Experience

• 

  Ey

  Feb 2022 - now

  Client 3: Indian Multinational Bank & Financial Services CompanyRoles and Responsibilities:● Performed Outsourcing identification and materiality of the third party vendors like IT outsourcing , Financial services outsourcing and other outsourcing using an established Outsourcing identification template and material forms which is based on the RBI IT Outsourcing Circular and Financial Services Outsourcing. ● Conducted remote assessment meetings with vendor SPOC (Vendor management team) and Business SPOC for the understanding of the scope of services.● Based on the identification, provided end to end support in the vendor onboarding process as per the client's requirement. ● Developed and managed the trackers and presentations to monitor and streamline project progress for different activities.● Worked closely with business and senior stakeholders to provide updates to activities that team was performing every day. ● Provided support on the multiple onsite assessments in documentation and evidence review aligned with the responses provided in content with the scope of services and identified risks in the process, designed controls to mitigate the risk and tested the design and effectiveness of the control. Client 4: Indian Multinational Bank & Financial Services CompanyRoles and Responsibilities:● Conducted onsite reviews of third-parties.● Identified risks in the process, designed controls to mitigate the risk and tested the design and effectiveness of the controls.● Tested controls pertaining to domains such as Change Management, Human Resources, Cloud security and other domains applicable as per the services provided by the vendor to the client. Show less Client 2. French Multinational Universal Bank & Financial Services CompanyRoles and Responsibilities:● Conducted remote assessments for third parties across APAC and NAR and EMEA Region using Third part risk management tools.● Perform security assessments of systems, applications, data centres, and service providers using an established framework and tools.● Conduct: Internal IT Audits, Physical and Infrastructure Security Audits, Background Checks, Business Continuity Review and Assessments (DR Site Management), Vendor audits: Vendor Risk Analysis, Risk & Vulnerability Assessments.● Audit vendors based on ISO 27001:2013, SSAE16 (SOC1, SOC2), SIG reports and PCI DSS reports; Interact with Line of Business partners & external vendors in all aspects of the process.● Review internal and external security and technical test reports (audit, vulnerability, and penetration test results, business resiliency Plans, etc.) to validate the effectiveness of operational controls.● Facilitate and manage risk assessments and /or security initiatives from communication, approval and report distribution to key stakeholders, business units and management. ● Worked on due diligence and TPRM tools such as Process Unity and Hiperos while performing risk assessment of the vendors.● Conducting end to end IT third party vendor risk assessments over third party vendors and also interacted with Business SPOC of Bank, procurement leaders and partners.● Performed due diligence for new onboarding third parties as well as for existing third parties as per TPSR questionnaire.● Participated in discussion with business teams and third parties on findings as per TPSR. ● Provided issue corrective action plan recommendation based on the outcome.● Provided support in periodic reporting to the governance and steering committee to highlight the engagement status and to discuss areas of improvement in the current process. Show less Client 1. French Multinational Universal Bank & Financial Services CompanyRoles and Responsibilities:Joined Ernst & Young LLP as an Analyst after completing my graduation. Independently worked IT audit support and on multiple third-party risk assessments as a third-party risk assessor for a multinational universal bank and financial services holding company for the remote vendor risk assessments of Asia Pacific Region (APAC). Also, performed comprehensive risk assessment and third- party security reviews on Legal clients of Bank for APAC (Asia- Pacific) region and different nature of vendors of the bank. Led client meetings and participated in Internal and external scoping calls to understand the services provided by third parties and to ensures the quality deliverables on time. Develop a risk mitigation plan and strategy to be somminicated to the third parties and ensure timely and satisfactory remediation. Show less

  • Associate Consultant

    Aug 2023 - now

  • Senior Analyst

    Oct 2022 - Sept 2023

  • Analyst

    Feb 2022 - Nov 2022