Niranjan Ganesan

Senior IT & Cloud Security Manager
Bangalore, Karnataka
linkedin.com/in/niranjan-ganesan-In
securityinsights.io
Experienced Information Security Manager with 18 years in cybersecurity, compliance (SOC 2, PCI DSS, HIPAA, ISO 27001, GDPR, CPRA, Data Privacy Framework), and risk management, specializing in strategic security planning and incident response to safeguard critical assets.

Certifications

  • ISACA Certified Information Systems Auditor (CISA)
  • ISACA Certified Information Security Manager (CISM)
  • ISACA Certified in Risk and Information Systems Control (CRISC)
  • ISACA Certified in the Governance of Enterprise IT (CGEIT)
  • ISACA Certified Data Privacy Solutions Engineer (CDPSE)
  • Certified Information Privacy Technologist (CIPT)
  • Certified Chief Information Security Officer (CCISO)
  • Privacy Engineering Certification
  • Certificate of Cloud Security Knowledge (CCSK)
  • Certificate of Competence in Zero Trust (CCZT)
  • CompTIA Security+
  • CompTIA PenTest+
  • CompTIA Network Vulnerability Assessment Professional
  • AWS Certified Security - Specialty
  • AWS Certified Solutions Architect - Associate
  • Certified ATT&CK Cyber Threat Intelligence
  • Certified ATT&CK Security Operations Center Assessments
  • ISO 27001:2013 Lead Auditor - Information Security Management System
  • ISO 27001:2022 Lead Auditor - Information Security Management System
  • Certified Agile Leader 1
  • Certified Agile Leadership for Teams (CAL-T)
  • Certified Agile Leadership for Orgs (CAL-O)
  • Certified Agile Leadership Essentials (CAL-E)
  • Certified GCHQ - Cyber Incident Planning & Response (CIPR)
  • Certified Advanced Cloud Security Auditing (CSA Star)
  • Certified ITIL V4 Foundation - IT Service Management
  • VMware Certified Associate - Data Center Virtualization
  • Redis Security
  • Certified Scrum Master
  • Cyber Supply Chain Management

Work Experience

Plivo, Inc.

Apr 2021 - Current
Senior IT & Cloud Security Manager
  • Orchestrated compliance management for standards including PCI DSS, SOC 2, ISO 27001, HIPAA, Data Privacy Framework, CPRA, and GDPR, enhancing organizational adherence to regulatory requirements and strengthening the compliance posture.
  • Led the development and enforcement of comprehensive security requirements and best practices across the organization, significantly improving security resilience and data protection through advanced encryption solutions.
  • Initiated a robust compliance testing program and developed strategic plans aimed at risk control, fostering a culture of continuous improvement, and aligning security initiatives with business objectives.

Fiserv, Inc.

Oct 2019 - Apr 2021
Senior Manager - Information Security
  • Harmonized Global Operations under PCI DSS, SOC 2, GDPR, ISO 27001, ISO 27017, ISO 27018, and ISO 9001, ensuring alignment with global security standards and successful certification achievements.
  • Crafted and implemented a security monitoring roadmap across On-Premise and Cloud Platforms, including AWS, enhancing organizational security posture and operational efficiency through best practices in cloud security.
  • Directed critical risk assessments and developed incident response protocols, significantly improving the organization's risk management framework and security culture.

Reward360 Global Services Private Limited

Jul 2018 - Oct 2019
Assistant Vice President Security
  • Spearheaded the launch of comprehensive security and compliance initiatives, significantly bolstering the organization's security infrastructure through developing and enforcing tailored policies.
  • Authored and implemented critical Information Security & Technology Policy documentation and led PCI DSS compliance efforts, ensuring organizational adherence to best practices and regulatory standards.
  • Developed and executed a 24/7 security monitoring strategy for the e-commerce platform, managing SIEM systems and WAF to ensure high levels of data protection and rapid incident response

Skilworth Technologies Private Limited

Feb 2016 - Jul 2018
CISO & IT Head
  • Led PCI DSS Security compliance, developing and enforcing a comprehensive security program that elevated the organizational security posture and enhanced data integrity, confidentiality, and availability.
  • Orchestrated a network and telecom infrastructure overhaul across eight locations and championed preemptive risk management initiatives, significantly improving operational efficiency and security readiness.
  • Developed and implemented an Internal Audit and Training Program, fostering a culture of security awareness and compliance while integrating advanced security technologies to optimize IT infrastructure.

Redblacktree Technologies Private Limited

Oct 2010 - Nov 2015
Senior Data Centre Engineer
  • Led comprehensive risk assessments and security event monitoring, significantly enhancing corporate compliance and system defenses.
  • Managed and optimized Windows and SQL Server environments across the USA and India, including successful SQL Server migration and database administration.
  • Directed application security measures, including penetration testing and strategic remediation, improving system security and ensuring HIPAA compliance.
  • Spearheaded the implementation of new technologies and cloud computing initiatives, driving advancements in data center operations and endpoint security management.

Alfie Software Private Limited

May 2009 - Aug 2010
Service Engineer
  • Administered Active Directory and IT infrastructure, enhancing secure access and system reliability.
  • Led SQL server implementation and maintenance, establishing a Subversion Source control system, optimizing backend support and code management.
  • Developed software deployment strategies and managed comprehensive antivirus systems, reinforcing organizational security and technical support.

RMP Infotech Private Limited

Dec 2005 - Apr 2009
Systems Administrator
  • Managed IT infrastructure and security policies across 12 office locations, enhancing data security and system reliability.
  • Led system recovery processes and provided comprehensive technical support, fostering a culture of technical proficiency and proactive learning.

Skills

  • SOC 2
  • PCI DSS
  • HIPAA
  • ISO 27001
  • GDPR
  • Strategic Security Planning
  • Cybersecurity Risk Management
  • Incident Management
  • Cloud Security (AWS)
  • Data Privacy
  • Security Solutions Design
  • Security Auditing