Faculty Member
Canara Bank
مجموع سنوات الخبرة :41 years, 5 أشهر
Training Bankers on digital banking technologies and cyber security
Lead a team of 75 Security Experts providing DS&P support to about 500 projects based out of US and Canada
Supported security experts in understanding key security and privacy issues, risks, exposures and vulnerabilities using internal trainings and assessments. This helped the security experts to develop security and privacy programs to meet client's and project’s business needs.
Supported the security experts in DS&P risk assessment(about 200 assessments every year), control implementation and sustainment
Guided the security experts in complying with various regulatory requirements like HIPAA, FFIEC, PIPEDA, SOX, ISO 27001.PCI DSS etc.,
Audited about 100 supported projects every year to ensure proper risk assessment, control implementation and sustainment by the security experts.These audits covered access management, risk management, physical controls, administrative controls and technical controls
Worked with IBM Rational Portfolio Manager tool tracking project and delivery schedules for about 500 projects. Ensured projects delivery schedules were maintained and all SLAs met
Acted as a IT trainer training security experts on risk assessment, risk analysis and control implementation and maintenance in the following DS&P areas
Security Policy and Planning
Information Security and Risk Management
Physical Security
Access Management
Separation of Duties
Regulatory requirements
Conducted about 20 training programs every year for the security experts
Worked with the security experts in HIPAA assessments, Corporate Audits, and ISO 27001 audits and ensured successful results in these audits
Worked with corporate, internal and external auditors sharing evidences and clarifying their queries
Supported the security experts clarifying them on their day to day queries
Performed RCAs on missed SLAs and ensured projects supported by the Security Experts always have a good DS&P Posture
Supported the projects in Client Audits
Performed SOX audit of controls for a major automobile manufacturer. This audit covered risk assessment, risk analysis and risk mitigation through administrative/physical technical controls
Implemented and sustained DS&P controls for 6 mega projects based out of US
Worked closely with the project team to provide appropriate DS&P solutions and to continually identify better ways to mitigate risks.
DS&P issues/risks are communicated timely to the project stake holders and the client with details of primary and secondary controls implemented to mitigate these risks.
Performed risk assessment, analysis and created policy/process documents to manage information security risks
All control activities in areas of training, on/off boarding, workplace security, risk management, Inventory maintenance; access management and Sod Maintenance were initiated on time and sustained throughout.
Implemented security control for mobile devices for 1 mega project
Ensured that the Access Management Standard is maintained as per the standard IAM Process & procedures.
Performed reconciliation activities and audit support.
Handled and support projects related to Role Based Access Control (RBAC).
Generated periodic reports to monitor control performance and update the management.
Implemented proven service improvement methodologies across various projects.
Maintained Service Level Agreements for all the activities handled for the accounts supported as per the agreed customer requirements
Identified the non-compliance/deviations, etc., and raise the issues to the project stake holders for remediation.
Notified the Health check remediation team about non-compliance/deviations, and ensuring the deviation has been fixed within timelines.
Retained the Security Health check reports and ensure for audit readiness.
Liaised with HIPAA program control office in HIPAA assessments
Performed Information System Security Audits and risk based internal audit of the retail branches and corporate offices.
Every year about 60 retail units/divisions were audited
Lead a team of 15 IT Auditors guiding them in information security audits
Performed application security audit of branch banking and core banking applications. Some of the applications audited are Flexcube, Bancs 2000, IBBS, SWIFT, NEFT, RTGS, ALPM
Performed security audits of Linux and Unix servers
Developed many SQLs to audit Oracle DB security
Supported and guided the retail units in operations/IT risk management
Tested retail banking applications and reported identified bugs to the implementation team for correction
Audited retail units working with Core Banking Solutions and Standalone solutions
Audited about 400 retail banking units over a period of 7 years and helped these units to maintain good information security posture
Appreciated for Quality audit reports and in depth audit findings
Trained bank personnel in information security covering application security and risk management
Conducted Corporate training for the executives on branch banking and utility applications
Trained bank users on core banking solutions and various standalone banking solutions
Trained about 600 bank personnel every year
Appreciated for in depth knowledge and delivery quality
Managed bank’s retail lending portfolio working as officer in various retail units
Certified Ethical Hacker (CEH-Scored 86%)
Obtained a scaled score of 80
Competent to work in Oracle 8i and comfortable as a data base administrator in Oracle
SCORED A GRADE
Stood first in the college with a grade point average of 4.00 out of 4.00