Scribd
Upload
121 views5 pages

Saumya Vishnoi: InfoSec Expert Profile

Uploaded by

emailbbisht
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
121 views5 pages

Saumya Vishnoi: InfoSec Expert Profile

Uploaded by

emailbbisht
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Contact

[email protected]
Saumya Vishnoi
Information Security Risk & Compliance at Google, Co-founder of
www.linkedin.com/in/ BSides Delhi
saumyavishnoi (LinkedIn) Delhi, India

Top Skills Summary


Penetration Testing
Vulnerability Assessment
An Information Security Professional with more than 12 years of
Information Security experience in Information Security handling various responsibilities
including managing entire information security portfolio, handling
Languages coordination and expectation management among multiple
English (Full Professional) stakeholders across geo-locations and performing technical and
Hindi (Native or Bilingual) procedural reviews/audits for international and multinational India
Japanese (Elementary) based clients.

Certifications Currently working as India lead of Regulatory risk & compliance at


Certified Information Security Auditor Google cloud.
(CISA) Qualified
ISO 27001 Lead Auditor Qualified Previously working with the Product security team at Adobe holding
Audit +++ by Joerg Simon certificates like Certified Information Security Auditor (CISA) and
Developing Phantom 4.9 Playbooks ISO27001 Lead Auditor(LA) and an ex-authorized PCI Qualified
Security+ Security Assessor(QSA) from PCI SSC.

Honors-Awards Over the years, have handled customer across various verticals, be
SISAite of the month - April 2014 it banks, Financial organizations, IT services, E-commerce, Public
Kudos Award transport department, telecom, real estate or manufacturing units.
Kudos Award

Successfully conducted various types of assessments including


Vulnerability assessments(both network and Application level),
Penetration Testing (Network and Application level), RBI Payment
Security Systems (PSS) audits, ISO27001 audits, ISMS audits,
Algorithm system audits for stock brokers and PCI DSS audits.

Specialities:
- Ability to articulate vision and concept to senior management.
- Consulting organizations to achieve compliance and security in
complex environments with minimum cost and time
- Ability to drive conversations among diverse teams.
- Consultation and audits for cloud hosted environment compliance
- Project and Time Management
Page 1 of 5
- PCI Risk Assessment
- Information Security/PCI DSS Training
- RBI PSS Audit and implementation
- Enterprise Security Assessment
- ISO 27001 audits and implementation
- PCI DSS consulting, audits and implementation

Experience
Google
2 years 7 months

India Lead - Regulatory Risk & Compliance Advisory - Cloud CISO -


Google Cloud
May 2023 - Present (1 year 1 month)
Gurgaon, India

Responsible for regulatory analysis and compliance advisory for Google cloud
with special focus on India and APAC region.

Technical Program Manager - Payment Compliance


November 2021 - May 2023 (1 year 7 months)
India

Part of global Anti-Financial Crime team, responsible for implementing


sanction screening and anti-money laundering controls in Google.
Lead TPM for sanction screening projects, working with engineering and PM
teams across timezones along with coordinating with legal, compliance and
other supporting teams.

Adobe
4 years 4 months

Senior Security Program Manager - Product Security


February 2020 - October 2021 (1 year 9 months)
New Delhi Area, India

Security Program Manager -Product Security


July 2017 - February 2020 (2 years 8 months)
New Delhi Area, India

- Working in Product Security Incident Response Team (PSIRT) in driving the


response to vulnerability disclosures affecting Adobe products and services.
- Respond to inquiries from customers and the external security community
related to product security.

Page 2 of 5
- Validate the reported issues and determine its risk impact on the organization
- Coordinate with internal teams regarding the closure of the security issues
- Driving end-to-end security bulletins for Adobe.
- Leading women in Security initiative (WinS) in Adobe India
- Conducted multiple information security training sessions internally

FreeCharge
Engineering Manager II- Security & Compliance
February 2016 - June 2017 (1 year 5 months)
Bengaluru Area, India

-- Leading InfoSec Team and providing subject matter expertise across all
operational security and compliance matters
-- Responsible for end to end security of the organization
-- Responsible for ensuring the compliance status of the organization against
various compliance standard likes Statutory audits, RBI audits, PCI DSS,
ISO27001, etc.
-- Responsible for new initiatives related to Information Security to enhance the
security posture of the organization.
-- Managing and reducing Information security risk for the organization

SISA Information Security


Information Security Consultant - Risk & Compliance
October 2013 - September 2015 (2 years)
New Delhi Area, India

- Consulted and audited multiple organizations over PCIDSS standard. Clients


include biggest two telecom operators of India, biggest wallet operator, multiple
BPOs, card production organizations, payment gateways, both national and
international level.
- Successfully conducted and submitted reports of RBI PSS audits for multiple
wallets applications.
- Corporate trainer for CPISI (Certified Payment Card Industry Security
Implementer) for organizations
including Adobe, Sapient, etc.
- Pre-sales consultant for the Delhi/NCR region
- Vulnerability Assessment and Penetration Testing of network and
applications.

Technologics and Controls


Information Security Consultant
July 2012 - October 2013 (1 year 4 months)
New Delhi Area, India
Page 3 of 5
- Performed end to end Enterprise Security assessments for clients
- Performed ISMS audits and Algorithm system audits for stock broker
organizations
- Designing IT processes and operational review for the clients for maintaining
continued compliance
- Vulnerability Assessment and Penetration Testing of Networks and Web
Applications.

Freelancer
Information Security Consultant / Software Developer
July 2011 - July 2012 (1 year 1 month)
Successfully Completed multiple Vulnerability Assessment and Penetration
Testing assignments for both web applications and Networks for both Indian
and international clients.

Single handedly developed and successfully delivered a stock market data


calculation software for a reputed firm in Gurgaon. The application was
developed in C#.net with MsSQL database.

Confidential
Security Analyst
January 2011 - June 2011 (6 months)
♣ Successfully Penetration testing and Vulnerability Assessment of Networks
and Web Applications.
♣ Done a project researching about malwares mainly Botnets, exploit kits,
their infection and spreading techniques etc.

Meteorological Department of India


Summer Trainee
June 2008 - August 2008 (3 months)
New Delhi Area, India

Done training from Telecommunication Department of


Meteorological Department of India (MDI) in the field of Networking and
submitted project report on “TCP/IP Socket Communication”

Education
(Bhagwan Mahaveer) B.M. Institute Of Engineering and Technology,
Sonipat
Page 4 of 5
Bachelor of Engineering (B.E.), Computer Science

Page 5 of 5

You might also like