Santosh Kumbar

Experience

• 

  BCITS PVT LTD

  Jul 2021 - now

  Information Security Analyst

   Performing Third Party Risk Assessment, do a gap analysis, preparation of the reports, engaging with third- parties to mitigate the issues on timely manner. Managing Third party Security Team and Tier vendors based on Data classification, Data Elements and Risk Rating.  Ensure third party relationship adhere to company's policies and compliant with regulatory guidelines and industry best practices. Interface with Business units, vendors to discuss findings and remediation process as part of findings Management.  Conduct Information Security and Privacy awareness and training programs for the employees across the organization.  Working directly with supplier POCs and supplier management team to schedule and conduct the assessment.  Reviewing of the security controls and practices regarding the services provided to BCITS by supplier.  Defining the scope of each assessments based on the services provided by supplier/vendor. The scope of a supplier security assessment includes a review of security controls as per ISO domains.  Performing the assessment using customized work plan to address key risks of the BCITS suppliers (vendors).  Preparing executive report and publishing to higher management.  Guide/support internal POC to log a security exception if supplier/vendor could not fix the findings due to various reasons.  As part of remediation team will be processing security exceptions logged by requestor, these requests will be approved/denied based on the BCITS standards. Update and develop security questionnaires for technology vendors. Manage escalations, follow up remediation plans to closing up the gaps identified during risk assessment.  Review vendors and tools to ensure they meet a minimum-security risk threshold based on industrial standards. Show less