HimalayasHimalayas logo
SS
Open to opportunities

Sridevi Srinivas

@sridevisrinivas

Senior information security consultant delivering pragmatic, risk-based security, compliance, and ISMS programs across regulated environments.

United Kingdom
Message

What I'm looking for

I’m looking for client-facing information security work where I can apply a pragmatic, risk-based approach—supporting ISMS delivery, vulnerability and penetration testing, GDPR/PCI compliance, and clear governance-to-practice translation with strong stakeholder collaboration.

I’m an Information Security Consultant with over 10 years of experience supporting organisations in regulated environments to manage risk, meet regulatory obligations, and improve overall security posture. I take a pragmatic, risk based approach to security—translating frameworks and regulatory requirements into effective, proportionate controls—while confidently working with both technical and non technical stakeholders.

In my current Senior Information Security Consultant role, I assess projects against cybersecurity frameworks, support ISMS implementation, and define security policies and procedures. I lead vulnerability management and coordinate internal and external penetration testing, perform GDPR gap analyses and project-level data protection assessments, oversee third-party supplier security assessments, and report risk posture and remediation progress through audit and risk committee forums. I also deliver security awareness training and contribute to audit and PCI compliance activities.

Experience

Work history, roles, and key accomplishments

PT
Current

Senior Information Security Consultant

Pretty Little Thing

Jul 2021 - Present (4 years 9 months)

Assessed projects against cybersecurity frameworks and standards to support ISMS implementation, security policies, and procedures. Coordinated vulnerability assessments, penetration testing, GDPR gap analyses, third-party security reviews, and PCI compliance, tracking risks to remediation via the risk register.

Security AssessmentsVulnerability ManagementPCI Compliance
TR

Information Security Consultant

Tradex

Oct 2020 - Jul 2021 (9 months)

Reported to the CIO on risk management activities, assessing projects against cybersecurity frameworks and supporting ISMS-aligned policy implementation. Led vulnerability management and penetration testing coordination, conducted GDPR gap analyses, and delivered security posture and risk reporting for audit and risk committee forums.

Risk ManagementVulnerability ManagementSecurity Posture
TS

Information Security Consultant

Taskial Solutions

Nov 2018 - Sep 2020 (1 year 10 months)

Assessed projects across retail, banking, and automotive sectors against recognized cybersecurity frameworks, providing assurance and recommendations to improve control effectiveness. Defined internal and third-party security assurance processes and delivered vulnerability management, security scanning-driven risk identification, and GDPR gap analyses to support compliance.

Cybersecurity FrameworkSecurity ProcessesVulnerability Management
AR

Information Security Analyst

Arcadia

Dec 2017 - Nov 2018 (11 months)

Led risk assessments and ISMS risk management activities to support Cyber Essentials Plus and ISO 27001 certification, defining and implementing access management controls. Improved security maturity through security awareness initiatives and delivered third-party and payment security assessments, including supplier due diligence, compliance reviews, and PCI self-assessment activities.

Access ManagementISO 27001Cyber EssentialsSecurity AwarenessThird Party Risk ManagementPCI Self Assessment
TS

Junior Information Security Consultant

Tata Consultancy Services

Dec 2013 - Jul 2017 (3 years 7 months)

Performed risk assessments and implemented ISMS risk management controls to support Cyber Essentials Plus and ISO 27001 certification. Defined security standards across access management, privileged access, encryption, network security, and logging/monitoring, while delivering security awareness initiatives and third-party/payment security assessments to support remediation.

Risk AssessmentAccess ManagementPrivileged Access ManagementNetwork SecurityLogging And MonitoringSecurity AwarenessSecurity AssessmentsPCI Self Assessment

Education

Degrees, certifications, and relevant coursework

JU

JNTU University

Bachelor of Technology, Mechanical Engineering

Completed a Bachelor of Technology degree in Mechanical Engineering at JNTU University.

Tech stack

Software and tools used professionally

Gmail logo

Gmail

Bridge logo

Bridge

Availability

Open to opportunities

Location

United Kingdom

Authorized to work in

Zimbabwe

Job categories

Senior Information Security ConsultantInformation Security ConsultantSecurity AuditsITSM ImplementationVulnerability ManagerSecurity and ComplianceSenior Security ConsultantSenior Cybersecurity ConsultantSenior Information Security SpecialistSenior Information Security AnalystSenior Incident Response Consultant

Skills

BridgesSecurity ConsultingRisk ManagementSecurity AuditsSecurity PoliciesVulnerability ManagementPenetration TestingPCI CompliancePCI DSSRisk RegisterSecurity AwarenessSecurity AssessmentsInfrastructure AssessmentsApplication And Infrastructure Risk AssessmentBug BountyMonitoringDatabase ChecksAccess ManagementPrivileged Access ReviewsEncryptionNetwork SecurityLogging And MonitoringCyber EssentialsISO 27001OneTrustCyberArkGmail

Interested in hiring Sridevi?

You can contact Sridevi and 90k+ other talented remote workers on Himalayas.

Message Sridevi

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan