Experience

• 

  Investment & mortagage bank

  Jul 2005 - Jun 2006

  Project coordinator

  • Formulated and implemented IT Security measures like, access management, change management, etc. • Implemented a control plan to periodically check the validity of the security measures implemented.• Evaluated enterprise performance on key IT security controls, recommending corrective actions where appropriate.• Created and presented weekly management reporting on project progress to the CEO and Board.• Initiator and founder member of the BCP-DR team, designed the BCP-DR Policy. Show less

• 

  Synergetic tech solutions pvt ltd

  Jun 2009 - Apr 2012

  Project manager

  • Evaluated new and existing client’s data management needs offering customized storage solutions.• Ensured superior customer experience by addressing customer concerns, demonstrating empathy and resolving issues quickly and efficiently, improving customer satisfaction by almost 80%.• Coordinated, sales and technical teams for product presentations and demos.

• 

  Tata consultancy services

  Jul 2012 - Jul 2014

  Business assurance it controller

  • Prepared and scoped the IT Audit plan, approach and objectives.• Conducted risk based IT Audits, communicating audit results to Senior management through audit work papers • Articulated audit findings, risks to stakeholders and propose corrective actions to mitigate risks.• Coordinated with the Business teams to work on remediation activities.• Reviewed the action items post remediation and tracked them through to closure.• Participated in Risk Control Self-Assessment (RCSA) with IT Services.• Conducted Gap Assessment of Business Processes in line with COBIT 4.1 Control Objectives.• Analyzed metrics for 1st, 2nd and 3rd LOD on the evolution of risk trends, to present findings to Senior Leadership Team.• Built long-term customer relationships resulting in project extension and increased revenues by almost 50%. Show less

• 

  Anb consulting company

  Feb 2015 - Feb 2016

  Manager - it security

  • Successfully lead the implementation efforts, at the client organization to achieve PCI compliance and certification.• Drafted and reviewed IT Policies & Procedures to ensure on-going compliance to standards and best practices.• Guided management through risk identification and process improvement procedures to improve quality of service 20%.• Managed external auditors and examiner evaluations, implementing remediation actions within specified timelines.• Implemented monthly meetings with Network, Database and Application Security personnel to identify and assess IT controls, risks, process gaps and work flow inefficiencies reducing security vulnerabilities 70%.• Developed and implemented Business Continuity Program to address long- and short-term business critical requirements.• Evaluated technologies, vendors, SOW, SLA and service contracts to derive best value propositions and services. Show less

• 

  Citiustech healthcare technology pvt ltd

  Mar 2016 - Aug 2016

  Manager - it audit

  • Developed and documented the annual Information Security audit plan. • Managed a team of associates to conduct risk-based project audits to ensure HIPAA compliance.• Articulated audit findings, risks and detailed recommendations to stakeholders, • Communicated, published and reviewed audit work papers to meet organization standards.

• 

  Deloitte touche tohmatsu india llp

  Apr 2017 - Nov 2017

  Manager - information security

  • Lead and implement the information security controls within the project to achieve policy and regulatory compliance.• Formulate and review IT policies, procedures and documents to ensure Information Security compliance.• Coordinate with the system integrators to close audit action points for the project within defined timelines.• Advise client on applicable guidelines, rules and regulation to achieve IT Security Compliance.

• 

  Sbi-sg global securities services pvt. ltd.

  Jan 2018 - Oct 2018

  Information security officer
• 

  Hdfc bank

  Jan 2020 - now

  Senior manager

  Conduct Information Security Audits of applications , processes, Conduct regulatory and compliance related security auditsArticulate audit findings, risk and recommendations to stakeholders