Niranjan Ganesan

Enterprise Information Security Leader
Bangalore, Karnataka
linkedin.com/in/niranjan-ganesan-In
g_niranjan@icloud.com
+91 73054 77768
Experienced Information Security Professional with 18 years of expertise in cybersecurity, regulatory compliance (SOC 2, PCI DSS, HIPAA, ISO 27001, GDPR, CPRA, and Data Privacy Frameworks), and risk management. Skilled in designing and executing enterprise-wide security strategies, collaborating with executive leadership, and providing board-level insights to safeguard critical assets and strengthen organizational resilience. Proven track record of implementing robust security programs, fostering a proactive risk culture, and continuously enhancing security postures across complex IT environments.

Certifications

  • ISACA Certified Information Systems Auditor (CISA)
  • ISACA Certified Information Security Manager (CISM)
  • ISACA Certified in Risk and Information Systems Control (CRISC)
  • ISACA Certified in the Governance of Enterprise IT (CGEIT)
  • ISACA Certified Data Privacy Solutions Engineer (CDPSE)
  • Certified Information Privacy Technologist (CIPT)
  • Certified Chief Information Security Officer (CCISO)
  • Privacy Engineering Certification
  • Certificate of Cloud Security Knowledge (CCSK)
  • Certificate of Competence in Zero Trust (CCZT)
  • CompTIA Security+
  • CompTIA PenTest+
  • CompTIA Network Vulnerability Assessment Professional
  • AWS Certified Security - Specialty
  • AWS Certified Solutions Architect - Associate
  • Certified ATT&CK Cyber Threat Intelligence
  • Certified ATT&CK Security Operations Center Assessments
  • ISO 42001:2023 Lead Auditor – Artificial Intelligence Management Systems (AIMS)
  • ISO 27001:2013 Lead Auditor - Information Security Management System
  • ISO 27001:2022 Lead Auditor - Information Security Management System
  • Certified Agile Leader 1
  • Certified Agile Leadership for Teams (CAL-T)
  • Certified Agile Leadership for Orgs (CAL-O)
  • Certified Agile Leadership Essentials (CAL-E)
  • Certified GCHQ - Cyber Incident Planning & Response (CIPR)
  • Certified Advanced Cloud Security Auditing (CSA Star)
  • Certified ITIL V4 Foundation - IT Service Management
  • VMware Certified Associate - Data Center Virtualization
  • Redis Security
  • Certified Scrum Master
  • Cyber Supply Chain Management

Work Experience

Senior IT & Cloud Security Manager

Plivo, Inc.

Apr 2021 - Current
  • Orchestrated compliance management across 7+ regulatory frameworks (PCI DSS, SOC 2, ISO 27001, HIPAA, GDPR, CPRA, Data Privacy Framework), reducing compliance audit preparation time by 80% and enhancing adherence by ensuring 100% regulatory alignment.
  • Led the development and enforcement of enterprise-wide security standards, deploying AES-256 encryption and Zero-Trust architecture, which reduced security vulnerabilities by 40%.
  • Established a comprehensive compliance testing framework and devised strategic risk control measures, strengthening regulatory adherence, promoting a culture of continuous security enhancement, and aligning security initiatives with business objectives.

Senior Manager - Information Security

Oct 2019 - Apr 2021
  • Standardized global security operations across 6+ regulatory frameworks (PCI DSS, SOC 2, GDPR, ISO 27001, ISO 27017, ISO 27018, and ISO 9001), reducing compliance gaps and streamlining audits by 50%.
  • Developed and executed a security monitoring roadmap for on-premise and AWS cloud environments, improving threat detection efficiency by 40% and reducing incident response time.
  • Led enterprise-wide risk assessments and designed incident response protocols, reducing security vulnerabilities by 35% and enhancing organizational risk posture.

Assistant Vice President Security

  • Led the deployment of enterprise-wide security and compliance initiatives, strengthening security posture and reducing compliance audit findings by 40%.
  • Developed and enforced critical Information Security & Technology policies, ensuring 100% PCI DSS compliance and improving regulatory alignment.
  • Implemented a 24/7 security monitoring strategy for the e-commerce platform, reducing incident response time by 50% and enhancing threat detection capabilities.

CISO & IT Head

  • Led PCI DSS compliance initiatives and designed a comprehensive security program, increasing data integrity, confidentiality, and availability by 40% through robust encryption and access controls.
  • Revamped network and telecom infrastructure across multiple locations, enhancing system reliability by 50% and strengthening cyber resilience through proactive risk management measures.
  • Designed and launched an internal audit and security training program, training 100+ employees, which boosted compliance adherence by 35% and reduced security incidents.

Senior Data Centre Engineer

  • Conducted enterprise-wide risk assessments and implemented security event monitoring, reducing security incidents by 30% and improving regulatory compliance.
  • Administered and optimized Windows and SQL Server environments across USA and India, achieving 99.9% system uptime and ensuring seamless SQL Server migrations.
  • Led application security initiatives, conducting penetration testing and remediation efforts, which ensured 100% HIPAA compliance and reduced vulnerabilities by 35%.

Service Engineer

  • Managed Active Directory and IT infrastructure, improving system uptime by 99% and enhancing secure access controls.
  • Implemented and maintained SQL Server infrastructure, ensuring seamless database performance, while deploying Subversion for source control, improving version management efficiency.
  • Designed and executed software deployment strategies, while implementing enterprise antivirus solutions, reducing security vulnerabilities by 25%.

Systems Administrator

RMP Infotech Private Limited

Dec 2005 - Apr 2009
  • Administered IT infrastructure and enforced security policies across multiple locations, improving system reliability by 40% and strengthening data protection measures.
  • Developed and executed system recovery strategies, reducing downtime by 30%, while providing technical support and training, enhancing team proficiency in IT operations.

Skills

Technical & Domain Expertise

  • Cybersecurity Strategy & Planning – Develop and implement comprehensive security roadmaps aligned with business objectives.
  • Regulatory Compliance & Auditing – Master frameworks such as SOC 2, PCI DSS, HIPAA, ISO 27001:2022, GDPR, CPRA, and Data Privacy Frameworks.
  • Cloud Security ArchitectureExtensive expertise in AWS security best practices to design and implement secure cloud infrastructures.
  • Incident Response & Crisis Management – Develop, test, and execute effective incident response plans to mitigate risks.
  • Risk Management & Vulnerability Assessment – Identify, assess, and remediate cybersecurity risks across diverse environments.
  • Zero Trust & Advanced Threat Protection – Leverage Zero Trust frameworks for advanced threat detection.
  • Security Automation & Orchestration – Utilize automation tools to enhance threat monitoring and response efficiency.
  • Identity & Access Management (IAM) – Implement robust IAM policies to protect digital assets.
  • DevSecOps Integration – Embed security practices into DevOps processes for continuous compliance.

Executive & Strategic Competencies

  • Executive Leadership – Drive security vision and lead cross-functional teams.
  • Strategic Decision-Making – Align security initiatives with long-term business objectives.
  • Corporate Governance & Compliance – Define security policies, risk frameworks, and compliance standards.
  • Stakeholder Communication – Bridge technical and business language for executives and non-technical teams.
  • Vendor & Stakeholder Management – Establish and manage relationships with security vendors and partners.