. Oversaw implementation and migration of Fortinet security solutions and chaired escalation meetings to resolve complex security incidents.
Education
Degrees, certifications, and relevant coursework
Chartered Management Institute
Foundation Degree, Management & Leadership
2018 - 2018
Earned a Foundation Degree in Management & Leadership.
The Open University
Certificate, Management & Leadership
2017 - 2017
Earned a Certificate in Management & Leadership.
The Open University
Certificate, Management & Leadership
2017 - 2017
Earned a Certificate in Advance Level Leadership & Management.
The Open University
Certificate, Management & Leadership
2017 - 2017
Earned a Certificate: M&L – Growing as a Manager.
Sikkim Manipal University
Master of Business Administration, Business Administration
2002 -
Earned a Master’s in Business Administration (MBA).
Dr. B. R. Ambedkar University
Bachelor of Science, Science
1999 -
Earned a B.Sc. (Bachelor of Science).
Priyadarshini Institute of Computer Aided Knowledge
Post Graduate Diploma in Computer Applications, Computer Applications
1998 -
Earned a Post Graduate Diploma in Computer Applications (PGDCA).
Tech stack
Software and tools used professionally
Availability
Location
Authorized to work in
Job categories
Skills
Interested in hiring kartik?
You can contact kartik and 90k+ other talented remote workers on Himalayas.
Message kartikGet matched with your dream remote job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
