Management Information Technology
Resume:
Niranjali Suresh
**** – * Millersport Hwy, Buffalo, New York 14221
(716) 275 – 4991 ***************@*******.***
PROFESSIONAL SUMMARY
An innovative and result-oriented professional with 3.5 years of experience in change management and DevOps. Passion towards IT audit and risk management led me to pursue a graduate level course in IT auditing and subsequently pass the CISA exam. Published a book chapter on cloud risk mitigation and leading research in technology risk management.
EDUCATION
UNIVERSITY AT BUFFALO, THE STATE UNIVERSITY OF NEW YORK
Master of Science in Management Information Systems expected May 2017
Relevant courses – IS Audit (aligned with ISACA curriculum), Information assurance, Enterprise Models
ANNA UNIVERSITY, CHENNAI, INDIA
Bachelor of Technology in Electronics and Communication Engineering May 2012
EXPERIENCE
Intellect Design Arena Ltd (IDAL) (Polaris Financial Technology group company) Chennai, India
Software Configuration Management (SCM) Consultant October 2012 – May 2016
Established standards processes and procedures for software configuration management to comply with SOX act
Participated in establishing, evolving, and managing highly effective branching policies for software products and implementations by understanding their development and release cycles
Performed periodic self-assessment of 40+ IDAL product’s SCM strategy to ensure conformance with COBIT 5 MEA01 standards
Facilitated in-process SCM audits by providing assistance in execution planning, evidence gathering, walkthroughs and updating engagement documentation
Enabled SCM audit readiness for IDAL’s product units by developing and maintaining COBIT 5 compliant SCM audit checklist to assess role based user access, segregation of duties, protection of intellectual property and disaster recovery strategies
Drove customer engagements for orchestrating continuous deployment of software solutions on AWS through automation
Managed security requirements for cloud in accordance with NIST guidelines by setting up role based access, periodic back up strategy, network security groups, data encryption, alarms for intrusion detection and logging services
Developed, enhanced and maintained continuous integration environments to minimize product installation effort by 97%
Built end-to-end deployment environments for Polaris's products on IBM Pure Applications at IBM Design Labs, Austin (USA) using Pure applications patterns with python and shell scripts
CERTIFICATIONS & HONORS
Passed the Certified Information Systems Auditor (CISA) examination - Jan 2017
SAS Certified Base Programmer for SAS 9 – Issued on June 06, 2016; Certificate No: BP060238v9
GEM award for building continuous integration systems on cloud for IDAL's authentication and authorisation product
Certificate of appreciation for contribution towards strategizing migration and automation of IDAL’s liquidity product
FT8012 Design award for implementing a data analysis tool to identify and strategize elimination of duplication across code bases
SKILLS
Tools & Technologies: Python, SAS (Base), Shell scripting, ANT Scripting, XML, SQL, AWS, IBM Pure Application, Oracle WebLogic 10.3.6/12c, IBM WebSphere 7.0/8.5.5, Subversion, PVCS, PuTTY, Git, Jenkins, SQL Developer
Frameworks: Working knowledge of SOX, COSO, COBIT, NIST, CSA CCM, PCI-DSS, HIPPA, NIST and ISO 27000 series
RESEARCH & PUBLICATIONS
Lead author for a book chapter on the topic “Impact of Technology Innovation: A Study on Cloud Risk Mitigation” (ISBN10- 152*******) scheduled for publication in “Information Technology Risk Management and Compliance in modern Organizations” textbook published by IGI Global publication. Recent security innovations in the cloud computing security space are analysed and their contribution is mapped to specific areas of risk in cloud implementations that they address.
Technology Risk Appetite statement (Ongoing) - Extant research on fortune 50 companies to identify and infer their risk appetite and tolerance to specific technology risks that they are subject to. Determine the impact of a comprehensive technology risk appetite statement, or a lack thereof, on their businesses. Estimate the quantitative and qualitative value provided by a technology risk appetite statement in overall enterprise risk management.
Contact this candidate