Azharuddin Mohd
Security • Privacy • Compliance • vCISO

Built for trust.
Designed for resilience.

I’m Azharuddin Mohd — a security, privacy, compliance, and risk professional helping businesses strengthen governance, clear audits, reduce security exposure, and build scalable trust programs. My work spans end-to-end compliance execution, internal and external audits, AWS security, source code review, software composition analysis, third-party risk, due diligence, and virtual CISO advisory.

Work with me View experience
ISO 27001 Lead Auditor CISA CISM CIPP/E AWS Security
15+Years of total experience
ISO / SOC / PCIAudit and compliance leadership
AWS + AppSecCloud, code, and risk reviews
TPRMVendor onboarding and due diligence
What I do

Security, compliance, and assurance services.

I support startups, scaling SaaS companies, fintechs, healthcare platforms, and enterprise vendors with practical security leadership that balances governance, audit readiness, engineering realities, and business growth.

Compliance Programs

End-to-end audit and certification readiness

I lead full compliance programs for ISO standards, SOC 2 Type II, PCI DSS, GDPR, CCPA, HIPAA, ADHICS, privacy frameworks, and client-specific controls. This includes gap assessments, policy architecture, control implementation support, evidence planning, and audit coordination.

Security Assurance

Cloud, application, and risk-based reviews

My work covers AWS security assessments, hardening validation, access control reviews, secure SDLC advisory, source code review coordination, software composition analysis, vulnerability assessment follow-ups, and risk treatment planning for real-world environments.

vCISO / GRC Advisory

Board-facing governance with execution depth

I help organisations build mature security governance from the ground up — from policies and risk registers to vendor management, leadership reporting, incident preparedness, client assurance responses, and long-term trust strategy through vCISO-style engagement.

Vendor Risk

TPRM, due diligence, and onboarding audits

I conduct internal and external vendor risk assessments, answer detailed client questionnaires, lead onboarding audits, and support procurement and legal teams with security clarifications that help close deals faster without weakening control posture.

Privacy & Data Governance

Operational privacy aligned to business reality

I work across privacy reviews, data protection impact considerations, policy drafting, regulatory alignment, third-party data handling reviews, retention controls, cross-border data concerns, and auditable privacy governance for product and operations teams.

Startup Enablement

Cyberaon Technologies — vCISOaaS

Through my own startup, Cyberaon Technologies, I focus on vCISO-as-a-Service, helping growing companies build credible security and compliance foundations, prepare for enterprise due diligence, and establish trust early in their growth journey.

Selected focus areas

Programs that move the needle.

These showcase the type of work I typically lead across client environments, compliance transformations, and enterprise assurance initiatives.

Audit Readiness

ISO and multi-framework compliance transformation

Built end-to-end control programs covering ISO 27001, 9001, 22301, 27701, and 42001 with policy sets, evidence mapping, internal audit support, and external audit coordination.

GovernanceInternal AuditCertification Support
Enterprise Assurance

SOC 2 Type II and PCI DSS execution support

Supported readiness, remediation, control testing alignment, stakeholder coordination, and client-facing assurance responses for organisations handling regulated workloads and enterprise customer requirements.

SOC 2PCI DSSEvidence Strategy
Cloud Security

AWS security assessments and architecture reviews

Led cloud security reviews focused on IAM, logging, hardening, infrastructure exposure, backup controls, resilience, and risk treatment recommendations for production SaaS environments.

AWSRisk AssessmentHardening
Product Security

Source code review and software composition analysis

Coordinated and interpreted secure code review findings, open source component risks, dependency issues, and remediation priorities to improve release confidence and audit defensibility.

AppSecSCARemediation
Client Onboarding

Security questionnaires, due diligence, and TPRM

Handled security due diligence for customer onboarding by preparing audit-ready responses, reviewing evidence, addressing observations, and supporting sales, procurement, and infosec stakeholders.

