Internal Audit

Overall responsibility for Security compliance with Industry regulations and Management policies and guidelines

Apply deep and broad security background and knowledge of industry trends to operate critical or high-risk technology areas/customer groups.• Integrate technical knowledge and business understanding to create superior solutions for customers. Mentor/consult with team members, other organizations, customers, and vendors on the most complex issues.• Incident Management: Resolve technical and business incidents independently. Mentor/assist less-experienced team members on complex incidents.• Escalation Management: Identify, manage, and lead escalations through L5.• Problem Management: Proactively and reactively look for solutions to prevent the most complex problems from occurring across teams/technologies.• Change Management: Independently review and verify changes/solutions of high complexity and risk to meet customer and/or trade needs. Lead or participate in a Change Advisory Board or Technical Advisory Board.• Patch and Security Management: Provide input to security policies. Proactively monitor the environment for patch compliance. Analyze patches for compatibility with each customer or internal infrastructure environment. Approve patch and security changes.• Configuration Management: Ensure Configuration Management Database (CMDB) entries are complete and accurate.• Project Management: Participate, propose, and/or lead exceptionally complex customer and internal projects, including transformation, across technology customers and/or internal businesses/end user's areas. Mentor/provide review/advice to other projects inside/outside responsibility areas.• Seen by customers or internal businesses/end users. as a trusted advisor.• Teamwork: Lead or work as part of a team, which may be virtual, global, and/or multifunctional, and addressing highly complex issues. Trusted advisor inside and outside team/technology area. Typically advises or sets direction for:- All customers• Apply Security leadership, Governance and Compliance in all issues

ISACA got its start in 1967, when a small group of individuals with similar jobs—auditing controls in the computer systems that were becoming increasingly critical to the operations of their organizations—sat down to discuss the need for a centralized source of information and guidance in the field. In 1969, the group formalized, incorporating as the EDP Auditors Association. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge and value of the IT governance and control field. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves. Today, ISACA’s constituency—more than 110,000 strong worldwide—is characterized by its diversity. Constituents live and work in more than 180 countries and cover a variety of professional IT-related positions—to name just a few, IS auditor, consultant, educator, IS security professional, regulator, chief information officer and internal auditor. Some are new to the field, others are at middle management levels and still others are in the most senior ranks

Firm specializing in training and consulting services of Information security management and enterprise risk management

Successfully implemented ISMS in KMCH

Trained CISA, CISM, CISSP aspirants. Also was responsible for content creation for majority of the subjects offered in One year Program in Information Security Management Course. Handled consulting assignments from Banks and was Information Security officer for the education division.

Business Management Was responsible for the Profitability of the branches in seven North Eastern States, for expansion of business in North Eastern Zone and successfully transformed the region into a Profit making Zone.Information Assurance and Risk ManagementWorked as Enterprise Risk officer and successfully secured the Mandate from Government of Assam for implementing e-stamping mechanism in the State of Assam, by selecting and presenting effective methods on Access Control Mechanisms and its architecture, Data Architecture, Physical Security Mechanisms and effectively supervised the implementation of Financial Risk Management methods, data management and its retention during this period for the secure implementation of e-stamping.Conducted awareness courses and made presentations on Information security to the staff of the Corporation.

• Functioned as Internal Auditor, prepared and represented to Audit Committee Meetings• Functioned as Risk Officer and was Member of Risk Management Committee and represented to Board of Directors• Functioned as Information Security officer and was member of Technical Committee• Designated as Key Management Personnel• Gap Analysis and Certification and Accreditation• Functioned as Cyber Law and Anti Money Laundering officer • Change Management and Business Continuity

• Handled the Receivables Accounts of the Retail Division at Mumbai for all over India.• Coordinated with the retail client base of over 1 lakh and with Branch/Region Heads of over 200 nos.• Directed the recovery processes in respect of the receivables due, supervised the categorization of bad debts and their provisioning.• Initiated procedures for the recovery of the bad debts and related accounting records.• Generated MIS Reports, Internal faculty for training in the financial services and receivables management procedures.• Functioned as Y2K officer and Internal Auditor, and accountant for Retail services• Approved changes to Software and Data and secure requirements analysis to IT

• Handled the Books of Accounts and Finalization of Accounts, evaluating project proposal and reports• Independently handled tax audits and tax related issues including queries.• Drafted the budgets, costing for specific activities.• Carried out Branch Inspection Audits.• Worked as Branch Accountant in Kolkata