ABOUT

HOME DISCLAIMER CONTACT PRIVACY

HOME DISCLAIMER CONTACT PRIVACY

PORTFOLIO

SECUR-TAINMENT

BLOG HANDS-ON PROJECTS

• Essential Websites
• Risk-management
• ISO-27001
• ISO9001-AS9100
• Dashboard
• Secure-Online-Privacy
• Security-audit
• GDPR
• Privacy-settings-for-windows
• Home-Assistant
• Homepage-Docker
• Cyber-Forensics-PC
• Cyber-Forensics-Mobile
• Wireshark
• Network-cloud-security
• Ethical-hacking-notes
• Pentesting-notes-hack-box
• Pentesting-notes_22
• Webpage-design
• Devops-hands-on
• Linux-Kali-hands-on
• Linux-commands
• OllamaAi
• Macbook-pro-ubuntu
• Errors-encountered-on-updating-2012
• PC Troubleshooting
• Building-custom-pc-desktop-for-first
• 2021-UK-student-visa-reference-documents
• Practise-driving-test-route-with-google
• Data-analytics
• Data-Analytics-part-2
• Data-analytics-analytics-part-1
• Data-analytics-practice-examples
• The-Hindu-marriage-act-1955
• The-Indian-easement-act-1882
• The-Transfer-of-property-act-1882
• The-Protection-of-women-from-domestic
• The-Code-of-civil-procedure-1908-cpc
• The-Indian-evidence-act-1872-iea
• The-Code-of-criminal-procedure-1973-crpc
• The-Indian-penal-code-ipc
• Criminal-major-acts
• Disclaimer
• Privacy-policy
• About

About Me

I hold a Master of Science (MSc) in IT Security from Nottingham Trent University (2024). I also hold a Master’s in Business Law and a Bachelor’s degree in Electronics and Communication Engineering.

I have over 17 years of professional experience across Governance, Risk and Compliance (GRC), Software Quality, IT Assurance, and Cybersecurity. My career spans both private sector organisations and the UK public sector, giving me a strong understanding of regulated environments, operational risk, and service reliability.

To strengthen my practical experience within the UK industry, I completed a one-year placement as an IT Security Assurance Officer at HM Land Registry between September 2022 and September 2023. I currently work as a Contract IT Service Engineer with Cerco in the UK, providing frontline desktop and endpoint support.

I am passionate about continuous learning, practical experimentation, and knowledge sharing. This blog, Gouti1454.com, is where I document hands-on projects, troubleshooting experiences, and learning journeys in cybersecurity, operating systems, networking, and home lab environments

HOME LAB PROJECTS:

    I’ve set up personal home labs to explore cybersecurity tools and technologies hands-on. You can find detailed walkthroughs of these projects on my blog: Gouti1454.com, where I enjoy sharing insights and solutions with others.

LOVE FOR CONTINUOUS LEARNING

     The joy of learning drives my passion, motivating me to explore my interests further and continuously grow my knowledge.

KNOWLEDGE SHARING

Welcome to Gouti1454.com! This blog is dedicated to sharing my experiences and research across various subjects. Observing that many faces common challenges and seek solutions, I established this platform to store and share my insights. 

Driven by a profound love for technology, I explore software applications, gadgets, and the expansive world of Android. I am passionate about cybersecurity and want to help people stay safe in the digital world.

TECHNICAL SKILLS

ACHIEVEMENTS:

Achieved 100% success rate in governance and compliance certifications through successful implementation and completion of:

CMMI 2.0 (2020), CMMI V1.3 (2017), TL9000 (2018, 2019, 2020, 2021, 2022), ISO 9001:2015 (2017).

AS9100 surveillance audits (2015, 2016), Supplier GOLD standards (5S, RRCA, VSM) (2016).

Launched training programs and led process improvement activities, resulting in successful AS9100 (2011,2012,2013) and CMMI v1.3 Dev (2013) assessments. 

PROCESS EXCELLENCE & GOVERNANCE:

Led multi-standard certification achievement: 

Spearheaded project teams through external certification processes for CMMI 2.0 multimodal, ISO 9001:2015, TL9000, AS9100, ISO 27001, and Agile models, ensuring compliance and process maturity.

