// Raja Yadav · Mumbai, India · Deputy Manager @ State Bank of India

Securing
Systems.

Information Security Auditor & Cybersecurity Professional
with 10+ years securing banking and enterprise infrastructure.

// Credentials
CISA · DISA · ISO 27001 Lead Auditor · CEH · CC (ISC2)

// Domains
IS Audit · ITGC · TPRM · Risk Management · Compliance

// Organisations
State Bank of India · AAA Technologies · IIIT Allahabad

10+

Years Experience

Certifications

50+

Audits Done

Get In Touch View Experience

scroll

// raja.yadav

Dep. ManagerIS Audit · SBI

Profile

Who I am

I'm Raja Yadav, an Information Security professional with over a decade of experience conducting audits, managing risk, and securing digital infrastructure across banking and enterprise environments. Currently serving as Deputy Manager – IS Audit at the State Bank of India, I bring deep expertise in regulatory compliance, vulnerability assessment, and building security frameworks that withstand scrutiny.

My career spans both private consulting and public institutions — from end-to-end audits for banks and government bodies at AAA Technologies, to hands-on forensics work with the Cyber Cell Police Department. I'm passionate about making complex security actionable and believe strong audit practices are the backbone of trustworthy systems.

Location

Navi Mumbai, Maharashtra, India

rajaiiita@gmail.com

Current Role

Deputy Manager – IS Audit, SBI

linkedin.com/in/rajayadav

Phone

+91-9838197781

Volunteering

Cancer Aid Society · Wildlife Activities

Languages

🇬🇧 English · Fluent

🇮🇳 Hindi · Native

🇮🇳 Punjabi · Intermediate

Career

Work Experience

2021 – Present

State Bank of India

Deputy Manager — IS Audit

State Bank of India · Navi Mumbai, India

Conduct comprehensive audits of information systems to ensure compliance with internal policies and regulatory requirements.
Identify and assess security risks, vulnerabilities, and control deficiencies across critical banking infrastructure.
Develop and implement audit plans including risk assessments, audit programs, and detailed testing procedures.
Collaborate with IT and business units to address audit findings and recommend corrective actions.
Prepare detailed audit reports and present findings to senior management for strategic decision-making.
Monitor and follow up on the implementation of audit recommendations to ensure full closure.

IS AuditRisk AssessmentRegulatory ComplianceVulnerability MgmtAudit Reporting

2015 – 2020

AAA Technologies Ltd

Information Security Consultant

AAA Technologies Ltd · Mumbai, India

Handled end-to-end audits across domains including IT General Controls (ITGC), Third-Party Risk Management (TPRM), and application audits for diverse clients.
Developed and executed audit plans tailored to each institution's unique risk profile and regulatory requirements.
Successfully conducted audits for banks and government institutions, ensuring compliance and enhancing security posture.
Identified significant control weaknesses and provided actionable recommendations implemented across multiple institutions.
Received consistent positive feedback from clients for thoroughness and professionalism in audit execution.

ITGCTPRMApplication AuditBankingGovernmentISO 27001

// EARLY CAREER · INTERNSHIPS

Cyber Cell Police Department

2014 · Gurgaon, India

Assisted law enforcement in solving cyber crime cases. Led the project "Website Hacking and Investigation", gaining hands-on exposure to digital forensics and cyber incident response in a real-world law enforcement context.

National Informatics Centre (NIC)

2012 · Hyderabad, India

Worked on IaaS model and deployed Software as a Service within NIC's infrastructure using the open-source cloud platform Sol Eucalyptus 2.0 with Ubuntu Enterprise Cloud (UEC) — an early foray into cloud security architecture.

Capabilities

Skills & Expertise

// Security & Audit Competencies

IS Audit & Compliance95%

Risk Assessment & TPRM90%

ITGC & Application Audit92%

Network Security85%

OWASP Top 10 / Pen Testing80%

NIST Framework88%

Cyber Forensics78%

Data Analysis & Visualization75%

// Technical Stack

🐧

Linux

🐍

Python

🗄️

Database

📊

MS Office

🛡️

ISO 27001

💳

PCI DSS

🔬

COBIT

🌐

OWASP

⚙️

NIST

🏗️

BCP / DRP

☁️

Cloud / IaaS

🔐

Cyber Law

Credentials

Certifications & Credentials

CISA

Certified Information Systems Auditor

ISACA

The globally recognized gold standard for IS audit, control, and assurance professionals. Validates expertise in auditing, controlling, monitoring, and assessing an organization's IT and business systems.

Verified · ISACA

DISA

Diploma in Information Systems Audit

IIBF — Indian Institute of Banking & Finance

Specialized certification for IS audit professionals in the Indian banking and financial sector, covering audit standards, controls, regulatory compliance, and sector-specific security frameworks.

Verified · IIBF

ISO
27001

ISO 27001 Lead Auditor

IRCA — International Register of Certificated Auditors

Certified to plan, conduct, report, and follow up on ISO/IEC 27001 ISMS audits at the highest international standard, enabling organizations to achieve and maintain information security certification.

Verified · IRCA

C|EH

Certified Ethical Hacker

EC-Council · CEHv8

Certified in offensive security methodologies including penetration testing, vulnerability exploitation, and ethical hacking — essential for understanding attacker techniques and implementing proactive security measures.

Verified · EC-Council

Certified in Cybersecurity

ISC2

ISC2's foundational cybersecurity certification covering security principles, incident response, network security, and access controls — demonstrating broad cybersecurity knowledge and a commitment to the profession.

Verified · ISC2

Academic

Education & Training

Master of Science

Cyber Law and Information Security

Indian Institute of Information Technology, Allahabad

2013 – 2015 · Allahabad, India

Acquired deep expertise in Information Security and Cyber Law covering audits, vulnerability assessments, network security, cyber forensics, IT & Data Protection Acts, and global standards including ISO 27001, PCI DSS, BCP/DRP, and COBIT.

Cyber LawInfoSecForensicsISO 27001PCI DSSCOBITBCP/DRP

Bachelor of Engineering

Computer Science

ICFAI University, Dehradun

2008 – 2012 · Dehradun, India

Gained foundational knowledge in programming languages, database management systems, system administration, and core computer science principles that underpin modern cybersecurity engineering and systems thinking.

Computer ScienceProgrammingDBMSSystem Admin

Connect

Let's Connect

Whether you're looking to discuss an audit engagement, cybersecurity consulting, speaking opportunity, or simply want to connect with a fellow professional — I'd love to hear from you.