ABOUT

HOME DISCLAIMER CONTACT PRIVACY

HOME DISCLAIMER CONTACT PRIVACY

PORTFOLIO

SECUR-TAINMENT

BLOG HANDS-ON PROJECTS

ABOUT

I graduated with a Master of Science (MSc) in IT Security from Nottingham Trent University in 2024.

Prior to this, I have overall 16 years of experience in GRC (Governance, Risk, and Compliance), Software Quality, and Security Assurance roles.

To further enhance my understanding of the legal landscape, I hold a Master's degree in Business Law in addition to a Bachelor's degree in Engineering. 

To gain practical experience, I successfully completed a one-year industry placement at HM Land Registry in September 2023.

Home Lab Projects:

To further explore my interest in cybersecurity, I have established home labs and acquired practical experience. Detailed descriptions of these projects can be found on my personal blog, Gouti1454.com, where I share my knowledge for the benefit of others.

JOY OF CONTINUOUS LEARNING 

The joy of learning fuels my passion, inspiring me to delve deeper into my interests and continually expand my knowledge.

"When the student is Ready the Teacher will appear"

KNOWLEDGE SHARING

Welcome to Gouti1454.com! This blog is dedicated to sharing my experiences and research across various subjects. Observing that many face common challenges and seek solutions, I established this platform to store and share my insights. 

Driven by a profound love for technology, I explore software applications, gadgets, and the expansive world of Android. I am passionate about cybersecurity and want to help people stay safe in the digital world.

PERSONAL HOBBIES

Outside of my professional work, I have a variety of personal hobbies. I've been seriously dedicated to bodybuilding for the past 16 years, maintaining a consistent fitness routine. I've also spent 7 years learning different Latin dance styles, which I really enjoy. 

Photography is another passion of mine, as I love capturing the beauty of nature. I'm an avid motorcyclist and have been bike trips. I also like to go on adventures, exploring the Himalayas in my SUV and going on hikes through lush, dense vegetation, with like minded people.

TECHNICAL SKILLS

My technical skillset includes proficiency in areas such as Facilitation, Internal Auditing, External Auditing, Governance, Risk Management, Compliance, Process Tailoring, Gap Analysis, Process Development, Vulnerability Assessment, Project Management, and Mentoring. 

I'm well-versed in standards such as ISO 9001, ISO 27001, ISO 27002, CMMI, AS9001, and TL9100. Additionally, I have experience in Third-Party Risk Quality, Information Security Management, Data Analysis, SPC Model Building, and Training.

PROFESSIONAL EXPERIENCE

PROCESS EXCELLENCE & GOVERNANCE:

• Led multi-standard certification achievement: 
• Spearheaded project teams through external certification processes for CMMI 2.0 multimodal, ISO 9001:2015, TL9000, AS9100, ISO 27001, and Agile models, ensuring compliance and process maturity.

• Developed and implemented performance health indicators: 
• Created and published key performance indicators (KPIs) tracked at various levels (VP, Service Delivery, Delivery Unit, Customer), providing valuable insights for decision-making.

• Empowered project teams: 
• Aided Service Delivery, Delivery, and Project Managers in achieving and maintaining process compliance and improvement through training, guidance, and mentorship.

POLICY CREATION AND DOCUMENTATION: 

• Developed and improved the Software-Hardware Implementation Forum process, documenting and releasing it in the portal. 

GAP ANALYSIS:  

• Conducted due diligence on the security policies and procedures of suppliers in procurement to identify and mitigate any potential risks.

• Analysed procurement suppliers to identify gaps in their information security controls against the ISO 27001:2013 standard.

Vulnerability Assessment: 

• Analysed software and hardware requests to assess the likelihood and impact of potential security vulnerabilities.

• Reviewed vulnerability assessment and SOC reports from procurement suppliers to ensure their compliance with the organisation's security standards.

ITGC audits:

• Conducted comprehensive audits covering Access Controls, Physical and Environmental Controls, Change Management, Backup and Recovery, System Software Controls, Network Security, and Business Continuity and Disaster Recovery across various accounts. Ensured strict adherence to compliance standards and client objectives

• Captured risk assessments and ranked them based on the risk index using RAG (Red, Amber, Green) indicators for clear and actionable insights.

• Published non-compliance findings from the audits and diligently tracked them until resolution, ensuring continuous improvement and adherence to standards.

• Performed detailed asset verification audits to confirm the accuracy and integrity of asset records.

RISK MANAGEMENT & COMPLIANCE:

• Established robust risk management: 
• Implemented project and account-level risk tracking, effectively communicating findings, non-compliance issues, progress reports, and remediation plans to stakeholders.

• Managed RAG status reporting: 
• Utilised RAG (Red, Amber, Green) status to monitor key performance indicators (data collection, customer satisfaction, tool compliance, TL9K data) for data-driven decision-making.

PROCESS IMPROVEMENT & PROJECT MANAGEMENT:

• Built and deployed process performance models: 
• Developed and published regression and logistic models, leveraging data analytics to identify trends and inform proactive process improvements.

• Conducted comprehensive gap analyses, aligning company and customer processes for seamless integration and operational efficiency.

• Guided project lifecycles: 
• Facilitated Project Managers through the entire SDLC (kick-off, monitoring, measuring, improvement, closure), utilising templates, checklists, and inspections to ensure quality and adherence to best practices.

• Supported quality audits: 
• Assisted project quality analysts in Data Verification & Validation (DVV) and Configuration Management (CM) audits.

PEOPLE DEVELOPMENT & MENTORSHIP:

• Reviewed and facilitated project artefacts: 
• Reviewed and facilitated project artefacts like Project Management Plans (PMPs), Project Management Workbooks (PMWBs), Requirement Traceability Matrices, Agile Workbooks, Skill Matrices, and PPMWBs, guaranteeing project alignment and success.

• Mentored and coached team members: 
• Mentored and coached both direct and indirect team members, tailoring content based on individual needs and goals.

• Supervised team activities: 
• Supervised team activities, provided feedback, and ensured alignment with KPIs.

ACHIEVEMENTS:

Achieved 100% success rate in governance and compliance certifications through successful implementation and completion of:

• CMMI 2.0 (2020), CMMI V1.3 (2017), TL9000 (2018, 2019, 2020, 2021, 2022), ISO 9001:2015 (2017).

• AS9100 surveillance audits (2015, 2016), Supplier GOLD standards (5S, RRCA, VSM) (2016).

• Launched training programs and led process improvement activities, resulting in successful AS9100 (2011,2012,2013) and CMMI v1.3 Dev (2013) assessments. 

***********************************************************************************

Top to Bottom Approach