Business Analyst, Operational/Security Risk analyst
Resume:
Harshit Kapatel
addfvg@r.postjobfree.com
Location: Clifton, NJ
Professional Experience:
ADP (Automatic Data Processing) – Roseland, NJ March 2019 to May 2020
RSA Archer GRC Business Analyst
Analysed RSA Archer PSS (Public Sector Solutions) use cases and data dictionaries to gain understanding of business processes, application frameworks and key drivers to perform gap analysis in existing functionalities and meet client business needs
Successfully implemented risk assessment platform in GRC space to automate end to end risk assessment process for critical applications
Delivered complex solutions in production under complete SDLC methodology such as gather requirement, analysis, design, data modelling, business process modelling, implementation, UAT and deployment
Proficient at driving strategic discussions applying advanced RSA archer skills using calculations, data-driven events, custom objects, advanced workflow, and data feed service configurations
Configured archer applications/ questionnaires, reports, data imports, campaigns, notifications, data fields, package installations and workflows to meet business requirements
Served as primary liaison with business partners and IT development team to determine viability and high-level functional solutions for proposed requirements
Designed sprint backlog and requirements traceability matrix to trace each requirement to test case and verify business need
Worked with senior project leaders and cross-functional team members in reviewing other impacted applications to ensure user stories are added as appropriate for impacted work streams
Conducted milestones planning, release planning of the project via walkthroughs, workshop meetings involving various leads from stakeholders, development and technical support teams
Troubleshot and debugged RSA Archer configuration, advance workflow and dependency issues
Operational/Security Risk Analyst
Conducted working sessions with key stakeholders to understand proposed risk assessment methodology using format of ongoing process mapping, metrics monitoring, risk identification and control identification
Facilitated evaluation of information assets to define security category and allocate baseline security controls for risk assessment based on principles of information security with respect to Confidentiality, Integrity and Availability
Assessed security posture of ADP’s next generation critical assets and provided security control recommendations to mitigate or lower risk as a GSO (Global Security Organization) for various domains such as: authentication, authorization, access controls, roles, data protection, BCP/DR, logging & monitoring, anti-malware/Phishing, network security, patching
Developed pre-assessment questionnaire and workflow to onboard new assessments in the eGRC toolset
Implemented automation to collect, utilize and monitor vulnerabilities, risks and controls data in RSA Archer GRC platform
Established a risk identification foundation to support risk management, risk assessment, and criteria to prioritize risk-based burn down against the asset’s top risks
Worked as controls assurance analysts in the identification and evaluation of operational risks and controls, including identification of potential gap and opportunities for improvement
Assisted in defining qualitative and quantitative risk scoring metrics to assess the success of critical assets protection program and provide regular reports to security and business leaderships
Integrated information security and risk management frameworks (NIST 800 53, FIPS 199, FIPS 200, FAIR, SANS / CIS) with existing risk assessment methodology
Participated in risk strategy task force to assist security and risk program management to coordinate and facilitate meetings supporting task force activities i.e. process initiation, business requirements and trainings
Supported in monitoring the results of assessment(s) and other risk factors to clearly identify the driving factors that influence priority against risk mitigation
Worked with information system security and risk management tools such as SD Elements, RiskLens v3, BCiC (Business Continuity in the Cloud), Qualys, TrustArc, CMDB, Various RSA Archer Applications
Worked collaboratively with global application owners and control owners to achieve desired results across organization
Citizens Bank - Johnston, RI March 2018 to November 2018
RSA Archer GRC Business Analyst
Identified and analysed business problems and defined the scope of activities required to address the issues, including requirement definition, process review, impact assessment and operational streamlining where appropriate in Archer GRC platform
Conducted highly interactive JAD sessions with project stakeholders such as project manager, users, developers, and QA analysts in identifying and resolving issues
Documented requirements and system specifications into BRD and FSD to meet expectations of the business stakeholders in the GRC space
Lead the discussion for prioritization, solution assessment and validation of requirements with business and project teams
Worked with project manager in all aspects of project including documentation of project needs by gathering, documenting and updating business requirements, analysis/research of needs and possible solutions
Designed and developed use case diagrams, activity diagrams and process flow charts in UML using MS Visio
Assisted the QA team in designing the Test Plans and Test Cases for User Acceptance testing
Compliance Risk Analyst
Prepared ad-hoc query to perform Risk Assessments with partnered vendors in compliance with FFIEC: Mobile Financial Services IT Handbook and Authentication in internet banking and environment
Conducted process mapping sessions with Line of Business (LOB), Subject Matter Experts (SMEs), Risk, Controls, Compliance and Project Management Office (PMO) partners to ensure process maps are in line with appropriate policy and procedures to support the Risk and Control Self-Assessment (RCSA) structure
Functioned as a liaison between technical team and business team to gather assessment data to analyse the controls for risks associated with mobile application and website
Analysed business and technical requirements for proposed SANS-20, OWASP TOP 10 Mobile and Web based system solutions
Performed gap analysis by identifying existing technologies and subsequently documented the enhancements to meet the end state requirements
Provided updates and escalated issues to stakeholders on status of plan of actions and mitigations to meet timely and comprehensive deliverables
Analysed and documented detail findings report and recommended assessment gaps to security leaderships
Managed project documentation such as implementation plans, issue logs, process maps and process flows
Developed and maintained strong relationship with business partners and internal/external team members to coordinate and support business with the process implementation
Analysed business unit trends and benchmarks to suggest how to improve AS-IS processes and develop process enhancements through automation
Planned the Governance forum meetings by providing advanced meeting agendas and previous meeting minutes
