Summary
Overview
Work History
Education
Skills
Certification
Standards & Framework
Timeline
KOMAL TALREJA

KOMAL TALREJA

Leeds

Summary

With over 9 years of experience in auditing and consulting, I have established a solid reputation in the financial services, banking, insurance, telecommunications, and IT industries. My expertise includes ISO27001, PCI DSS, BIA, IT Risk Management, Internal Audit, ITGC, and SOX control testing, including Automated Business Control Testing. I possess strong capacity for learning, excellent coordination skills, analytical thinking, focus, discipline, and a deep curiosity for continuous improvement. These qualities set me apart and drive me to consistently deliver results while embracing new challenges.

Overview

9
9
years of professional experience
1
1
Certification

Work History

Technology Chief Controls Office Analyst

Barclays Business Solutions India Pvt. Ltd.
01.2019 - 12.2022
  • Worked as Team Lead under the second line of defense in technology which is responsible not only for providing independent assurance to technology leadership regarding the Design and operating effectiveness of the technology control environment but also managing the end-to-end delivery of the TCT framework
  • 4 Years of core experience as SOX (Sarbanes–Oxley Act) auditor to managing end-to-end audit/testing of ITGC technology controls (Standard Review) and Automated Business Controls including scoping, sampling, process walkthrough, evidence capturing, performing design and Operating effectiveness testing/documentation, testing/audit conclusion, issue reporting if identified, communication to stakeholders
  • Co-leading a team for managing the execution of the control audit, stakeholder management, escalation, reporting of the progress, assignment of work to team members and managing the timeline
  • Ensured effective communication with IT owners and also within the team, typecasting crisp and clear emails, achieved the way of communication with the stakeholders with effectiveness
  • Coordinate with external auditors (ex
  • KPMG, EY and Deloitte) for the reliance controls to achieve efficiency and cost-effectiveness
  • Coordinating calls for queries raised for SOX control testing documentation and evidence capturing
  • Cross-trained new joiners/buddies to keep them at par so that they are in a comfortable state to execute the ABC single-handedly

Senior Consultant

Paladion Networks Consulting
03.2017 - 01.2019
  • Working as team lead for US delivery and responsible for client interaction, smooth project execution, milestone tracking, and clean project sign off
  • Single Point of Contact (SPOC) for all project related queries to customers for duration of project
  • Responsible for interaction with clients to understand client’s requirement & expectations and ensure proper communication to team members
  • Expertise in information security practices such as ISO27001:2013 implementations, Information Security Risk Assessments/Risk Treatment, ISMS Documentation, vendor risk management and recommending security controls
  • Added skill set:
  • O Security assessment and IS Strategy development
  • O PCI DSS v3.2 pre-audit
  • O ISO27001:2005 to ISO27001:2013 migration and certification support
  • O PCI DSS gap assessment and implementation support
  • Hands-on GRC tool that is RisqVU GRC (Implemented various project through RisqVU

Compliance Research Analyst

Qualys Security Tech Services Pvt. Ltd.
04.2015 - 12.2016
  • Designing Technical Security Standards (Hardening Standards) and technology controls for various endpoints such as Operating Systems, Applications etc
  • Based on in-house expertise or consensus guidelines from CIS, NIST etc
  • High-level testing for the above Security Standards/Policies from the auditor’s point of view
  • Conducted Internal ISO20K and ISO27K Audit for various functions and projects internally
  • Analysis and Mapping of IT Controls for Mandates/Standards such as ISO27001/2, HIPAA, PCI-DSS etc
  • Performing Risk Assessments for various operating systems, databases, and Applications
  • Based on the risk assessment configuring Operating Systems, Applications against technology controls
  • Creating a Security Assessment Questionnaire (Checklist) for various Information Security Standards/frameworks such as ISO27001, ADSIC, PCI-DSS, etc
  • Mapping of the standards such as HiTrust to ISO27002:2013, HiTrust to HIPAA, HiTrust to ISO to NIST
  • PCI to NIST

Information Security Analyst

Recon Advisory
06.2014 - 12.2014
  • Diverse experience gained by working for leading telecom operator & Datacenter Service
  • Implementation of ISO27001:2013 and ISO22301:2012
  • Delivered consulting services as a team member across multiple customers within India
  • Career Commenced

Education

Master's Degree - Cyber Security

University of Bradford
01.2024

Master's Degree - Cyber Law and Information Security

National Law Institute of University, Bhopal, Madhya Pradesh
01.2014

Diploma Program - Information Security

APPIN Certified Security Expert
01.2014

Bachelor's Degree - Engineering, Electronics & Communication

RGTU University, Bhopal, Madhya Pradesh
01.2012

Skills

  • Analytical thinking
  • Time management
  • Team collaboration and leadership
  • Decision-making
  • Compliance analysis
  • Risk analysis
  • Audit support
  • Risk mitigation
  • Data integrity assurance
  • Intrusion detection
  • Network threat assessment
  • Intrusion detection and prevention
  • Excellent communication
  • Problem-solving
  • Teamwork and collaboration

Certification

  • Certified Information Systems Auditor (CISA) ISACA
  • Certified Lead Implementer (ISO27001:2013) BCI
  • Certified Payment-Card Industry Security Implementer3.2.1 (CPISI) SISA

Standards & Framework

  • ISO27001:2022 Implementation & Maintenance
  • IRisk Assessment & Risk Treatment
  • ISO27001:2005 to ISO27001:2013 Migration & Certification Support
  • PCI DSS Gap Assessment & Implementation Support
  • Business Impact Analysis
  • Third-Party Vendor Audits
  • AUA/KUA Audits
  • Sarbanes-Oxley Act

Timeline

Technology Chief Controls Office Analyst - Barclays Business Solutions India Pvt. Ltd.
01.2019 - 12.2022
Senior Consultant - Paladion Networks Consulting
03.2017 - 01.2019
Compliance Research Analyst - Qualys Security Tech Services Pvt. Ltd.
04.2015 - 12.2016
Information Security Analyst - Recon Advisory
06.2014 - 12.2014
University of Bradford - Master's Degree, Cyber Security
National Law Institute of University - Master's Degree, Cyber Law and Information Security
APPIN Certified Security Expert - Diploma Program, Information Security
RGTU University - Bachelor's Degree, Engineering, Electronics & Communication
  • Certified Information Systems Auditor (CISA) ISACA
  • Certified Lead Implementer (ISO27001:2013) BCI
  • Certified Payment-Card Industry Security Implementer3.2.1 (CPISI) SISA

Similar Profiles

  • Kamal Bhattarai (Age 34)

    Kamal Bhattarai (Age 34)Kamal Bhattarai (Age 34)

    Admin - IT Collaboration at Koch Business Solutions INDIA Pvt. Ltd.Admin - IT Collaboration at Koch Business Solutions INDIA Pvt. Ltd.

    View Profile
  • Saee Bhalekar

    Saee BhalekarSaee Bhalekar

    Authorized Officer - C&ORC Business Senior Tester at UBS Business Solutions India Pvt LtdAuthorized Officer - C&ORC Business Senior Tester at UBS Business Solutions India Pvt Ltd

    View Profile
  • Monisha Y

    Monisha YMonisha Y

    Account Manager at Konica Minolta Business Solutions India Pvt LtdAccount Manager at Konica Minolta Business Solutions India Pvt Ltd

    View Profile
KOMAL TALREJA