Vice President @ Deutsche Bank Group Audit

•Develop & execute a robust & efficient plan which incorporate risk assessment & implementation of controls as guided by the ICS RTF & tailored to the relevant areas.• Design & implement a new Remediation process, deliver a new accounting model in line with Group policy.• Coordinate & plan for cyber crisis management exercises, build response & recovery capabilities, workarounds, ensure up to date playbooks etc.• Working with stakeholders to identify, assess & rate the information… Show more •Develop & execute a robust & efficient plan which incorporate risk assessment & implementation of controls as guided by the ICS RTF & tailored to the relevant areas.• Design & implement a new Remediation process, deliver a new accounting model in line with Group policy.• Coordinate & plan for cyber crisis management exercises, build response & recovery capabilities, workarounds, ensure up to date playbooks etc.• Working with stakeholders to identify, assess & rate the information assets, build out the risk profile per the framework, initiate risk assessments & put together treatment plans.• Use qualitative & quantitative data sources to validate (KCD) & associated controls, accelerate risk assessment process, validate business risk profile & develop action plans to remediate to bring ICS risk back into appetite.• Conduct regular process reviews and provide regular status updates including progress, top risks & issues to the respective business forums for the relevant domains. Track RAG status, key milestones, risks, dependencies and issues.•Interface with the Regional & Country business heads to assist with sharing of risk profiles, advising on cyber. risk issues and addressing areas of concern• Maintain strong stakeholder engagement with other COO, Chief Information Security Risk Office teams, ICS RTF Implementation Programme teams & Security Technology teams.• Establish & maintain working groups across domains to progress the framework roll out.• Ensure Head ICS Risk is briefed & necessary decisions are made in a timely manner.• Assist with pulling together Risk papers going to various Risk committees within the business lines•  Manage actions coming out of various risk & compliance forums.•  People management in the areas of resourcing, talent development, performance management, learning & development & engagement.• Efficiently, closely tracking timeline commitments for provision of information & action plans, & for validation of actions taken. Show less

Principal Consultant in CRS handling multiple projects as transition lead and Information Risk Officer. Responsible for information security risk assessments, BCP/DR activities and tests, Security Incidents, Information security Awareness, KPI reporting and support to Enterprise Risk Management Team.

Maintain ISO27001/SOC2 compliance, Track & Maintain risk registers, Review & update security policy, process, procedure & guideline documents, Track & Close external / Internal audit findings Conduct security & process awareness training, Perform risk & compliance assessments for customer accounts & projects, Plan & perform or participate in BCP & DR activities and tests execution, Prepare monthly reports, SSAE16/SOC2 reporting, Respond to security incidents.

Manage Vulnerability Assessments using qualysguard.Schedule and execute Vulnerability Assessments scans and reporting Vulnerability scan reports.Prepared risk register with assistance of respective team representatives based on ISO standards.Coordinating on Vulnerability Assessments scan reports to ensure that the fixes are implemented.Implementing ISO 27001 Standards on the team for GTS tower in Society General.Conducting ISO 27K audit interviews with All Functions &… Show more Manage Vulnerability Assessments using qualysguard.Schedule and execute Vulnerability Assessments scans and reporting Vulnerability scan reports.Prepared risk register with assistance of respective team representatives based on ISO standards.Coordinating on Vulnerability Assessments scan reports to ensure that the fixes are implemented.Implementing ISO 27001 Standards on the team for GTS tower in Society General.Conducting ISO 27K audit interviews with All Functions & Maintenance of ISO 27K in the firm.Conduct ISO 27K awareness sessions for the employees.Plan , Executed and reporting of ISO 27K awareness quiz for the firm.Approve firewall requests for India & Asia zone specific zone.Prepare and present Risk related reports for India & ASIA zone to the management including all KPI's. Show less

Manage routine Contingency Planning (CP) management reporting, drawing relevant information from BIAs, plans, incidents, disasters, exercises etc. plus the wider context from legal, regulatory and standards bodies (e.g. legislative changes); Develop and help deliver CP training and awareness activities; Assist with BIA and test/exercise planning, determining any associated compliance requirements (e.g. legal obligations to conduct a certain number and type of exercise each year). Liaise… Show more Manage routine Contingency Planning (CP) management reporting, drawing relevant information from BIAs, plans, incidents, disasters, exercises etc. plus the wider context from legal, regulatory and standards bodies (e.g. legislative changes); Develop and help deliver CP training and awareness activities; Assist with BIA and test/exercise planning, determining any associated compliance requirements (e.g. legal obligations to conduct a certain number and type of exercise each year). Liaise between and coordinating various internal and external stakeholders (such as senior management, key customers, suppliers and business partners, employee representatives and third party service/equipment suppliers) to elucidate the CP requirements and capabilities, using rational Business Impact Analysis (BIA) processes to ‘normalize’ and prioritize CP requirements on behalf of the organization as a whole, and form the big picture of CP requirements in relation to normal operational and strategic activities; Implement suitable control, directive and monitoring arrangements to govern the CP. Help build a ‘center of excellence’ for CP - a focal point in the organization offering internal consultancy support and direction on CP matters with help from BC/BR managers and other experts; Assist with the drafting of CP-related policies, standards, procedures and guidelines;Perform or support others in the identification and management of CP project-related risks; Assist with the coordination and/or delivery of CP-related awareness, training and educational activities, exercises/tests etc.; Assist in a crisis to implement CP plans, address operational issues, communicate clearly and effectively etc. Show less

Lead for ASIAPAC Identity and Access Management operations and managing team activities starting Feb 2010.Scheduling new training session on Access management process for the non-hub areas and applications for RBS.Administering and Managing Windows Active Directory, LDAP, SSO, Share Drives and Mailboxes and other critical network resources.Generate MIS reports to track daily, weekly and monthly productivity to the senior management.

Deliver a high quality customer and partner experience through timely and effective Response and Resolution, supporting Identity and Access Management global process.Overall responsibility for ensuring SLA deliverables for the information security operations Analyze results and reporting summaries to assist the Management in reporting to the Client and strategics to identify best practices Ensuring regular & stringent adherence to Quality for I&AM process.Handle supervisory… Show more Deliver a high quality customer and partner experience through timely and effective Response and Resolution, supporting Identity and Access Management global process.Overall responsibility for ensuring SLA deliverables for the information security operations Analyze results and reporting summaries to assist the Management in reporting to the Client and strategics to identify best practices Ensuring regular & stringent adherence to Quality for I&AM process.Handle supervisory calls / escalations and ensure resolution of problem & Governance report.• User Identity Management and reporting for manager/client on Mainframe using Van Guard.• Auditing function :o Facilitating internal audits o Formulation of Security Policies and Standardso Conducting periodic audit/compliance checks o To work with close coordination with the entire IT team.o To interact with Cross functional teams (Sr. Managers / Head of Departments) in the area of audit observations.Suggesting Corrective actions for any non-conformity found to the management after each internal compliance audit. Show less

Insurance claims processing as per client specification and requirements. Maintaining data (Insurance claims ID) and send daily production report to management.Promoted as Senior Operations Executive within six months.Given responsibilities to handle different processes within “Insurance - BFI” Department.Given responsibility to handle the team of 6 people for a new process within AETNA - BFI.

Conversion of paper work into electronic database Troubleshooting LAN connection problems, Maintaining and Updating Database, Receiving and Distribution of chemicals to specific scientists, Updating New Software’s.