Sonali Vaidya, PCI-QSA, C-GDPR P, CISSP, CISA, CCSK, CEH, ISO27001 Lead Auditor, ISO22301 Lead Auditor, ITL

Director, Information Assurance

Sonali is a director in Aprio’s Information Assurance Services practice with over 15 years of information security and privacy experience in consulting, implementation, management and audit. Her in-depth knowledge and experience with risk assessments and mitigation methodologies, including asset-based risk assessment and OCTAVE, helps provide clients with peace of mind that they’re doing the right things to achieve sustainable risk management.

Sonali has performed various information security consulting projects, including technical vulnerability assessments, penetration testing, network architecture reviews, IDM & SSO, SIEM, perimeter security infrastructure assessments and UTM approach. In addition, she has led information security and governance programs for global organizations in the banking, financial services, insurance, travel, information technology and manufacturing verticals.

Sonali is a thought leader on harmonizing compliance efforts for multiple regulatory and contractual requirements, including ISO 27001, PCI DSS, HIPAA/HITECH, DPA, SOC 2, Privacy Shield and GDPR. In addition, as one of only a handful of professionals to achieve GDPR Foundation and GDPR Practitioner certification, Sonali serves as the head of Aprio’s team of Certified GDPR Practitioners.

Sonali earned her Bachelor’s Degree in Computer Science from Indian University. Her professional and civic affiliations include:

  • International Information System Security Certification Consortium
  • EC-Square
  • IT Governance