DATTATRAY PHATNAIK (1)

• Briefed executive board on Current cyber landscape, Compliance and Regulatory updates, Security investments and Emerging technologies etc. • Oversaw Security governance, Enterprise-level information security architecture, Developed and executed a comprehensive information security strategy aligning with business objectives and regulatory requirements. • Developed and implemented comprehensive cybersecurity policies and procedures to safeguard sensitive information and critical assets. • Led the development and execution of comprehensive GRC frameworks across the enterprise, improving processes for identifying and managing risks. • Developed and implemented GRC policies and procedures to align with government regulations. • Managed IT/OT Security Projects from conception to completion, including solution POCs and evaluations. • Offered guidance on compliance issues and proposed corrective actions to senior management. • Created and delivered training programs on GRC best practices for employees company-wide. • Led the organization's response to cybersecurity incidents, reducing breach impact with subsequent. Business Impact Analysis. • Ensured activities like Red teaming exercise, Security Drills, Regular audits, BCP Testing, log review and analysis, VAPT, Web Application Security, SOC escalation reviews etc. were carried out regularly. • Managed information security risks and implemented information security projects and programs. Expertise in identifying and mitigating privacy risks associated with data processing activities. • Improved organization's GDPR compliance, advising on data protection matters, and acting as a contact point for data subjects and supervisory authorities. • Expertise in data anonymization and pseudonymization techniques, Proficiency in using data protection compliance tools and technologies (data discovery tools, consent management platforms, data encryption tools). • Led the implementation of a GDPR compliance program for a multinational company, resulting in a 20% reduction in data subject complaints. • Implemented and maintained the data protection compliance programs within the organization with strong understanding of data subject rights and to operationalize. • Conducted data Privacy Impact Assessments (PIAs) and developed mitigation strategies Also, conducted a PIA for a new product launch, identifying and mitigating potential data privacy risks. • Directed the implementation and testing of business continuity plans to maintain compliance with security policies; achieved a 40% decrease in cybersecurity incidents through risk mitigation measures and adherence to industry standards. • Led the seamless integration of advanced technologies to enhance security across cloud and on- prem infrastructure; resulted in a 50% reduction in security vulnerabilities and safeguarded sensitive data. • Managed a team of information security professionals, fostering a culture of continuous learning and development. • Legal and Regulatory Liaison- Serving as a point of contact for regulatory authorities and supervisory bodies on matters related to data protection compliance. • Collaborated with stakeholders to ensure compliance with GDPR, CCPA, ISO 27001, SOC, HIPAA, PCIDSS and other relevant regulations.