Overview

Work History

Education

Skills

Timeline

BALA RAMA LINGA RAJU PENUMETCHA

Hyderabad

Overview

5

5

years of professional experience

Work History

Jr. Analyst

Internal Control: Covering system access controls and IT General controls Worked with SMEs to get the patches implemented on time and remediated the missing patches as well the Access Control Management audits and assessments, internal audit for all SOX, critical, & ISO 270001 scoped applications
Developed and improve multiple processes in the areas of IT Security like User Access Management and Program Change Management
Third Party Risk Management: My role on TPRM was to monitor and update system alerts to/from third party relationship owners to ensure that their relationship, contracts and action plans are current and meet program requirement And also did Vendor Risk Management, Technology Risk, Information Security and strong
Understanding of Cyber security, Risk control Framework
Managed and monitored day to day Logical access request for New Hire, Terminated and Transferred employees
Part of internal team who works in developing detailed audit observations and recommendations to management both verbally and in writing in the form of work papers
Coordinated disaster recovery planning, testing, implementation and participated in business continuity planning.

Consultant

Mphasis

09.2019 - Current

Designing a systematic process for audit scheduling based on a company-wide risk assessment and interaction with senior management with focus on ensuring accomplishment of department's audit plan and complete audit coverage
Executed 3rd party risk assessments and helped in the preparing the risk maturities for various vendors
SOC 2 and SOC1 report evaluations for the subcontractors and vendors
Implementing systems & manuals for internal controls & audit while adhering to statutory compliances
Conducting risk assessment and identifying controls are in place to mitigate identified risks
Identified risks and integrity controls by assisting in mapping and documentation of processes
Ensure appropriate treatment of risk, compliance, and assurance from internal and external perspectives
Conducted walkthroughs with asset owners and performed TOD (Test of Design), TOE (Test of operating effectiveness) for scoped applications
Conducted follow-up on both open and past due internal audit and SOX observations
Record rest results and give support for an informed, objective opinion of the risk exposure
Ensure risk assessment registers are maintained and risk assessments performed by the delivery units
Preparing review reports and sharing status on weekly basis to global and zone level management
Compiled evidences for each ITGC control based on risk and frequency of the control to demonstrate compliance with SOX
Building SOPs based on technical inputs from Control Owners and own process knowledge
Conducting training sessions for new hires and staff on Information Security.

Education

Bachelor of Engineering (Bth) - Computer Science & Engineering

VISHNU institute of Technology - JNTUK

Bhimavaram, Andhra Pradesh

01.2016

Intermediate - MPC -

CSR junior collage

Bhimavaram, Andhra Pradesh

01.2010

Skills

Business intelligence tools
Data Collection & Research
Microsoft Excel
Documentation skills

Audit Report
Audit Planning
Auditing
Internal Audit
SOX 404
IT General Controls
Change Management
Reporting & Documentation
Risk Management
Operational Risk
Operational Risk Management
Audit Compliance
Risk Assessment
Compliance Analysis
Security Controls
Data Analysis
Attention to detail
SOX Compliance
Identity Access Management
Compliance Frameworks (eg COBIT ITIL
ISO 27001)
Regulatory Compliance (eg GDPR HIPAA
PCI DSS)
Vulnerability Assessment
Continuous Improvement

Timeline

Consultant

Mphasis

09.2019 - Current

Jr. Analyst

Bachelor of Engineering (Bth) - Computer Science & Engineering

VISHNU institute of Technology - JNTUK

Intermediate - MPC -

CSR junior collage