Ganapati S. Sridhar
Cyber Security, Regulatory, Risk & Program Management
U.S Citizen with 19 plus years of experience supporting Fortune 100 & Public Sector agencies, especially through enterprise project & program management, Regulatory affairs, risk management, IT controls, GRC, SOX, and years of driving cross-functional & technical teams of 15+ including offshore resources to deliver s/w products generating multimillion dollar cost savings ahead of schedule.
Project Management Risk Management Cyber Security SDLC Agile Basel Dodd Frank Volcker MiFID II SCAF FINRA 2232/2165 Operations Management Balance Scorecard IT Control Audits Offshore Team Management Change Management Big Data Business Intelligence Cisco XML AWS Azure CSDR Tableau Yellowfin Qlik View SEIM SPLUNK
Deutsche Bank, McLean, VA
Global Cyber Security Delivery Lead – Splunk January 2019 to Current
Lead delivery of the Security Incident & Event Monitoring (SIEM) security product (Splunk) and on- barding of data, as part of multi-layered defense in depth approach to ensuring information assets are adequately monitored. This includes:
oMaintain and enhance a Global SIEM deployment by addressing information security risks to the Deutsche Bank’s global IT real estate.
oLead the security assessments, design, development and validation of security architectures, including the system architecture mapped to security requirements.
oOn-boarding complex Splunk development and rollout of application and Infrastructure logs across region firmwide.
oWork with Managed Service Provider (MSP), internal Core Engineering and operations team for seamless deployments and ensure monthly KPIs are met as per the management plan
oEnsure integration with our other key product domains including Cloud, Network, Endpoint and App Security.
oDevelop and maintain multi-year, risk-based product roadmap that clearly represents key deliverables, dependencies & benefits.
oEnsure the accepted product backlog is in place, visible, and managed as capacity and capability is available.
oComply to audit & regulatory commitments and timeline.
oEnsure all commitments are mapped to Product book of work and prioritized.
oEnsure product controls are aligned to and assessed against the firms Threat Scenarios and Risk Framework to model a comprehensive view of control gaps and effectiveness.
oEngage stakeholders in the LOBs to identify needs and map it to network product roadmap to reduce risk.
oEvangelize the solution & ensure key content is available to key stakeholders such as Cyber Threat Analytics and Cyber Hygiene team.
oConstantly assess customer feedback as well as monitor and report on vendor performance and make necessary improvements.
Deutsche Bank, New York, NY
Global Regulatory Change Manager July 2017 to January 2019
Lead and deliver US Wealth Management (WM) and Private Banking (PB) Regulatory Change projects and help ongoing operations including risks and audits request from internal and external auditors. Managing the day-to-day operations of the Global Technology Regulatory portfolio change process, including Analysis, Assessment and Reporting of new and existing regulations related to US and Europe.
Work with local and global team on complex regulatory changes/ requirements and focus on bringing issues to resolution, influencing and escalating as necessary to meet timelines. Includes clarifying and defining regulatory requirements / scope for cross-border problems.
Own high impact transformation initiatives and contribute to the overall outcomes, definition, scoping, design, and delivery
Manage multiple initiatives simultaneously using strong time management and prioritization skills
Distill big picture intent into to tactical requirements and implementation plans.
Create and deliver presentations to senior management. Guide and influence senior management discussions and decisions
Conduct independent research and analysis to solve ambiguous reporting problems. Work with technology, compliance and legal teams to develop solutions for seamless regulatory reporting
Create, establish, and manage communications across teams to ensure optimal engagement of associates and leaders
Ultimately responsible for day-to-day regulatory aspects of the initiative; participate in developing regulatory products, benefits definition, management of changes in the Operational environment, and assigning and managing team accountabilities.
Successfully delivered impact assessment and delivery of regulatory projects such as MiFID II SCAF, Bank of Israel, NY Match, FINRA 2232, 2165, IRS 305c and REG D.
Leading CSDR and Benchmark Regulation assessment
Manage the co-ordination of cross border requests from multiple jurisdictions, working closely with local stakeholders including legal, compliance, IT and vendors.
Takes ownership of escalations and manages to resolution in a timely manner, keeping all stakeholders updated
Work closely with compliance, legal, risk management and functional SME’s to provide required direction and support. Report KPIs/ KRIs monthly
Manage Regulatory risk and Incident Management Process as per the Operation Risk Management (ORM) framework
Assist resolution and escalation of issue management and conflicts.
Support WM Heads in the delivery of wider Regulatory Change Management strategy and Business Continuity and Resiliency management
Strict adherence to compliance and operational risk controls in accordance to the Bank's regulatory standards, policies and practices
Initiated common regulatory platform for Reports through BI (QlikView) tools.
Deutsche Bank, New York, NY
Independent Consultant – Program Manager Jan 2016 to July 2017
Led and managed PMO and Program to meet Volcker regulatory and business requirements, including design and implementation of priority initiatives. Drive workstream delivery through full project lifecycle including Front-to-back management with technology, business, and support upstream partners.
