Security Analyst Quality Manager
Resume:
Kamya Krishna
************@*****.*** • +1-630-***-****
SUMMARY
A results-driven professional with over 10 years of experience specializing in auditing, compliance, and IT Service Management
(ITSM). Proven track record of implementing and optimizing auditing processes, ensuring regulatory compliance, and managing ITSM frameworks to enhance operational efficiency and mitigate risk. Skilled in overseeing audits, maintaining compliance with industry standards, and leveraging ITSM tools to deliver high-quality IT services. EXPERIENCE
Radian Compliance, LLC, Independent Consultant/ Quality Manager/Security Analyst Nov 2020 - Present
· Assist clients with ISO management systems standards and regulatory frameworks to maintain compliance or obtain certification.
· Perform Internal Audits for the clients against the requirements of ISO 27001:2022, ISO 9001:2015 & ISO 20000-1:2018.
· Led the implementation of ISO 9001:2018 compliance, resulting in improved process efficiency, enhanced product quality, and successful certification, ensuring alignment with international standards and customer satisfaction.
· Oversee supporting QMS process owner tasks and actions to ensure conformance of the QMS
· and continual process improvement.
· Perform Risk Assessment to identify and evaluate potential risks to IT systems and infrastructure, including cybersecurity threats, data breaches, system failures, and compliance violations.
· Ensure that the organization's systems and practices adhere to relevant laws, regulations, and industry standards by monitoring compliance.
· Perform periodic access reviews and audits to validate the appropriateness of access permissions and identify any discrepancies or violations.
· Review & create policies of various ISO management systems standards for Radian Compliance.
· Perform assessments to evaluate policy controls and regulatory control frameworks.
· Establish and maintain governance frameworks for overseeing IT activities, ensuring alignment with organizational objectives, and facilitating decision-making processes.
· Assess the process for provisioning, managing, and deprovisioning user accounts and privileges.
· Providing training and awareness programs to educate employees about ISMS & QMS processes, IT security best practices, policies, and procedures.
AXA Business Services Pvt Ltd, Internal Controls and Auditing Jan 2018 - Jan 2019
· Responsible for effective controls implementation, sustenance, maintenance & improvement related to ISO/IEC 27001:2022.
· Reviewing and updating the ISMS polices of the organization.
· Led compliance initiatives, ensuring adherence to ISO 27001:2022 across the organization’s IT systems and processes.
· Analyse business requirements and ensure that solutions meet established security policies and controls.
· Thorough understanding of design and implementation of controls.
· Plan and execute Risk Assessment based on threat and vulnerabilities. Reviewing and updating the Risk Assessment guidelines and registers.
· Prepare audit reports reflecting opinion of effectiveness of the systems processes, non-conformities and the effectiveness of activities carried out.
· Mapped SOC 2 controls to ISO 27001 requirements, ensuring alignment with industry standards for U.S. clients.
· Provided recommendations for enhancing control frameworks based on SOC 2 and ISMS requirements, facilitating successful audits and compliance initiatives.
· Regularly reviewed and assessed SOC 2 controls for U.S.-based clients to ensure compliance with security, availability, confidentiality, and privacy standards.
· Maintain operational efficiency of organization’s Data Leakage Prevention programs.
· Domain knowledge of risk and internal controls.
· Refine processes for preventing, detecting, identifying, analysing, and responding to data security incident.
· In charge of the anomalies and action plans follow-ups.
· Review the internal projects and independently validate the data reported by L1 by
· verifying/ validating risk and controls.
· Perform control testing and share reports to the relevant stakeholders. UST Global India Pvt Ltd, Infrastructure Analyst- IPC Service Control May 2016 - Dec 2017
Kamya Krishna - page 1 of 2
· Identify, manage, record and respond to incidents ensuring rapid containment and remediation.
· Collaborated with cross-functional teams to assess the impact of security incidents, identify root causes, and implement corrective actions to prevent recurrence.
· Based on the findings, update controls and response plans to prevent similar incidents which involved strengthening network security configurations, updating security patches more frequently, or improving monitoring procedures.
· Lead technical bridge for remediation.
· Producing management information, including KPIs and reports.
· Identify trends to optimize security incident processes and monitoring tools.
· Coordinated the resolution of incidents involving unauthorized access, data breaches, and misconfigurations within cloud infrastructure.
· Escalate issues to the management in a timely manner with appropriate information regarding risk, action times and root cause analysis.
Vodafone India Pvt Ltd, Executive - Infrastructure Management Jun 2014 - Jul 2015
· Responsible for providing Global IT support for all Vodafone Operating Companies around the world.
· ITIL Services Expertise on Incident Management & Service Desk. Incident Detection, Recording, Management & Tracking
· Represent the first stage of escalation for Incidents, should these not be resolvable within the agreed Service Levels.
· Find temporary solutions (Workarounds) available to Incident Management. Developing final solutions for Known Errors
· Ensure all the KPIs are met during the shift and providing smooth handover to the next shift lead. Transgenez Solutions Pvt Ltd, Team Lead
Feb 2010 - May 2014
• Monitored and coordinated daily workflow activities, ensuring adherence to SLA criteria, optimizing team performance in productivity, quality, and customer satisfaction.
• Managed resource planning and allocation, ensuring optimal team performance and alignment with organizational goals. Nirvana Business Solutions Pvt Ltd, Team Lead
Apr 2008 - Feb 2010
• Resolved customer queries, achieving daily targets and ensuring adherence to quality metrics, enhancing customer satisfaction.
• Adhered to processes and procedures, contributing to team success.
• Acted as a team player in the absence of the team leader, maintaining productivity and c-sat. EDUCATION
Shobhit University
Bachelor • Business Administration
DAV Public School
Cambridge Public School
LICENSES & CERTIFICATIONS
ITIL Operational Support and Analysis (ITIL-OSA)
EXIN •
ITIL® v3 Foundation
EXIN •
ISO 27001:2013 Lead Auditor
BSI Training Academy •
ISO 31000:2018 Risk Management
Exemplar Global, Inc. •
Six Sigma Green Belt
SKILLS
Risk Management • Incident Handling & Root Cause Analysis • Infrastructure & Data Security • Stakeholder Management
& Change Management • Excellent communication skills • Training and Awareness • Good inter-personal skills • Project Management • Quality Control • Compliance Management Kamya Krishna - page 2 of 2
Contact this candidate