Profiles search

Aarti Krishan

CISSP, CCSP, CCSK, Cyber Security and Engineering
New York, NY, United States

Details

Experience: 2023 : Present

Zip Co

Director, Head of Information Security

Managed Cloud Security assurance function for Salesforce's high-velocity, public cloud (Hyperforce) transformation of proprietary and acquired SaaS products, public sector platforms and emerging tech.

2020 : 2023

Salesforce

Director, Security Assurance

Managed strategy, implementation and assessment of technology risk controls to meet regulatory and product security requirements across Data Security, IAM, Data Encryption, Network security, SOx, RCSA and others.

2010 : 2020

Goldman Sachs

Vice President - Technology Risk - Global Control Operations

Datawarehouse Architect responsible for implementing and delivering Credit Risk Analytics platform enabling identification, assessment and management of risk exposures and risk management strategies on its large mortgage-backed securitization platform.

2009 : 2010

Freddie Mac

Data Warehouse Architect

Full stack engineering lead for technical design, development and delivery of P2P Accounting & Management Information System, enabling comprehensive financial planning and reporting.

2008 : 2009

NYC Department of Education

Technology Project Manager
Company: Zip Co

About

Pragmatic, entrepreneurial leader with 15+ years of experience leading and implementing technology and information security strategies, plans, and governance models in large enterprises.



I enjoy translating risk scenarios into value-enhancing technology roadmaps, driving consensus across engineering and risk stripes, and positioning security as a competitive strategy. I'm experienced in policy/process uplifts, risk acceptance decisions, technical control assessments (for applications, services, infrastructure, networks and third parties), security product selection and incident response. I am poised under pressure, and resolve complex issues through focused analysis and collaborative initiative.

I am passionate about building creative and resilient teams and am endlessly curious about the promise of emerging technology.



Competencies:



- Cloud Security (AWS)

- Information Security Risk Governance

- Secure SDLC Controls and Implementation

- Threat Modeling

- Penetration Testing

- NIST CSF, ISO27k, PCI, CMMC, FedRamp, GDPR, SOX

- Problem Solving

- Secure Digital Transformation

- KRIs & Risk Appetite Measurement

- Continuous Control Monitoring

- Cyber Risk Assessment for M&A

- Enterprise Risk Management