Niranjan Ganesan

Senior IT & Cloud Security Manager
Bengaluru, Karnataka
linkedin.com/in/niranjan-ganesan-In
g_niranjan@icloud.com
+91 7305477768
A key contributor to achieving global compliance certifications (SOC 2, ISO 27001, PCI DSS, GDPR, etc.), collaborated cross-functionally to embed security by design, automate workflows, and align data protection practices with business objectives for scalable and sustainable impact. Targeting challenging assignment in SaaS Cloud Information Security with a reputed organization.

PROFILE SUMMARY

  • Seasoned Information Security professional with over 2 decades of expertise in the fields of cybersecurity, compliance, and risk management, adeptly navigating various regulatory frameworks such as SOC 2, PCI DSS, HIPAA, ISO 27001, GDPR, CPRA, and Data Privacy Framework.
  • Currently working as Senior IT & Cloud Security Manager at Plivo, Inc., overseeing critical security initiatives and compliance efforts.
  • Proficient in architecting cloud and endpoint security programs from scratch, implementing proactive monitoring controls, and driving security automation that dramatically reduces manual overhead and incident response times.
  • Defined and executed a forward-looking cloud security strategy tailored to SaaS operations, ensuring alignment with organizational goals and industry benchmarks.
  • Anticipated and mitigated evolving security risks through proactive assessments, policy frameworks, and scalable controls across multi-cloud environments.
  • Identified a critical security vulnerability for a client involving exposed credentials on a public repository, preventing millions in potential financial losses.
  • Recognized across organizations as a go-to resource for IT security, compliance, and strategic incident response.
  • Built and nurtured security-first culture by creating awareness programs and mentoring junior staff in compliance protocols.
  • Enabled executive decision-making with clear risk visibility, while fostering a culture of security awareness and operational agility.

Certifications

  • ISACA Certified Information Systems Auditor (CISA)
  • ISACA Certified Information Security Manager (CISM)
  • ISACA Certified in Risk and Information Systems Control (CRISC)
  • ISACA Certified in the Governance of Enterprise IT (CGEIT)
  • ISACA Certified Data Privacy Solutions Engineer (CDPSE)
  • Certified Information Privacy Technologist (CIPT)
  • Certified Chief Information Security Officer (CCISO)
  • Privacy Engineering Certification
  • Certificate of Cloud Security Knowledge (CCSK)
  • Certificate of Competence in Zero Trust (CCZT)
  • CompTIA Security+
  • CompTIA PenTest+
  • CompTIA Network Vulnerability Assessment Professional
  • AWS Certified Security - Specialty

Certifications

  • AWS Certified Solutions Architect - Associate
  • Certified ATT&CK Cyber Threat Intelligence
  • Certified ATT&CK Security Operations Center Assessments
  • ISO 42001:2023 Lead Auditor – Artificial Intelligence Management Systems (AIMS)
  • ISO 27001:2013 Lead Auditor - Information Security Management System
  • ISO 27001:2022 Lead Auditor - Information Security Management System
  • Certified Agile Leader 1
  • Certified Agile Leadership for Teams (CAL-T)
  • Certified Agile Leadership for Orgs (CAL-O)
  • Certified Agile Leadership Essentials (CAL-E)
  • Certified GCHQ - Cyber Incident Planning & Response (CIPR)
  • Certified Advanced Cloud Security Auditing (CSA Star)
  • Certified ITIL V4 Foundation - IT Service Management
  • VMware Certified Associate - Data Center Virtualization
  • Redis Security
  • Certified Scrum Master
  • Cyber Supply Chain Management

Work Experience

Senior IT & Cloud Security Manager

Plivo, Inc.,

Apr 2021 - Current
  • Acting as the single point of contact for all organizational security, compliance, and privacy-related queries.
  • Coordinating with external auditors to drive annual compliance certifications, ensuring timely renewals and audit readiness.
  • Collaborating cross-functionally to design, implement, and monitor security controls across cloud and endpoint infrastructures, aligned with leading compliance frameworks and best practices.
  • Driving the development and enforcement of advanced security frameworks, improving organizational resilience through deployment of encryption protocols, access controls, and threat detection mechanisms.
  • Initiating and managing a comprehensive compliance testing strategy, formulating risk mitigation roadmaps, and promoting a culture of continuous improvement.
  • Assisting Sales and Customer Success teams by handling security questionnaires during client onboarding and audit cycles, strengthening client trust and supporting business growth.
  • Supporting the Legal team in enforcing privacy policies and ensuring adherence to data protection regulations across organizational operations.
  • Conducting in-depth security research and breach analysis, including uncovering compromised credentials in a client's public repository—an initiative that saved the client millions in potential losses.

