Information Security Risk Management
Resume:
SURESH KUMAR PATCHAMETLA
Houston, Texas ***** • +1-346-***-**** • ************@*****.*** • LinkedIn: linkedin.com/in/suresh-patchametla
Work Authorization: U.S. Permanent Resident (Green Card)
Professional Summary
Experienced Audit and Risk Management Leader with 27+ years in IT, including over 10 years in IT compliance, internal audit, and project management within highly regulated industries. Proven expertise in executing full-cycle audits—from planning to reporting—and managing audit teams, remediation efforts, and stakeholder communications. Adept in identifying audit risks, drafting audit opinions, and ensuring compliance with standards such as ISO 27001, SOX, HIPAA, and NIST. Certified in CISA, CRISC, CISM, and ISO 27001 Lead Auditor. Strong communicator and team mentor with a proactive risk mitigation mindset.
Certifications
PMP – Project Management Professional, 2007
ITIL Foundation – IT Service Management, 2018
CSQA – Certified Software Quality Analyst, 2004
CRISC – Certified in Risk and Information System Control, 2024
CISM – Certified Information Security Manager, 2024
CISA – Certified Information Security Auditor, 2023
ISO 27001 Lead Auditor – Information Security, 2018
CORE COMPETENCIES
Internal & External Audit Management
Risk Identification & Issue Remediation
Vendor Risk & Access Management
Risk Management & Control Remediation
Regulatory Compliance: ISO 27001, SOX, HIPAA, NIST
Vendor Risk & Access Management
External & Internal Audit Readiness
Risk Management & Control Remediation
Disaster Recovery & Business Continuity Planning
Experience
Compliance Assurance Manager / Delivery Manager, 05/2014 - 07/2025
DXC Technology – Chennai, India
Directed internal and external audits (HIPAA, SOX, SOC2, ISO 27001) for a major healthcare client over a 10-year span, ensuring compliance with regulatory standards and reducing audit gaps by 30%.
Scoped audits, drafted and reviewed audit workpapers and opinions, validated remediation, and led communication with audit leadership and client stakeholders.
Led cross-functional audit and delivery teams, mentored new auditors, maintained compliance training, and managed performance across onshore and offshore teams.
Developed and maintained IT policies and procedures aligned with ISO 27001, NIST-CSF, and client-specific information security standards.
Acted as a strategic liaison between delivery, security, and audit functions, ensuring alignment with client policies and regulatory mandates.
Oversaw vendor risk assessments and maintained risk registers for third-party services, supporting enterprise-wide risk mitigation strategies.
Coordinated incident response activities and ensured timely documentation and audit readiness post-incident.
Represented the delivery function in working groups and steering committees, providing audit insights and governance recommendations.
Managed large-scale IT infrastructure transformation projects with embedded compliance and security objectives, ensuring delivery within SLAs and budgets.
Key Clients: Kaiser Permanente
SELECTED PROJECT EXPERIENCE
General Ledger Systems – Project Lead, DXC Technology, Chennai, India
Client: Kaiser Permanent Feb 2007 – Apr 2014
Led support and enhancements for critical financial systems used by 8.1M members.
Provided 24/7 production support and handled end-to-end SDLC tasks.
Skills: COBOL, JCL, DB2, VSAM, SAS, Expeditor
Pharmacy Information Systems – Project Lead, DXC Technology, Chennai, India
Client: Kaiser Permanente Sep 2005 – Jan 2007
Maintained critical patient prescription systems and external pharmacy claims.
Handled enhancements and regulatory reporting modules.
Skills: COBOL, JCL, VSAM, DB2, SAS
Core Financial Systems – Project Lead, DXC Technology, Chennai, India
Client: Kaiser Permanente Jan 2004 – Aug 2005
Supported 10+ finance applications across California regions.
Managed year-end, month-end closings and compliance processing.
Material Management & UCOA Conversion – Programmer Analyst, DXC Technology, Chennai, India
Client: Kaiser Permanente Aug 2003 – Dec 2003
Led conversion of general ledger systems from COA to UCOA formats.
Defined Contribution & Savings Re-write Projects, Programmer Analyst, Covansys Inc, Columbus, Ohio, USA
Client: Public Employees Retirement System Jul 2001 – Jul 2003
Converted legacy PL/I, IMS, RPG systems to COBOL II/DB2 for retirement benefits.
Interfaced with business for requirements and testing leadership.
Skills: COBOL, DB2, IMS, PL/I
Healthcare/Long Term Care. Covansys Inc, Programmer Analyst, Covansys Inc, Columbus, Ohio, USA
Client: State Teachers Retirement System Mar 1999 – Jun 2001
Supported batch/online COBOL modules for healthcare and premium deductions.
Tools: Pacbase, COBOL, DB2
Year 2000 Projects, Programmer Analyst, Covansys Inc, Columbus, Ohio, USA
Client: Department of Human Services (CRIS-E) Sep 1998 – Mar 1999
Y2K conversions and production system remediation for retail and government systems.
Skills: COBOL, IMS, EASYTRIEVE, Assembler, Microfocus COBOL
Year 2000 Projects, Programmer Analyst, Covansys Inc, Columbus, Ohio, USA
Client: Limited Stores May 1998 – Sep 1999
Y2K conversions and production system remediation for retail and government systems.
Skills: COBOL, IMS, EASYTRIEVE, Assembler, Microfocus COBOL
Education
Name of the University: Kuvempu University, Chitrdurga, Karnataka Country: India
Degree: BE Computer Science
Work Authorization
U.S. Permanent Resident (Green Card – IR5 Visa). Fully authorized to work in the U.S. without sponsorship
Contact this candidate