Technology Risk Specialist at Qubole - Santa Clara, CaliforniaJanuary 2020 - Present
Full-Time Job at Qubole
Presently working as a Technology Risk Specialist with the Security / GRC Team. My primpary job responsibilities include Risk Management, Internal Aduits, facilitating External Audits and Structuring Automation Parts for Audit Automation.
Single-handedly managing Security and GRC projects as following:
- Risk Management Program - Performed formalization & improvements on Risk Management Program to identify, evaluate and mitigate risks through the Open Data Lake Platform and supporting systems through the organization.
- Audit Experience - ISO 27001, SOC 2 Type 2, HIPAA, GDPR and CCPA (overview), ISMS Internal Audit (Qubole SaaS – AWS, GCP, Azure)
- Audit Automation using Python - Automated audit procedures (for eg. User Access Review Testing) using Python APIs, Airflow DAGs, MySQL, Database Management, Shell Scripting, AWS Lambda functions and Curl commands to fetch data from various platforms, clean data and built analytics across them to determine testing exceptions.
- Business Continuity Plan - Continued improvisation for operations and audit compliance through Business Impact Analysis & DR processes.
- Vendor Assessments - Performed security and technical assessments for onboarding vendors interacting with company or customer data.
- Security Operations - Vulnerability Scans and Alerts Assessment, Annual Vendor Review, InfoSec Policy and Process Review, Cloud Security.
Summer Internship at Ernst and Young LLP - Tysons, USAJune 2019 - August 2019
Summer Internship in Risk Advisory (FSO)
Hands-on-experience through IT Technology Risk Management and Financial Audit with IT Integration – scope and strategy development, walkthrough phase and test of one for the audit procedures.
External audit exposure with top Fortune 500 Banking and Financial sector clients of the firm. Working on Robotic Process Automation using the inhouse RPA tool for evidence retrieval and preparation of evidences for the audit. Additoinal exposure on Innovation Implementation, Control Testing, Technology Implementations and Client Service Management experience for the emerging clients in the industry.
GA at R.H.Smith School of Business - UMDNovember 2018 - December 2019
Graduate Research Assistant at Technology Team of Office of Career Services at Robert H Smith School of Business University of Maryland, College Park, Maryland, USA
Responsible for managing the career services portal and student database of the Business School called HireSmith. Day-in day-out real time management of the portal with regular updates and enhancements.
Salesforce Project – Developed ubiquitous system to integrate data movement and reporting using python API calls and scripts.
Strategy and Innovation development for Business School to enhance Student Database Management System by implementing third party integrated and affiliated platforms housed by the team.
Real time working with the affiliation platforms of Salesforce and 12Twenty. Report generation and management for the leadership team of OCS at RH Smith School of Business.
Risk Analyst at Ernst and Young LLP, Bangalore - IndiaFull Time Job July 2017 - June 2018
Ernst & Young, LLP - Risk Advisory Practice for Financial Services Organizations
Americas Region (Central and New York)
Working as Risk Analyst with Ernst and Young, my job is to perform Risk Analysis, IT Audits, Asset Management Audits and FAIT (Financial Audit and IT Audit Integration), SOC Report Evaluation & Third Party Risk Management in compliance with SOX (Sarbanes-Oxley 404) of IT Application Controls and Business Controls for US-based banking and financial sector giants.
Here, it is imperative to understand their IT operations & business strategy, factors which affect the entire process, data which populates their system and functioning. This enables me to assess all possible risks, and I am required to generate controls to mitigate probable risks.
Operations Analyst at Trusight Solutions (EY TPRM Project)Promotion at EY Mach 2018 - June 2018
Promoted as a Opeations Analyst and also becoming Subject Matter Expert in Evaluation of Verified Best Practice Questionnaire of Third Parties associated with American Express, Bank of America, Wells Fargo, Bank of New York Mellon and JP Morgan Chase came with a bundle of new opportunities to learn and explore.
Learning CISSP prospects were a project requirement and hence completed training requirements for Certified Information Systems Security Professional certification.
It is very important for the banks to have a clear verification before affiliating with any of the third parties for theiroprtations ad delicate data is exchanged between them, hence our role of assessing third party Business and IT risks and clearing them to join up the banks was the major role.
I aswell contributed in the Production Launch of the project through the build phase of Trusight.
iTecs Communications Pvt. Ltd.June 2016 to August 2016
Produced an exhaustive marketing strategy for a new to-be-launched product in India, which was a huge success. Hands on Experience in understanding business and market for countries like Sri-Lanka and Malaysia with Social Media Promotion.
Founder - My Vehicle Tracker (Start-up)June 2016 to August 2016
Founder of the project - www.MyVehicleTracker.com
Developed a business model basis an algorithm which intelligently detects the movement, speed, direction and emergency stoppage of a vehicle adhered to a tracking device and backend functions using Google Firebase to utilize analytics and operations. Introduced first of it’s kind - “MVT FUEL TRACKER” - tracks fuel in a vehicle without sensors in the fuel tank.
Om Kothari FoundationVolunteer - NGO Feb 2016 to Feb 2017
Volunteered as Chief Data Analyst in the Innovation Team
NGO provides Honorary services - unconventional teaching methods to teach the importance of online education in school and health & sanitation awareness in small villages. I applied Random Forests algorithm, Data Mining and Learning Analytics to develop Predictive Models for innovative ways of education & awareness - flipped classrooms and games to enhance social learning
Merkur Gaming India Pvt. Ltd.Jan 2016 to Feb 2016
Internship as Software Developer
Coding, debugging, testing, and implementation of Casino cabinet Land-based games - became company's licensed Products. I Redesigned game data model to support phone & tablet resolutions, using Adobe Phone Gap - Became the company’s highest grossing game across multiple platforms. Also, awarded compensation and commended by the supervisor
IL&FS Technologies Pvt LtdJuly 2015 to Aug 2015
Summer Internship in Business Operations Team
Transformed traditional procurement process to e-procurement achieving it by personalization of ERP based platform, MS Axapta using ‘X++’ language. Hands on experience on the procurement in a B2B process from bidding of a tender to delivery.