Developed and implemented performance health indicators: 

Created and published key performance indicators (KPIs) tracked at various levels (VP, Service Delivery, Delivery Unit, Customer), providing valuable insights for decision-making.

Empowered project teams: 

Aided Service Delivery, Delivery, and Project Managers in achieving and maintaining process compliance and improvement through training, guidance, and mentorship.

POLICY CREATION AND DOCUMENTATION: 

Developed and improved the Software-Hardware Implementation Forum process, documenting and releasing it in the portal. 

Conducted due diligence on the security policies and procedures of suppliers in procurement to identify and mitigate any potential risks.

Analysed procurement suppliers to identify gaps in their information security controls against the ISO 27001:2013 standard, GDPR, Cyber Essentials.

GAP ANALYSIS:  

Conducted due diligence on the security policies and procedures of suppliers in procurement to identify and mitigate any potential risks.

Analysed procurement suppliers to identify gaps in their information security controls against the ISO 27001:2013 standard.

Vulnerability Assessment: 

Analysed software and hardware requests to assess the likelihood and impact of potential security vulnerabilities.

Reviewed vulnerability assessment and SOC reports from procurement suppliers to ensure their compliance with the organisation's security standards.

ITGC audits:

Conducted comprehensive audits covering Access Controls, Physical and Environmental Controls, Change Management, Backup and Recovery, System Software Controls, Network Security, and Business Continuity and Disaster Recovery across various accounts. Ensured strict adherence to compliance standards and client objectives

Captured risk assessments and ranked them based on the risk index using RAG (Red, Amber, Green) indicators for clear and actionable insights.

Published non-compliance findings from the audits and diligently tracked them until resolution, ensuring continuous improvement and adherence to standards.

Performed detailed asset verification audits to confirm the accuracy and integrity of asset records.

RISK MANAGEMENT & COMPLIANCE:

Established robust risk management: 

Implemented project and account-level risk tracking, effectively communicating findings, non-compliance issues, progress reports, and remediation plans to stakeholders.

Managed RAG status reporting: 

Utilised RAG (Red, Amber, Green) status to monitor key performance indicators (data collection, customer satisfaction, tool compliance, TL9K data) for data-driven decision-making.

PROCESS IMPROVEMENT & PROJECT MANAGEMENT:

Built and deployed process performance models: 

Developed and published regression and logistic models, leveraging data analytics to identify trends and inform proactive process improvements.

Conducted comprehensive gap analyses, aligning company and customer processes for seamless integration and operational efficiency.

Guided project lifecycles: 

Facilitated Project Managers through the entire SDLC (kick-off, monitoring, measuring, improvement, closure), utilising templates, checklists, and inspections to ensure quality and adherence to best practices.

Supported quality audits: 

Assisted project quality analysts in Data Verification & Validation (DVV) and Configuration Management (CM) audits.

PEOPLE DEVELOPMENT & MENTORSHIP:

Reviewed and facilitated project artefacts: 

Reviewed and facilitated project artefacts like Project Management Plans (PMPs), Project Management Workbooks (PMWBs), Requirement Traceability Matrices, Agile Workbooks, Skill Matrices, and PPMWBs, guaranteeing project alignment and success.

Mentored and coached team members: 

Mentored and coached both direct and indirect team members, tailoring content based on individual needs and goals.

Supervised team activities: 

Supervised team activities, provided feedback, and ensured alignment with KPIs.

PROFESSIONAL EXPERIENCE

IT SERVICE ENGINEER | CONTRACT | CERCO, UK | APR 2024 – PRESENT

I provide First line support for desktops, laptops, and peripherals. My work includes installation, configuration, upgrades, and troubleshooting of PCs, Microsoft Windows 10/11, Office 365, Xerox printers, mobile devices, and other peripherals.

Examples of projects I have delivered include:

• Windows 11 PC refresh across Hospitals sites. - Printer refresh at NHS sites.
• EPOS system and Chip & Pin refresh for service offices. - Kiosk desktop refresh at cafe outlets.
• Firewall policy updates and subnet configuration. - Building custom PCs for business needs.
• Hardware upgrades and replacements for desktops and laptops.
• User management in AD (creation/removal, permissions, group policies).

