Sarath CISM,CRISC

Trivandrum, Kerala, India

Get a Quote Connect on WhatsApp Add to Favorites

All-Time Transaction Data

All-Time Earnings: $0
Transactions Completed: 0
Employers: 0
Largest Employer: $0
Member Since: Apr 2026

Get a Quote

Skills

Auditing
ISO 27001
Risk Analysis
Risk Assessment
Risk Based Audits
Risk Consulting
Security Analyst
Security Consulting
Vulnerability Assessment

Services

Security Specialist -GRC

$30/hr Starting at $500 Ongoing

Dedicated Resource

End-to-End Third-Party Risk Management (TPRM) Program Design, Assessment & Governance Enterprise Information Security Risk Framework Design — ISO 31000 / ISO 27005 / NIST Aligned Vulnerability Management...

AuditingISO 27001Risk AnalysisRisk AssessmentRisk Based Audits

About

Results-driven Information Security Specialist with 13+ years of experience in risk management, compliance, and cybersecurity governance — helping organizations build security from A2Z

I'm Sarath M.S., a cybersecurity professional based in Trivandrum, Kerala, specializing in Third-Party Risk Management, Enterprise Risk Frameworks, Vulnerability Management Governance, and Cloud Security Posture.
Over 13+ years, I have designed and led security programs across financial services, healthcare, and technology sectors — owning these programs end to end, not just advising on them. My work spans the full risk lifecycle: from vendor risk tiering and supplier assessments, to building organizational risk registers, defining patch SLAs, and delivering board-level risk reporting.
I hold industry-leading certifications including CISM and CRISC from ISACA, CompTIA SecurityX, ISO 27001 Lead Auditor, ISO 31000 Lead Risk Manager, and multiple Microsoft Azure certifications. On the tools side, I have hands-on experience with Black Kite, Risk Recon, Rapid7, WIZ Cloud, Onspring, Hyperproof, and the Microsoft Defender and Entra ecosystem.
My strength is translating complex technical risk into clear business decisions — building programs that survive audits and mature over time. I work with clients globally, with particular focus on the MENA region and organizations aligning with SAMA, NCA ECC, ISO 27001, SOC 2, NIST CSF, PCI-DSS, and GDPR.

Work Terms

Availability: Open to project-based, milestone-based, and hourly engagements
Preferred Engagement: Remote — available to clients globally
Response Time: Within 24 hours on all enquiries
Communication: English (professional fluency)
Project Kickoff: Discovery call recommended before all engagements to scope requirements accurately
Revisions: All deliverables include one round of revisions at no additional cost
Confidentiality: Happy to sign NDAs prior to engagement — client data treated with strict confidentiality
Rates: Negotiable based on scope, duration, and complexity — contact me for a custom quote

Browse Similar Freelance Experts

Security Consultants

ISO 27001 Consultants

Risk Assessment Services