Privilege Access Management | 15 months• Defined IAM controls required to be implemented for applications onboarded in order to move closer to a zero-trust environment. • Discussion and interaction with individual clients to understand the application architecture, the accounts and authentication methods present. Deciding what accounts would fall under Privilege Access Management (PAM) and their level of integration required.• Onboarding and implementation of privilege access… Show more Privilege Access Management | 15 months• Defined IAM controls required to be implemented for applications onboarded in order to move closer to a zero-trust environment. • Discussion and interaction with individual clients to understand the application architecture, the accounts and authentication methods present. Deciding what accounts would fall under Privilege Access Management (PAM) and their level of integration required.• Onboarding and implementation of privilege access management(vaulting) and automatic password rotation/management.• Collaborated with cross-functional teams to implement IAM solutions and enhance overall security measures.• Demonstrated flexibility by working extended hours to complete high-priority deliverables, ensuring project timelines were met. Maintained strong communication skills while interacting with global teams, ensuring seamless collaboration.Special Tools: SAPM/ CyberArk, Service Now, OneIDM- Identity and Access Manager Show less

Governance, Risk & Compliance | 15 monthsApplication Onboarding• Application onboarding on RSA Archer & ServiceNow tools, received from different sites in order to perform GRC activities. The service intends to establish a centralized managed model to make applications compliant and less vulnerable and under data privacy regulations and controls.Risk Assessment• Interacted with client on individual basis regarding the planning and risks associated with the onboarded… Show more Governance, Risk & Compliance | 15 monthsApplication Onboarding• Application onboarding on RSA Archer & ServiceNow tools, received from different sites in order to perform GRC activities. The service intends to establish a centralized managed model to make applications compliant and less vulnerable and under data privacy regulations and controls.Risk Assessment• Interacted with client on individual basis regarding the planning and risks associated with the onboarded application. Documented and reviewed risks and recommendations based on Security Controls.• Performing Business Impact Analysis (BIA) based on confidentiality, integrity and availability of the application. Defined KPIs based on data protection/recovery.• Performing iRisk Assessments, working on various controls generated such as Infosec, Labor Relations, RAMP, R&IG checklists Third Party Risk Management (TPRM), ISO 31000 etc.Internal Audit• Performed internal audits on the applications in accordance with Data Privacy, ISO 27001, TPRM, change management, incident management, IT asset management, patch management, business continuity plans etc. • Conducted assessments based on Standardized Information Gathering (SIG) Questionnaire. Developed and delivered user awareness programs on privacy, governance, and reporting, fostering a security-conscious culture within the organization.Special Tools: Mega Portal, Service Now, App Governance, RSA Archer Show less