Mahesh CG

Senior Consultant – Information Security | AI Governance & Data Privacy | AIGP | CIPM | CISA

My Recent Blogs

Schedule time with me

Summary

As a CIPM-, CISA-, and AIGP-certified professional, I bring a unique blend of expertise in data privacy, information security, and AI governance, helping organisations align business objectives with global standards such as ISO 27001, GDPR, ISO 27701, NIST, PCI DSS, and emerging AI governance frameworks.

I specialise in designing and implementing comprehensive data protection and AI governance programs, embedding privacy-by-design, security-by-design, and responsible AI principles into enterprise processes. My work focuses on enabling regulatory compliance while managing AI, data, and cyber risk across the full lifecycle of modern digital systems.

My experience includes training cross-functional teams on privacy, security, and AI risk management best practices, ensuring organisations not only meet compliance requirements but also build a sustainable culture of trust, accountability, and ethical technology use.

In addition to my governance and privacy expertise, I am a Certified Penetration Tester and Ethical Hacker (CPT/EH) by EC-Council, enabling me to identify technical vulnerabilities that impact personal data, AI systems, and sensitive information. With strong time management and problem-solving skills, I deliver results-driven outcomes that strengthen security posture, support responsible AI adoption, and ensure long-term regulatory resilience.

Work History

Senior Consultant – Information Security | Keypoint Solutions W.L.L – Manama, Bahrain | Sep 2024 to Present

  • Conduct comprehensive gap assessments for Data Management practices within organisations, ensuring strict adherence to KSA’s NDMO Data Management and Personal Data Protection Standards.
  • Supported a complex SAP data migration initiative, handling high-volume data population and validation through advanced Excel modelling while ensuring accuracy and delivery timelines.
  • Conduct comprehensive DPIAs (Data Privacy Impact Assessment) for Data Privacy practices within organisations, ensuring strict adherence to KSA’s and Bahrain’s PDPL (Personal Data Protection Law).
  • Conduct comprehensive BIAs (Business Impact Analysis) and RAs (Risk Assessments) for BCM (Business Continuity Management) practices within organisations.
  • Conduct comprehensive RSAs (Recovery Strategy Analysis) by assessing RTOs (Recovery Time Objective) and RPOs (Recovery Point Objective) for Disaster Recovery Strategies within organisations.
  • Conduct a comprehensive SPOF (Single Point of Failure) analysis to identify the single point of failure within organisations.
  • Conduct training and awareness sessions on Data Management and Personal Data Protection within organisations.
    Ensure alignment of organisations with Bahrain’s PDPL, KSA NDMO DMPDP and PDPL regulations, guaranteeing full compliance.
  • Assist organisations in the implementation of necessary controls of Data Management and privacy practices.
  • Assist organisations in selecting the appropriate tools necessary for the effective implementation of Data Management and privacy practices.
  • Collaborate closely with cross-functional teams to provide expert guidance on security measures during the design, development, and deployment of new technologies and systems.
  • Prepare reports and documentation outlining gap assessment findings and recommended action plans for clients.
  • Develop policies, procedures, strategies, plans, and key performance indicators (KPIs) for robust Data Governance and Privacy.
  • Contribute to the development of business continuity and disaster recovery plans, ensuring clients’ ability to respond to and recover from security incidents.
  • Stay current with the evolving threat landscape and industry trends, ensuring that clients’ security measures remain updated and effective.

Consultant – IT Security | Keypoint Solutions W.L.L – Manama, Bahrain | July 2023 to Aug 2024

  • Conducted comprehensive gap assessments for Data Management practices within organisations, ensuring strict adherence to KSA’s NDMO Data Management and Personal Data Protection Standards.
  • Authored and formulated policies, procedures, strategies, plans, and key performance indicators (KPIs) for robust Data Governance.
  • Ensured meticulous alignment of organisations with Bahrain’s PDPL and KSA regulations, guaranteeing full compliance.
  • Assisted organisations in selecting the appropriate tools necessary for the effective implementation of Data Management practices.
  • Collaborated closely with cross-functional teams to provide expert guidance on security measures during the design, development, and deployment of new technologies and systems.
  • Stayed current with the evolving threat landscape and industry trends, ensuring clients’ security measures remained up-to-date and effective.
  • Prepared reports and documentation outlining gap assessment findings and recommended action plans for clients.
  • Contributed to the development of business continuity and disaster recovery plans, ensuring clients’ ability to respond to and recover from security incidents.

