Niranjan Ganesan

• Seasoned Information Security professional with over 2 decades of expertise in the fields of cybersecurity, compliance, and risk management, adeptly navigating various regulatory frameworks such as SOC 2, PCI DSS, HIPAA, ISO 27001, GDPR, CPRA, and Data Privacy Framework.
• Currently working as Senior IT & Cloud Security Manager at Plivo, Inc., overseeing critical security initiatives and compliance efforts.
• Proficient in architecting cloud and endpoint security programs from scratch, implementing proactive monitoring controls, and driving security automation that dramatically reduces manual overhead and incident response times.
• Defined and executed a forward-looking cloud security strategy tailored to SaaS operations, ensuring alignment with organizational goals and industry benchmarks.
• Anticipated and mitigated evolving security risks through proactive assessments, policy frameworks, and scalable controls across multi-cloud environments.
• Identified a critical security vulnerability for a client involving exposed credentials on a public repository, preventing millions in potential financial losses.
• Recognized across organizations as a go-to resource for IT security, compliance, and strategic incident response.
• Built and nurtured security-first culture by creating awareness programs and mentoring junior staff in compliance protocols.
• Enabled executive decision-making with clear risk visibility, while fostering a culture of security awareness and operational agility.

• AWS Certified Solutions Architect - Associate
• Certified ATT&CK Cyber Threat Intelligence
• Certified ATT&CK Security Operations Center Assessments
• ISO 42001:2023 Lead Auditor – Artificial Intelligence Management Systems (AIMS)
• ISO 27001:2013 Lead Auditor - Information Security Management System
• ISO 27001:2022 Lead Auditor - Information Security Management System
• Certified Agile Leader 1
• Certified Agile Leadership for Teams (CAL-T)
• Certified Agile Leadership for Orgs (CAL-O)
• Certified Agile Leadership Essentials (CAL-E)
• Certified GCHQ - Cyber Incident Planning & Response (CIPR)
• Certified Advanced Cloud Security Auditing (CSA Star)
• Certified ITIL V4 Foundation - IT Service Management
• VMware Certified Associate - Data Center Virtualization
• Redis Security
• Certified Scrum Master
• Cyber Supply Chain Management

• Acting as the single point of contact for all organizational security, compliance, and privacy-related queries.
• Coordinating with external auditors to drive annual compliance certifications, ensuring timely renewals and audit readiness.
• Collaborating cross-functionally to design, implement, and monitor security controls across cloud and endpoint infrastructures, aligned with leading compliance frameworks and best practices.
• Driving the development and enforcement of advanced security frameworks, improving organizational resilience through deployment of encryption protocols, access controls, and threat detection mechanisms.
• Initiating and managing a comprehensive compliance testing strategy, formulating risk mitigation roadmaps, and promoting a culture of continuous improvement.
• Assisting Sales and Customer Success teams by handling security questionnaires during client onboarding and audit cycles, strengthening client trust and supporting business growth.
• Supporting the Legal team in enforcing privacy policies and ensuring adherence to data protection regulations across organizational operations.
• Conducting in-depth security research and breach analysis, including uncovering compromised credentials in a client's public repository—an initiative that saved the client millions in potential losses.

Highlights:

• Orchestrated enterprise-wide compliance programs aligned with SOC 2, ISO 27001, PCI DSS, HIPAA, Data Privacy Framework, CPRA, GDPR, and CFA Star Level 1, enhancing regulatory adherence and fortifying the organization’s compliance posture globally.
• Introduced automation initiatives that reduced manual effort by 60–70 days annually, significantly improving operational efficiency and incident response times.

• Unified global cybersecurity operations by aligning enterprise controls with international compliance frameworks including PCI DSS, SOC 2, GDPR, ISO 27001, ISO 27017, ISO 27018, and ISO 9001, resulting in successful multi-certification audits and sustained regulatory readiness.
• Designed and executed a scalable security monitoring roadmap across hybrid environments (on-prem & AWS Cloud), integrating automated controls to enhance threat detection, compliance, and operational resilience.
• Led enterprise-wide risk evaluations and incident response enhancements, embedding proactive governance protocols and significantly strengthening the organization’s cyber risk posture and security-first culture.

• Championed the deployment of enterprise-grade security and compliance frameworks, building foundational governance structures, risk mitigation policies, and control mechanisms tailored to evolving threat landscapes.
• Drafted and enforced key cybersecurity policies and standards, while leading the successful implementation of PCI DSS compliance, driving audit readiness and operational excellence.
• Architected a 24x7 threat monitoring ecosystem for the e-commerce platform by deploying SIEM tools, Web Application Firewalls (WAF), and automation frameworks, ensuring continuous vulnerability monitoring and rapid incident containment.

• Security Solutions Design
• Security Auditing
• Strategic Security Planning
• Cybersecurity Risk Management
• Incident Management
• Cloud Security (AWS)
• Data Privacy
• Compliance Management
• Encryption Solutions
• Risk Control

• Address: Bangalore - 560103, Karnataka, India
• Languages Known: English, Tamil
• Date of Birth: 02 January 1985
• Open to Relocation: Yes