t
tanya607301

Tanya

@tanya607301

Cyber Security Consultant

India
English
About me
Cyber security consultant with more than five years of experience and a strong grasp of compliance. Possess expertise in multiple regulatory frameworks, standards, and proven ability to manage all tasks for 9+ projects and multiple clients.... Read more

Skills

t
tanya607301
Tanya
Offline • 
Average response time: 11 hours

See my services

Programming & Tech
I will provide expert grc consulting, risk assessment, and compliance solution
From$50 / projectMore details

Work experience

Deloitte

Assistant Manager

Deloitte • Full-time

Apr 2025 - Present1 yr 1 mo

Performed security architecture review for SaaS based application and in house-application. Experience in assessing and/or designing security controls (Cloud and/or On-Premises), and possess ability to dive into technical details of control implementations (access control, data security, API security, SFTP, Kafka etc.) Executed comprehensive third-party risk assessments for multiple vendors. Conducted security awareness sessions quarterly for new joiners and existing employees.

EY

Consultant

EY • Full-time

Jun 2021 - Apr 20253 yrs 10 mos

Performed Test of Design and Test of Effectiveness for the security controls at multiple clients to ensure relevant risks are mitigated also to confirm validity of self-assessment and the effective operation based on ISO 27001 & NIST CSF. Tested various security controls such as access controls, incident management. Performed IT Integration assessment for various SaaS based applications as part of TPRM (Third Party Security Management) and SDLC (Software Development Lifecycle) by analyzing vendor responses to the ITSG questionnaire and SDLC checklists respectively. Reviewed the architecture diagrams of all the SaaS application and created the same on the IriusRisk SAAP (Threat-Modelling Tool) for the closure of threats. Identified security risks, drafted risk templates and facilitated discussions with the risk teams to evaluate risk value and understand the mitigation steps. Worked on cloud security assessments on AWS. Single handedly conducted IT Audit for various applications in a banking firm. Collaborated, with various stakeholders and performed the assessment as per the IT general controls checklist to find the gaps. Created and reviewed various information security policies and procedures (including cloud security policy, change management, information asset policy etc.). Also, created a cloud migration checklist based on frameworks like CCM for a client. Formulated an API security checklist and conducted Information security assessment. Worked with an offshore client and created a D.O.R.A checklist to assess the organization’s resilience. Helped the team in an internal project to understand various clauses of EU GDPR Bill and DPDP.