Back to Developers
Suhani Singh

Suhani Singh

Third-Party Risk Management (TPRM) Analyst

Pune, India
70
Profile Score

Skills & Expertise (22)

ISO 27001 Advanced
8.1/10
2
Years Exp
SOC 2 Type II Advanced
7.7/10
2
Years Exp
GCP Intermediate
7.5/10
1
Years Exp
Governance, Risk, and Compliance Python SABSA NIST Cybersecurity Framework OWASP Top 10 CIA Triad Security Command Center Cloud Logging VPC Service Controls Cloud KMS IAM OneTrust HIPPA ServiceNow WIRESHARK BurpSuite Nessus JavaScript Shell

Work Experience

GCP Cloud Compliance and Control Matrix (CCM)

Accenture

Jan 2025 - Apr 2025

Performed cloud compliance support activities including control mapping, gap analysis, and audit evidence collection for ISO 27001 using GCP controls. Developed and maintained a Cloud Control Matrix, mapping GCP controls (IAM, Cloud KMS, VPC Service Controls, Cloud Logging, Security Command Center) to ISO 27001 requirements.

Security Delivery Associate (Intern)

Accenture

Jan 2024 - Jan 2024

Built a strong foundation in core cybersecurity principles, including the CIA Triad, common vulnerabilities, OWASP Top 10, and risk assessment methodologies. Familiarized with global standards (ISO 27001, HIPAA, HITECH, SOX). Acquired knowledge of security frameworks including NIST Cybersecurity Framework (CSF) and SABSA, with a focus on Governance, Risk, and Compliance (GRC).

Risk and Compliance Analyst (GRC / IT Risk)

Accenture

Aug 2024 - Dec 2024

Conducted DORA gap assessments review to identify ICT, governance, and operational resilience gaps, mapping regulatory requirements to existing controls. Maintained trackers, dashboards, and evidence for audits and reviews.

Third-Party Risk Management (TPRM) Analyst

Accenture

Apr 2025 - Present

Reviewed and analyzed Statements of Applicability (SoA), SOC 2 Type II reports, and Bridge Letters to assess control design and operating effectiveness. Identified security gaps in accordance with ISO:27001, suggested appropriate prioritized control implementation minimizing the identified risks. Assessed Due Diligence Questionnaires (DDQs) and SIG questionnaires, identifying control gaps related to access management, data protection, incident response, and business continuity. Conducted vendor profiling and inherent risk assessments, assigning risk tiers based on data sensitivity, service criticality, system access, and geographic and regulatory exposure. Handled risk and compliance requests in ServiceNow, ensuring accurate documentation, workflow tracking, and timely closure. Managed the Exception Management lifecycle, identifying non-compliance with ISO standards, assessing risk likelihood and business impact, and defining remediation paths.

Education

B.Tech Computer Science - Ramdeobaba University

- 2024 · Afghanistan

Interested in this developer?

Profile Score Breakdown

📷 Photo 10/10
📄 Resume 10/10
💼 Job Title 10/10
✍️ Bio 0/10
🛠️ Skills 20/20
🎓 Education 10/10
⏱️ Experience 5/15
💰 Rate 0/5
🏆 Certs 0/5
Verified 5/5
Total Score 70/100

Profile Overview

Member sinceMar 2026

Availability Details

Relocation

Open to Relocation

Skills (22)

ISO 27001 SOC 2 Type II GCP Governance, Risk, and Compliance Python SABSA NIST Cybersecurity Framework OWASP Top 10 CIA Triad Security Command Center +12 more

Similar Profiles

Ankita Singh

Ankita Singh

Software Engineer

$15/hr Tahir Khan

Tahir Khan

Software Engineer

$30/hr KUKKADAPU SRAVANI

KUKKADAPU SRAVANI

Software Engineer

Kranthi Kaile

Kranthi Kaile

Freelance Web Developer

$5/hr
View All Developers →