Assistant Project Manager – Cybersecurity Services | ProVise Management Consulting – Dubai, UAE | Apr 2023 to May 2023

  • Maintained tactical control of project timelines to keep teams on task and achieve schedule targets.
  • Partnered with project team members to identify and quickly address problems.
  • Delivered a high level of service to clients to both maintain and extend relationships for future business opportunities.
  • Supported senior managers and department leaders by completing projects and problem resolution under schedule demands.
  • Developed risk assessment reports to identify threats and vulnerabilities.
  • Analysed security policies as per ISO 27001 for usefulness and value to suggest security policy improvements.

Information Security Officer | Rise And Shine Group Of Companies | Dec 2022 to Apr 2023

  • Reviewed violations of computer security procedures and developed mitigation plans.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Recommend improvements in security systems and procedures.
  • Conducted security audits to identify vulnerabilities.
  • Encrypted data and erected firewalls to protect confidential information.
  • Managed team of employees, overseeing hiring, training, and professional growth of employees.
  • Worked within applicable standards, policies, and regulatory guidelines to promote a safe working environment.
  • Monitored computer virus reports, determining when to update virus protection systems.
  • Engineered, maintained, and repaired security systems and programmable logic controls.
  • Developed plans to safeguard computer files against modification, destruction, or disclosure.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Learned new skills and applied them to daily tasks to improve efficiency and productivity.

Group IT Manager | Rise And Shine Group Of Companies | Dec 2022 to Apr 2023

IT Manager | Rise And Shine Fire Protection LLC – UAE | Aug 2021 to Dec 2022

  • Managed network and system performance, conducting troubleshooting, security patching, and maintenance.
  • Coordinated IT operations activities to deliver a smooth flow of daily business needs.
  • Assisted in the development of long-term strategies to grow the department and resources.
  • Wrote policy, procedure, and manuals governing internal IT use.
  • Partnered with project team members to identify and quickly address problems.
  • Interacted and negotiated with vendors, outsourcers, and contractors to secure products and services.
  • Coordinated technical training and personal development classes for staff members.
  • Communicated with the executive team and CEO to maximise development efficiencies and resolve technology issues.
  • Developed, analysed, and modified budgets to allocate current resources and estimate future IT requirements.
  • Administered web server and supported SharePoint and MS Teams server-based applications.
  • Provided network support services for devices such as switches, firewalls, routers, and other hardware.

Digital Marketing Executive | Rise And Shine Fire Protection LLC – UAE | Dec 2019 to Dec 2022

  • Created solution-based execution plans to achieve business goals based on Google Analytics and internal reporting data.
  • Directed traffic growth strategies, SEO, content distribution, email marketing, and trackbacks.
  • Utilised Google Analytics to set up, monitor, and analyse content success and identify opportunities for content improvement.
  • Created and distributed monthly SEO reports to notify site traffic, goals, and KPIs.
  • Oversaw marketing expenditures and coordinated department workflow to meet deadlines under budget.
  • Leveraged Mail Chimp to implement email campaigns and monitor performance.
  • Increased brand awareness through the creation and management of social media channels, boosting social media engagement by 80%.
  • Monitored and analysed market and competitor metrics to inform digital marketing strategies.
  • Optimised website exposure by analysing search engine patterns to direct online placement of keywords or other content.
  • Oversaw preparation of marketing copy, images, videos, emails, and other collateral.
  • Generated 10% in sales through effective networking and marketing strategies to grow new business and increase productivity.