Highlights:

  • Orchestrated enterprise-wide compliance programs aligned with SOC 2, ISO 27001, PCI DSS, HIPAA, Data Privacy Framework, CPRA, GDPR, and CFA Star Level 1, enhancing regulatory adherence and fortifying the organization’s compliance posture globally.
  • Introduced automation initiatives that reduced manual effort by 60–70 days annually, significantly improving operational efficiency and incident response times.

Senior Manager - Information Security

Fiserv, Inc.,

Oct 2019 - Apr 2021
  • Unified global cybersecurity operations by aligning enterprise controls with international compliance frameworks including PCI DSS, SOC 2, GDPR, ISO 27001, ISO 27017, ISO 27018, and ISO 9001, resulting in successful multi-certification audits and sustained regulatory readiness.
  • Designed and executed a scalable security monitoring roadmap across hybrid environments (on-prem & AWS Cloud), integrating automated controls to enhance threat detection, compliance, and operational resilience.
  • Led enterprise-wide risk evaluations and incident response enhancements, embedding proactive governance protocols and significantly strengthening the organization’s cyber risk posture and security-first culture.

Assistant Vice President Security

Reward360 Global Services Private Limited

Jul 2018 - Oct 2019
  • Championed the deployment of enterprise-grade security and compliance frameworks, building foundational governance structures, risk mitigation policies, and control mechanisms tailored to evolving threat landscapes.
  • Drafted and enforced key cybersecurity policies and standards, while leading the successful implementation of PCI DSS compliance, driving audit readiness and operational excellence.
  • Architected a 24x7 threat monitoring ecosystem for the e-commerce platform by deploying SIEM tools, Web Application Firewalls (WAF), and automation frameworks, ensuring continuous vulnerability monitoring and rapid incident containment.

PREVIOUS WORK EXPERIENCE

CISO & IT Head

Skilworth Technologies Private Limited

Feb 2016 - Jul 2018

Senior Data Center Engineer

Redblacktree Technologies Private Limited

Oct 2010 - Nov 2015

Service Engineer

Alfie Software Private Limited

May 2009 - Aug 2010

Senior System Administrator

RMP Infotech Private Limited

Dec 2005 - Apr 2009

Core Competencies

  • Security Solutions Design
  • Security Auditing
  • Strategic Security Planning
  • Cybersecurity Risk Management
  • Incident Management
  • Cloud Security (AWS)
  • Data Privacy
  • Compliance Management
  • Encryption Solutions
  • Risk Control

Skills

  • Information Security Management
  • Cloud Security Architecture
  • Risk and Compliance Management
  • Regulatory Compliance (SOC 2, ISO 27001/27017/27018/42001, PCI DSS, HIPAA, GDPR, CPRA)
  • Privacy Engineering & Data Protection
  • Security Governance & Policy Enforcement
  • Security Audits & Certifications
  • Threat Detection & Incident Response
  • Cybersecurity Strategy & Roadmapping
  • Cloud Security Posture Management (CSPM)
  • AWS Security (IAM, KMS, GuardDuty, Config, Security Hub)
  • Endpoint Security Management
  • DevSecOps & Security Automation
  • SIEM Tools
  • Vulnerability Assessment Tools (e.g., Nessus, OpenVAS)
  • Web Application Firewalls (WAFs)
  • Identity & Access Management (IAM, PAM)
  • MITRE ATT&CK Framework
  • Cross-functional Team Leadership
  • Change Management & Business Process Improvement
  • Executive Stakeholder Communication
  • Security Awareness & Training Programs
  • Audit & Regulatory Readiness

PERSONAL DETAILS

  • Address: Bangalore - 560103, Karnataka, India
  • Languages Known: English, Tamil
  • Date of Birth: 02 January 1985
  • Open to Relocation: Yes