Himanshu
Pokharkar
IT Auditor & Cybersecurity Professional
CISA Certified7+ years transforming complex IT risks into clear, actionable strategies across Big 4 firms. Ex-Deloitte & PwC. MSc Information Security (NCSC-accredited).
7+
Years in IT Audit & Cybersecurity
2
Big 4 Firms (Deloitte & PwC)
CISA
Certified by ISACA
About Me
Connecting IT risks to business outcomes
With over 7 years' experience as an IT auditor and cybersecurity professional, I don't just tick boxes. I connect dotstransforming complex risks into clear, actionable strategies that advance organisational objectives.
Having spent my career across Big 4 firms (Deloitte & PwC) and the corporate world at Berenberg, I've seen firsthand how daunting the IT Audit landscape can be. My goal is to share what I've learned to help others grow in IT Audit, Cybersecurity, and Information Security, regardless of sector or background.
I hold an NCSC-accredited MSc in Information Security from the University of Surrey and am CISA certified. From being selected for the NCSC Innovator's Challenge to leading ITGC audits for 20+ critical applications, I believe the best audits combine technical precision with clear communication.
What I Focus On
Areas of expertise
Risk Management
Moving beyond checklists to identify the scenarios that actually matter and turning risks into strategic clarity.
Technical Controls
Auditing IT Applications, Infrastructure, and Cloud environments with precision and practical depth.
Regulatory Navigation
Making frameworks like DORA, ISO 27001, NIST, and SOX less daunting and far more actionable.
Career Growth
Sharing realistic, experience-backed advice for those starting or advancing in IT Audit, GRC, and Security.
Key Projects
Research & Projects
MSc Thesis ·University of Surrey
Evaluating Risk Rating Tools for Vendor Risk Management (TPRM)
Led a research project to enhance Third-Party Risk Management within a live university environment, addressing increasing supply chain risks highlighted by events such as the SolarWinds attack.
Tools Evaluated
- OneTrust ·GRC and vendor due diligence platform
- BitSight ·External risk scoring and continuous monitoring
- Microsoft Defender for Cloud Apps ·Cloud risk visibility
Methodology & Findings
- Aligned assessment framework with NIST CSF, ISO 27005, and CAIQ
- Identified key gaps: manual assessments, limited evidence collection, no reassessment cycle
- Designed a hybrid risk framework combining qualitative and quantitative approaches
- Developed a weighted scoring model to improve consistency and reduce subjectivity
- Introduced continuous monitoring using time-series analysis
Outcome
Improved risk visibility, control assurance, and vendor risk decision-making across the university.
Career History
Professional experience
Berenberg
CurrentLondon, UKSenior Associate,Internal Audit (IT)
Jan 2026 – Present
Associate,Internal Audit (IT)
Dec 2023 – Dec 2025
Deloitte
London, UKSenior Consultant,Cyber, Data & Digital
Sep 2022 – Nov 2023
Crossword Cybersecurity
London, UKCyber Security Consultant (Internship)
Jun 2022 – Aug 2022
PwC
Mumbai, IndiaExperienced Associate
Apr 2021 – Aug 2021
Associate
Oct 2019 – Mar 2021
Deloitte
Mumbai, IndiaSenior Risk Analyst
Dec 2018 – Aug 2019
Risk Analyst
Apr 2018 – Nov 2018
Academic Background
Education
MSc Information Security
University of Surrey
- Thesis: Evaluating Risk Rating Tools for Vendor Risk Management (TPRM)
- Evaluated OneTrust, BitSight, and Microsoft Defender for Cloud Apps against NIST CSF, ISO 27005, and CAIQ
- Designed a hybrid risk framework with a weighted scoring model for Third-Party Risk
- Selected for the NCSC Innovator's Challenge
BE Electronics & Telecommunication Engineering
University of Mumbai
- Foundation in systems engineering, hardware, and telecommunications
- Technical grounding that directly supports IT infrastructure and application auditing
Credentials
Certifications
Certified Information Systems Auditor (CISA)
ISACA
Enterprise Cyber Security: Architectural Thinking for Security
IBM
Cyber Security
Coursera
What Leaders Say
Recommendations
“I worked with Himanshu where he consistently demonstrated proficiency in IT Audit and GRC. His understanding of compliance frameworks aided our deliverables effectively. Himanshu is skilled in time management and has strong interpersonal skills, making him a reliable team member. I recommend Himanshu as he will be a valuable asset to any team.”
Janet F Freeman
IT Audit Director: UK/Europe, APAC & Global Capital Markets
MBA, MSc, BSc (Hons) | CISA, COBIT, PRINCE2, (ISC)2
Managed Himanshu directly
December 2023
“Himanshu had worked with me on few clients with complex IT structure during his stint with PwC. He was one of the most dynamic team members and demonstrated good technical skillset, great communication skills and is adept at managing clients. Himanshu is also very dedicated, hardworking and always shown keen interest to learn. Apart from all this he is polite, humble and a great person to work with. I wish Himanshu all the best for his future endeavours.”
Jithin James
Senior Manager
Managed Himanshu directly
August 2022
“Himanshu is knowledgeable in his auditing domain including GRC (Governance, Risk & Compliance), which is highly supported by time management and people skill which is much needed. I wish him ever growing career. He is a very good resource.”
Durgesh Mankar
CISO at Pluxee India
CISSP | CCSP | CISA | CISM | ISO 27001:2022 LA
Himanshu's client
January 2022
“I've worked with Himanshu on a couple of clients together. He is very focused, quick learner and technically sound. Himanshu has great exposure in IT Security audits and ITGC's. He is also good in performing Journal Entries Analysis. He is confident while communicating to clients and team members across hierarchy. It was great working with you and looking forward to working with you in future. All the best.”
Emiliana Jockey Crass (Gomes)
Audit Project Leader at PSEG Long Island
CA, CISA, CMMI Associate | SOX, IFCFR, COBIT, NIST CSF, ISO27001
Managed Himanshu directly
July 2021
“I had directly worked with Himanshu when he was our Auditor. The two most important qualities about Himanshu are perseverance and calmness, even at times when deliverables are on the edge. His inquisitiveness to learn new things and perform to his best will take him a long way. He possesses an excellent understanding of IT Audits and Compliance. You need to be a good coordinator, facilitator and smart to work at client locations which are inherent qualities in him. Furthermore, he is absolutely exceptional at making his work done. All the best and never let the spark die.”
Trushna Palo Patjoshi
Governance Risk Compliance Consultant
Himanshu's client
January 2020
“He is a worthy asset to any organization that he will be associated with. He is an extremely hard working individual and has supported me on many projects. In a short span of time he has accumulated niche skill sets like Risk Management, ITGC, Business Automated Controls and has worked on multiple Cyber Security projects related to Banking and Financial Services. On multiple occasions have heard very good feedback about him from clients. I would always recommend him to be part of any team. His future is bright.”
Gaurav Gwalia
Associate Director
Managed Himanshu directly
September 2019
Source: linkedin.com/in/himanshupokharkar
Let's Connect
Open to conversations
Whether you're a student, a fellow auditor, or exploring opportunities, I'm happy to chat about IT Audit, GRC, cybersecurity careers, or anything in between.
Topics I talk about