KARTHIK SANKARANARAYANAN
Riyadh,KSA
Summary
Cybersecurity and data management expert with proven skills in risk assessment, internal audits, self assessments and policy development. Extensive knowledge of regulatory frameworks including PCI DSS, PCI PIN, GDPR, PDPL, NCA ECC, DCC, CSCC, CCC and NIST CSF 2.0, emphasizing ITGC and RCSA compliance. Skilled in cryptography, key management, third-party risk management, vendor due diligence, security awareness training to mitigate threats effectively. Adept at managing cloud services including AWS, Azure, GCP, and Oracle while utilizing advanced security technologies such as MS Defender, PRA/PAM, MDM, XDR, and KnowBe4. Committed to driving organizational resilience through change management initiatives and robust cybersecurity strategies tailored to evolving business needs.
Overview
16
16
years of professional experience
3
3
years of post-secondary education
1
1
Certification
Work history
Manager- [GRC Specialist, Security Analyst]
Wipro Technologies Ltd
Riyadh, KSA
01.2022 - 12.2025
- Defined and executed cybersecurity strategy with measurable KPIs, KRIs and performance metrics.
- Led over 20 enterprise-wide risk assessments and vendor due diligence evaluations by aligning with NCA ECC, DCC and CSCC Control requirements and delivering actionable mitigation plans.
- Conducted Gap Assessment to evaluate the current state and to achieve the desired state by applying NIST CSF 2.0 Frameworks.
- Collaborated with Director of GRC & Data Management Leaders to refine documentation, Key Progress updates for Steering Committee presentations with Management.
- Engaged with Legal and Procurement Departments, to review Contracts, NDA (Non Disclosure Agreements) ensuring incorporation of Cybersecurity and secure data management requirements in every legal and contractual documents.
- Developed and implemented cybersecurity policies in alignment with NCA regulations.
- Delivered security awareness programs that increased user compliance by 95%.
- Reviewed cybersecurity posture of over 30 payment applications to ensure adherence to ISF SOGP security standards.
- Assessed key management processes to strengthen Cryptography and Encryption Standards aligns with NCS regulatory compliance.
- Conducted aviation network security assessments, on avionics and IFE systems.
- Go to Person from Cybersecurity in Change Management Meetings / CAB (Change Advisory Board) to ensure changes are implemented securely by identifying analyzing and evaluating the risks.
Business Information Security Manager
Cognizant Technology Solutions Ltd
Chennai, India
06.2020 - 01.2022
- Identified critical security risks and presented mitigation strategies to senior management, enhancing overall cybersecurity posture.
- Developed the Security Assurance Framework based on NIST SP 800-53 standards.
- Monitored and reported security incidents to senior management.
Lead Information Security
Financial Software & Systems Pvt Ltd
Chennai, India
04.2016 - 06.2020
- Established comprehensive GRC frameworks aligned with PCI DSS, PCI PIN, and ISO 27001, achieving 95% enhancement in risk management and compliance.
- Developed and maintained robust compliance policies, procedures, and guidelines to fortify regulatory adherence.
- Defined cryptographic requirements for LUNA EFT Hardware Security Module (HSM), encompassing key management and encryption standards.
- Led internal and external audits of over 15 systems and applications such as Payment Gateway, UPI, AEPS, Mobile Banking ensuring prompt issue resolution and control improvements.
Senior Systems Engineer
LTI Technologies Pvt Ltd
Chennai, India
05.2013 - 03.2016
- Monitored UAT and Production environments with AutoSys to ensure seamless operations.
- Managed code deployments across UAT and Production using automation tools like UDeploy.
- Conducted root cause analysis on functional and security issues, implementing solutions to enhance stability.
- Executed SQL scripts and Linux commands to diagnose deployment issues, collaborating with Development and Testing teams.
Research consultant
Sutherland Global Services Pvt Ltd
Chennai, India
10.2009 - 05.2013
- Resolved Level 3 / ECAT escalations for McAfee consumer products, ensuring timely issue resolution.
- Conducted beta testing to identify weaknesses in McAfee security products.
- Moderated McAfee Community Forum, addressing critical technical issues and guiding users effectively.
Education
BCA - Computer Applications
University of Madras
Chennai / India 04.2006 - 03.2009
Skills
- Cybersecurity and data management
- Risk assessment and internal audits
- Self Assessment
- Policy development and enforcement
- Cryptography and key management
- Change management
- Third-party risk management
- Vendor Due Diligence
- Security awareness training
- ITGC and RCSA compliance
- Cybersecurity in Contracts
- Regulatory frameworks: PCI DSS, PCI PIN, GDPR, PDPL, NCA ECC, DCC, CSCC, CCC, NIST CSF 20
- GRC tools: MetricStream, ServiceNow
- Cloud services: AWS, Azure, GCP, Oracle
- Security technology tools: KnowBe4, MS Defender, PRA/PAM, MDM, XDR
Accomplishments
- Spearheaded implementation of NCA ECC, DCC and CSCC requirements, attaining 98% compliance score.
- Developed Security Assurance Framework for major banks in Finland based on NIST SP 800-53 standards.
- Led PCI DSS implementation project in Dubai, achieving compliance within three months.
Certification
- CRISC (Certified in Risk and Information Systems Control) | Certificate Code: ISTI2519575
- CCE (Cookie Consent Expert) | Certificate Code: C81433
- GRC Archer | Certification Code: ISTE23i23098
- CCSP (Cloud Cybersecurity Professional) | Certificate Code: ISTE22020225372
- CEH (Certified Ethical Hacker) | Certificate Code: ISTE220207141219
- AZC (Azure Cloud) | Certificate Code: ISTE220203791
- CISA (Certified Information Systems Auditor)
- ISCABIS (Information Security, Controls & Audit of Business Information Systems) | Certificate Code: 002026
- CCNA (Cisco Certified Network Associate)
Languages
English
Fluent
Tamil
Native
Hindi
Intermediate
Timeline
Manager- [GRC Specialist, Security Analyst]
Wipro Technologies Ltd
01.2022 - 12.2025
Business Information Security Manager
Cognizant Technology Solutions Ltd
06.2020 - 01.2022
Lead Information Security
Financial Software & Systems Pvt Ltd
04.2016 - 06.2020
Senior Systems Engineer
LTI Technologies Pvt Ltd
05.2013 - 03.2016
Research consultant
Sutherland Global Services Pvt Ltd
10.2009 - 05.2013
BCA - Computer Applications
University of Madras
04.2006 - 03.2009