Amit Kumar

Experience

• 

  Indian Telephone Industries Limited(A Govt.Of India Undertaking)

  Jun 2012 - Aug 2012

  Engineering Intern
• 

  Accenture

  Jan 2014 - May 2019

  Analyst

  Spearheaded the implementation of the end-to-end technical landscape to ensure GDPR readiness for an Italian telecom client.Provided assistance in carrying out risk assessment for new business applications.Led projects aimed at creating automated mechanisms to facilitate the exercise of data subject rightsfor a major player in European banking, in response to GDPR regulations.Designed, built, and configured applications to align with changing data privacy requirements forAustralian telecom clients. Show less

• 

  Syntegon

  Apr 2020 - Jun 2020

  Information Security and Privacy Intern

  Worked with multiple departments to carry out the Information Security activities of the organization such as; IT audit, Personal data protection and Enterprise data protection

• 

  Infosys

  Jun 2021 - Sept 2021

  Senior Associate Consultant
• 

  KPMG India

  Oct 2021 - Nov 2022

  Consultant

  Orchestrated an engagement for a New Zealand-based IT service provider firm, identifying information security and data privacy gaps in their billing application designed for European clients.Directed an Information Security Audit project following ISO 27001 standards for billing and invoiceapplications of a telecom client.Conducted an IT environment review focusing on change control and evaluated information securitypolicy, implementation, physical access control, and audit guidelines.Led an engagement reviewing process compliance for one of the largest stock exchanges, focusingon change management, incident management, and problem management tickets.Supported an Indian IT firm in GDPR, National Cyber Security Centre, and European Banking Association guidelines compliance by conducting an information security gap assessment of its Core Banking Solution application according to ISO 27001, ISO 27701 standards, and relevant regulations.Managed multiple projects at a stock exchange as part of IT Governance activities, leading variousstakeholders and presenting periodic reports to the Chief Technology Officer. Show less

• 

  Deutsche Bank

  Nov 2022 - now

  Associate

  Conducting information security activities for multiple geographic regions of the bank as an individual contributor.Managing identity and access management activities for business applications, enhancing security protocols.Implementing role-based access control (RBAC) rules for business applications, improving access management efficiencyManaging and remediating Segregation of Duties (SoD) violations in applications, reducing security risks by 70%.Governing the access review process, ensuring timely completion and account revocations, achieving 80% on-time completion rate.Leading a project to automate account revocation processes, collaborating with stakeholders, such as application owners and ID admin teams, resulting in a 60% reduction in manual efforts.Addressed and successfully closed multiple audits as the Business Information Security Officer for various business applications, maintaining a 75% audit success rate.Decision maker for cross border data transfer requests, considering service level agreement and different privacy regulations, such as GDPR and FADP.Reviewer of application risk assessments, gap analysis and compliance evaluation from business requirements standpoint.Managing DLP exception requests by analyzing the requests, based on business justification and consequentially revoke or grant the request.Orchestration of risk acceptance process with stakeholders for the business applications, and document accepted risk from information security governance standpoint.Driving the process of asset risk profiling (ARP) of the business application, by conducting discussions with IT Application Owners and Business Owners of the applications. Show less