EXPERIENCE

EXL, Apr 2017 – Present, Greater New York City Area

Information Security, Audit & Risk Management

• Collaborated with General Risk & Compliance specialists and lines of business to review and analyze regulatory examination requests across the company.
• Led complex Advisory Projects viz. Cyber-Security Assessments (NIST), IAM & Data Privacy Audits, PCI-DSS & ITGC Assessments, ISO27001 & Secure SDLC Audits, Data Warehouse (EDL \ EDG) Audit, Third-Party Risk Management Audits, Cloud Security, SOX 404 & Key Report testing, ITIL Implementation & Audits, BCP & DR Audits and Mobile Security audits.
• Led and/or performed scenario-based assessments viz. penetration tests, tabletop exercises and cyber-war games.
• Performed pre-implementation application reviews focused on change management, user acceptance testing, security analysis, process mapping, and data conversion.
• Responsible for tracking and monitoring of regulatory findings and observations, including advising process improvements and best practices required to bring issues to closure.
• Developed processes & process controls, audit program guides (APG), hand-offs documentation to assess and improve security, privacy & compliance across the organization.
• Driven improvements in Internal Audit methodology, technology audit processes, knowledge management and fostered information security awareness.
• Experienced in using vulnerability management & Pen-Testing tools such as BurpSuite, MetaSploit, NmAp, Nessus, OpenVAS, WebInspect, API Testing using Rest C. and PostMan.

~ Program & Project Management –
• Experience leading cross-functional & multi-location teams to deliver complex projects iteratively with multiple dependencies and constraints, in a highly dynamic and agile environment.
• Executed various enterprise-wide change management initiatives
• Project managed various IT Infrastructure Setup Programs including Datacenter consolidations, cloud migrations, post M&A Integration Projects, BPO Transitioning Projects and Green-field setups.

PROGRAM LEAD – VULNERABILITY MGMT. & PRE-M&A RISK MITIGATION

May 2016 – Apr 2017, Greater New York City Area

• Led 7 project teams to facilitate transition of proprietary technology from a major pharmaceutical retail company to acquired company (Fortune 16 - Healthcare Company).
• Led Info-Security team responsible for Vulnerability Scanning, Penetration Testing, and Application Security.
• Demonstrated ability to review & interpret vulnerability assessment and scanning results, reduce false positive findings, and acted as security advisor to business unit partners.
• Performed risk-based audits of IT General Controls (Access Control, Change Management and IT Operations) and IT Application Controls testing for both internal and external technology solutions.
• Liaise with threat intelligence and vulnerability management teams to drive remediation of vulnerabilities.
• Handled special projects such as Segregation of Incompatible Duties (SOD), PCI DSS, and identify conflicts or inadequate internal controls and provide recommendations.
• Successfully managed a team of 11 SME / project managers, responsible for their performance, career growth and review.
• Collaborated with client business teams & multiple tech teams to deliver requirements for the integration of enterprise-wide key infrastructure and 28 proprietary software.
• Managed OPEX and CAPEX cost and ensured continuous optimization, by monitoring capacity and running automation projects.
• Oversaw critical project paths and timelines for successful delivery while maintaining quality of deliverables.

ASSISTANT VICE PRESIDENT - IT PROJECTS

Encore Capital Group, Sep 2015 – Mar 2016, Noida Area, India

• Diversified experience in engaging directly with key clients at a strategic level, supporting portfolio of complex projects with total contract value of $4-6 M.
• Project managed various IT Infrastructure Setup Programs including Datacenter consolidations, cloud migrations, post M&A Integration Projects, BPO Transitioning Projects and Green-field setups.
• Developed project management documentation (Project charter, scope statement, stakeholder register, communication plan, change control, WBS and schedule) & ensured alignment with PMO methodology.
• Performed Pre-Implementation audits to assess the design of Finance and IT controls to ensure that systems being implemented are designed and tested to meet business/user and regulatory requirements.
• Oversaw performance management, giving feedback, writing appraisals and development plans for direct reports.
• Ensured that projects met timelines, financial goals, and quality metrics while appropriately managing risks across verticals.
• Conducted Payment Card Industry & SOX Audit assessments & prepared future recommendations, to help the company mitigate any associated risks.
• Led Quarterly Business Reviews (QBRs) with clients, built & sustained relationships for better growth in account.

ASSOCIATE VICE PRESIDENT - IT, GLOBAL CONSULTING & CLIENT PROJECTS