Experience

• 

  Hsbc

  Dec 2006 - Jul 2012

  Business / IT Operational Risk Management: Developed and implemented frameworks to identify, assess, and mitigate operational risks within the business and IT domains. Ensured operational resilience through collaboration and ongoing monitoring.Basel - II Compliance: Supported financial institutions in meeting Basel II regulations by conducting risk assessments, implementing risk measurement methodologies, and developing mitigation strategies.Business Risk & Control Management: Established frameworks to identify and manage risks across business functions. Implemented effective controls and fostered a proactive risk management approach.IT Process Review: Reviewed and optimized IT processes, identifying areas for improvement and aligning operations with business objectives.IT Risk Management: Implemented robust IT risk management frameworks, protected critical assets, and ensured regulatory compliance through proactive risk mitigation.IT Audit: Evaluated IT controls and systems to identify gaps and vulnerabilities. Provided recommendations to enhance the control environment and improve system security. Show less JCL:Proficient in Job Control Language (JCL), a key component in mainframe operations.Skilled in writing and managing JCL code for batch processing and job scheduling.Experienced in managing dependencies and optimizing job execution in mainframe environments.COBOL:Expertise in COBOL programming language, a fundamental language for mainframe applications.Proficient in developing and maintaining mainframe applications using COBOL.Strong understanding of COBOL syntax, data manipulation, and integration with mainframe systems.TWS (Tivoli Workload Scheduler):Experienced in using TWS, a popular job scheduling and automation tool in the mainframe domain.Skilled in designing, managing, and troubleshooting complex job schedules using TWS.Proficient in optimizing workload distribution and maximizing system efficiency with TWS. Show less

  • Senior IT Operational Risk Analyst

    Dec 2009 - Jul 2012

  • Senior Software Engineer

    Jan 2009 - Dec 2009

  • Software Engineer

    Dec 2006 - Jan 2009
• 

  Infosys

  Jul 2012 - Mar 2015

  Senior associate consultant

  - Responsible for the design and incubation of innovative service offerings for ITGRC (Information Technology Governance, Risk, and Compliance) leveraging the powerful capabilities of RSA Archer Tool.- Risk and Compliance: Conducted gap assessments for existing policies and procedures, identifying areas for improvement and ensuring alignment with regulatory requirements.- eGRC Consultant: Served as an eGRC consultant for a leading financial institution, implementing GRC solutions on RSA Archer (eGRC framework).Led the entire project lifecycle, including requirement gathering, analysis, solution architecture, testing, and deployment of the RSA Archer solution. Successfully delivered comprehensive GRC solutions, enhancing risk management, compliance, and governance practices within the organization. Show less

• 

  Wipro limited

  Mar 2015 - Sept 2022

  - Successfully deliver end-to-end GRC Automation projects for various customers, ensuring adherence to assigned timelines and budgets.- Lead and manage the eGRC program, driving the automation of Cybersecurity processes for the Banks utilizing RSA Archer.- Analyze the Bank's GRC requirements in alignment with associated regulatory standards and devise automated solutions using RSA Archer.- Skillfully handle stakeholder relationships, ensuring effective communication and collaboration throughout the project lifecycle. Show less - Collaborating closely with the Cyber Security Directors of the bank to understand and address current security challenges effectively.- Successfully automated critical processes including Vulnerability Management, Security Risk Health Check (SRHC), Security Incident Monitoring, Secure Configuration Management, Data Loss Prevention, Firewall Review and Monitoring, Network Security, and Boundary Protection.- Designed and implemented solutions for baseline security control monitoring, ensuring a robust security posture and compliance with industry standards. Show less

  • Principal Consultant

    Aug 2020 - Sept 2022

  • Principal Consultant

    Aug 2018 - Jul 2020

  • Lead Consultant

    Mar 2015 - Aug 2018
• 

  Archer integrated risk management

  Oct 2022 - now

  Advisory consultant