Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Sriparna Bandyopadhyay

Knoxville,TN

Summary

Results-driven Cybersecurity professional with over 8 years of experience in external assessment roles for SOC 1, SOC 2, HITRUST CSF, and SOX. Led risk-based assurance and control maturity evaluations across healthcare, insurance, and energy sectors. Skilled in aligning controls with NIST CSF and ISO 27001, enhancing clients' governance and compliance frameworks.

Overview

21
21
years of professional experience
1
1
Certification

Work History

Manager

LBMC
06.2021 - Current
  • Facilitated alignment of expectations and communication of control deficiencies as the primary client contact, addressing operational and regulatory risks.
  • Executed HITRUST readiness and validated assessments from scoping to reporting, directing risk evaluation testing strategies and evidence validation.
  • Oversaw testing across IAM, SDLC, change management, privacy, and third-party risk domains, ensuring structured remediation oversight.
  • Delivered SOC 1, SOC 2, and HITRUST CSF engagements in regulated and cloud environments, advising on governance maturity and control effectiveness.
  • Collaborated with cross-functional audit teams to map SOC and HITRUST controls to ISO 27001 and NIST CSF frameworks, facilitating integrated assurance.
  • Performed audits and assessments across cloud environments (AWS, Azure, GCP), evaluating cloud governance and security control implementation.
  • Executed engagement quality reviews and standardized processes, enhancing documentation rigor and improving audit efficiency.
  • Applied ISO 27001 and NIST control concepts during risk assessments and control gap evaluations in readiness and maturity engagements.

Senior Consultant

LBMC
06.2019 - 06.2021
  • Led end-to-end SOX ITGC audit activities including planning, walkthroughs, testing execution, and deficiency evaluation.
  • Led SOX ITGC audit execution and SOC and HITRUST assessments across regulated environments to ensure compliance.
  • Executed HITRUST and SOC control testing across security, privacy, and operational domains.
  • Strengthened control narratives and aligned evidence to support validated assessments and enhance external reporting accuracy.
  • Facilitated communication between IT stakeholders and external auditors to ensure alignment of testing execution with expectations.

Staff Consultant

LBMC
07.2017 - 06.2019
  • Performed walkthroughs and control testing across ITGC and security domains, ensuring compliance and risk mitigation.
  • Supported HITRUST readiness and validation procedures through structured evidence review and workpaper documentation, facilitating successful audit outcomes.
  • Executed SOX, SOC, and HITRUST control testing, enhancing governance and documentation rigor.
  • Produced defensible audit documentation aligned with assurance standards.

Summer Intern

LBMC
06.2016 - 07.2016
  • Executed IT audit fieldwork and documented findings to support compliance under senior supervision.
  • Conducted research on industry trends to support project initiatives.
  • Collaborated with team members to streamline internal processes.

Language Consultant (Part-Time)

Zi Corp
01.2005 - 01.2006
  • Supported mobile software localization initiatives, enhancing language quality and user experience for international markets.
  • Completed translations between English and target language.
  • Researched current language trends to inform program development and strategies.

Education

Master of Science - Accounting & Information Management

University of Tennessee
Knoxville, TN

Master of Arts - Linguistics

University of Calcutta
Kolkata, India

Bachelor of Arts - Bengali Language & Literature

University of Calcutta
Kolkata, India

Skills

  • SOX ITGC compliance
  • SOC 1 and SOC 2 audits
  • HITRUST CSF readiness and validation
  • NIST CSF alignment
  • ISO 27001 control mapping
  • Identity and access management
  • Change management and SDLC governance
  • Logging and monitoring practices
  • Encryption and key management
  • Incident response and recovery planning
  • Third-party risk management
  • Policy and procedure development
  • Cloud security strategies

Certification

  • Certified Information Systems Auditor (CISA), ISACA
  • Certified CSF Practitioner (CCSFP), HITRUST
  • Certified HITRUST Quality Professional (CHQP), HITRUST
  • CYPT Privacy Certification, In Progress

Timeline

Manager

LBMC
06.2021 - Current

Senior Consultant

LBMC
06.2019 - 06.2021

Staff Consultant

LBMC
07.2017 - 06.2019

Summer Intern

LBMC
06.2016 - 07.2016

Language Consultant (Part-Time)

Zi Corp
01.2005 - 01.2006

Master of Science - Accounting & Information Management

University of Tennessee

Master of Arts - Linguistics

University of Calcutta

Bachelor of Arts - Bengali Language & Literature

University of Calcutta
Sriparna Bandyopadhyay