Back to Developers
Nidhi Dalvi

Nidhi Dalvi

Cybersecurity Professional

Mumbai 3+ yrs exp 87 · Excellent

About

Cybersecurity professional with 3+ years of experience delivering security initiatives across global environments. Skilled in implementing ISMS frameworks, strengthening access controls, conducting security assessments, and supporting compliance for diverse industries. Proficient in collaborating with cross-functional teams to strengthen security posture, enhance resilience, and mitigate evolving cyber threats.

Skills & Expertise (30)

ISMS implementation Advanced
7.5/10
3
Years Exp
Cyber Risk Management Advanced
7.0/10
3
Years Exp
Regulatory Compliance Advanced
7.0/10
3
Years Exp
VAPT Advanced
7.0/10
3
Years Exp
Identity & Access Management Advanced
7.0/10
3
Years Exp
Threat Analysis Intermediate
6.5/10
3
Years Exp
Vulnerability Scanning Tools Intermediate
6.0/10
3
Years Exp
GDPR Intermediate
6.0/10
3
Years Exp
NIST Cybersecurity Framework Intermediate
6.0/10
3
Years Exp
Google Workspace Intermediate
6.0/10
3
Years Exp
AWS Intermediate
6.0/10
3
Years Exp
Log Correlation & Analysis Intermediate
6.0/10
3
Years Exp
Kali Linux Intermediate
5.5/10
3
Years Exp
Microsoft Intune ISO 31000 Enterprise Risk Assessment ITGC Iec 27001 Iso VirtualBox Windows Server Incident Investigation Third-Party Risk Management Control Testing Microsoft PowerPoint Microsoft Word Microsoft Excel Security Operations Graylog OneTrust

Work Experience

Senior Executive - Technology Risk Advisory

Nexdigm Private Limited

Feb 2023 - Present

Led the structuring and implementation of an ISMS aligned with ISO/IEC 27001 and NIST CSF 2.0. Established an enterprise asset lifecycle and classification framework. Enhanced service resilience through updated BCP/DR strategies and breach simulation exercises. Strengthened the organization’s cyber risk management and vendor risk management frameworks. Developed minimum baseline security standards (MBSS) aligned with the Center for Internet Security (CIS) Benchmarks and enforced configurations across endpoints.

Identity & Access Management and Security Operations

Overseas FinTech Organization

Present - Present

Established centralized enterprise asset management on Google Workspace. Enforced IAM security controls, RBAC, and user lifecycle management strengthening access governance. Implemented secure configuration baselines and tracked the remediation of security findings. Designed and implemented security procedures to improve operational resilience. Supported SOC 2 Type II readiness and external audits, assisting with control implementation and evidence management.

Data Exposure Investigation

Indian Conglomerate

Present - Present

Performed log analysis across system, application, and access logs to identify indicators of potential data exfiltration. Analyzed access patterns and system events to determine possible data exposure vectors. Documented investigation findings and recommended remediation actions to mitigate potential risk.

DFSA Regulatory Compliance

Dubai-Based Financial Services Entity

Present - Present

Led Test of Design (ToD) assessment of cybersecurity controls against DFSA regulatory expectations. Developed gap assessment reports and recommended improvements to governance frameworks. Designed cybersecurity policies, procedures, and reporting frameworks for management oversight. Coordinated with senior stakeholders to drive regulatory compliance initiatives.

Web Application VAPT

Global Investment Platform

Present - Present

Executed manual VAPT on the public-facing website to identify exploitable security vulnerabilities. Verified remediation and closure of identified vulnerabilities with the development teams.

ISO/IEC 27001 Compliance Audit

Multi-Site Manufacturing Enterprise

Present - Present

Conducted ISO/IEC 27001 security audits across multiple operational sites in India. Delivered Test of Control (ToC) and Test of Effectiveness (ToE) through evidence review, stakeholder interviews, and control validation to identify compliance gaps. Presented detailed audit observations and remediation recommendations to client stakeholders.

Data Protection Implementation

Multinational AI & Analytics Organization

Present - Present

Enabled the implementation of the privacy program by conducting DPIAs, maintaining RoPAs, mapping data flows (DFDs), improving visibility into data processing activities and compliance posture. Collaborated with cross-functional teams to strengthen privacy governance by implementing operational privacy controls and processes.

DPO Readiness Assessment

Top-Tier Indian Legal Firm

Present - Present

Conducted privacy maturity assessment against regulatory data protection requirements including GDPR. Established a structured roadmap for setting up a Data Protection Officer (DPO) function and enhancing compliance readiness.

Education

M.Sc. Cyber Security - National Forensic Sciences University, Gandhinagar

2021 - 2023 · Afghanistan

PGDM - Digital & Cyber Forensics and Related Law - Institute of Forensic Science, Mumbai

2020 - 2021 · Afghanistan

B.Sc. Computer Science - Ramnarain Ruia Autonomous College, Mumbai

2017 - 2020 · Afghanistan

Certifications

No certifications added yet

Interested in this developer?

Profile Score Breakdown

📷 Photo 10/10
📄 Resume 10/10
💼 Job Title 10/10
✍️ Bio 10/10
🛠️ Skills 20/20
🎓 Education 10/10
⏱️ Experience 12/15
💰 Rate 0/5
🏆 Certs 0/5
Verified 5/5
Total Score 87/100

Profile Overview

Member sinceMay 2026

Availability Details

Relocation

Open to Relocation

Skills (30)

Click a skill to find developers with the same skill

ISMS implementation Cyber Risk Management Regulatory Compliance VAPT Identity & Access Management Threat Analysis Vulnerability Scanning Tools GDPR NIST Cybersecurity Framework Google Workspace +20 more

Similar Profiles

PS

Prasanth S

Cybersecurity Professional

SS

Srivigneshwaran S

CyberSecurity

JK

JAYA KUMAR

CyberSecurity

Adhivivek Gudla

Adhivivek Gudla

Cybersecurity

View All Developers →