Ankit Singh
Espoo,18
Summary
Insightful, results-driven IT/OT security professional having ‘MS degree in Information Security’, with notable success - directing a broad range of corporate IT/OT security initiatives while participating in planning, analyzing, and implementing solutions in support of business objectives.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Manager, Cybersecurity (ICS/OT)
Deloitte Oy
01.2018 - Current
- Subject Matter Expert (SME) for NIS2, CRA, OT Site Assessment and IACS Product Security for Deloitte Nordic Cyber Projects.
- NIS2: Leading and executing multiple engagements for organisations in the manufacturing and life sciences sectors, supporting them in identifying gaps against NIS2 requirements. Providing practical recommendations and offering advisory services to implement those recommendations.
- CRA: Driving numerous projects for technology sector organisations, focusing on identifying compliance gaps with CRA requirements. Delivering actionable recommendations and providing expert advisory services to facilitate the implementation of these improvements.
- Product Security Reviews: Conducted comprehensive reviews of over 40 OT maritime OT products (against IACS UR E26 and UR E27), identifying critical cyber gaps using IEC 62443-3-3 and IEC 62443-4-2, and providing advisory services to product development teams to mitigate these gaps.
- Vessel OT Security: Led the assessment team responsible for the comprehensive cybersecurity review of the OT/IoT environment of a fleet of 125 RORO vessels.
- Global Port Maturity Reviews: Independently executed maturity reviews for 20 strategic ports worldwide.
- Industry-Specific Assessments: Performed cyber security maturity and gap assessments for Oil and Gas, Maritime, Metal, and Mining industries, leveraging major cyber security frameworks and standards (ISA/IEC 62443, NIST 800-82, NIST 800-30, NIST 800-53, NIST CSF, ISO 27001, ISO 22301, etc.).
- Operational Management: Managed cyber security operations for major Oil and Gas organizations in Europe and India.
- OWASP SAMM: Conducted secure software development process assessments for mission-critical and business-critical applications for a major European airline client, ensuring adherence to OWASP SAMM standards.
- Policy Documentation and Implementation: Documented and implemented policies, standards, and control matrices for organizations in Africa and Europe.
- Data Centre Audits: Conducted Data Centre audits for both IT and non-IT components (Electrical, Mechanical, Telecommunication, and Architectural) with a thorough understanding of the TIA-942 standard, including onsite assessments for major telecom clients in South Africa, Ghana, and Cameroon.
Senior Cyber Security Consultant
EY
08.2016 - 01.2018
- BCP/DR Assessments: Executed Business Continuity Planning (BCP) and Disaster Recovery (DR) assessments for manufacturing clients, and conducted Business Impact Assessments for Oil and Gas clients.
- Vulnerability and Patch Management: Assessed vulnerability and patch management processes for a large banking client in Australia and New Zealand.
- Risk Assessments: Enhanced client cybersecurity posture through tailored risk assessments and mitigation strategies.
- Regulatory Compliance Support (SOX 404, ITGC): Ensured client regulatory compliance by conducting thorough audits of information systems and security controls.
- Data Centre Audits: Conducted Data Centre audits for both IT and non-IT components (Electrical, Mechanical, Telecommunication, and Architectural) with a thorough understanding of the TIA-942 standard, including onsite assessments for major telecom clients in South Africa, Ghana, and Cameroon.
Security Consultant
IBM
12.2014 - 07.2016
- Cybersecurity Audits: Conducting comprehensive cybersecurity audits against ISO 27001 and NIST 800-53 standards.
- Policy Review and Alignment: Reviewing existing organisational policies to ensure alignment with current security best practices, making necessary revisions to close gaps in protection.
- Management Reporting: Preparing detailed management reports that outline observations, comparisons to applicable standards, guidelines, and industry best practices.
- SOX Controls Review: Reviewing SOX controls (Manage Access and Manage Change) for multiple critical applications for clients in Europe.
Education
Master of Engineering - Information Security
Thapar University
India06-2014
Bachelor of Technology - Computer Science And Engineering
Uttar Pradesh Technical University,
India06-2012
Skills
- IEC 62443
- OT/ ICS Cyber Security
- IACS Product Security
- NIS 2, CRA
- NIST 800-82, NIST 800-53, NIST 800-37
- ISO 27001
Certification
•ISA/ IEC 62443 (Cybersecurity Specialist)
•ISA/ IEC 62443 (Risk Assessment Specialist)
•ISA/ IEC 62443 (Cybersecurity Design Specialist)
•Certified Information Systems Auditor (CISA)
•IRCA Certified ISO 27001 Lead Auditor
•Certified in Cyber Security (ISC2)
•Certified Ethical Hacker v8
Timeline
Manager, Cybersecurity (ICS/OT)
Deloitte Oy
01.2018 - Current
Senior Cyber Security Consultant
EY
08.2016 - 01.2018
Security Consultant
IBM
12.2014 - 07.2016
Master of Engineering - Information Security
Thapar University
Bachelor of Technology - Computer Science And Engineering
Uttar Pradesh Technical University,
Similar Profiles
Aki TuovinenAki Tuovinen
Country Manager / Sales Manager at BRAV Finland Oy (Former Swix Sport Finland Oy)Country Manager / Sales Manager at BRAV Finland Oy (Former Swix Sport Finland Oy)
Admir DurajAdmir Duraj
Building Service Worker , Logistic at Severi Oy . Front Rakennuspalvelu OyBuilding Service Worker , Logistic at Severi Oy . Front Rakennuspalvelu Oy
Al-ameen AgbetobaAl-ameen Agbetoba
Production Organizer at Fresh Servant OyProduction Organizer at Fresh Servant Oy
Ndome Letycia TamaNdome Letycia Tama
Chef Trainee at Lucy In The SkyChef Trainee at Lucy In The Sky
Kazi Abu SyeedKazi Abu Syeed
Chief Executive Officer at Red & Green OyChief Executive Officer at Red & Green Oy