Wells Fargo - San Francisco, CA July 2016 to February 2018
IT Business Analyst
Conducted extensive GAP analysis by identifying AS-IS and TO-BE process models and process flows and worked as a part of the business development team along with the Project Management Office in order to identify new and existing business processes for implementation and improvement
Served as the primary resource for gathering, validating, analysing and documenting the stated business requirements by decomposing the requirements into granular form
Acted as an Interface directly with the customer and business owners to document business and functional requirements in compliance with business needs
Conducted JAD sessions with subject matter experts to define requirements based on application modules
Served as primary contact with the Subject Matter Experts (SME), Business Process Engineer (BPE) and the champion of their needs across the software development life cycle (SDLC) in agile methodology
Actively involved in Business Process Modelling (BPM) and designing business models using UML diagrams - use cases, sequence diagrams, activity diagrams and ER diagrams in MS Visio
Maintained familiarity with the Program Management's 90-days (6 Sprints) Product Roadmap to eliminate cross pillar dependencies to maintain the critical path and deliver the product within the schedule
Executed SQL queries for research and ad-hoc report building purposes
Led information gathering sessions, produced meeting minutes and performed market research analysis
Identified deliverables for the project at both Software (development) and business levels
Participated in design review meetings and translated the requirements to the developers and guided the team when issues related to business requirements arose
Identified technical issues that are causing or could cause issues or project delays and performed the root cause analysis
Followed a structured approach to organize requirements into logical groupings of essential business processes, business rules, and information needs to ensure that critical requirements met
Organized and facilitated improvement events including process mapping, gap analysis and documentation creation for new software implementations
Managed various versions of the documents generated during the project using SharePoint and Share Drive
Made recommendations for process and business flows, and documented requirements via the approved process and templates ensuring Concept (design), development and validation team commitments and burndown are accurately updated in JIRA after Sprint Planning
Daily monitored teams' status of epics, user stories and tasks in JIRA and notified the scrum master when velocity deviates from the committed burndown rate
Interacted with the developers, validation team and product owners on resolving the reported bugs and various technical issues
Facilitated with intra-team communication and coordination for internal and external, software and non-software dependencies to minimize and/or address impediments on a timely basis
Used JIRA for allotting tasks, user story writing, backlog management, issue tracking, user story management and forward and backward requirement traceability as well as cooperated with the testing and QA teams to implement new validating procedures
Participated in all the Scrum meetings such as backlog grooming, sprint planning, stand-ups, retrospective and closure meetings
Prepared, maintained and presented reports and status on various project metrics required by PMO
Created the project visual models, assisted and conducted User Acceptance Testing (UAT)
Bank of West - San Francisco, CA January 2015 to May 2016
Business Analyst
Prepared high-level logical data models and BRD supporting documents like the use case, sequential diagrams containing the essential business elements, detailed definitions, and descriptions of the relationships between the actors to analyse and document business data requirements using MS Visio
Conducted highly interactive JAD sessions with projects stakeholders such as users, QA analysts, and project management team, identifying and resolving issues
Performed GAP Analysis to define gaps between AS-IS and TO-BE processes in supporting and interfacing system applications
Responsible for creating Use case scenarios and writing use cases using UML as per the specifications and requirements analysis
Prepared and shared Activity Flow diagrams, wireframes to communicate business process modelling with the technical team
Provided key inputs and identified gaps on gathered requirements and provided a FIT-GAP analysis document
Analysed firm’s business processes using work flow diagrams, process diagrams and GAP analysis to improve the efficiency of work
Developed strategies with quality assurance group to implement test cases in mercury test director for stress testing and UAT (User Acceptance Testing)
Conducted process sessions with business owners and subject matter experts to validate business requirements against system and process design
Worked with development and testing teams to accomplish timely release objectives
Used detailed knowledge of application features and functions to assess the scope and impact of business needs throughout analysis
Freddie Mac - Virginia August 2013 to November 2014
Business Analyst
Analysed business requirements and segregated them into use case diagrams, activity diagrams, sequence diagrams, and OOD using UML methodology to define the data process models
Coordinated and gathered user requirements and presentation of the screen designs during JAD sessions
Facilitated JAD sessions with SMEs and business analysts from other feeder systems for a detailed analysis and a better understanding of impact of various projects on each other
Responsible for preparing Business Requirement Document (BRD) and then translating into functional specifications and test plans Closely coordinated with both business users and developers for arriving at a mutually acceptable solution
Created business requirements documents and functional requirement documents for the impacting projects
Reviewed and analysed business requirements and functional specifications to identify and define test requirements to build test cases
Created key business design deliverables such as business requirements documentation and functional requirements documentation for hand-off to development using UML
Worked extensively with MS Excel, MS Word, MS Power point and MS Visio
Analysed business requirements and system requirements of the client for Property and casualty modules
Created UAT plans with test cases to ensure that the system runs smoothly after the proposed enhancements or changes have been made
Performed Gap Analysis to identify the deficiencies of the current system and identified the requirements for the proposed system
Reviewed test results and coordinated with testing and development team to resolve the issues
Interacted with the developers on resolving the reported bugs and various technical issues
Education:
Rutgers The State University of New Jersey, Newark, NJ May - 2011
Bachelor’s in Business Accounting
Contact this candidate