Deepak Velichety

Experience

• 

  Cobalt LLC

  Mar 2011 - Jan 2018

  • Assisted clients to become eligible to register themselves as authorized vendors of Big firms in Oil & Gas, Construction and Engineering industries. • Interacted with prospect clients to bring business to the organization.• Worked on several industrial and IT project sales by making presentations to clients, responding to inquiries, giving demos and converting prospects to confirmed orders.• Received RFQs and submitted Quotes, company profile and Commercial offers.• Shared the technical details of the products and services offered by the company – Auditing Services and Trading of CCTV Surveillance equipment, Satellite connectivity devices / services (Airtime Services & BGAM) and Speed detecting vehicle cameras.• Consistently improve customer satisfaction through resolution of conflicts, issues and concerns.• Asset Management: Managed and tracked the Purchase Orders, Procurement, Maintenance, End of Lifecycle replacement and notifications. Show less

  • Audit Coordinator - HSE

    Apr 2014 - Jan 2018

  • Business Development Executive

    Mar 2011 - Apr 2014
• 

  Canada Life

  Apr 2018 - Apr 2019

  Information Security Analyst

  • Worked on ISO 27001:2013 for implementing ISMS to ensure resilient Cyber Security Framework.• Established and standardized GRC processes that improved resilience and efficiency.• Updated Risk Rating in Risk Register for the Risk entries and validated the same with the process owners.• Revamped the information security control guidance, including technical documentation, e.g., System access, Network, Cloud computing, Supplier management, Business application security policies.• Supported the achievement of Information Security’s strategic objectives by ensuring established security policies, standards, procedures, and guidelines.• Delivery of the information security awareness program and briefings; scheduling, monitoring, and reporting on induction training for all staff within the scope of the ISO 27001 schedule.• Cybersecurity maturity assessments against NIST, SOC 2, ISO 27001.• Responsible for redefining the Security framework in line with ISO's Standard of good practice.• Experience in Performing risk assessment for cybersecurity, information security and business continuity.• Facilitated the Audit process within the team in terms of identification of root cause of audit findings, determine and implement appropriate CAPA.• Analyzed, recorded and managed security incidents, vulnerability, and change issues in a timely and accurate fashion.• Imparted training to the employees on Induction ISMS.• Performed Vendor Assessment and Vendor Audits.• Conducted Internal IT Audits and follow-up till closure. Show less

• 

  Bell

  May 2019 - Dec 2021

  Sr Cyber Security Officer

  • Led the development and implementation of the organization's compliance program, ensuring adherence to PCI-DSS, SOC2, SOX, ISO 27001, and NIST standards.• Conducted regular risk assessments and vulnerability assessments to identify potential security gaps, providing actionable recommendations for risk mitigation.• Provided effective review and challenge to business units on the assessment and management of compliance and associated risks. Assisted in the design, development and implementation of effective controls and corrective action plans.• Implemented Beauceron Security (SaaS) platform for all Bell employees to provide Security education focusing on human side of security. Helped in designing awareness programs through surveys, computer-based training, phishing simulations and risk scoring.• Worked on IAM Tool – SailPoint (BARS – Bell Access Request System).• Worked with the Manager, Senior Manager, Director, and the AVP – Internal Audit on planning, executing, and reporting audit work.• Executed multiple complex high profile audit engagements, ensuring proper coverage and consideration of auditing principles, practice and assigned time/budget.• Prepared and reviewed internal audit reports of findings and recommendations for delivery to management.• Provided control walkthrough and evidence upon requests to external Auditors. (e.g., audits, compliance, findings and other risk and governance group requests)• Built remediation plans and remediate control issues on behalf of IT Control Owners.• Reviewed Risk Register entries; performed Asset identification, evaluation; Vulnerability assessment, Risk assessment and documented ISMS controls after thorough discussions and reviews with stakeholders. Show less

• 

  BMO

  Feb 2022 - now

  Manager, GRC

  • Leading a team of 7 and running the GRC Workshop for the Technology Business Units – Digital Banking, ATM and Call Center. • Maintaining – Adding, Updating and presenting the GRC Deck – Health status of the Business Units to Chief Information Officer on weekly basis and addressing any Issues identified (Significant & Minor) and updating on upcoming Compliance activities. • Issue Management – Documented issues & tracked Remediation Plans from Audit Findings and Self-Identified Issues (SIIs) on regulatory requirements like PCI-DSS, OSFI-B13, GDPR, etc. • Responsible for governance, risk, and compliance activities within the Information Security team utilizing best practice frameworks such as NIST, ISO 27001 and PCI-DSS.• Attended the monthly Financial Crime Unit calls to know about the upcoming Compliance activities and assigned the activities to the team members.• SPOC for Risk Register: Reviewed annually and updated with new entries; and reviewed with control implementing teams to ensure they ‘agree’ and we as First Line of Defense team ‘Recommend the controls to adopt’.• Reviewed & updated the Control Effectiveness Rating based on existing Issues identified via Audit findings or SIIs (Self-Identified Issues).• Reviewed Annual Risk Register report on Inherent Risk vs Residual Risk Rating of my business units and ensured the Residual Risk Rating is below the Overall Enterprise level Rating. • Prepared and maintained repository for ISMS documentation including ISMS Policies, GRC Process, Process Plan, SOP’s, Records.• Facilitated the Audit process within the team in terms of identification of root cause of audit findings, determine and implement appropriate CAPA / Remediation Plan.• Facilitated Internal Controls testing - CTU Tests (Control Testing Utility) by ensuring Auditee uploads evidences by due date and assisted Auditors.• Participated in Business Continuity Plan & Disaster Recovery policy drafting and DR Drills. Show less