Karan Pandya
Associate Director
Karan Pandya is an Associate Director – Cyber Security at Nangia & Co. LLP. He is a seasoned cybersecurity professional with over 10 years of consulting experience, specializing in auditing and implementing information security and governance frameworks for clients across sectors such as banking, insurance, telecom, pharmaceuticals, and public sector undertakings.
Karan’s expertise spans ISO 27001, ISO 22301, NIST Cybersecurity Framework, and regulatory compliance requirements including those issued by the RBI, SEBI, UIDAI, and NCIIPC. He is well-versed in third-party risk management, IT general controls, cybersecurity maturity assessments, and implementation of business continuity and disaster recovery frameworks. He has led and supported numerous engagements involving information security audits, SOC 1 and SOC 2 assurance, GDPR and Indian privacy compliance, and secure software development lifecycle (SSDLC) reviews. His experience includes working with both domestic and global clients across regions such as the Middle East, North America, and Africa.
Karan holds a Bachelor of Technology in Electronics Engineering from NMIMS University, Mumbai. He is also a Certified Information Systems Auditor (CISA) and a Certified Data Privacy Solutions Engineer (CDPSE), both issued by ISACA, USA.
Education
- Delhi University, Bachelor’s (Commerce)
- Certified Mergers & Acquisition Advisor (CM&AA),Chicago
Affiliations
- Institute of Chartered Accountant of India Chartered Accountant, ICAI, India
- Insolvency and Bankruptcy Board of India, Certified Valuer