Description

"I am a Senior AI Governance and Ethics Specialist with 10 years of enterprise IT experience, focused on operationalising AI governance frameworks for regulated enterprise clients.

I manage AI governance intake processes end to end — reviewing AI use case submissions, validating questionnaire responses, classifying AI risk tiers, and guiding business and technical teams through governance requirements. I have governed 15+ enterprise AI deployments across financial services, healthcare, and public sector.

My three core frameworks: NIST AI RMF (Govern / Map / Measure / Manage), ISO/IEC 42001:2023 AI Management System, and EU AI Act compliance (Articles 5, 9–15, 50, 72–73).

Unique capability: I govern Shadow AI at the endpoint layer using DLP endpoint policies to prevent exfiltration of proprietary data and PII into unauthorised LLMs — combining 10 years of BigFix endpoint management with AI governance expertise.

What I deliver for clients:

— EU AI Act Gap Assessment — full risk tier classification, gap report, remediation roadmap

— NIST AI RMF Risk Assessment — Govern/Map/Measure/Manage applied to your AI systems

— ISO 42001 AI Management System documentation — audit-ready, PDCA-aligned

— AI Governance Intake Programme — questionnaire, workflow, risk register, KRI dashboard design

I reduced client AI compliance gap findings by 60% across three financial services accounts. I delivered ISO 42001-aligned documentation for a UK insurance client 6 weeks ahead of regulatory deadline. I identified and remediated Shadow AI exposure across an 8,000-employee organisation within 90 days.

Immediate availability. Remote. Open to European client engagements."

Languages

German
Native or bilingual
English
Fluent
Hindi
Conversational
Telugu
Native or bilingual

Workplace preferences

Remote only

Primarily works remotely

DXC Technology
Senior AI Governance & Compliance Specialist
November 2020 - Today (5 years and 7 months)
Hyderabad, Telangana, India
Senior AI Governance & Security Specialist10+ years of endpoint security engineering combined with hands-on AI GRC (EU AI Act, NIST RMF, ISO 42001). I bridge policy and technical execution by governing Shadow AI at the machine layer using BigFix and DLP controls.🚀 Core ValueGRC Architecture: Operationalizing EU AI Act, NIST, and ISO 42001.Infrastructure Control: Endpoint-level Shadow AI discovery and blocking.Data Protection: Preventing source code and PII leaks into public LLMs.Model Safety: Auditing architectures against OWASP LLM Top 10 risks.🛠️ Core CapabilitiesIntake & Risk Registers: Managed end-to-end intake for 15+ enterprise deployments. Mapped 40+ corporate tools to EU AI Act risk tiers and NIST criteria.Ethics & Fairness: Conducted algorithmic bias audits applying demographic parity and equal opportunity metrics. Generated SHAP/LIME explainability reports.Shadow AI Eradication: Designed discovery programs across 8,000-employee networks. Remediated 34 unapproved tools within 90 days using automated DLP blocks.KRI Dashboards: Designed live monitoring dashboards tracking model drift, accuracy degradation, bias breaches, and data quality drops (Fiddler/Arthur AI).Compliance Artifacts: Authored 20+ System Cards, Model Cards, AIBOMs, and ISO 42001 AIMS frameworks. Setup Article 73 serious incident workflows.📈 Proven AchievementsBanking: Reduced compliance gap findings by 60% across 3 global accounts.Insurance: Delivered ISO 42001 AIMS documentation 6 weeks ahead of schedule.Enterprise: Cataloged and controlled 34 unauthorized AI tools inside 60 days.🔄 MethodologyDiscover: Map infrastructure assets, shadow tools, and API connections.Classify: Categorize model risks against global legislative text.Deploy: Integrate strict intake gates and technical DLP endpoint rules.Monitor: Launch live KRI dashboards for continuous audit readiness.
Shadow AI Governance OWASP LLM Top 10 NIST AI RMF EU AI Act AI Impact Assessment
HCL Technologies
Senior Endpoint Security & Compliance Engineer
September 2018 - November 2020 (2 years and 2 months)
Hyderabad, Telangana, India
Delivered enterprise endpoint security and IT compliance programmes for European and North American clients using IBM BigFix — specialising in patch management, compliance reporting, and policy enforcement at scale across 50,000+ endpoints.
Endpoint Management & Security
▸ Administered IBM BigFix across 50,000+ endpoint environments — managing patch deployment, software distribution, and endpoint compliance for global enterprise clients.
▸ Designed and executed patch management strategies achieving 98%+ compliance rates across Windows, Linux, and macOS environments — prioritising critical and zero-day vulnerabilities within client SLA targets.
▸ Configured BigFix compliance baselines aligned to CIS Benchmarks and client security policies — automating compliance checks and remediating deviations across complex hybrid environments.
▸ Led endpoint security hardening initiatives — deploying security configurations, managing firewall policies, and enforcing least-privilege access controls across enterprise estates.
IT Compliance & Audit
▸ Delivered monthly and quarterly compliance reports to client CISOs and audit teams — producing audit-trail evidence for ISO 27001 and SOC 2 compliance programmes.
▸ Managed IT compliance remediation workflows — tracking non-compliant endpoints, assigning remediation tasks, and verifying resolution within agreed SLAs.
▸ Collaborated with client security operations on vulnerability management — integrating BigFix scan data with SIEM platforms for unified compliance visibility.
Key Achievement
▸ Achieved 98.7% patch compliance across 50,000-endpoint estate within 3 months of programme launch — eliminating critical vulnerability backlog inherited from previous provider.
IBM
Endpoint Management & Security Specialist
November 2015 - July 2018 (2 years and 8 months)
Hyderabad, Telangana, India
Managed enterprise-scale endpoint security and IT infrastructure compliance using IBM BigFix across major global client accounts — building the technical foundation and compliance discipline that underpins current AI governance expertise.
BigFix Administration & Endpoint Security
▸ Deployed and administered IBM BigFix across 30,000+ endpoints for Fortune 500 clients — managing patch lifecycle, software inventory, and endpoint security policy enforcement.
▸ Built custom BigFix Fixlets, Tasks, and Baselines for client-specific compliance requirements — automating patch deployment and configuration enforcement across complex hybrid environments.
▸ Managed endpoint vulnerability remediation — integrating BigFix with Nessus and Qualys scan outputs to prioritise and automate remediation of critical CVEs within client SLA targets.
▸ Maintained BigFix server infrastructure — BES root server, relay hierarchy, and database administration — ensuring 99.9% platform availability for global enterprise clients.