ERP Executive | Rise And Shine Fire Protection LLC – UAE | Dec 2018 to July 2021

  • Analysed network security and current infrastructure to assess areas in need of improvement and develop solutions.
  • Played a key role in ongoing network design, re-evaluation, and optimisation to keep pace with company growth.
  • Worked closely with management teams to plan, develop, and execute technical strategies aligned with the company’s vision.
  • Led and assisted technical upgrade projects by working and coordinating with management and developers for integrations.
  • Identified computer hardware and network system issues, performing troubleshooting techniques for remediation.
  • Reviewed and assessed architecture design, implementation, testing, and deployment needs to identify project requirements and costs.
  • Completed paperwork, recognised discrepancies, and promptly addressed them for resolution.
  • Monitored company inventory to keep stock levels and databases updated.
  • Learned new skills and applied them to daily tasks to improve efficiency and productivity.

Note: was a part of many appraisals and incentives from the company

Junior Software Engineer | Glovish Technologies – India | June 2018 to Nov 2018

  • Collaborated with the team to analyse system solutions based on client requirements.
  • Manipulated and implemented object-oriented programming models.
  • Documented software development methodologies in technical manuals to be used by IT personnel in future projects.
  • Discussed project progress with customers, collected feedback on different stages, and directly addressed concerns.
  • Developed clear specifications for project plans using customer requirements.
  • Delivered completed products within the project deadline.
  • Documented customer requirements and project plans.
  • Developed applications by applying experience in VB.NET and Java programming languages.
  • Collaborated with senior software staff to produce new software solutions.
  • Used SQL Agent to schedule and monitor SQL jobs.

Education

Masters of Computer Applications, MCA – 2022
–Amity University, Noida, Uttar Pradesh
Bachelor of Computer Applications, BCA – 2020
–Bangalore University, Bangalore, Karnataka, India
Pre-University (PCMCs) – Physics, Chemistry, Maths, Computer Science – 2015
–Karnataka PUC Board, Bangalore, Karnataka, India

Certifications

Artificial Intelligence Governance Professional (AIGP)
–IAPP
Certified Information Privacy Manager (CIPM)
–IAPP
Certified Information Systems Auditor (CISA)
–ISACA
Certified in AI Security and Governance, PrivacyOps
–Securiti.ai
Cisco Certified Network Associate
–Cisco
Certified Ethical Hacker v11
–EC – Council
Network Security Associate NSE-1, NSE-2
–Fortinet
Google Analytics for Beginners and Advanced Google Analytics
–Google Analytics Academy
Fundamentals of Digital Marketing
–Google Digital Garage
MTA 98 – 364 Database Fundamentals
–Microsoft
MTA 98 – 365 MTA Windows Server 2016 Administration Fundamentals Preparation Course
–Udemy

Projects

Profile & Credentials Master (Excel + PowerPoint Automation Tool) | Jun 2025 – Dec 2025 | Associated with Keypoint

Situation:

While preparing client proposals and presentations, it is essential to include accurate and up-to-date professional profiles and project credentials. These profiles are frequently reused and updated over time, making it important to ensure that the most current information is consistently reflected across client-facing documents.

Task:

Create a simple, reliable solution that makes it easy to maintain current profiles and quickly reuse them in proposals and presentations, while ensuring consistency in structure, formatting, and branding.

Action:

Designed and developed an enterprise-grade Excel automation tool integrated with PowerPoint using VBA. Built a centralised data model with structured profile capture, multi-category support, and easy search and viewing. Automated PowerPoint generation using Alt Text–based placeholder mapping to produce brand-aligned, presentation-ready profiles in a single step.

Result:

Reduced the time needed to compile and validate individual profiles to under 30 seconds, improving efficiency and consistency across client documents. The tool is actively used across the Technology Consulting service line and has streamlined the preparation of client-facing materials by minimising repetitive manual effort.

Verified by MonsterInsights