Biswaranjan Samal, Manager

Biswaranjan Samal

Manager

Wipro

البلد
الولايات المتحدة
التعليم
بكالوريوس, Mechanical Engineering
الخبرات
17 years, 11 أشهر

مشاركة سيرتي الذاتية

حظر المستخدم


الخبرة العملية

مجموع سنوات الخبرة :17 years, 11 أشهر

Manager في Wipro
  • الولايات المتحدة - نيويورك
  • أشغل هذه الوظيفة منذ نوفمبر 2014

 My primary focus is on to Information Security Management, Business Continuity Planning and Disaster Recovery Advisory / Review, Implementing and Operationalizing Vendor Risk Management Programs, IT Audits & Application Controls - forming a part of financial audits, SAP Audits, SOX Compliance and Advisory reviews, SSAE 16 Attestation/Advisory, PCI-DSS advisory, ISO 27001 & BS 25999 advisory & implementation, ERP & Application reviews.
 Worked on automation of GRC processes (Ent. Mgmt., Risk Mgmt. Buss. Continuity, Threat Mgmt., Vendor Risk Management, Policy & Compliance Mgmt.) on Archer Smart Suite Framework. Created Business Requirements documents (HLD/LLD), architect & developed Solutions/Applications, teste & deployed Archer Solutions.
 Have successfully delivered both small and large- scale delivery project on ISO 27001 & BS 25999 Implementation.
 Executed audits for IT processes covering IT planning, infrastructure and security management, change management, software management, business continuity management, physical and environmental security, access control and incident management. Experience with testing process controls within ERP applications.
 Strong leadership and communication skills, with ability to effectively interact with individuals at all levels.

Internal Audit Manager في Amicorp
  • الهند - بنغالورو
  • فبراير 2014 إلى نوفمبر 2014

• Was instrumental in setting up the IT Audit and BCM Function within the Group.
• Responsible for planning, organizing and managing Internal Audit assignments for Amicorp Group.
• Facilitated the development of a governance framework for BCM including performance indicators & reporting frequency for 19 locations in line with local regulatory requirements.
• Successfully handled the IT and Information Security due-diligence and audits by the IPO sponsors and Stock Exchange of Hong Kong Limited.
• Lead the risk assessment exercise and analyzed the design of controls around the underlying system architecture in the context of information technology controls such as security, availability and performance and their impact on the business.
• Designed and executed tests to validate identified system control features, which may require re-performance of system processes to evaluate the effectiveness of the relevant technology controls.
• Documented the results of the test steps executed and review the work of other auditors to ensure it meets auditing standards. Reporting of progress and results of the review to technology and business stakeholders.

Senior Consultant في Wipro
  • الإمارات العربية المتحدة - دبي
  • يناير 2011 إلى فبراير 2014

Governance, Risk and Compliance Management Consulting

Consultant في Ernst & Young India
  • الهند - جورجاون
  • يناير 2010 إلى يناير 2011

Risk Advisory Services

Associate في Accenture
  • الهند - بنغالورو
  • يوليو 2006 إلى يناير 2010

Security Strategy & Risk Advisory

الخلفية التعليمية

بكالوريوس, Mechanical Engineering
  • في BIET
  • يونيو 2006

Specialties & Skills

ISO 27001
PCI DSS
ISO 27001 Lead implementer, BS 25999 Lead implementer , Internal Audit-IT , SAS 70/SSAE16/ISAE 3402
Threat and Vulnerability Management, ITIL ,COBIT,COSO,HIPAA, GLBA and PCI-DSS
CISA, CEH, CPISI, ITIL, Oracle Certified Professional
Nessus, Nmap, Qualysquard
RSA Archer
Business Continuity Management
Disaster Recovery
Information Security
Risk Management

اللغات

الانجليزية
متمرّس
الهندية
متمرّس

التدريب و الشهادات

RSA Archer (تدريب)
معهد التدريب:
EMC
تاريخ الدورة:
January 2013
BS 25999 (تدريب)
معهد التدريب:
BSI
تاريخ الدورة:
February 2008
Oracle Certified Associate (تدريب)
معهد التدريب:
Oracle
تاريخ الدورة:
February 2009
CRISC (الشهادة)
تاريخ الدورة:
December 2016
RSA Archer Certified Consultant (الشهادة)
تاريخ الدورة:
June 2014
Oracle Certified Professional (الشهادة)
تاريخ الدورة:
June 2009
CISA (الشهادة)
تاريخ الدورة:
December 2009
ISO 27001 (تدريب)
معهد التدريب:
BSI
تاريخ الدورة:
January 2008