Prasanna Devanathan

Prasanna Devanathan Email and Phone Number

Technology Risk mANAGER in Standard Chartered GBS @
Prasanna Devanathan's Location
Tamil Nadu, India, India
About Prasanna Devanathan

CISA & CISSP Certified Professional with over 15 years of rich experience in Managed Security Operations, Risk Management & Compliance and Incident Management contributing to resolving complex security-related issues. I am accountable for maintenance of organizational information systems, performing business requirement evaluation and conducting risk assessment ensuring security operations excellence.My excellence is to evaluate overall information technology risk, maintain the IT Risk Framework and its associated controls, develop incident response protocols and network/infrastructure breaches without compromising on quality & agreed timelines while delivering compelling solution proposals and enhancing network services. I am proficient to ensure protection and security of organizational networks, applications, and infrastructure as per security policies and quality standards. Significant Highlights✰Experienced in managing standards (ISO: 9000, ISO: 27001, ISO: 20000, NIST, ITIL V3.0) and frameworks (COBiT, and COSO)✰Expertise in regulatory compliance with process consulting approach on PCI-DSS, HIPPA, GDPR✰Comprehensive knowledge of security concepts; cyber-attacks, threat vectors, risk management, incidentsWhile working for industry giants, I have been defining infrastructure security metrics to support the planning, implementation of security control and risk tolerances. I showcase skills in delivering Risk Assessment services, excelling through rapid adaptation of technology capabilities and team motivation.In addition, I have also attained the ability to think strategically, analyse, and articulate solutions to complex IT management problems, coupled with an aptitude to organize information and communicate the same in a clear and useful manner.Education: B.Tech (Chemical), MBA (Quality Management, Production Planning, Control and Maintenance) Certifications: CISA (Certified Information Systems Auditor), CISSP(Certified Information Systems Security Professional), ITIL V3 Foundation & Six Sigma Green Belt

