I hold a Master of Science (MSc) in IT Security from Nottingham Trent University, completed in 2024.
With 16 years of professional experience, my expertise spans Governance, Risk, and Compliance (GRC), Software Quality, and Security Assurance.
In addition to my technical background, I also have a Master's in Business Law and a Bachelor's in Engineering, providing a strong foundation in both legal and engineering principles.
To strengthen my practical experience in the UK industry, I completed a one-year placement at HM Land Registry from September 2022 to 2023.
I’ve set up personal home labs to explore cybersecurity tools and technologies hands-on. You can find detailed walkthroughs of these projects on my blog: Gouti1454.com, where I enjoy sharing insights and solutions with others.
LOVE FOR CONTINUOUS LEARNING
The joy of learning drives my passion, motivating me to explore my interests further and continuously grow my knowledge.
KNOWLEDGE SHARING
Welcome to Gouti1454.com! This blog is dedicated to sharing my experiences and research across various subjects. Observing that many face common challenges and seek solutions, I established this platform to store and share my insights.
Driven by a profound love for technology, I explore software applications, gadgets, and the expansive world of Android. I am passionate about cybersecurity and want to help people stay safe in the digital world.
TECHNICAL SKILLS
My core strengths include:
- Governance, Risk Management, and Compliance (GRC)
- Internal/External Auditing
- Process Development & Improvement
- Vulnerability Assessments & Gap Analysis
- Project Management & Mentoring
I work confidently with standards like ISO 9001, ISO 27001, ISO 27002, CMMI, AS9100, and TL9000, and I also have experience in third-party risk assessments, data analysis, and information security management.
PROFESSIONAL EXPERIENCE
ACHIEVEMENTS:
Achieved 100% success rate in governance and compliance certifications through successful implementation and completion of:
- CMMI 2.0 (2020), CMMI V1.3 (2017), TL9000 (2018, 2019, 2020, 2021, 2022), ISO 9001:2015 (2017).
- AS9100 surveillance audits (2015, 2016), Supplier GOLD standards (5S, RRCA, VSM) (2016).
- Launched training programs and led process improvement activities, resulting in successful AS9100 (2011,2012,2013) and CMMI v1.3 Dev (2013) assessments.
PROCESS EXCELLENCE & GOVERNANCE:
-
Led multi-standard certification achievement:
-
Spearheaded project teams through external certification
processes for CMMI 2.0 multimodal, ISO 9001:2015, TL9000,
AS9100, ISO 27001, and Agile models, ensuring compliance and
process maturity.
-
Developed and implemented performance health
indicators:
-
Created and published key performance indicators (KPIs) tracked
at various levels (VP, Service Delivery, Delivery Unit,
Customer), providing valuable insights for
decision-making.
-
Empowered project teams:
-
Aided Service Delivery, Delivery, and Project Managers in
achieving and maintaining process compliance and improvement
through training, guidance, and mentorship.
POLICY CREATION AND DOCUMENTATION:
- Developed and improved the Software-Hardware Implementation Forum process, documenting and releasing it in the portal.
- Conducted due diligence on the security policies and procedures of suppliers in procurement to identify and mitigate any potential risks.
- Analysed procurement suppliers to identify gaps in their information security controls against the ISO 27001:2013 standard, GDPR, Cyber Essentials.
GAP ANALYSIS:
-
Conducted due diligence on the security policies and procedures
of suppliers in procurement to identify and mitigate any potential
risks.
-
Analysed procurement suppliers to identify gaps in their
information security controls against the ISO 27001:2013
standard.
Vulnerability Assessment:
-
Analysed software and hardware requests to assess the likelihood
and impact of potential security vulnerabilities.
-
Reviewed vulnerability assessment and SOC reports from
procurement suppliers to ensure their compliance with the
organisation's security standards.
ITGC audits:
-
Conducted comprehensive audits covering Access Controls,
Physical and Environmental Controls, Change Management, Backup
and Recovery, System Software Controls, Network Security, and
Business Continuity and Disaster Recovery across various
accounts. Ensured strict adherence to compliance standards and
client objectives
-
Captured risk assessments and ranked them based on the risk
index using RAG (Red, Amber, Green) indicators for clear and
actionable insights.
-
Published non-compliance findings from the audits and
diligently tracked them until resolution, ensuring continuous
improvement and adherence to standards.
-
Performed detailed asset verification audits to confirm the
accuracy and integrity of asset records.
RISK MANAGEMENT & COMPLIANCE:
-
Established robust risk management:
-
Implemented project and account-level risk tracking,
effectively communicating findings, non-compliance issues,
progress reports, and remediation plans to stakeholders.
-
Managed RAG status reporting:
-
Utilised RAG (Red, Amber, Green) status to monitor key
performance indicators (data collection, customer
satisfaction, tool compliance, TL9K data) for data-driven
decision-making.
PROCESS IMPROVEMENT & PROJECT MANAGEMENT:
-
Built and deployed process performance models:
-
Developed and published regression and logistic models,
leveraging data analytics to identify trends and inform
proactive process improvements.
-
Conducted comprehensive gap analyses, aligning company and
customer processes for seamless integration and operational
efficiency.
-
Guided project lifecycles:
-
Facilitated Project Managers through the entire SDLC
(kick-off, monitoring, measuring, improvement, closure),
utilising templates, checklists, and inspections to ensure
quality and adherence to best practices.
-
Supported quality audits:
-
Assisted project quality analysts in Data Verification &
Validation (DVV) and Configuration Management (CM)
audits.
PEOPLE DEVELOPMENT & MENTORSHIP:
-
Reviewed and facilitated project artefacts:
-
Reviewed and facilitated project artefacts like Project
Management Plans (PMPs), Project Management Workbooks (PMWBs),
Requirement Traceability Matrices, Agile Workbooks, Skill
Matrices, and PPMWBs, guaranteeing project alignment and
success.
-
Mentored and coached team members:
-
Mentored and coached both direct and indirect team members,
tailoring content based on individual needs and goals.
-
Supervised team activities:
-
Supervised team activities, provided feedback, and ensured
alignment with KPIs.
DESKTOP INSTALLATION
- OS Installation/Upgrades - Software Configurations - Group Policy Configurations
Network Configurations
- Printer Firmware/Network Installation - First-Level Troubleshooting and Escalation.
- PC Operating Systems, PC Hardware, Device Resources, BIOS/CMOS.
TOPOLOGIES & PROTOCOLS
- Security, Resource Sharing, Network Administration, Peer-to-Peer & Client/Server, TCP/IP Networking, Networking Services, Configuration and Troubleshooting.
- Wi-Fi Installation, use and testing. Domain Membership & Policies.
PERSONAL HOBBIES
Beyond work, I’ve been committed to bodybuilding for 16 years. I’ve also spent 7 years learning Latin dances, which I truly enjoy.
Photography is another passion — I love capturing nature through my lens. I’m also an adventure enthusiast, going on motorbike/ SUV trips and treks through the Himalayas, often hiking through thick forests with fellow explorers.
****
Comments
Post a Comment