ABOUT

Successfully completed my Master of Science (MSc) in IT Security at Nottingham Trent University (NTU) in February 2024.

Prior to this, I have overall 16 years of experience in GRC- Software Quality and Security Assurance role.

To further enhance my understanding of the legal landscape, I have a Master's degree in Business Law in addition to holding a Bachelor's degree in Engineering.

To gain more experience and transition into the information security domain, I completed a successful one-year industry placement at HM Land Registry in September 2023. This experience provided valuable insights into implementing security practices within a large organization.

HOME LAB: 

To further explore my interest in cybersecurity, I have established home labs and acquired practical experience. Detailed descriptions of these projects can be found on my personal blog, Gouti1454.com, where I share my knowledge for the benefit of others.

JOY OF CONTINUOUS LEARNING 

The joy of learning fuels my passion, inspiring me to delve deeper into my interests and continually expand my knowledge.

"When the student is Ready the Teacher will appear"

KNOWLEDGE SHARING 

Welcome to gouti1454.com! this blog is dedicated to sharing my experiences and research across various subjects. Observing that many face common challenges and seek solutions, I established this platform to store and share my insights.

Driven by a profound love for technology, I explore software applications, gadgets, and the expansive world of Android. Emphasizing cybersecurity, I strive to ensure individuals remain secure in the digital landscape.

PERSONAL HOBBIES

I have keen interest in learning the desired skills to perform the task both for personal and profession gains, thus here my hobbies

FITNESS: I've been dedicated to bodybuilding for the past 16 years, maintaining a consistent and disciplined approach.

DANCE: I've spent 7 years learning various Latin dance styles.

PHOTOGRAPHY: I'm passionate about capturing life's natural beauty through photography.

ADVENTURE: I enjoy exploring new places on my motorcycle (since 2008) and venturing into the Himalayas by SUV. I'm also an avid hiker, drawn to the beauty of dense vegetation and plant life.

TECHNICAL SKILLs  

• Facilitation |  Internal Auditing | External Auditing 

• Governance | Risk Management | Compliance

• Process Tailoring | Gap analysis | Process Development 

• Vulnerability Assessment | Project Management  | Mentoring

• ISO 9001/ 27001/ 27002 CMMI/ AS9001/ TL9100

• Third Party Risk Quality / InfoSec Management

• Data Analysis | SPC Model building | Training 

PROFESSIONAL EXPERIENCE

PROCESS EXCELLENCE & GOVERNANCE:

• Led multi-standard certification achievement: 
• Spearheaded project teams through external certification processes for CMMI 2.0 multimodal, ISO 9001:2015, TL9000, AS9100, ISO 27001, and Agile models, ensuring compliance and process maturity.

• Developed and implemented performance health indicators: 
• Created and published key performance indicators (KPIs) tracked at various levels (VP, Service Delivery, Delivery Unit, Customer), providing valuable insights for decision-making.

• Empowered project teams: 
• Aided Service Delivery, Delivery, and Project Managers in achieving and maintaining process compliance and improvement through training, guidance, and mentorship.

POLICY CREATION AND DOCUMENTATION: 

• Developed and improved the Software-Hardware Implementation Forum process, documenting and releasing it in the portal. 

GAP ANALYSIS:  

• Conducted due diligence on the security policies and procedures of suppliers in procurement to identify and mitigate any potential risks.

• Analysed procurement suppliers to identify gaps in their information security controls against the ISO 27001:2013 standard.

Vulnerability Assessment: 

• Analysed software and hardware requests to assess the likelihood and impact of potential security vulnerabilities.

• Reviewed vulnerability assessment and SOC reports from procurement suppliers to ensure their compliance with the organisation's security standards.

ITGC audits:

• Conducted comprehensive audits covering Access Controls, Physical and Environmental Controls, Change Management, Backup and Recovery, System Software Controls, Network Security, and Business Continuity and Disaster Recovery across various accounts. Ensured strict adherence to compliance standards and client objectives

• Captured risk assessments and ranked them based on the risk index using RAG (Red, Amber, Green) indicators for clear and actionable insights.

• Published non-compliance findings from the audits and diligently tracked them until resolution, ensuring continuous improvement and adherence to standards.

• Performed detailed asset verification audits to confirm the accuracy and integrity of asset records.

RISK MANAGEMENT & COMPLIANCE:

• Established robust risk management: 
• Implemented project and account-level risk tracking, effectively communicating findings, non-compliance issues, progress reports, and remediation plans to stakeholders.

• Managed RAG status reporting: 
• Utilised RAG (Red, Amber, Green) status to monitor key performance indicators (data collection, customer satisfaction, tool compliance, TL9K data) for data-driven decision-making.

PROCESS IMPROVEMENT & PROJECT MANAGEMENT:

• Built and deployed process performance models: 
• Developed and published regression and logistic models, leveraging data analytics to identify trends and inform proactive process improvements.

• Conducted comprehensive gap analyses, aligning company and customer processes for seamless integration and operational efficiency.

• Guided project lifecycles: 
• Facilitated Project Managers through the entire SDLC (kick-off, monitoring, measuring, improvement, closure), utilising templates, checklists, and inspections to ensure quality and adherence to best practices.

• Supported quality audits: 
• Assisted project quality analysts in Data Verification & Validation (DVV) and Configuration Management (CM) audits.

PEOPLE DEVELOPMENT & MENTORSHIP:

• Reviewed and facilitated project artefacts: 
• Reviewed and facilitated project artefacts like Project Management Plans (PMPs), Project Management Workbooks (PMWBs), Requirement Traceability Matrices, Agile Workbooks, Skill Matrices, and PPMWBs, guaranteeing project alignment and success.

• Mentored and coached team members: 
• Mentored and coached both direct and indirect team members, tailoring content based on individual needs and goals.

• Supervised team activities: 
• Supervised team activities, provided feedback, and ensured alignment with KPIs.

ACHIEVEMENTS:

Achieved 100% success rate in governance and compliance certifications through successful implementation and completion of:

• CMMI 2.0 (2020), CMMI V1.3 (2017), TL9000 (2018, 2019, 2020, 2021, 2022), ISO 9001:2015 (2017).

• AS9100 surveillance audits (2015, 2016), Supplier GOLD standards (5S, RRCA, VSM) (2016).

• Launched training programs and led process improvement activities, resulting in successful AS9100 (2011,2012,2013) and CMMI v1.3 Dev (2013) assessments. 

***********************************************************************************

Top to Bottom Approach