Open to opportunities

Shalini Ramesh

@shaliniramesh

Message

Cybersecurity & GRC Manager with 11 years of experience.

United Kingdom

Message

What I'm looking for

I am looking for a role that challenges me and allows for professional growth in cybersecurity and compliance.

I am a Cybersecurity & GRC Manager with over 11 years of experience in cyber risk, compliance, and governance. My expertise lies in managing ISO 27001 and NIST CSF compliance programs, conducting enterprise risk assessments, and developing security policies that align with business objectives. I have a proven track record of improving GRC maturity and successfully implementing Information Security Management Systems.

Throughout my career, I have directed compliance audits and led risk-driven cybersecurity strategies, significantly enhancing third-party governance and reporting directly to executive leadership. My strong command of tools such as AuditBoard, Microsoft Defender, and Okta has enabled me to communicate risk posture effectively and drive strategic security decisions. I am passionate about fostering a culture of security awareness and ensuring compliance across all levels of the organization.

Experience

Work history, roles, and key accomplishments

Current

Cybersecurity Manager - GRC

Current

Chubb Fire and Security

Jun 2023 - Present (2 years 1 month)

Directed ISO 27001:2022 and GDPR compliance audits, leading the design and execution of a risk-driven cybersecurity strategy. Performed enterprise risk assessments using the NIST Cybersecurity Framework, driving an improvement in GRC maturity from 1.09 (2023) to 3.25 (2025). Successfully implemented an Information Security Management System (ISMS) to attain ISO 27001:2022 certification.

ISO 27001 GDPR NIST CSF AuditBoard Risk Management Third Party Risk Management

Identity and Security Lead

UST Global

Jan 2023 - Present (2 years 6 months)

Developed and enforced access control measures in line with ISO 27001, GDPR, and PCI-DSS, including RBAC and Conditional Access policies. Contributed to audit readiness by collecting IAM evidence and supporting validation of identity-related controls for ISO 27001 and other compliance frameworks. Coordinated with external auditors and regulatory bodies to facilitate security audits and ensure time

ISO 27001 GDPR PCI DSS RBAC Conditional Access IAM Risk Mitigation Enforcement

Identity and Access Analyst

Vanquis Bank

Jun 2018 - Present (7 years 1 month)

Led the Joiner-Mover-Leaver (JML) process, third-party access provisioning, and periodic access recertifications using Active Directory and Okta. Supported SOC incident triage for Vanquis Bank; investigated identity anomalies, suspicious logins and phishing threats through Sentinel. Reduced phishing threats by 60% through the deployment of IRONSCALES and Microsoft Defender for Office 365, coupled

Active Directory Okta RBAC IRONSCALES Microsoft Defender User Training Identity Governance

Certification and Deployment Engineer

Wipro Technologies

Mar 2015 - Present (10 years 4 months)

Supported SCCM and software deployments; resolved deployment failures and managed reports. Managed large-scale Windows XP to 7 migrations; leveraged Altiris and SCCM; supported AD/GPO setup.

SCCM Software Deployment Troubleshooting Active Directory GPO

Education

Degrees, certifications, and relevant coursework

RNS Institute of Technology, VTU

Bachelor of Engineering, Electronics and Instrumentation Technology

Grade: Distinction

Completed a Bachelor of Engineering in Electronics and Instrumentation Technology. Achieved a Distinction, demonstrating strong academic performance in the field.