Managing the day-to-day operations of the Global Technology Regulatory Portfolio Change Process and Governance, including analysis of new and changing global regulations as they relate to Volcker technology controls. Works with the stakeholders to help develop and prioritize the changes and tracking proposed changes through the workflow. Generate weekly management reporting on new, delivered, in-progress and backlog changes (pipeline) and their prioritization. Also, work with regional and business-aligned teams to track and resolving issues and escalate wherever required. Facilitate the Change Control Board (CCB) meetings to review the new change request and ensure appropriate approvers and representation participate the CCB meeting to review and make the required decision.
TriagePMO.com, Arlington, VA
Principal /Director June 2015 to May 2016
Orchestrated www.FedMitigate.com, www.TriagePMO.com, www.RiskMitigate.com cloud based project and risk management application requirements and guided technical staff with architecture and development.
Built Portfolio, project and risk management Software as a Service (SaaS) software that link all project related activities such as agile tasks, risks, Issues, action Items, decision log and project related documents in one location for program and project reports including Earn Value Management (EVM).
Led Amazon Web services strategy for design, development and testing efforts
Developed partnership and negotiated deal with data analytics vendor Yellowfin and Pentaho
Provided application and data architecture (MySQL) support, analytics (Yellowfin) and application (ruby) developers
PricewaterhouseCoopers LLP, McLean, VA
Senior Manager /Consultant (RGI Acquisition) December 2010- June 2015
Led advisory engagements & built team of 17 to deliver effective enterprise wide IT strategies for Financial Sector such as Capital One, Western Southern Financial Group, Allstate Investment. Drove cross-functional, developers & contractor teams of up to 17 resources including offshore resources to deliver business transformations, including: strategic planning, program management, risk management; IT controls, & end-to- end Information Technology implementation.
Implemented largest GRC Migration (PRIME) for leading credit card/payments firm
Led Internal audit & risk assessments team for readiness for Investment firms to review and pre-audit of IT and SOX controls before external auditor’s review that resulted into zero corrective action from their external auditors
Delivered SAP Blueprint Migration engagement including GRC for Fortune 10 healthcare organization on time & within budget
Led Analysis of Alternative (AoA) for Veteran’s Affairs to find scheduling solution that resulted into COTS product at 83.4% price point compared to other options
Led Veteran’s Implant for patient safety alert & recall project for Veterans Affairs where it helped >2M veterans globally for right treatment at right time
Led engagement in public sector to drive Risk Department to manage large Veterans Affairs initiatives, EVEAH & NMOC with 44 projects. Designed & developed Risk Management Tool with excel & MS Access that generated automatic weekly risk & issue reports.
Spinovation Corporation, Dulles, VA
Principal April 2008- December 2010
Generated >$5M gross revenues per year, including start-up in India, Led 50+ employees in U.S.A & India. Managed client relationship, capture management & P/L. activities for domestic & overseas clients, delivered projects, coordinating with resources & vendors for schedules, purchase, deliverables, documentation, presentations, training & meetings. Executed projects in USA, India & Bangladesh.
SCI Group, Vienna, VA
Senior Consultant December 2005- April 2008
Delivered $1 to $7M application development & infrastructure projects including PMO. Managed team of 25+ & contractors. Handled multiple teams and vendors.
Firm obtained quality certification when orchestrated implementation of CMMI Level 3 & ISO 90001 process
Reduced to 65% archive maintenance cost in 1st year for National Cancer Imaging Archives (NCIA) when implemented decentralized open source infrastructure that condensed 3 FTEs
Met business case when transitioned all 34,000 customers & Resellers to Network Solution infrastructure & access as planned for Network Solution/SRS Plus Acquisition Integration
Epstein Becker & Green PC, Washington, DC
IT Manager January 2002-December 2005
Managed & consolidated helpdesk for Epstein Beaker & Green (EBG). Installed, configured & maintained internal systems including desktops, servers, VPN, Switches, routers & T1 links. Directed vendor management to ensure high level of user satisfaction with support service offered.
SVAM International, Great Neck, NY
Sr. Consultant October 1998 – January 2002
Managed Lan and Wan at BankOne.
University of Virginia Charlottesville, VA
Master of Science in Management of Information Technology 2005
DBTI New Delhi, India
Bachelor of Engineering in Mechanical Engineering 1990
Executive Education & Certifications
ITIL Foundation V.3 (March 2008)
ISO/IEC 27001:2005 Lead Auditor (April 2007)
CMMI Ver. 1.0 ATM (December 2005)
ISO 9001:2000 Internal Auditor (December 2005)
TVO certification from Gartner for Business Alignment (April 2005)
FISMA In-Depth C&A Training (March 2010)
Splunk Fundamentals 1 & 2 (2019)
Splunk Analytics & Data Science (2020)
Professional Affiliations: Member- PMI (Project Management Institute), ISACA (Information Systems Audit and Control Association), itSMF USA, APMP (Association of Proposal Management Professionals)1999-present
Awards: ASEI Founder’s award for completing 10 years of volunteering service, ASEI Recognizing award for Chairing 2007 national convention held in Washington DC
Infrastructures: HP and Dell Servers, Cisco, Amazon AWS, Azure
Application Software: Microsoft Office Suite, Microsoft Project, MS Access, MS SharePoint, Tableau, Yellowfin
Application Program: J2EE and .Net technologies, Ruby on Rails and “R”
Languages: Hindi: fluent: spoken/written, Tamil: fluent: spoken/written – Advance, Telugu: spoken - Fair
Interests: Biogas, Green Energy, Cricket and Biking