Email: ac4job@r.postjobfree.com Ph: +1-314-***-**** Location : St Louis, MO
Professional Profile
IT industry experience spanning Project Management in Information Security, IT General Control SOX Compliance and Auditing, ITIL process support, Testing and Quality Assurance
Performed Project Planning, Budget management, vendor management, scope management, team management, issue management, Status reporting, Project closure, Review and prepare audit reports for multinational FMCG.
Involved in end to end projects across Requirement Analysis, Design, Development, Enhancement and Production Support across technology platforms. Setting up deployment strategy, version control and effective production handover processes
Experience in varied industry domains across Hi Tech manufacturing, Multilevel Marketing, Agricultural, FMCG, OIL and GAS
Certified Information System auditor (CISA) from ISACA, IT management and IT Governance (COBIT) from ISACA, Certified Project Manager (PMP) from PMI, ITIL Certified from EXIN, Information Security Management Systems Implementation Course from BSI, Six Sigma Black belt from Indian Statistical Institute. Trained and certified in Business Analytical Certification Program
Knowledge on Business Analytics methodology, data analysis using analytical tools R and SAS.
Professional Certification and Education
Certified Information Systems Auditor (CISA) certification, ISACA
ITIL V3 Foundation, BSI
COBIT 5 Foundation, ISACA
SIX SIGMA BLACK BELT, Indian statistical Institute
INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS), ISO/IEC 27001
Work Experience
Unilever, India Oct 2014 – July 2017
Department: Hindustan Unilever Limited
Role: InfoSec Risk and Compliance lead
Location: Bangalore, India
Performed Project management of InfoSec activities, managed the InfoSec team, Risk management of application system, user access, vendor management, resource management, Issue tracking and escalation, status reporting, Budget management. Negotiated contracts with vendors. Reduced the overall spending on vendors by 20% by negotiating prices and fees.
Provided input to the quarterly IT Risk report for Company. Obtained security metrics and reporting those metrics to management
Executed periodic compliance checks and update the Information Security Policy to ensure alignment with the Unilever Global Information Security Policies, Managed security exceptions. Audit issues tracking and reporting and ensured audit issues timely closure. Analyzed Risk and provided actionable recommendation to mitigate risk. Performed Design effectiveness audit and Operational effectiveness audit.
Facilitated external ITGC SOX and ITGC statutory audit, provided closure for audit issues raised by external auditors. Review and prepare audit reports for IT SOX audit. Served as a liaison between external Audit team, IT teams, Global security team, Information protection network, business managers.
Maintained and Managed Disaster Recovery Plan, conducted periodic DR drill, Coordinated with business users to identify Recovery Time objective and Recovery point objective and came up with risk rating for the applications.
Followed-up on audit observations (SOX Audit, Corporate Audit, HUL Operations and other external Systems Audit engagements) with the individual IT Teams and obtained confirmation as to the implementation of the relevant controls
Participated in awareness programs and rolling out training programs to different teams on IT awareness
Assisted in implementing Unilever strategies related to Information security and audit controls.
Defined and tailored security policies for IT processes and assets and prepared and document SOP (statement of procedures).
SKS Consulting, India April 2011 – Oct 2013
Client: Hindustan Unilever Limited
Role: Risk and Compliance Manager
Location: Bangalore, India
ITGC internal SOX audit and compliance checks, interacted with vendor organization, process owners. Reviewed Infrastructure change management process, User access management, Patch management. Data center audit .Provided training and bringing SOX awareness in IT depts.
Monitored, Reviewed and Ensured that 20+ ITGC controls are enforced and proper evidences are generated based on frequency for Audits. Compiled evidences for each ITGC control based on risk and frequency of the control to demonstrate compliance with SOX. Communicated any violation of controls to appropriate team members and ensure compensating controls were implemented
Managed and fulfilled requests or tasks with External / Internal Audit and Control Owners for various regulation audits
Reviewed Service Level Agreements, SAS70 Type II reports, Contracts and complete Client Control Considerations
Worked with the business leaders, Internal Audit and project leaders to develop Roles & Responsibility to ensure segregation of duties (SOD)
Evaluated any known deficiencies and/or functional areas needing improvement and suggested actionable controls and monitored the efficiency of the controls. Coordinate in designing IT environment based on ISO 27000, SOX IT General Controls.
Closely worked with Business SOX Coordinator for Scoping and CISO to implement security Baselines
Participated in monthly steering meetings and presented on ITGC SOX and compliance issues.
Infosys Limited Oct 2000 – Dec 2009
Client: Syngenta Jan ’08 – Dec ’09
Role: Process Consultant
Location : Bangalore, India
Performed audit of the projects as per CMMi guidelines. Conducted training related to CMMi. Executed Six Sigma projects in the delivery unit.
Participated in the Risk assessment and gating reviews. Status reporting to the Delivery head .Tracked and reported metrics related to quality. Provided the feedback to management, development team using data collected.
Client: Cisco Sep ’04 – Dec ’07
Role: Team leader
Location : Bangalore, India
Performed Project management for multiple applications for maintenance and enhancement requests. Worked in Agile and iterative development methodologies, performed estimation of the requirements and ensured timely quality delivery. Performed Planning, supervising, and tracking the activities of team members. Developing documents, standards templates to be used by teams.
Analyzed information system needs, evaluated end-user requirements, custom designing solutions, troubleshooting for complex information systems management.
Client: Cisco Feb ’04 – Aug '04
Role: Developer
Location : San Jose, USA
Worked independently at client location to develop the department website in Perl. Worked with different teams to gather information. Responsible for improved product quality through the coordination and execution of software quality assurance and testing practices.
Client: Herbalife Mar 02 – Sep 02
Role: Onsite Coordinator
Location : Los Angeles, USA
Coordinated with customers and development teams for requirement gathering, development of use case, creation of design documents, test plans. Performed Issue resolution and status reporting, Development, Testing the application referring test plans.
Client: 3COM Aug ‘01 – Oct ’01
Role: Onsite developer and Secondary support
Location: Santa Clara, USA
Development and maintenance of multiple applications, Performed Requirement gathering and created design document and teat plans. Performed issue resolution and status reporting. Testing of application.