Pranay Singh Suri
Pranay Singh Suri is a cybersecurity professional with over three years of experience in compliance, security assessments, and audit readiness across cloud and enterprise environments. He currently works as an Associate Security Engineer at Coalfire Systems, where he supports FedRAMP assessments, penetration testing, and threat intelligence validation.
Previously, Pranay served as a Senior Consultant at Grant Thornton and a Senior Analyst at Deloitte, specializing in SOC 1/2, SOX, and ITGC audits. His work has spanned access reviews, identity and access management, and control testing across industries such as banking, healthcare, and cloud services.
Pranay is a certified ISO 27001 Lead Auditor, CCSK, and Security+ professional, and he recently earned his eJPT certification. He holds a Master of Science in Cybersecurity Analytics and Operations from The Pennsylvania State University, and a Bachelor of Technology in Computer Science Engineering from the University of Petroleum and Energy Studies.
With hands-on expertise in AWS, Azure AD, and tools like Burp Suite, Tenable, and Wireshark, Pranay focuses on bridging compliance and technical security to strengthen organizational resilience. His interests include penetration testing, cloud security, and improving audit processes through automation and evidence readiness.
Session
Governance, Risk, and Compliance (GRC) teams often operate in silos, disconnected from the hands-on efforts of cybersecurity teams such as red and blue teams. This disconnect can lead to misaligned priorities, overlooked risks, and inefficiencies in responding to threats. In this presentation, we’ll explore strategies to bridge the gap between GRC and cybersecurity teams, emphasizing the importance of collaboration in building a unified, risk-aware culture. Attendees will learn actionable techniques to align compliance frameworks with security operations, foster communication between teams, and leverage shared tools and data for better outcomes. This talk will empower both GRC and cybersecurity professionals to break down silos and work together effectively.