Chandrakant Kamble Associate Director Chandrakant is an Associate Director in Protiviti Australia’s technology consulting practice with almost 20 years of experience focusing on cybersecurity and privacy. Chandrakant has significant knowledge in undertaking NIST CSF, NSW Cyber Security Policy, ASD’s Essential Eight, ISO 27001, APRA CPS234, AEMO AESCSF and PCI DSS implementations and assessments. He has extensive experience in leading the implementation of cybersecurity programs and managing Security Operations Centres (SOC).Major projects and accomplishmentsLeading energy and utilities distributor – Chandrakant conducted a review of regulatory security requirements for its Operational Technology (OT) environment. Leading energy and utilities distributor - AESCSF compliance criteria and measurement definition - Chandrakant has defined specific measurement criteria for Australia Energy Sector Cyber Security Framework’s (AESCSF) compliance and embedded it into a cyber risk model for pragmatic consumption and operationalisation. State transport department – He conducted an OT configuration management review and risk based Essential 8 review was undertaken for a state transport department with recommended improvements for OT configuration management. APRA regulated entity - Chandrakant has led and driven a cloud security risk review for an APRA regulated entity in line with APRA's security and outsourcing standards. Leading bank in Australia - Chandrakant has supported one of Australia’s leading bank's line-1 cyber risk assessment teams by contributing through in-depth technical expertise and experience to review risks and control assurance within their cybersecurity risk portfolio. NSW government agency - Chandrakant has led and delivered multiple cybersecurity reviews against NSW Cybersecurity Policy (CSP), ASD's Essential Eight controls, NIST CSF for various NSW government agencies and recommended actions for a cybersecurity maturity uplift. Such reviews included assessing Essential Eight control maturity and compliance attestation against NSW CSP which is submitted to NSW CISO on an annual basis. Queensland government agency – Chandrakant worked with the agency's audit team as a subject matter expert for conducting a network security assessment across its IT infrastructure. Leading real estate and property management firm - Chandrakant has led and driven a cybersecurity maturity uplift and remediation activities which included a control uplift for security policies, governance, vulnerability management and third party supplier risk compliance.Areas of expertiseISO 27001 implementation and assessment Security governanceRisk and compliance PCI DSS implementation and compliance assurance Cybersecurity strategy and operations, incident response and test Data privacy compliance and protections Security operations centre management SSAE-16 compliance and assuranceIndustry expertiseIT services OT environmentsBusiness process outsourcing services that included customers from insurance, finance and accounting, retail, manufacturing, pharmaceuticals, telecoms, banking and financial services and government.EducationDiploma In Computer Engineering, MSBTE Professional memberships and certificationsCertified Payment Industry Security Implementer (CPISI) ISO 27001: 2005 lead auditor Microsoft Certified System Administrator (MCSA)
