Turning regulation into resilience & growth.

I'm Daksh Pandya — a privacy lawyer and information-security leader, and the founder of NormShift. I build security, privacy and compliance functions from the ground up across regulated fintech and financial services.

Privacy LawyerCIPP/ECISAAWS Security — SpecialtyCCISO
Let's work together Explore my expertise
Impact in numbers

Outcomes, not just obligations.

0Years in security & privacy
0Staff trained in awareness
0Security tooling cost cut
0RTO with zero RPO at DR site
What I do

One accountable owner across five disciplines.

From legal obligation to technical execution — I own the full arc of security, privacy and compliance in regulated environments.

01

Data Protection & Privacy

GDPR & DPDP Act programmes, privacy governance, encryption, access control and vendor data-processing controls.

  • GDPR
  • DPDP Act
  • Encryption
02

Governance, Risk & Compliance

ISO 27001, SOC 2 and NIST frameworks, risk assessment, policy development and internal audit.

  • ISO 27001
  • SOC 2
  • NIST
03

Security Operations

SOC management, SIEM, threat intelligence, VAPT, incident response and business continuity.

  • SOC
  • SIEM
  • VAPT
04

Cloud Security

AWS hardening with zero-trust architecture, IAM least-privilege and continuous compliance monitoring.

  • AWS
  • Zero-trust
  • IAM
Explore the full expertise →
How I get things done

From regulatory chaos to earned trust.

Risk, regulation and noise go in. A disciplined process turns them into resilience, compliance and growth.

What comes in DPDP Act GDPR RBI Directions Cyber Threats Audits Vendor Risk Cloud Exposure Incidents
What comes out Trust Resilience Compliance Growth

Let's build trust into your next chapter.

Available for CISO, GRC and data-privacy leadership roles — including international opportunities with visa sponsorship.

Start a conversation