DIGVIJAY SINGH BHANDARI

▪ Performing Project/Site Level Information Security RiskAssessment. ▪ Maintaining/Improving Organizational level Security Risk Register and other ISMS policy/processes. ▪ Providing support in external audits (Account Specific, ISO 27001, SSAE 16 SOC 1/2, PCI DSSetc.) ▪ Providing support in developing Context Based Security Awareness programs and engagement specific Smart SAQ (Security Awareness Quiz) modules. ▪ Taking Security awareness sessions for different accounts ofInfosys. ▪ Providing Consultation to project team on specific securityrequirements. ▪ Engaging Various Internal Team (IT, Facilities, Legal, BCMS and Project etc.) to approve/review nonstandard technology changes in terms of concerned security risks. ▪ Base lining the client MSA obligations & checking the compliance level of various accounts on CTS (Compliance Tracking System) on a monthly basis. ▪ Coordinating with VA/PT team, Incident Management team, Logging and Monitoring team etc. for details regarding security assessments. ▪ Responding to RFI/RFPs and client audit questionnaires on the informationsecurity posture of Infosys. ▪ Review of information security clauses in the agreements between Infosys andClients