TPRMVendor AuditsClient Trust
Privacy

Regulatory alignment across healthcare and global privacy

Supported practical alignment against GDPR, CCPA, HIPAA, and related privacy expectations through control mapping, data governance, access reviews, and documented operational safeguards.

GDPRCCPAHIPAA
Career path

Experience shaped by delivery, audit, and scale.

A progression from operations leadership into security, privacy, GRC, and strategic advisory — with hands-on ownership across audits, risk, compliance execution, and client assurance.

Sr. SecOps Engineer & GRC — Credgenics

Feb 2026 – PresentIndia • RemoteFull-time
  • Drive comprehensive security audits by implementing security controls, ISMS policies, and governance procedures aligned to ISO 27001, ISO 27701, PCI DSS, RBI SAR Data Localization, and related compliance expectations.
  • Lead third-party risk management audits during vendor onboarding and annual review cycles, engaging directly with client infosec teams and internal stakeholders.
  • Coordinate assessments with Cert-In empanelled auditors, with focus on infrastructure security, hardening validation, firewall rule reviews, and AWS security testing.

Senior Manager GRC — Hackrew

Oct 2022 – Feb 2026Hyderabad, Telangana, India • RemoteFull-time
  • Performed ISMS auditing, log review, and development of ISMS policies and supporting documents for multiple clients across ISO 27001 and adjacent compliance requirements.
  • Supported governance, AWS security discussions, audit preparation, and client-facing compliance documentation across varied industries and control environments.
  • Worked on structured audit readiness efforts involving policy baselines, control interpretation, evidence reviews, and remediation follow-up.

Senior Security Analyst — Defmax Technologies Pvt. Ltd.

Oct 2019 – Oct 2022India • RemoteFull-time
  • Handled security audits and GRC activities with emphasis on control reviews, security assessments, audit support, and risk-based compliance execution.
  • Contributed to internal and external security assurance processes, strengthening documentation, review mechanisms, and governance outcomes.
  • Supported client security requirements across operational controls, review cycles, and program maturity initiatives.

Senior Team Lead — Patra Corporation

Jan 2011 – Apr 2019Visakhapatnam, Andhra Pradesh, IndiaFull-time
  • Led management operations with people, process, and delivery responsibilities that built the foundation for later leadership in structured governance and control environments.
  • Developed strong stakeholder coordination, process ownership, and operational discipline in a large-scale service delivery setup.
  • Managed teams and workstreams with focus on quality, consistency, escalation handling, and business continuity of daily operations.
Capability stack

Skills across strategy, control, and execution.

My strength sits at the intersection of audit depth, technical understanding, and business-facing communication — helping organisations become both compliant and credible.

Technical & Assurance

Security and compliance execution

AWS Security Reviews Risk Assessments Internal Audits External Audits Source Code Review Software Composition Analysis Vendor TPRM Due Diligence Audits ISMS Documentation Control Mapping Evidence Reviews Policy Architecture
Frameworks & Domains

Standards and regulatory alignment

ISO 27001 ISO 9001 ISO 22301 ISO 27701 ISO 42001 SOC 2 Type II PCI DSS GDPR CCPA HIPAA ADHICS RBI SAR Data Localization
Leadership

Business-facing security partnership

vCISO Advisory Stakeholder Communication Audit Coordination Remediation Tracking Security Questionnaire Handling Client Assurance Governance Reporting Cross-Functional Collaboration
Certifications

Industry-recognised credentials

ISO 27001 Lead Auditor CISA CISM CIPP/E AWS Security Specialist
Governance-led

Built for policy, process, and executive clarity.

Audit-ready

Focused on evidence, defensibility, and delivery under scrutiny.

Technically aware

Cloud, AppSec, risk, and security review aligned to reality.

Commercially useful

Supports onboarding, trust, and faster client assurance.

Contact

Let’s discuss security, privacy, or compliance work.

For consulting, vCISO support, audit readiness, vendor assessments, security reviews, or enterprise onboarding support, reach out directly by email.

Profiles

Professional presence

LinkedIn profile for background, career history, and professional updates.

LinkedIn ↗