Vaibhav Singh Bhadauria

Lead enterprise technology and security strategy, aligning IT and cyber roadmaps with business objectives, growth plans, and operational efficiency targets, and positioning technology as a key enabler of digital customer experience.
Oversee IT operations, infrastructure, and core systems, directing teams across networks, cloud platforms, applications, and support to ensure high availability, reliability, and performance for mission-critical services.
Drive cloud migration, digital transformation, and technology modernization by leading workload migration to Microsoft Azure, complex Active Directory integrations, and security hardening with Microsoft 365, Intune, ESET Disk Encryption, and ESET MDR, improving scalability, performance, and user experience.
Direct enterprise risk management and incident response, maintaining a live risk register, executing risk analysis and treatment plans, and managing monitoring and response with Wazuh SIEM, FortiGate firewalls, VPNs, and Nessus PCI scanning for continuous monitoring and faster time-to-detect/restore.
Manage vendor risk and outsourced/fintech technology relationships, responding to client due-diligence requests, overseeing third-party assessments using Drata and Comply, and coordinating penetration tests and table-top exercises to validate resilience, controls, and service provider performance.
Develop and manage technology and security budgets, prioritizing investments, optimizing run-the-bank vs change-the-bank spend, and renegotiating key vendor contracts to improve cost-effectiveness without compromising resilience or security.
Maintain IT and security governance aligned to OSFI-style expectations (B-10, B-13, E-21), PIPEDA, FINTRAC, SOX, NIST, ISO 27001/27002, PCI DSS and Cyber Essentials, supporting audits and regulatory-style examinations and strengthening controls, documentation, and decision-making processes.
Partner with CEO and business leaders as a trusted technology advisor, translating complex technology and security topics into business value and risk trade-offs, and championing a “Security First” and technology excellence culture through targeted training, awareness, and continuous improvement initiatives.

• Spearheaded the formulation and execution of comprehensive enterprise-wide data management and governance strategies, focusing on optimizing data value through advanced analytics and digitalization.
• Directed strategic investments in data capabilities to address regulatory requirements and align with enterprise priorities, ensuring coordinated allocation of resources for effective data management.
• Cultivated strong collaborative relationships with stakeholders at operational and executive levels, fostering alignment and commitment to data governance principles, practices, and priorities.
• Collaborated with cross-functional Enterprise partners to enhance overall data governance and management capabilities, influencing decisions related to policy, technology, and talent development.
• Advocated for and supported transformative data initiatives aimed at fortifying global data and advanced analytics capabilities, positioning data as a key driver of organizational growth.
• Orchestrated the establishment of organizational structures and operational frameworks to support data program objectives, including the implementation of robust data governance forums and processes.

• Developed and enforced data governance policies and procedures to ensure compliance with regulatory requirements and industry standards, fostering a culture of data integrity and accountability.
• Established and maintained data quality standards and controls, conducting regular audits and assessments to monitor data accuracy, completeness, and consistency.
• Collaborated with stakeholders across departments to identify data governance needs and requirements, aligning strategies with business objectives and priorities.
• Implemented data stewardship programs to assign ownership and responsibility for data assets, driving accountability and improving data quality throughout the organization.
• Led the development and implementation of data governance frameworks and tools, leveraging technology solutions to streamline processes and enhance data management capabilities.
• Provided guidance and training to staff on data governance principles, best practices, and tools, promoting a shared understanding of data management responsibilities and goals.

• Supported the development and implementation of data protection strategies and initiatives, ensuring compliance with data privacy regulations such as GDPR, CCPA, HIPAA, and relevant North American regulatory frameworks such as PIPEDA, GLBA, NYDFS Cybersecurity Regulation, and the California Consumer Privacy Act (CCPA). Additionally, ensured adherence to industry-specific standards like NIST Cybersecurity Framework, ISO/IEC 27001, and the Payment Card Industry Data Security Standard (PCI DSS).
• Collaborated with IT security teams to implement and maintain robust data security measures, including encryption, access controls, and threat detection systems, mitigating data breach risks.
• Conducted regular risk assessments and audits to identify vulnerabilities and gaps in data protection and security practices, implementing corrective actions to address findings.
• Established data governance frameworks to define data ownership, classification, and lifecycle management processes, ensuring data is handled appropriately throughout its lifecycle.
• Implemented data governance controls and monitoring mechanisms to track data usage, access, and movement, enhancing visibility and accountability over sensitive information.
• Provided oversight and governance for data-related projects and initiatives, ensuring alignment with organizational goals, risk tolerance, and compliance requirements.

• Contributed to the development and maintenance of data privacy policies and procedures, ensuring alignment with regulatory requirements.
• Supported data risk assessments and audits to identify vulnerabilities and gaps in security practices.
• Assisted in the implementation of data security controls, such as encryption and access controls, to protect sensitive information.
• Provided support in responding to data privacy inquiries and incidents, including data breaches and subject access requests