Prasanna Devanathan's Current Company Details
Standard Chartered GBS

Standard Chartered Gbs

Technology Risk mANAGER in Standard Chartered GBS
Prasanna Devanathan Work Experience Details
  • Standard Chartered Gbs
    Risk Manager
    Standard Chartered Gbs Jan 2023 - Present
    India
     Part Group Operational Risk Function which oversees a number of different non-financial risk types. Group Operational Risk is positioned within the bank’s Risk Function which is led by the Group’s Chief Risk Officer.  As a Technology Risk Manager, role is to help deliver an independent, effective First Line of defence for Technology Risk for Cloud Platform (AWS & Azure) Line of Business / Function to cover the key required activities under Enterprise Risk Type Framework. Govern AWS TA / Azure defender Security review process, Patch & Vulnerability Management Track and report KCI Metrics on monthly basis to relevant stakeholders Risk Manage all the self-identified risks, Audit observations / Non-compliances from Second / Third line of defences and Regulatory audits  Liaise with Internal and External stakeholders during the regulatory audits conducted by Third party auditing firms for country specific regulatory requirements  Risk Assessments – Perform Risk & Control Self Assessments (RCSA) for Technology Risk including Top-Down Reviews, the Annual RCSA Review and any ad-hoc Trigger Reviews. Perform Risk assessments for new material business initiatives led by Technology function. Govern Treatment Plans and Closures. Assist with the Technology Risk reporting operations, including scheduling key monthly meetings, monitoring key milestones, escalation of past due activities, problem triage and management, and archiving key monthly artefacts for audit purposes. Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness Assurance – Perform thematic reviews in support of the Technology Policy assurance. Perform short and targeted Focused Reviews for areas of topical and key concern. Regulatory & Business Conduct: Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
  • Wipro Technoligies
    Lead Consultant
    Wipro Technoligies Jan 2019 - Jan 2023
    Chennai, Tamil Nadu, India
    • Part of the IT Risk Office sub-practice which is part of larger Cyber Security & Risk Services (CRS) practice Working on Cyber Security projects including Security Governance, Risk Management, Policies and Procedures, Security Incident Management, Data Privacy, Cyber Resilience and Awareness • As an IT Risk officer participated in client engagement teams, assessing, improving and evaluating client’s Healthcare / Financial Services clients business and Information Technology (IT) processes and controls, predominantly in their IT environment. Provided expert consultation to our clients in the following key areas o IT General Controls o Service Organization Controls reports o Compliance with various frameworks o Through assisting in Internal Audit o Performance Improvement and Cyber Security• Manage IT Infrastructure transition from IT Risk and Compliance stand point and Conduct IT Infrastructure Risk Assessments and GAP analysis • Liaise with Internal and External stakeholders during the regulatory audits conducted by Third party auditing firms for HiTRUST, PCI, SOX, SOC1 & SOC2, FISMA annual assessments • Translate all the contractual and regulatory requirements / obligation into implementable controls and co-ordinate with relevant stakeholders towards implementing those controls • Exception management for the controls that are not implemented / followed • Conduct Data Privacy assessments at account / project level • Design the DLP Rule sets for Email and Endpoint level DLP and co-ordinate with DLP team to implement the rule sets in a phased manner that includes Monitoring mode & Block mode • Identify and assess the operational risks by conducting periodic assessments, prioritize the risks identified and track the risks using Risk treatment plans • Experience planning and co-ordination in Disaster Recovery and Fail-over testing • Create & Review Business Continuity plan, conduct annual Call tree test, Tabletop Exercise
  • Hcl Tech Ltd. - Iomc
    Consultant
    Hcl Tech Ltd. - Iomc Oct 2014 - Dec 2018
    Chennai Area, India
    Growth Path: Associate Consultant - tagged under Telecom engagement ---> Consultant – tagged under leading Chemical CompanyWorked with HCL (IOMC), Chennai as a Consultant, my role spreads across Security Operations Center, Auditing, Incident Management, Reporting & Documentation, Training & Development and People Management. I utilize my advanced skills in identifying risks and areas of improvement to ensure security operational excellence, reviewing the compliance status, auditing Information Security policies in accordance with current risk posture and monitoring threat management, threat modeling, and security. I apply integrated set of abilities in ensuring compliance to SLA, process adherence and process improvisation to achieve operational objectives and reviewing security-related documents. I also rolled out Computer Security Incident Response (CSIRT) procedure for: Spam & Phishing email incidents including Malware & Virus outbreak incidents, DDoS incidents and Data Breach incidents. I also rolled out Vulnerability Management process.In addition, I provide assistance in tracking the PIA open findings as well as SOX – Audit open findings to closure. While working with technical architects I established server hardening baseline policies for Windows and AIX servers; taking the CIS guidelines. I possess knowledge on Cloud Security Alliance and NIST standards.I serve as an impetrative team leader Managing Security Operations Center with a team of 10+ security consultants across below technologies✰Perimeter Security✰Endpoint Security✰Web Gateways / Proxies ✰Microsoft Exchange Online Protection (EOP) and E-Mail Gateways✰Security Information, Event Management and Log Management solutions (SIEM)✰Identity and Access Management (IAM)✰Privileged Account Management ✰Vulnerability & Threat Management
  • Wipro Technologies
    Technical Lead
    Wipro Technologies Jan 2011 - Sep 2014
    Chennai Area, India
    Dual role: Technical Lead | Governance Risk & Compliance (GRC) Practice under Enterprise Security Solutions (ESS) Senior Consultant | IT Agility & Transformation (ITAT) Practice under Wipro Consulting Services (WCS)For Wipro Technologies, I led the development and implementation of risk responses, identified and evaluated risk to enable the execution of the enterprise risk management strategy, monitored risk and communicated information to the relevant stakeholders to ensure the continued effectiveness of the enterprise’s risk management strategy. I optimized internal control against security standards and managed Secured Offshore Development Centre.Alongside, I worked on solutioning and estimation technique, Good Application Security Concept (OWSAP CWSS), Application Vulnerability Assessment using HP Web Inspect and Penetration Testing. I managed key functions related to Security Compliance and Regulatory in PCI-DSS, HIPAA and delivered value-driven process consulting on CMMI, ISO, Lean, Agile, Six Sigma and ITIL. Furthermore, I conducted training sessions on Information Security and Process to upgrade the skills & knowledge of the team.
  • Syntel
    Asst Manager
    Syntel Dec 2009 - Dec 2010
    Chennai
    During my association with Syntel Ltd, I was mainly responsible for ensuring on-time completion of project audits (PCR) in accordance with SLA, implementation of PPM (ITG Tool) in assigned delivery units, completion of SAS 70 Type 2 audit and recognition of project specific risks and risk management. I along with top executives developed strategic plans for future improvements of the organization’s technology to ensure security and help the organization stay competitive.Moreover, I was accountable for reviewing Infrastructure team on asset management, incident management, business continuity planning / disaster recovery planning. I also analysed and reported recommendations on risk controls to provide continuous improvement measures which led to the overall increase in the efficiency of the processes. I interfaced with management and users to translate audit findings into high-level insights, to deliver practical recommendations.
    View
  • Mphasis Fin Solutions(Formerly Aig Systems Solutions)
    Process Analyst
    Mphasis Fin Solutions(Formerly Aig Systems Solutions) Jun 2007 - Nov 2009
    Chennai Area, India
    As Senior Associate internal audit Group, I played a vital role in monitoring the Computer Networking, Application Security & Information Security concepts. I served as OU Coordinator for CMMI CLASS C & A appraisal and represented as FAR group member in CMMI appraisal. I was accountable for managing Process Compliance Index, handling follow-ups and closure of NCs as per set timelines, examining project level audits like Release Verification and CM audit, auditing the Infrastructure Team on Access Management, Incident Management System, BCP / DR, Enterprise Risks and CMMI Appraisal Schedule adherence 100% and execution of annual risk assessment and Infrastructure Auditing strategy within IT infrastructure.I Worked in diverse teams to create integrated system requirements, evaluated & gathered defects data to facilitate project wise defect prevention meeting , contributed to iShare, Knowledge Champion, organization knowledge, Innovation/Best Practices Development and Process Improvement (CMMi/FAR).
  • Cognizant
    Associate
    Cognizant Oct 2006 - May 2007
    Chennai Area, India
    View
  • Sgt India Private Limited
    Qa Manager
    Sgt India Private Limited Jan 2006 - Sep 2006
    Chennai Area, India
  • Sab Miller India Ltd
    Executive
    Sab Miller India Ltd Dec 1997 - 2005
    Chalakudi, Kerala And Bangalore, Karnataka

