Mahendra Dodke

Experience

• 

  Infosys

  Sept 2008 - May 2010

  Test Engineer

  • To ensure that the quality of the Mainframe backend application is maintained to zero defect levels• Grey Box testing of the application- testing the internal structure as well as functional flow of the application• To ensure that the test cases are coherent with the test plan• To ensure that a proper log of all the activities is maintained and updated at the central repository. Document the newly added batch jobs and create a synopsis after the end of the project for future reference• To ensure that the complete testing life cycle is followed• Ensure that the requirements of the application are coherent with the application being tested and to advise changes in it if required Show less

• 

  Tata Consultancy Services

  Apr 2011 - Jul 2011

  MBA Internship

  - Requirement Analysis and studying the functional requirements of the project- Gap Analysis of the As-Is and To-Be Implemented process/system- Suggesting functional changes in the system

• 

  EY

  Apr 2012 - now

  • Responsible for delivery of multiple complex projects including but not limited to Third Party Risk Management (Vendor Risk Management), Business Continuity Management (BCP/DR), Managed Services for Information Security, Service Organization Control Reporting (SOC 1, SOC 2), NIST Cyber Security Framework Implementation, etc.• Direct supervision of 15-20 team members• Multi-tasking on 5-6 large projects at any point in time• Delegate work effectively as per team strength and priority of tasks• Responsible for managing projects end-to-end including project administrative activities such as project scoping, staffing, project quality and risk approvals, contracting, project code setup, invoicing, managing time charge, revenue realization, etc.• Responsible for pursuits and proposal creation• Good people management skills• Provide coaching and mentoring to team members• Ensure quality work within time and budget• Ability to navigate through difficult situations• Ability to manage various types of internal and external stakeholders with equal ease• Ability to look at the holistic picture, foresee challenges and plan in advance• Have an eye for detail Show less • Managed multiple projects including Third Party Risk Management (Vendor Risk Management), Business Continuity Management (BCP/DR), Service Organization Control Reporting (SOC 1, SOC 2), InternalAudits, Risk Management, etc.• Led Third Party Risk Management (TPRM) engagements involving creation of framework, enablers and setting up an operating model for the same. Have extensive knowledge and expertise in the end-to-end supplier lifecycle management from on-boarding, due diligence till off-boarding. Have enabled clients implement a streamlined process for identifying and managing the supplier risks via various modes of assessments (questionnaire based, field assessments, self-assessment, etc.). The assessments were based on various industry standards including ISO 27001, NIST, SIG, etc. Have also helped clients migrate to TPRM solutions bought off the shelf.• Managed SOC1 and SOC 2 reviews for multiple organizations including controls around Software Development, Software Testing, Software Change Management, Software Support Activities, Backup, Logical Access and Physical Security• Managed multiple internal audits across multiple clients and sectors on areas such as cybersecurity program maturity, business continuity management, privacy and software asset management• Involved in the development / review of Business Continuity Plan for various organizations across pharmaceutical and IT / ITES Show less • Led and executed entire Publisher Software Asset Management (SAM) solution in EY South India region for Adobe• Conducted 100+ Adobe SAM publisher audits in a span of 2 years with a two-member team• Managed SAM as a portfolio for both Enterprise as well and Small and Medium Business customers of Adobe for EY South India region• Coached and trained the new team members on Adobe publisher SAM audits• Performed SOC 1 audits on multiple clients• Conducted multiple internal audits on information security, privacy, SAM, etc. Show less

  • Director

    Jul 2021 - now

  • Senior Manager

    Oct 2019 - Jun 2021

  • Manager

    Oct 2016 - Sept 2019

  • Senior Consultant

    Sept 2014 - Sept 2016

  • Consultant

    Apr 2012 - Aug 2014