IT Security Assurance Officer | HM LR, UK | Sep 2022 – Sep 2023

I supported the Information Security team by contributing to policy, risk, and supplier assurance activities.

Policy and Process Development:

Improved and documented the Software-Hardware Implementation Forum process and published it to the internal portal for wider adoption.

Risk Assessment and Vulnerability Review:

Assessed hardware and software requests to evaluate potential vulnerabilities and their impact. Reviewed vulnerability and SOC reports from suppliers to ensure alignment with ISO 27001:2013, GDPR, and Cyber Essentials requirements.

Third-Party Risk Management (TPRM):

Performed due diligence on supplier security policies and procedures during procurement to identify gaps and reduce information security risks.

Deputy Manager – Quality | HCL Tech Ltd. | Mar 2015 – Dec 2021

Led enterprise-wide governance and compliance efforts across multiple standards and certifications.

Governance

• Led multi-standard certification achievement: Spearheaded project teams through external certification processes for CMMI 2.0 multimodal, ISO 9001:2015, TL9000, AS9100, ISO 27001, and Agile models, ensuring compliance and process maturity.
• Developed and implemented performance health indicators: Created and published key performance indicators (KPIs) tracked at various levels (VP, Service Delivery, Delivery Unit, Customer), providing valuable insights for decision-making.
• Empowered project teams: Supported Service Delivery, Delivery, and Project Managers in achieving and maintaining process compliance and improvement through coaching, guidance, and resources.

Compliance

• Established robust risk management: Implemented project and account-level risk tracking, effectively communicating findings, non-compliance issues, progress reports, and remediation plans to stakeholders.
• Conducted ITGC audits: Audited IT General Controls (access controls, data change management, disaster recovery) across accounts, ensuring adherence to compliance standards and client objectives.
• Managed RAG status reporting: Utilised RAG (Red, Amber, Green) status to monitor key performance indicators (data collection, customer satisfaction, tool compliance, TL9K data) for data-driven decision-making.

Process Improvement

• Built and deployed process performance models: Developed and published regression and logistic models, leveraging data analytics to identify trends and inform proactive process improvements.
• Performed gap analysis: Conducted comprehensive gap analyses, aligning company and customer processes for seamless integration and operational efficiency.
• Guided project lifecycles: Facilitated Project Managers through the entire SDLC ( kick-off , monitoring, measuring, improvement, closure), utilising templates, checklists, and inspections to ensure quality and adherence to best practices.
• Supported quality audits: Assisted project quality analysts in Data Verification & Validation (DVV) and Configuration Management (CM) audits.

Mentorship

• Reviewed and facilitated project artefacts: Reviewed and facilitated project artefacts like Project Management Plans (PMPs), Project Management Workbooks (PMWBs), Requirement Traceability Matrices, Agile Workbooks, Skill Matrices, and PPMWBs, guaranteeing project alignment and success.
• Mentored and coached team members: Mentored and coached both direct and indirect team members, tailoring content based on individual needs and goals.
• Supervised team activities: Supervised team activities, provided feedback, and ensured alignment with KPIs.

Achievements

• Achieved 100% success rate in governance and compliance certifications through successful implementation and completion of:
• CMMI 2.0 (2020), CMMI V1.3 (2017), TL9000 (2018, 2019, 2020, 2021, 2022), ISO 9001:2015 (2017).
• AS9100 surveillance audits (2015, 2016), Supplier GOLD standards (5S, RRCA, VSM) (2016).
• Launched training programs and led process improvement activities, resulting in successful AS9100 (2011,2012,2013) and CMMI v1.3 Dev (2013) assessments.

Lead SQA | Xchanging Malaysia | Apr 2014 – Dec 2014

I was responsible for process facilitation and compliance checks for the account, supporting the delivery team to meet quality goals.

• My focus was on process optimization using lean principles for the testing team. I created process flow maps, developed standard procedures, and designed templates and checklists tailored to testing activities.
• I conducted awareness workshops for over 200 team members, along with training sessions for team leads and managers to align with updated processes.

