Total des années d'expérience: 16 Années, 5 Mois
juillet 2020
A À présent
Technology Risk Manager
à Wells Fargo International Solutions
Lieu :
Inde - Hyderabad
• Representing Wells Fargo Independent Risk Management team performing Second Line of Defense activities related to Technology Control Testing and Issue Validation.
• Develop, implement, and support an effective governance operating model to provide transparency, accountability and escalation of control design and effectiveness.
• Proactively monitor control effectiveness through quantifiable risk measurements.
• Provide leadership and guidance to impacted stakeholders around regulatory and authoritative source requirements and technology control implementation.
• Understand and identify control expectations for technology and information security processes and activities based on regulatory requirements, corporate policy, and industry best practice.
• Works with complex frontline units and provides operational risk oversight and consulting for risk initiatives and remediation activities
• Review frontline assessment strategies, methodologies, and analysis.
• Evaluate the adequacy and effectiveness of applicable policies, procedures, processes, systems and internal controls.
• Conduct independent risk management reviews with primary focus on authoritative source and regulatory requirements for information technology processes or applications, information security and third-party risk management areas.
• Identify operational risk issues and assign risk ratings consistent with established policies and standards.
• Monitor industry, technology and regulatory trends to determine business impacts.
• Consult with frontline partners and other independent risk management teams to develop corrective action plans
• Develop, implement, and support an effective governance operating model to provide transparency, accountability and escalation of control design and effectiveness.
• Proactively monitor control effectiveness through quantifiable risk measurements.
• Provide leadership and guidance to impacted stakeholders around regulatory and authoritative source requirements and technology control implementation.
• Understand and identify control expectations for technology and information security processes and activities based on regulatory requirements, corporate policy, and industry best practice.
• Works with complex frontline units and provides operational risk oversight and consulting for risk initiatives and remediation activities
• Review frontline assessment strategies, methodologies, and analysis.
• Evaluate the adequacy and effectiveness of applicable policies, procedures, processes, systems and internal controls.
• Conduct independent risk management reviews with primary focus on authoritative source and regulatory requirements for information technology processes or applications, information security and third-party risk management areas.
• Identify operational risk issues and assign risk ratings consistent with established policies and standards.
• Monitor industry, technology and regulatory trends to determine business impacts.
• Consult with frontline partners and other independent risk management teams to develop corrective action plans
février 2018
A juin 2020
Security Audit - IT Risk Officer
à Wipro Technologieschnologies
Lieu :
Inde - Hyderabad
Build SOX compliance frame work.
Perform SOX ITGC control testing and publish results, Perform Risk Assessment, Identity Access Management.
Well versed with Control Testing, RACM.
Upload evidences to Audit Board tool and track it to closed.
Prepared project documents like Risk Register, Business Continuity Plan, Account Security Manual.
Performed internal assessment based on ISO 27001 standards.
Worked closely with Big4 Auditors in performing SOC 1 readiness Assessment.
Perform SOX ITGC control testing and publish results, Perform Risk Assessment, Identity Access Management.
Well versed with Control Testing, RACM.
Upload evidences to Audit Board tool and track it to closed.
Prepared project documents like Risk Register, Business Continuity Plan, Account Security Manual.
Performed internal assessment based on ISO 27001 standards.
Worked closely with Big4 Auditors in performing SOC 1 readiness Assessment.
mai 2016
A février 2018
Information Security Consultant
à Sonata Software PVT LTD
Lieu :
Inde - Hyderabad
• Part of Security and Compliance team at Client Site working on Information Security Management System
(ISMS) Project.
• Assist in coordinating ISMS activities and aligning them with various stake holders.
• Work with all the stake holders to gather evidences for audits and assessment.
• Involved in Control Testing and measure the effectiveness of the existing controls.
• Track the Progress, Send Alerts and reminders to the teams involved.
• Worked on Data Protection Framework and performed through testing of its agility.
• Worked with various project teams identifying critical areas like Access Control (Access Privilege Matrix), Log Management and Change management.
• Involved in Customer Audits and Vendor Audits by assessing the maturity of the vendors.
(ISMS) Project.
• Assist in coordinating ISMS activities and aligning them with various stake holders.
• Work with all the stake holders to gather evidences for audits and assessment.
• Involved in Control Testing and measure the effectiveness of the existing controls.
• Track the Progress, Send Alerts and reminders to the teams involved.
• Worked on Data Protection Framework and performed through testing of its agility.
• Worked with various project teams identifying critical areas like Access Control (Access Privilege Matrix), Log Management and Change management.
• Involved in Customer Audits and Vendor Audits by assessing the maturity of the vendors.
octobre 2007
A mai 2016
Information Security Analyst
à Bank of America
Lieu :
Inde - Hyderabad
Identity Access Management.
Access Reviews (sail point)
Audit and Risk Assessments
Access Reviews (sail point)
Audit and Risk Assessments
Partager sur Facebook
Partager sur Twitter
Partager via Email