Prasanna Devanathan Skills

Software Project Management Sdlc Business Process Itil Team Management Pmp Software Quality Assurance Information Security It Audit It Governance Is Auditor Information Assets Protection It Systems Operations

Prasanna Devanathan Education Details

  • Adhiyamaan College Of Engineering, Hosur, Tamil Nadu
    Adhiyamaan College Of Engineering, Hosur, Tamil Nadu
    Chemical Engineering
  • St.Ann'S Hr Sec School, Tndivanam, Tn, India
    St.Ann'S Hr Sec School, Tndivanam, Tn, India
    Maths, Physics, Chemistry & Biology

Frequently Asked Questions about Prasanna Devanathan

What company does Prasanna Devanathan work for?

Prasanna Devanathan works for Standard Chartered Gbs

What is Prasanna Devanathan's role at the current company?

Prasanna Devanathan's current role is Technology Risk mANAGER in Standard Chartered GBS.

What schools did Prasanna Devanathan attend?

Prasanna Devanathan attended Adhiyamaan College Of Engineering, Hosur, Tamil Nadu, St.ann's Hr Sec School, Tndivanam, Tn, India.

What skills is Prasanna Devanathan known for?

Prasanna Devanathan has skills like Software Project Management, Sdlc, Business Process, Itil, Team Management, Pmp, Software Quality Assurance, Information Security, It Audit, It Governance, Is Auditor, Information Assets Protection.

Not the Prasanna Devanathan you were looking for?

View similar profiles

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.