Anandhu Prathap

Information security professional with 3+ years of experience in risk advisory, GRC, and security compliance. Proven ability to design and implement security controls, conduct audits, and assess risks. Expertise in ISO 27001:2013 and other security standards. Seeking a challenging role in a dynamic organization where I can apply my skills and knowledge to enhance information security initiatives.

Consultant - Cyber Strategy, Deloitte Touché Tohmatsu (2022 – 2023)

• Designed and implemented IT and security controls
• Provided advisory services on security, risk, and compliance.
• Conducted internal audits and prepared audit reports.
• Monitored internal and external compliance efforts.
• Performed risk assessments and established standards, policies, and procedures.
• Analyzed business objectives and created action plans.
• Communicated with client leadership, stakeholders, development teams, and technology vendors on information security matters.
• Familiar with GRC tools and platforms
• Assisted clients in developing training manuals, e-learning modules, and other resources to enhance the onboarding process for new hires.

Jr GRC Consultant, Valuementor Infosec Pvt Ltd (2021 – 2022)

• Successfully implemented an Information Security Management System (ISMS) for a client, ensuring alignment with ISO 27001 and ADHICS
• Identified and mitigated IT risks for clients by conducting GAP analysis against industry standards and providing recommendations.
• Helped clients to understand different regulatory privacy requirements and developed processes to ensure compliance.
• Delivered Information Security Awareness Training to clients.
• Provided on-site support to clients during external audits conducted by regulatory bodies.

Information Security Researcher, HackIT Technology and Advisory Services (2020 –2021)

• Conducted IT and business process audits to identify and mitigate business risks.
• Developed, implemented, and maintained ISMS frameworks for clients, including risk assessments, asset management, and incident response plans.
• Detected and rectified vulnerabilities in web applications using penetration testing tools and techniques.
• Acted as an instructor for the Networking Course for naval officers at the Indian Navy, Cochin, Kerala.

MSc Information Security and Digital Forensics (2020)

Karunya Institute of Technology and Sciences Coimbatore

BSc Cyber Forensics (2018)