Key responsibilities included:

• Performing audits, publishing non-conformances, and tracking them to closure.
• Carrying out gap analysis to identify process improvement areas and supporting implementation.
• Preparing and presenting monthly status reports to senior management, including departmental heads, with insights on process compliance and improvement areas.

Lead Quality | Infosys Ltd | Aug 2010 – Mar 2014

I supported large enterprise accounts like Boeing and Airbus, offering end-to-end quality consulting and compliance support to over 600 team members across delivery locations.

• Key achievements include the successful AS9100 assessment across teams in Chennai, Bangalore, and Pune in Nov 2013, and the CMMI v1.3 Dev appraisal completed in Aug 2013.
• My responsibilities involved conducting audits in areas like Configuration Management (CM) and Delivery Performance (DP), ensuring process adherence, tracking non-conformities, and supporting closure activities. I also consulted on Business Value Articulation (BVA) to highlight process improvements aligned with client goals.
• I was actively involved in Infosys' i-Trim (Lean Six Sigma) initiatives, identifying process improvement opportunities that led to measurable cost savings. I regularly tracked and published project health metrics such as MTR (Metrics Report), MSR (Milestone Report), and risk dashboards, all contributing to DU Scorecard performance.

Some of my ongoing responsibilities included:

• CMMI compliance reviews every 45 days across ~22 active projects.
• Single point of contact (SPOC) for Chennai Delivery Centre’s Tools Group.
• Participated in environmental and cultural initiatives, including Go Green campaigns and Water Day awareness drives.

Trainings Conducted:

• AS9100 (Aerospace Standards)
• CMMI v1.3 Process Overview
• i -Trim (Lean Six Sigma)
• BVA (Business Value Articulation)
• IPM+ (Project Management System)
• SLIM (SLA Prediction Model)
• SPRINT (SQA Tracking Framework)
• Configuration Management Plans
• Infosys Internal Processes
• Excel Macros and Automation
• MU Model (Maintenance Unit Calculation)

Quality Executive | HCL Tech Ltd. | Aug 2007 – Aug 2010

I was responsible for supporting CMMI Level 5 implementation, conducting regular audits and facilitating internal assessments to ensure compliance across multiple projects. My work focused on validating PIID (Practice Implementation Indicator Descriptions), coordinating monthly CMMI audits using standard checklists, and participating in senior management reviews.

• I contributed to ISO 20000 (ITIL) implementation in two projects and supported overall quality compliance efforts across engagements. I helped manage process activities for over 200 members, including scheduling audits, tracking status, publishing reports to senior management, and escalating issues when needed.
• I onboarded new projects into the quality cycle, participated in project kick-off and closure meetings, and ensured best practices were documented. I briefed first-time managers on required process steps, delivered training on customer-specific and internal processes (PMLite, N2N, PM-Smart), and continuously improved internal process documentation.

Some key contributions:

• Owned and updated PMLite internal process documentation based on business needs.
• Designed templates: PQA work plan, audit checklists, master audit database, SMRs, and MOMs.
• Conducted regular audits, configuration audits, and data verification checks.
• Trained and mentored 3 junior resources as quality facilitators.
• Reviewed process documents and engineering templates with project teams.
• Supported final inspection readiness checks and phase-end reviews.
• Delivered monthly presentations to senior management and clients on project compliance.

Trainings Attended:

• FP and FP NESMA Estimation techniques
• NEM (New Engagement Model) Estimation techniques
• Trained on CMMi v 1.2 which was provided by KPMG lead appraiser.
• Internally trained on ISO 2000 & ISO 9001:2000
• Trained on Six Sigma Yellow belt.
• Trained on Statistical Process Control tools and Process Performance Model.
• Trainings Conducted:
• CMMI v1.2 overview for project teams
• PM Lite, PM Smart, MPP tools
• Internal QMS and Process/Product Quality Assurance
• Customer QMS process walkthroughs

Tools & Certifications:

• PM Smart (Project Management) – Expert
• Microsoft Project Plan – Expert
• Serena Version Control, Visual SourceSafe – Familiar
• Internally certified on HPMP (Risk Management and QPM)
• Technical Exposure:
• Basic AS400/RPG (internal training – coding, screen design)
• Completed Java, C, and C++ from NIIT