Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

SAUMYA KHARE

Sydney,NSW

Summary

IT Risk & Compliance Analyst with strong experience in third-party risk management, security assessments, audits, and regulatory compliance. Skilled at mapping controls to CPS 234, ISO 27001, and NIST CSF, driving vendor due diligence, and fostering a proactive risk culture. Known for delivering end-to-end risk assessments, audit readiness, and effective stakeholder engagement. Adept at bridging business needs with technical security requirements to uplift organisational resilience.

Overview

10
10
years of professional experience
1
1
Certification

Work History

IT Risk & Compliance Analyst

Challenger Group Services
11.2023 - Current
  • Streamlined and formalized Third-Party Risk Management (TPRM) processes within the organization, including vendor onboarding, assessment workflows, risk scoring methodology and reporting structures.
  • Conduct end-to-end third-party security assessments, independently managing vendor due diligence, assessing the adequacy of controls and identifying potential risks.
  • Responsible for preparing and presenting business-aligned risk reports, ensuring residual risks and recommendations were clearly communicated to stakeholders.
  • Map controls across ISO 27001 and NIST CSF to Challenger’s framework, identifying control gaps and recommending improvements. Support control effectiveness testing to ensure assurance.
  • Conduct security assessments of solution designs, collaborating with IT, Legal and Security teams to evaluate controls implemented across SaaS and cloud integration.
  • Support GS007 and CPS 234 audits by preparing artefacts, policies, and control assessments, engaging directly with auditors and external managers.
  • Collaborate on phishing simulation programs, monitoring staff responses, analysing results, and suggesting improvements.
  • Engage with business owners and relationship managers to strengthen accountability under CPS 230, scheduling regular oversight discussions.

Business Analyst

Tata Consultancy Services
07.2021 - 10.2023

IT Resiliency Consultant | Commonwealth Bank of Australia (Client)

  • Facilitated IT risk workshops, developing service continuity strategies and controls aligned to APRA guidelines.
  • Supported BCP/DR testing, conducting risk evaluations, impact analysis, and designing mitigation measures.
  • Managed project delivery within Agile-SCRUM and Kanban environments, using Jira and Confluence.
  • Delivered structured documentation including non-functional requirements and ServiceNow accreditation reports.
  • Gained deep exposure to ISO 27001, SOC reports, ITIL processes, and operational risk frameworks.

Techincal Support Engineer

Fortinet
05.2021 - 07.2021
  • Provided technical troubleshooting for network infrastructure issues across global customers.
  • Analysed configurations, performed packet tracing, and recommended corrective actions.
  • Consultation of technical documentation, bulletins and release notes for known problem.

Network Specialist

HCL Technologies
06.2015 - 11.2019

L3 Network Engineer | CISCO | Bank of America (Client)

  • Delivered L3 network engineering support across Cisco platforms.
  • Managed incident, problem, and change processes using ITIL tools.
  • Performed network troubleshooting, configuration, and escalation management.
  • Responsible for creating change requests (RFCs) and representing them over Change CAB for approval.
  • Configuring and troubleshooting Static, RIP, OSPF, EIGRP, BGP (Basic), Default Route.

Education

Indian Certificate of Secondary Education -

St. Mary’s Convent Inter College

Bachelor of Technology (B. Tech) - Electronics and Electrical Engineering

Uttar Pradesh Technical University
06.2015

Skills

    Risk Analyst

  • Regulatory Compliance: CPS 234, GS007, ISO 27001, NIST CSF
  • Audit Readiness (Internal, External, SOC 2, GS007, CPS 234)
  • Risk Identification, Register Management & Reporting
  • Business Continuity & Disaster Recovery (BCP/DR) Alignment
  • Tools: Archer, ServiceNow, UpGuard, CyberGRX, SecurityScorecard, Qualys, Confluence, Jira, PowerBI
  • Cloud Security & SaaS/PaaS Risk Reviews
  • Security Control Assessment
  • Change / Configuration Management
  • Security Awareness Program
  • Business Analyst

  • Strategic Planning
  • Risk Metrics Assessment
  • Requirement gathering and Data Analysis
  • Agile and SCRUM environments
  • Microsoft SQL, Active Directory
  • Microsoft Office (MS365 - Excel, PowerPoint, Visio, Outlook)
  • ITSM Tools- ServiceNow, BMC Remedy
  • Stakeholder Management
  • Change Management
  • Understanding of deployment and data migration in Cloud
  • Network Analyst

  • Virtual Private Network (VPN)
  • Network Monitoring Tools
  • Network Architecture
  • IT Service Management
  • Networking Routing switching
  • Incident Management
  • Cisco Systems Products

Certification

  • AWS Certified Cloud Practitioner
  • CompTIA Security+ (In Progress)
  • Cisco Certified Network Associate (CCNA)
  • ITIL v3

Timeline

IT Risk & Compliance Analyst

Challenger Group Services
11.2023 - Current

Business Analyst

Tata Consultancy Services
07.2021 - 10.2023

Techincal Support Engineer

Fortinet
05.2021 - 07.2021

Network Specialist

HCL Technologies
06.2015 - 11.2019

Indian Certificate of Secondary Education -

St. Mary’s Convent Inter College

Bachelor of Technology (B. Tech) - Electronics and Electrical Engineering

Uttar Pradesh Technical University
SAUMYA KHARE