I’m looking to lead cloud risk and security governance programs—driving ISO/ITGC/SOX/SOC2/IRAP alignment, improving audit outcomes, and mentoring teams—within an organization that values rigorous compliance, measurable improvements, and cross-functional collaboration.
Looking for a job
Shashank Tanwar
@shashanktanwar
Senior information security auditor specializing in cloud risk governance, ISO/ITGC/SOX/SOC2 compliance, and enterprise audit programs.
IndiaWhat I'm looking for
I’m a Senior Auditor and Cloud Risk and Governance Professional with expertise in enterprise-wide governance initiatives across ITGC, SOX, SOC2, ISO 27001, and Third-Party Risk Management. I lead IT risk assessments and governance reviews for AWS cloud environments, ensuring adherence to industry security standards and strengthening cloud governance through collaboration with global stakeholders.
I drive compliance initiatives aligned with NIST CSF 2.0, ISO 27001, SOX, CIS controls, GDPR, and cloud governance frameworks, while architecting risk assessment processes across compliance workstreams. I’ve improved compliance maturity by 35%, reduced audit findings by 40%, increased internal security compliance by 20%, and boosted governance reviews efficiency by 30%—mentoring teams and standardizing governance to enhance audit readiness and regulatory alignment.
Experience
Work history, roles, and key accomplishments
SS
Current
Senior Principal Security Auditor
Skillsoft Software Services
Dec 2023 - Present (2 years 6 months)
Led enterprise-wide IT risk assessments and governance for AWS cloud environments, strengthening cloud governance and improving compliance maturity by 35% within one year. Directed ITGC, SOC 2, SOX, and ISO 27001 audit programs and remediation tracking aligned to NIST CSF 2.0, CIS Controls, GDPR, and third-party risk management; mentored teams to improve governance visibility.
WT
Senior Consultant - Audit & SOX
Wipro Technologies
Jul 2022 - Nov 2023 (1 year 4 months)
Led audit programs and governance reviews, reducing audit findings by 40% over two years. Improved enterprise security compliance by 20% through four ITGC audits, increased governance review efficiency by 30%, and mentored 10 junior team members, improving skills and operational consistency by 50%.
KY
Information Systems Auditor
Kyndryl
May 2019 - Jul 2022 (3 years 2 months)
Managed end-to-end vendor governance and third-party risk management, increasing compliance rate by 15%. Conducted cloud security compliance assessments, coordinated audit activities with internal and client stakeholders, and developed risk control plans aligned to ISO 31000.
CA
Senior Consultant - Risk & Compliance
Capgemini
Dec 2017 - Apr 2019 (1 year 4 months)
Executed cloud control testing and security assessments to increase compliance by 35% and coordinated audits across multiple business functions. Supported IT governance framework implementation and vendor risk assessments, strengthening organizational security posture through policy and compliance alignment initiatives.
DS
ITGC Specialist - Information Security
DCM Data Systems
Aug 2016 - Jun 2017 (10 months)
Implemented compliance and governance projects that increased enterprise security by 20%. Conducted internal and external audits, supported security evaluation and governance processes, and collaborated with stakeholders to strengthen process compliance and governance maturity.
ML
Professional Services Associate
Microland Ltd
Feb 2014 - Aug 2016 (2 years 6 months)
Facilitated identity and access management governance activities and compliance audits to ensure regulatory alignment. Improved control alignment by over 20% by evaluating access governance and coordinating with 8 stakeholders, and supported audit readiness for access compliance initiatives.
CL
Associate Professional - IT Services
CSC India Pvt Ltd
Sep 2010 - Feb 2014 (3 years 5 months)
Provided enterprise IT services and messaging administration support for US-based clients. Supported operational governance and stakeholder coordination activities to help maintain consistent service delivery.
Education
Degrees, certifications, and relevant coursework
NMIMS
Master of Business Administration (MBA), Business Administration
2023 - 2024
Master of Business Administration (MBA) at NMIMS from 08/2023 to 08/2024 in Hyderabad, India.
Tech stack
Software and tools used professionally
Shashank hasn't added their tech stack
Don't worry, there are 90k+ talented remote workers on Himalayas
Availability
Looking for a job
Location
IndiaAuthorized to work in
Salary expectations
65k-100k USD
Social media
Job categories
Skills
ITGCSOXSOC2ISO 27001ISO 31000NIST CSFCISGDPRCloud GovernanceAWS Cloud Risk AssessmentsAudit Program ManagementAudit Remediation TrackingRegulatory ComplianceVendor Risk ManagementThird Party Risk ManagementIT GovernanceIdentity Governance And AdministrationCybersecurity GovernanceNIST AI RMFEU AI ActAzure 900CISAEnhanceIncreaseMatterInformation Security Registered Assessors Program (IRAP)
Interested in hiring Shashank?
You can contact Shashank and 90k+ other talented remote workers on Himalayas.
Message ShashankFind your dream job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
