Guru Prasad Patnaik

Zeotap GmbH operates a data platform that makes deterministic data assets accessible to the digital advertising market and other industries for decision making. From an ocean of data, zeotap extracts and refines only the most valuable: Achieving better results through precision at scale and intelligent technology. The company was founded 1in 2014 and is based in Berlin, Germany with additional offices in New York, New York; and Bengaluru, India. It also has operations in Madrid, Spain; and Milan, Italy  Plan, develop and manage information security program for Zeotap’s Internal & shared services. Includes all aspects of InfoSec – SOC (SIEM), Vulnerability Management (Network & Application), AppSec & GRC.  Direct/manage team of 3 information security professionals. Coordinate security management across corporate IT (Infra & Engineering), Security & Business Units (BU’s).  Designed, implemented & led information risk management framework. Designed risk scorecard for graphical visualization of risk portfolio for quarterly briefings to the risk management council.  Strategically directed resources to execute operational tasks to deploy updated security controls, new tools & decrease active vulnerabilities  Partnered with business owners to implement security controls and processes in accordance with the Security and Regulatory requirements (ISO 27001, GDPR, CSA Star etc.)  Implemented security awareness programs and instituted compliance metrics to decrease enterprise risks.  Optimized change management resulting in reduction in outages, increased customer confidence & faster solutions delivery  Implemented the GDPR requirements wrt InfoSec and Privacy components.  Enterprise wide penetration tests and reviews conducted on various components to identify security loopholes & subsequently addressed with appropriate controls

ger [InfoSec & BCP] Apr’12 – Dec’16 Altisource is a leader in providing services and technology for the mortgage and real estate industries. With innovation as a guiding principle and a focus on compliance and exceptional service, we provide end-to-end solutions in origination and servicing, and offer online real estate platforms for consumers and investors.  Responsible for InfoSec GRC (Governance, Risk & Compliance including Risk Assessments & Risk Treatment plans) program for Altisource’s Internal & shared services activities at, India, US and Philippines locations.  Lead a team of 10 information security & business continuity professionals with authority for information risk management, Information security audit & compliance, incident response. Coordinate security management across corporate IT, Security & Business Units (BU’s).  Conduct Audit with reference to – ISO 27001 standard requirements, IT General Controls, Access Controls  Designed, implemented & led information risk management framework & risk scorecard for graphical visualization of risk portfolio for quarterly briefings to first-ever risk management council.  Define security audit roadmap/strategy addressing risks enterprise-wide, Responsible for creating Proposals, responding to RFP/RFI’s for prospective clients  Govern the Business Continuity framework & related activities globally, develop a formal information security & risk management career path in liaison with HR  Designed, evangelized & implemented InfoSec Policies & Procedures (PnP’s). Increased agility by allowing BU to select the methods to achieve agreed upon control objectives. Decreased the number of security exception requests & incidents.  Improved processes by designing and publishing a unified InfoSec compliance calendar and framework.  Define and implement the recovery options based on the business and client requirements.  Responsible for Training activities with respect to InfoSec/ISMS. This would include conceiving, designing, planning and conducting training and awareness sessions among the employees of the company.  Implemented ISO 27001, HIPAA & PCI at Altisource (India, US and Philippines Locations)

Aujas is a global IT risk management company with a presence in United States, South Asia and the Middle East. Aujas offers IRM services which span strategy and advisory, control integration & sustenance and optimisation  Information Security Management System (ISMS) implementation for a leading Housing Loan provider Company, GAP Assessment, defined the Risk Assessment Methodology, Policy, Procedure & Guideline creation; Creation of Matrices for effectiveness, User awareness training conducted with respect to ISO 27001:2005, External Audit preparedness  Policy & Process creation and implementation for a Data Analytics company, reviewed the IT and IS requirements of the firm, created the relevant Policies and Procedures, suggested strategies for securing the critical information of the firm, assisted in implementation of the agreed controls  Business Continuity Management System implementation for a Co-operative bank, Conducted GAP Assessment of the current status, suggested strategies for the BCMS implementation, Created BCP and DR Plans for the bank, Conducted Trainings on the BCP and DR, Conducted BCP/DR Simulation tests.  Data Leak Prevention consulting for a financial house in Mumbai and Bangalore. As a part of the engagement my work was to identify critical information and data flow. Critical documents were identified by understanding business process (Process Flow Analysis) through discussion with Business Head. All such identified documents analyzed and policies were designed for the DLP tool to protect the documents.  Performed PCI DSS Readiness and ISMS implementation for a company in the niche space of mobile portal and application development. The company has its infrastructure hosted in Amazon Cloud computing environment making the implementation an excellent learning opportunity.  Audits conducted with reference to the following – ISO 27001 standard requirements, IT General Controls, Database Audits, Access Controls  Performed Vendor Security assessments for a major health insurance company based out of Mumbai.  Participated in Presales for National/International Market (India, US and Middle East). The responsibilities included, assisting the partners and sales team in providing required inputs for proposal development in the GRC/BCP domain. To ensure all presentation, proposals, effort sheets, etc. are up to date and shared with relevant stakeholders. Understand client requirement and provide required clarification on proposal discussion