Vineeth M Sadanandan

Experience

• 

  Infogain

  Oct 2008 - Mar 2009

  Software Developer

   Creating various module on .Net platform Integration of modules using source anywhere Unit testing of the modules Performing peer review of various builds Creating SPOC Creating Master page

• 

  Caretel Infotech Ltd

  Jun 2009 - Dec 2009

  Information Technology Executive
• 

  Tech Mahindra

  Feb 2010 - Dec 2012

  QA Analyst - IT

   3rd Party Risk Assessments Compliance and Security Management

• 

  MetLife

  Dec 2012 - Jun 2015

  Senior Information Technology Analyst

   Due diligence of all the vendors which MetLife engages with to ensure where there are compliant enough with the security best practices that MetLife follows.  Coordination of activities associated with the Global IT Third Party Risk Management Program within MetLife’s IT Risk and Security Organization. Conduct vendor risk assessments over third party vendors, including but not limited to: determining the scope of the service provided by interacting with MetLife Senior Management; administering risk assessments directly to vendors using our online tool; examining responses to determine the extent of risk the relationship represents t MetLife; offering recommendations to MetLife Management on how to respond to any risks; and generating formal findings. Assess and respond to risk findings, including pursuing action plans to completion and negotiating due dates with vendors. Perform security assessments of systems, applications, data centers, and service providers using an established framework and tools to evaluate vulnerabilities.  Research nw and developing technologies and standards to help contribute to the continuous improvement of the risk assessment process. Provide Guidance on IT Security Requirements during Contract negotiation discussions. Show less

• 

  Mcube Investment Technologies

  Jun 2015 - May 2017

  IT Risk Analyst

   3rd Party Risk Assessments, Compliance and Security Management Security Specialist handling various aspects of Corporate, Physical, Infrastructure,  Vendor, Human Resource, Equipment, Infrastructure and Data Security at MetLife ( A Fortune 130 Company ) Investigations (Due Diligence, Security and Fraud), Internal Audits, Data Privacy Management, Process Empowerment, Implementing and Suggesting Security Best Practices, Risk Analysis, Root Cause Analysis and GAP/SWOT Analysis, Contracts Management. Mapping and Creating Action plans, Risk Assessment Documents, Audit-Reporting and Dashboard Creations , Managing GRC Tools (Archer) Audits based on ISO 27001:2013, SSAE16, ISAE 3402, ISAE 3000, SWIFT, BITS, PCI DSS and CSAE 341 Possess knowledge in HIPPA, Sarbanes-Oxley Act of 2002, Gramm–Leach–Bliley Act of 1999, IT Act, FINRA, OCTAVE Methodologies, CPTED Show less

• 

  MetLife

  Jun 2017 - Dec 2018

  IT Third Party Risk Management - Specialist (SME)

   Conduct end to end IT third party vendor risk assessments over third party vendors; examining responses to determine the extent of risk the relationship represents to MetLife; performing gap assessments on the vendor’s control environment; reviewing vendor’s third party audit reports; offering recommendations to Vendor and MetLife’s management on the risk incurred, and on how to respond to any risks; and generating risk findings. Assess and respond to risk findings, including pursuing action plans to completion and negotiating due dates with vendors; Prepare weekly and monthly reports and dashboards, which shall be submitted to higher management and stakeholder; Provide guidance on IT Security Requirements during Contract negotiation discussions. Continually reassess the operational risks associated with the function and inherent in the business Managing and reviewing Ariba tools for request for vendor management Managing/reviewing vendors, dashboard and reports for LatAm and U.S regions Show less

• 

  Guardian Life

  Dec 2018 - Nov 2020

  Assistant Manager - Third Party Risk Management (US, India)
• 

  BNY Mellon

  Dec 2020 - now

  • Vice President

    Apr 2023 - now

  • AVP - Enterprise Third Party Risk Management

    Dec 2020 - Jun 2023