Resume

Sign in

ARCHER

Location:
Jersey City, New Jersey, United States
Posted:
August 10, 2018

Contact this candidate

Resume:

Naveen Kumar

Mobile: 347-***-****, email: navi.iitd@gmailcom

*** ***** **, ***, ****** City, NJ 07310

MBA – IIT Delhi, B Tech – NIT Jalandhar

CRISC, CISA, ISO27001 LA, BS 25999, ITIL, Archer RSA

Naveen is an experienced GRC implementor. Naveen has around 15 years of experience in various domains of Information Security & GRC Technologies. He led and managed the GRC process & tool implementation for various clients in US and South East Asia. He has in depth knowledge of GRC processes and GRC tools.

Professional Snapshot

15 years of experience in Information Security & IT GRC implementations.

Excellent Business Analysis skill.

Managed programs for multiple GRC technology.

Excellent GRC technology implementation and management experience.

Managed multiple resources and projects at one point of time.

Experience with ISO27001, SOX ITGC, NIST, COSO, PCI DSS, HIPAA, SEC – OCIE, GLBA, SSAE 16, COBIT

Excellent Business Development Skills.

Ability to communicate with Senior Leaderships, regulators, staff at all level.

Worked in US, Singapore, India.

Director, Vistrada, since Jul 2017

Responsible for providing GRC process & technology solutions to clients.

GRC advisor State Street Bank

Sep 2014 till Jul 2017 GRC Manager, Risk Assurance, PwC New York, NY, US

Manager for GRC process & tool implementations.

Deriving Strategy for GRC Tool implementation as per short term and long-term vision.

Interacting with C Level Executives and Senior Directors, business users and technology team.

Managing multiple GRC Technology projects and resources.

Projects

Business Continuity Management Solution automation in GRC tool as per PwC methodology.

-Manage the Archer BCM solution implementation as per PWC methodology.

-Interacted with BCM Team and gather business requirements.

-Managed Defined High Level & Low-level design, workflows, and data dictionaries.

-Managed Archer applications development including workflows, calculations, roles & access, notifications, dashboards.

-UAT & Training with BCM Team.

Information Security & Control Assessment framework implementation and automation in RSAM GRC Tool.

-Business requirement elicitation with IT & Legal team for designing information security & control assessment framework.

-Managed High Level data model and interaction with different modules (Objects, Risk Management, Compliance, and Finding & Issue Management), workflows, and low-level design.

-Development of RSAM applications including workflows, risk analytics handlers, roles & access, notifications, widgets, LDAP integration.

-User Acceptance Testing, Training & Go – Live of the solution.

Enterprise Risk Management implementation for a Hedge Fund Company and automation in Archer GRC tool.

-GRC Architect for Enterprise Risk Management solution in Archer.

-Interacted with different stakeholders to get a uniform risk assessment methodology in Archer.

-Defined High Level data model and interaction with different modules, workflows, low level design

-Developed and assisted developers to customize Archer including workflows, events, risk analytics handlers, roles & access, notifications, widgets.

-User Acceptance Testing, Training & Go – Live of the solution.

Application Risk Assessment, Audit & Issue Management, Application Risk Assessment for an insurance company of Michigan and automation in Archer.

-GRC Architect for Audit & Issue Management, Third Party Risk Management and Application Risk Management.

-Consulted Client on best processes and gave recommendations.

-Business Analysis of Archer as per interaction with different stakeholders.

-Designed High Level and Low-Level Design in Archer.

-Managed & Developed Solutions in Archer and integration with Nessus.

-UAT and Go Live of Solutions.

-Provided Training to Stakeholders.

Sep 2013 to Sep 2014 Independent Consultant NY, Singapore

Information Security Consultant for Intralinks, NY

Responsibilities:

Manage Archer GRC Solution and Risk Assessment for ISO 27001 framework.

Assisted in development of risk management framework for ISMS implementation.

Defined business requirements for ISMS implementation in Archer.

Defined High Level data model, Low Level design workflows, low level design.

Managed customization of Archer including workflows, events, calculations, roles & access, notifications, dashboards.

User Acceptance Testing, Training & Go – Live of the solution.

Conducted Internal Audits of Risk & Compliance unit.

Archer GRC Consultant for CR Bard

Responsibilities

Defined Archer requirement for SOX automation in consultation with Business users and technical users.

Defined controls required for SOX Automation.

Designed SOX solution in Archer including high level and low-level design.

Customized Archer for SOX automation.

Managed SOX automation in Archer.

Feb 2012 to Sep 2013 GRC Lead, HCL Singapore

GRC Lead - Singapore Exchange

Archer GRC Lead for a Singapore Exchange

Responsibilities:

GRC Manager for Singapore Exchange GRC operations.

Managed and implemented various Archer solutions.

Designed the entire Archer GRC Architecture for Client.

Handled both functional and technical aspects of Archer GRC viz. process consulting, design and customization of applications, creation of questionnaire, reports, and dashboards.

Conducted Archer Training for Archer users.

Provided GRC knowledge to subordinates and conducted technical sessions.

Conducted Monthly Meeting with the entire stakeholders.

Operational Risk Manager.

Aug 2010 to Feb 2012 Technology Consultant, Wipro India

Business Development and Pre-Sales for Information Security & Risk Management

Archer GRC solution to a Fortune 100 bank of US

-Consultant for third Party Vendor Management in Archer.

-Designed and Implemented Data Centre Attestation in Archer.

-Archer GRC implementation.

Archer GRC consultant for a Large Manufacturing Company in Fortune 100

-As and IS Analysis for the GRC framework.

-Consultant to implement Global Governance Risk and Compliance including different geographies with different cultures and regulatory and statutory requirements.

Archer GRC implementation

-Implementation of IT governance framework for a large payment processing company at Ohio.

-Designed and Enforced the IT Governance Framework.

-Enforced policies and procedures for better governance.

-Conducted Audit to framework, Validate and Review.

Jun 2008 to Aug 2010 Associate Consultant, Infosys India

ISO27001 Audit of a large audit recovery service firm of United States

-GAP assessment and remediation of existing ISMS controls.

-Conducted ISMS Assessment.

-Developed ISMS framework for better Management.

Archer GRC implementation

-Implementation of IT governance framework for a large payment processing company at Ohio.

-Designed and Enforced the IT Governance Framework.

-Enforced policies and procedures for better governance.

-Conducted Audit framework, Validation and Review.

Oct 2004 to Jul 2006 Deputy Engineer, Bharat Electronics Limited India

Project:

Combat Management System for Indian Navel Warships.

Professional Skills

Standards & Frameworks: NIST, COSO, ISO2001/27002, PCI DSS, HIPAA, SEC – OCIE, GLBA, SSAE 16, SOX ITGC Control, COBIT

Tools: RSA Archer, RSAM, MS Office Suite

Certifications: CRISC (Exam Cleared), CISA, ISO27001 LA, BS 25999, ITIL, Archer RSA



Contact this candidate