About Himanshu
If you are a startup, fintech or growing business that needs enterprise-grade security without hiring a full-time CISO, you are my ideal client. I design and implement practical, audit-ready security so you can win customers, satisfy regulators and reassure investors while staying fast and lean.
I bring 19+ years of progressive experience in Information & Cyber Security, IT Risk, Audit, Compliance and Governance across Government, Banking, Finance, IT and FinTech in India, UAE and Europe.
I am CISSP® & CISA® certified, currently operating at de-facto deputy CISO, and have led ISO 27001/22301, SOC 2 / ISAE 3402, ITGC and cyber-risk programs for regulated organizations.
Typical projects and deliverables I handle:
- Fractional / Virtual CISO support for startups and FinTech's
- ISO 27001 and SOC 2 readiness (gap assessment, roadmap, policies and evidence pack)
- Security policies, standards, procedures and awareness content tailored to your culture
- IT and cyber risk assessments, risk register and treatment plans
- Vendor / third-party security due diligence for SaaS and cloud providers
- IAM, PAM and DLP governance (roles, workflows, access reviews, data-protection controls)
- Business Continuity & IT Disaster Recovery planning and tabletop drills
What makes me different:
- Blend of strategic board-level advisory and detailed hands-on execution
- Deep experience dealing with central banks, financial regulators and external auditors
- Clear, structured documentation you can immediately reuse with clients and regulators
- Strong track record of building security-first cultures through training and awareness
If you need a trusted, senior security partner to “own” GRC and cyber risk while you focus on product and growth, let us connect and discuss your current challenges and timelines.
English
Native or bilingual
Hindi
Fluent
Gujarati
Fluent
Marathi
Conversational
Arabic
Basic
Can work on-site
Abu Dhabi (up to 50km)
Experience
- Department of Culture & Tourism (Abu Dhabi)Corporate Security LeadDIGITAL AND ITJune 2023 - Today (3 years)Abu Dhabi - United Arab Emirates Playing a strategic role by spearheading implementation of Identity & Access management and Data Loss Prevention solutions, ensuring alignment with DCT’s business objectives, IT strategy roadmap, and digital transformation journey Effectively managing SOC security incidents in collaboration with the MSS vendor to ensure timely closure, thus proactively mitigating risks and strengthening DCT’s overall security posture Skillfully driving key pivotal & impactful tasks like security risk assessments, vulnerability scans, SaaS based vendor evaluations & due diligence for existing / new projects, any system changes, so as to ensure secure integration & minimizing exposure to emerging threats
- KlarnaSecurity Lead – FinanceDIGITAL AND ITNovember 2021 - May 2023 (1 year and 6 months)Berlin, Germany Risk based process designing & implementation for Access & Change Management ITGC areas Formulating and chairing the CAB (Change Advisory Board) for governing the IT changes Front-end face of Klarna from Finance department to the banking regulators & external IT auditors Leading the assessments of 3rd party supplier risk management activities along with BCP – IT DR Playing an instrumental role in on-boarding CyberArk PAM tool for privileged user management
- UAE ExchangeAssociate Director – IT RiskDIGITAL AND ITJanuary 2017 - September 2021 (4 years and 8 months)Abu Dhabi - United Arab Emirates Developing & implementing IT Risk Management Framework, Risk Register, RCM (Risk Control Matrix) along with imparting risk and data protection awareness trainings among employees Identifying KRI’s (Key Risk Indicators), Monitoring & Tracking the IT risks end to end Playing a vital role of IT change Release Manager by the driving the Release Control Board (RCB) Implementing key IT Security & Governance activities like Security Control Effectiveness Matrix, Privilege User Access Re-Certification, 02 person-control password management process Ensuring compliance to UAE Central Bank regulations – leveraging ISO 27001, PCI – DSS, NIST Responsible for end-to-end delivery of key security projects like Privilege Access Management
Recommendations
Be the first to recommend Himanshu
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- CISSP® - Certified Information Systems Security ProfessionalCISSP® - Certified Information Systems Security Professional
- ISO 22301 - Lead ImplementerBSIISO 22301