Open to opportunities

sohan gaonkar

@sohangaonkar

Message

Senior risk management expert with extensive IT audit experience.

Netherlands

Message

What I'm looking for

I seek a challenging role in a dynamic environment that values innovation and risk management.

I am a seasoned professional with over 18 years of experience in risk management and information security. My journey has taken me through various roles, including Senior Manager at D2X Group in Amsterdam, where I lead enterprise risk and control initiatives, ensuring compliance with ISO standards and regulatory requirements. My expertise lies in designing and implementing risk management frameworks that effectively assess and mitigate risks across organizations.

Throughout my career, I have successfully managed teams and collaborated with senior executives to drive risk awareness and compliance initiatives. My tenure at Wells Fargo and Barclays has equipped me with a robust understanding of operational risk management, IT audits, and the intricacies of regulatory compliance in the banking and fintech sectors. I am passionate about leveraging my skills to add value in dynamic corporate environments, focusing on strategic risk management and governance.

Experience

Work history, roles, and key accomplishments

Current

Senior Manager, Enterprise Risk & Control

Current

D2X Group N.V.

Sep 2023 - Present (1 year 9 months)

Leading the ISO27001/02 (ISMS), Business Continuity & Disaster Recovery planning at an enterprise level. Responsible for designing and implementing the risk management framework to ensure compliance with regulatory requirements and internal risk policies.

ISO 27001 Risk Management Business Continuity Disaster Recovery Compliance Cybersecurity IT Governance Regulatory Requirements Risk Assessment Incident Management

Operational Risk Compliance Lead

Wells Fargo

Jan 2022 - Jan 2023 (1 year)

Led operational risk compliance assessments, issue validations, and remediation efforts. Engaged with senior executives and regulators to report on risk management practices and compliance metrics.

Operational Management Compliance Assessments Risk Management Risk Governance Stakeholder Engagement

IT Risk Testing & Validation Lead

Barclays

Jun 2012 - Jan 2022 (9 years 7 months)

Conducted independent assessments of IT risks and controls, leading compliance audits and risk awareness training initiatives to enhance risk management practices across the organization.

IT Risk Management Compliance Risk Management Data Analysis Compliance Risk Management Reporting Risk

IT Audit Manager

Barclays

Jun 2012 - Feb 2014 (1 year 8 months)

Planned and performed risk-based security audits across various IT domains, analyzing risks and developing audit procedures to ensure the effectiveness of controls.

IT Audit Risk Analysis Security Auditing Audit Compliance Testing Risk Management Reporting IT Governance Cybersecurity

Cyber Security Consultant

Capita

Mar 2007 - Jan 2008 (10 months)

Led the implementation of cybersecurity frameworks and supported the development of risk control self-assessments to enhance organizational security posture.

Cybersecurity Framework Risk Assessment Implementation Security Policies Compliance Risk Management Incident Response Vulnerability Assessment Security Awareness Stakeholder Engagement

IT Infrastructure Security Consultant

Wipro Technologies

Mar 2005 - Mar 2007 (2 years)

Supported the implementation of ISO 27001/02 and COBIT frameworks, contributing to the organization's risk management and security compliance efforts.

ISO 27001 IT Security Risk Management Compliance Security Frameworks Implementation Vulnerability Management Data Protection

Education

Degrees, certifications, and relevant coursework

Sudarshan College of Management & Research

Master of Business Administration, Project Management

2012 - 2014

Activities and societies: Supported the successful implementation of innovative programs.

Master of Business Administration with a focus on Project Management, contributing to the effectiveness and performance of the larger Enterprise Risk Management function.