Divyesh Jadhav
About Candidate
Certified ISO 27001:2013 lead auditor with extensive experience in Information Security, specializing in Third-Party Risk Management, Cloud Security, Governance, Risk and Compliance. Skilled in assessing audit findings, identifying control weaknesses, and developing management action plans. Knowledgeable about industry frameworks such as ISO standards, NIST, PCI DSS, HITRUST and SOC 1 and SOC 2 Reports. Experienced in project management in IT Risk, Compliance, and review of SaaS application architecture. Proven track record of delivering work on time in accordance with audit methodology and agreed quality standards. Knowledgeable in API security, Data Privacy/GDPR compliance.
Education
Work & Experience
Led and performed system security audits adhering to IS0 27001:2013 requirements · Worked on the review of various security domains from ISO 27001:2013 for clients from IT, BFSI, Insurance, etc. · Project management including resource allocation, work plan definition, report review and finalization · Handled third party risk management project for one of the clients from telecommunications sector by conducting assessments, documenting reports covering the issue description, remediation plan, and retesting the controls · Responsible for ensuring the end-to-end execution of the information security audit for the clients as per IRDAI · Drafted the final report of key findings to define the risk matrix for the audit
