Enquiry
Back

Sooraj Nair

Adjunct Faculty – GRMI

Delivers “Applied Cyber Security”

21+ years of experience in risk management, information security, Data Privacy, compliance management, controls transformation, process consulting, Business Process Improvement, internal audit and managing large programs. Partnered with CXOs in developing risk management strategy, business process transformation plans and large implementations while managing customer expectations. Industry expertise in IT/ITES, Health Care, Manufacturing and Banking. Familiarity while working in multi cultural environments and a variety of geographies including the US, Europe, LATAM and India.

  • GDPR Certified Expert Practitioner, 2023
  • CDPSE – Certified Data Privacy Solutions Engineer, 2021
  • CISA; Information Systems Audit and Control Association, 2012
  • MBA – Finance, Sardar Patel University, India, 2002
  • BE – Mechanical, Bangalore University, India, 1999
  • Cyber Risk and Cyber Security
  • Director, Ernst and Young LLP., India, Sep 2023-Present
  • Director, Genpact Enterprise Risk Consulting LLP., India, Feb 2021-Sep 2023
  • Senior Manager, Ernst and Young LLP., India, Jan 2013-Jan 2021
  • Program Manager, Tata Consultancy Services Ltd (TCS), India, Aug 2004-Jan 2013
  • Officer, Housing Development Finance Corporation Ltd (HDFC), India, Sep 2002-Jul 2004
  • Led the IT Risk and Controls agenda for a global consulting firm for cyber security / cloud security, ERP controls and SOD
  • Internal controls CoE leader for $ 30b global confectionary manufacturer across SOx, IT SOx, automation, controls digitalisation, GRC access / process controls and audits
  • Engagement lead for cyber, tech risk and application security teams supporting a global financial services major and a pharmaceutical major
  • Designed and implemented the global Enterprise Risk Management framework for IT/ITES, CPG, and manufacturing clients. Partnered with CXOs and function heads to identify Risks That Matter and device risk mitigation plans and implementation roadmaps. Key risks addressed include industry, geo political, supply chain, third party, financial and operational risks.
  • Led the team designing the delivery risk prioritisation and reporting framework for the Delivery Excellence team at a USD 17b IT services company. Partnered with operations, delivery excellence and sales / marketing heads to define risk criteria, assessment processes, risk scoring methodology, escalation mechanisms, client communication protocols and design tool capabilities
  • Led teams driving controls transformation and continuous controls monitoring for one of India’s largest diversified conglomerates in the manufacturing and FMCG space. This included redefining functional strategies, risk oversight mechanisms, benchmarking, designing IT modules and driving key reengineering projects on claims management, predictive delivery, collection automation, freight process automation / optimization, payroll automation, book close cycle time reduction, RPA adoption and risk analytics
  • Led teams that executed the Data Privacy audit for a leading IT/ITES service provider with revenues of USD 12b. Focus areas included Data Subject Rights, employee data processing, privacy impact assessments, data inventory and data / access minimization
  • Led the team executing the internal audit function for a leading IT/ITES services provider and subsidiaries with revenues of USD 9b. Key reviews included billing, revenue recognition, payroll, subcontracting, IFC and SOX. Drove process maturity analysis and industry benchmarking
  • Led the internal audit team serving India’s largest NGO supporting the India government’s mid-day meal program across 50+ branches. Helped transform the internal audit function and improve production, quality, compliance, IT, finance, and HR functions
  • Led the facilities management review and improvement engagement across 33 facilities and 8 locations for a global IT and professional services company. Scope included identifying control gaps, regulatory non compliances, leakages, quality issues, inefficiencies and cost saving opportunities
  • Led the team delivering an application control and integration review for a major professional services provider. Helper implement information security controls around data management. Key areas covered during the engagement include controls around remote access to data through VPN / VDI, token management and multifactor authentication, access provisioning and management and DLP
  • Led the process maturity analysis and benchmarking engagement for a $ 500M (mid-tier) information technology company. Successfully rolled out three- year road maps, process documentation and related governance processes for Procure to Pay (P2P), revenue management, Accounts Receivable (AR) and payroll processes in consultation with the CFO and the Audit Committee
  • Led security incident management, threat analysis, IT General controls, information security, BCP/DR, application controls, data integration and data privacy reviews at several IT clients. Experience leading teams setting up large ODCs and IT infrastructure
  • Defined global standard processes for the O2C, P2P, FP&A towers on SAP for 20 countries. Ideated standard operating rhythm, reporting and governance structures for billing, credit and collections management. Key achievements included 80% reduction in process maps for P2P, 72% reduction in reports generated for FP&A and 49% reduction in overall unbilled revenues
  • Process consultant in the business transformation and portfolio analysis exercise for a leading bank in the US. Impacted 9 Lines of Business. Identified savings opportunities of $ 23m annually
  • Account Manager responsible for growing a $ 1.6m (annual) strategic KPO/BPO relationship. Identified opportunities, drove process improvement, offshoring and revenue generation initiatives, and lead knowledge transitions. End to end responsibility from RFP to Business as Usual
  • Sales Lead and Lead Business Analyst in a Due Diligence program covering syndicated, tracking and proprietary research, information services, sampling services and graphic programming for the leading market research firm in the automobile industry in USA
  • Operations Manager for the Factoring Services arm of a leading UK bank. Managed 120+ FTEs across 11 process and IT teams. Achieved 23% reduction in FTEs through process improvement in 18 months
  • Lean Six Sigma Black belt, functional consultant and program Manager on the Global Finance Transformation program for the premier market research company in the world. Led the global roll out of a standard Revenue Forecasting process and managed the transition to a newly set up Revenue Forecasting Center of Excellence (CoE). Designed and helped implement an SAP integrated Sales Forecasting Tool on SharePoint across 48 countries. Created content and trained 1000+ employees.
  • • Process and controls design experience on SAP, MS Dynamics, Oracle and bespoke tool design