NALINI JADIA
**** * ********* ****, ***** Land, TX (815) 757- 0816 ***************@*****.***
PROFESSIONAL SUMMARY
Excellent analytical and detail-oriented executive with extensive experience operating enterprise risk management related procedures and financial business practices in compliance with industry regulatory requirements. Leverage unique combination of IT security knowledge and strong IT audit knowledge to fuel success. Demonstrate effective leadership, client relations and advocacy, and consensus building to achieve results. Taking CISA in March 2018.
INFORMATION SECURITY WORK EXPERIENCE
Sr. IT & Security Risk Analyst, Scottrade Financial, St Louis, MO Jan. 2017 - Present
Performing Risk Assessments using RSA tool to identify & mitigating the potential areas of risks by securing Enterprise as a whole. Recommending to the management intensity of the potential risk by visual representation of risk indicators and performance indicators by implementing COBIT5 & NIST frameworks to define the risk and related controls and how to mitigate the particular risk in order to protect enterprise assets.
Analyzing Enterprise data on the IT Security and Operational risk assessments to get better understanding of risk.
Gathering Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) by analyzing the raw data from different departments and segregating it using NIST & COBIT 5 Frameworks.
Maintaining various dashboards to give visual representation about the risk intensity.
Gathering and managing data from various risk owners to maintain the dashboards on monthly basis.
Monitoring and assessing the post-period implementation of risk management strategies.
Predicting the future trends based on the latest developments in the market and recommending plans to keep up with the pace
Helping with higher management in transition process for risk related procedures and policies.
IT Security Associate, Trans Union LLC, Chicago, IL May 2016 - Dec. 2016
Produced high quality work along with the team members of director level operating on assignments for Internal audit work, third party vendor risk assessments. Worked on GRC tool, Archer for IT Security assessments along with migrating company’s data from old legacy system to Archer. Maintained various high level documents. Interacted with many department heads, vendors, and other SMEs inter department wise.
Interacted and handled Tier 1 customers and SLAs.
Actively participated in client audit procedures and policies to make sure that the compliance and security policies were followed as per ISO27001 to keep the company’s reputation intact.
Conducted and employed the Clean Desk security policy on a monthly basis.
Populated and managed the proprietary tool for Internal IT security.
Managed GRC tool Archer for policies and procedures.
Information Security Intern Student, InfoSec Department, Northern Illinois University Aug. 2015 – Dec 2016
Working at an educational institution gave me an opportunity to work/learn by interacting with a small InfoSec team and report directly to the CISO. It was a good opportunity to collaborate and to learn from each member of InfoSec team. Performed various work duties managing the time sensitive issues and handling high priority IT security incidents.
Drafted various policies and run-books for Northern Illinois University to mitigate Identity theft such as Red Flag policy document, new FOIA request policies in current policy under Freedom of information accessibility act, de-listing IPs from the various blacklists, and rules for Clean Desk Policy.
Provided assistance in PCI and HIPAA policies implement and designed the training program for HIPAA implementation University wide to educate staff/faculty/students.
Assisted in new vendor process for potential and current vendors to reduce the third party risk.
Conduct GAP analysis for various existing programs to reduce cost and improve productivity of work.
Jr. Business Analyst, PowerVolt Inc., Addison, IL Aug. 2012 - July 2015
Working on the process improvement project for the industrial company was very knowledgeable experience. Specially providing the solution to reduce the cost by implementing process improvement technics such as Kanban, Ishigawa, which helped to analyze the complicated operation, was challenging as well as rewarding.
Analyzed existing process for vendor management, release management, sales orders/invoices, purchasing & Shipping. Utilized the Agile methodology, review of existing QA processes.
Prepared business process models, managing product backlog using Scrum (Agile) methodology.
Worked with SME’s, stakeholders, Developers and testing team onshore and offshore with different time zones to facilitate Sprint and JAD sessions.
Worked on process improvement for the existing production plant to assist to utilize the space already exist using Ishigawa, Japanese method by creating stories to explain the processes.
Assisted in merging new technology and techniques to make production planning beneficial and time saving.
Developed a design using Agile frameworks that could assist company to reduce expenditure and makes it easy to share the capital and human resources in advancement of the company’s financial growth.
Managed the Product backlog items efficiently.
CERTIFICATES
Security+ June 2017
ITIL Foundation Certificate Mar 2017
Business Process Integration with SAP ERP 6.0 May 2016
Certificate of Compliance in Corporate IT Security by Trans Union June 2016
Preparing for CISA (Certified Information Security Auditor)
KEY SKILLS
Security Tools: Security Score Card, GRC Archer, Q-Radar, Wireshark
Frameworks: NIST, COBIT5, COSO, Agile/Scrum
Audit & Compliance: ISO27001, SOC1, SOC2, PCI, HIPAA
Programming Languages & Database Systems: VB, .NET, MySQL, PL/SQL
Applications: SharePoint, Microsoft Office Suite (Visio, Word, Advanced Excel (Pivot tables, V-look ups)), Access
EDUCATION
Masters of Management in Information Systems (MIS) Northern Illinois University, DeKalb, IL Dec 2016