Profiles search

Shirish M.

Cyber Transformation | Cyber Engineering | AI | Product Security | Risk Management | Regulations | Cybersecurity Sr. Director at PwC
Seattle, WA, United States

Details

Education: Master of Science

Information Management

University of Washington

2009 : 2011

Bachelor of Engineering

Information Technology

University of Mumbai

2005 : 2009
Experience: 1. Lead transformational cybersecurity projects and global teams of seasoned cyber professionals in strategy, risk and compliance areas for big tech, retail and pharmaceutical organizations.

2. Help organizational build their cybersecurity vision and implement and operate their enterprise information security program.

2. Lead and direct cyber innovation projects and deliver in the areas of AI, product security, cybersecurity risk intelligence.

3. Manage multi-million dollar cyber initiatives and strategies and deliver on risk reduction and optimization goals for cyber orgs.

2018 : Present

PwC

Senior Director, Cybersecurity, Cyber GenAI, Risk & Seattle Market Cyber Leader

Manager at PwC in Cybersecurity & Privacy practice managing and leading Security Strategy, Governance & Risk Management, and Secure Development & Operations projects.

2015 : 2018

PwC

Manager, Cybersecurity, Risk Management & Privacy

Senior Associate at PricewaterhouseCoopers (PwC) working on various areas of Information Security, Privacy & Risk, including but not limited to :

1. Security Strategy, Organization Design & Development

2. Security Policy, Governance & Risk Management

3. ISO 27001 Certification Readiness Assessment

4. Information Privacy/Security Maturity Assessment

5. Gap Assessments involving ISO 27000, 27034 and other related security standards

6. Databases, Servers & Network Infrastructure Reviews

7. Business Development

8. Security Incident And Event Management

9. Threat Intelligence & Analytics

2013 : 2015

PwC

Senior Associate, Cybersecurity & Privacy

Associate at PricewaterhouseCoopers (PwC) working on various areas of Information Security, Privacy & Risk, including but not limited to :

1. Security Strategy, Organization Design & Development

2. Security Policy, Governance & Risk Management

3. ISO 27001 Certification Readiness Assessment

4. Information Privacy/Security Maturity Assessment

5. Gap Assessments involving ISO 27000, 27034 and other related security standards

6. Databases, Servers & Network Infrastructure Reviews

7. Business Development

8. Security Incident And Event Management

9. Threat Intelligence & Analytics

2011 : 2013

PwC

Associate, Cybersecurity & Privacy
Company: PwC
Years of Experience: 12

Skills

Agile Methodologies, ArcSight, business analysis, Business Process Improvement, C++, Computer Security, Data Privacy, Governance, Information Privacy, Information Security, Information Security Standards, ISO 27001, iso 27034, IT Audit, it risk management, Management, nist, Operational Risk Management, project management, Risk Assessment, Risk Management, Security Controls, Security Risk Assessments, Server 2008 Security, Strategy, threat modeling, Web Development, C, Security Risk

About

Shirish is a seasoned and visionary cybersecurity and risk management executive with a distinguished career in leading global organizations to safeguard their technology and business assets, deploy advanced technologies (e.g. AI, ML, NLP for Cybersecurity and Risk Management) and drive risk reduction and cybersecurity program maturity. He has over 15 years of experience leading, managing and successfully delivering large $50m+ cyber portfolios and initiatives in the areas of cyber risk management, regulatory programs, digital transformation for security organizations, and cyber governance. He has served as a trusted advisor to several security and business executives for mid-sized and large technology organizations, providing strategic and technical guidance, and implementing robust and transformative security programs. He has also acted in various roles (e.g., Head of Regulatory Compliance, Head of Cyber GRC) at large technology organizations to setup new cyber or GRC program for 100+ resource organizations. He is result-focused with bias for action, and has a successful track record of delivering measurable value to customers, C-suite and Board of Directors.



Throughout his career, Shirish has demonstrated strong interpersonal skills, business acumen and a proven track record of driving efficiencies, scalability and risk reduction for security programs, using technologies like AI / Generative AI. Shirish is known for fostering a culture of security awareness, empowering business teams with tools and techniques to better identify and reduce risks, and a proactive and holistic approach to protecting critical data and assets.



Shirish’s expertise extends across a wide range of cybersecurity domains, including cyber risk management, third-party security, regulatory compliance (e.g., NIST 800-53, ISO 27001, PCI DSS), and application security. At PwC, Shirish has led the development of various solutions and services, where he consistently delivered measurable results, led market and sector growth, and delivered custom services for clients. Outside his cybersecurity role, Shirish has demonstrated strengths in the building and leading diverse high-performing teams and driving inclusive mindset.



Shirish holds a Master’s degree in Information Management, where he conducted research in the areas of cybersecurity and information assurance. He also holds multiple industry certifications, including ISO 27001 Lead Implementer, and is a regular speaker at industry conferences with published articles on cybersecurity topics such as software supply chain security.