ABOUT

PORTFOLIO

SECUR-TAINMENT

BLOG HANDS-ON PROJECTS

I hold a Master of Science (MSc) in IT Security from Nottingham Trent University, completed in 2024.

With 16 years of professional experience, my expertise spans Governance, Risk, and Compliance (GRC), Software Quality, and Security Assurance.

In addition to my technical background, I also have a Master's in Business Law and a Bachelor's in Engineering, providing a strong foundation in both legal and engineering principles.

To strengthen my practical experience in the UK industry, I completed a one-year placement at HM Land Registry from September 2022 to 2023.

HOME LAB PROJECTS:

I’ve set up personal home labs to explore cybersecurity tools and technologies hands-on. You can find detailed walkthroughs of these projects on my blog: Gouti1454.com, where I enjoy sharing insights and solutions with others.

LOVE FOR CONTINUOUS LEARNING

The joy of learning drives my passion, motivating me to explore my interests further and continuously grow my knowledge.

KNOWLEDGE SHARING

Welcome to Gouti1454.com! This blog is dedicated to sharing my experiences and research across various subjects. Observing that many face common challenges and seek solutions, I established this platform to store and share my insights.

Driven by a profound love for technology, I explore software applications, gadgets, and the expansive world of Android. I am passionate about cybersecurity and want to help people stay safe in the digital world.

TECHNICAL SKILLS

My core strengths include:

Governance, Risk Management, and Compliance (GRC)
Internal/External Auditing
Process Development & Improvement
Vulnerability Assessments & Gap Analysis
Project Management & Mentoring

I work confidently with standards like ISO 9001, ISO 27001, ISO 27002, CMMI, AS9100, and TL9000, and I also have experience in third-party risk assessments, data analysis, and information security management.

PROFESSIONAL EXPERIENCE

ACHIEVEMENTS:

Achieved 100% success rate in governance and compliance certifications through successful implementation and completion of:

CMMI 2.0 (2020), CMMI V1.3 (2017), TL9000 (2018, 2019, 2020, 2021, 2022), ISO 9001:2015 (2017).

AS9100 surveillance audits (2015, 2016), Supplier GOLD standards (5S, RRCA, VSM) (2016).

Launched training programs and led process improvement activities, resulting in successful AS9100 (2011,2012,2013) and CMMI v1.3 Dev (2013) assessments.

PROCESS EXCELLENCE & GOVERNANCE:

Led multi-standard certification achievement:

Spearheaded project teams through external certification processes for CMMI 2.0 multimodal, ISO 9001:2015, TL9000, AS9100, ISO 27001, and Agile models, ensuring compliance and process maturity.

Developed and implemented performance health indicators:

Created and published key performance indicators (KPIs) tracked at various levels (VP, Service Delivery, Delivery Unit, Customer), providing valuable insights for decision-making.

Empowered project teams:

Aided Service Delivery, Delivery, and Project Managers in achieving and maintaining process compliance and improvement through training, guidance, and mentorship.

POLICY CREATION AND DOCUMENTATION:

Developed and improved the Software-Hardware Implementation Forum process, documenting and releasing it in the portal.

Conducted due diligence on the security policies and procedures of suppliers in procurement to identify and mitigate any potential risks.

Analysed procurement suppliers to identify gaps in their information security controls against the ISO 27001:2013 standard, GDPR, Cyber Essentials.

GAP ANALYSIS:

Conducted due diligence on the security policies and procedures of suppliers in procurement to identify and mitigate any potential risks.

Analysed procurement suppliers to identify gaps in their information security controls against the ISO 27001:2013 standard.

Vulnerability Assessment:

Analysed software and hardware requests to assess the likelihood and impact of potential security vulnerabilities.

Reviewed vulnerability assessment and SOC reports from procurement suppliers to ensure their compliance with the organisation's security standards.

ITGC audits:

Conducted comprehensive audits covering Access Controls, Physical and Environmental Controls, Change Management, Backup and Recovery, System Software Controls, Network Security, and Business Continuity and Disaster Recovery across various accounts. Ensured strict adherence to compliance standards and client objectives

Captured risk assessments and ranked them based on the risk index using RAG (Red, Amber, Green) indicators for clear and actionable insights.

Published non-compliance findings from the audits and diligently tracked them until resolution, ensuring continuous improvement and adherence to standards.

Performed detailed asset verification audits to confirm the accuracy and integrity of asset records.

RISK MANAGEMENT & COMPLIANCE:

Established robust risk management:

Implemented project and account-level risk tracking, effectively communicating findings, non-compliance issues, progress reports, and remediation plans to stakeholders.

Managed RAG status reporting:

Utilised RAG (Red, Amber, Green) status to monitor key performance indicators (data collection, customer satisfaction, tool compliance, TL9K data) for data-driven decision-making.

PROCESS IMPROVEMENT & PROJECT MANAGEMENT:

Built and deployed process performance models:

Developed and published regression and logistic models, leveraging data analytics to identify trends and inform proactive process improvements.

Conducted comprehensive gap analyses, aligning company and customer processes for seamless integration and operational efficiency.

Guided project lifecycles:

Facilitated Project Managers through the entire SDLC (kick-off, monitoring, measuring, improvement, closure), utilising templates, checklists, and inspections to ensure quality and adherence to best practices.

Supported quality audits:

Assisted project quality analysts in Data Verification & Validation (DVV) and Configuration Management (CM) audits.

PEOPLE DEVELOPMENT & MENTORSHIP:

Reviewed and facilitated project artefacts:

Reviewed and facilitated project artefacts like Project Management Plans (PMPs), Project Management Workbooks (PMWBs), Requirement Traceability Matrices, Agile Workbooks, Skill Matrices, and PPMWBs, guaranteeing project alignment and success.

Mentored and coached team members:

Mentored and coached both direct and indirect team members, tailoring content based on individual needs and goals.

Supervised team activities:

Supervised team activities, provided feedback, and ensured alignment with KPIs.

DESKTOP INSTALLATION

OS Installation/Upgrades - Software Configurations - Group Policy Configurations

Network Configurations

Printer Firmware/Network Installation - First-Level Troubleshooting and Escalation.
PC Operating Systems, PC Hardware, Device Resources, BIOS/CMOS.

TOPOLOGIES & PROTOCOLS

Security, Resource Sharing, Network Administration, Peer-to-Peer & Client/Server, TCP/IP Networking, Networking Services, Configuration and Troubleshooting.
Wi-Fi Installation, use and testing. Domain Membership & Policies.

PERSONAL HOBBIES

Beyond work, I’ve been committed to bodybuilding for 16 years. I’ve also spent 7 years learning Latin dances, which I truly enjoy.

Photography is another passion — I love capturing nature through my lens. I’m also an adventure enthusiast, going on motorbike/ SUV trips and treks through the Himalayas, often hiking through thick forests with fellow explorers.

****

Search This Blog

Secur-tainment

HOME LAB : HANDS-ON