DIPANKAR RANAWRE
Pune
Summary
Information security risk professional with experience of around 9 year 6 months in Risk assessment, Risk frameworks and audits in ISO 27001:2013,ISO 22301, PCIDSS, SOX 404,ITGC, SOC 2 Audits
Overview
10
10
years of professional experience
Work History
Sr. Analyst
K-Bridge Consulting Pvt. Ltd. (Infosys Contract)
Pune
08.2024 - Current
- Worked for one of the largest American banks.
- Performed control operations for Privileged Access Management (PAM).
- Ran SQL query on servers and generated reports.
- Analyzed the reports to find out defaulters.
- Created Service Now Tickets to get the defaulters deleted from the systems or align as per system requirements.
- Presented and explained the reports to the client leadership, and answered their queries.
IT Compliance Manager
Rite Software (Infosys Contract)
Pune
09.2023 - 08.2024
- Worked for one of the largest American banks.
- Performed TPRM (Third-Party Risk Management) audits for a global bank from the United States of America.
- Performed SOC2 control testing.
- Performed contract reviews.
- Performed information security risk-based reviews of the vendor contracts.
- Prepared deviation reports based on the contract reviews performed to help the leadership in making decisions.
Advisory senior solution advisor
Deloitte USI
Pune
06.2022 - 09.2023
- Executed SOX external audit for a Platinum level client
- Completed SOX Audit for first year client for leading employee background verifications service provider
- Completed SOX Audit for first year client for leading healthcare service provider in the United States
- Executed SOC2 audits for multiple Clients
- Project planning and scoping for various SOX assignments
- Budget monitoring/planning for various assignments
- Responsible for conducting SOX 404 walkthrough with client and Audit processes
- Documenting ITGCs, ITACs as per audits conducted
- Coordinating with client in case of any conflicts with respect to audit
- Provide guidance to consultants in case of any doubts and queries
- Coordinating with senior audit team to avoid and solve any issues with respect to controls and evidences.
Senior cyber associate
TIAA GBS
Pune
02.2020 - 05.2022
- Conducted IT risk assessment for assets and processes in IT
- Conducted IT internal audit for various compliance standards e.g
- SOX 404, ISO 27001, ISO 22301 for the major insurance and annuity organization in the United States
- Conducted Business continuity testing
- Part of TIAA India Audit validation team, responsible for conducting validation exercises responsible for testing controls implemented across TIAA Applications
- Responsible for reviewing controls for applications for SAAS based scanning platform.
IT risk and control specialist
UBS
Pune
09.2018 - 02.2020
- Assisted in Disaster management and business continuity process
- Completed risk assessments for the IT assets
- Completed internal audits for privacy for UBS internal application offshore process.
Consultant
Aujas Networks
Pune
09.2017 - 08.2018
- Business continuity and disaster recovery testing
- Prepared information security report for higher management
- Guide application teams to follow security gating process and do mandatory checks and handle exceptions if any.
Cyber - i Executive
AGC Networks
Pune
06.2016 - 09.2017
- Completed risk assessment for the IT assets and processes
- Conducted business continuity testing
- Conducted internal Audits in ISO 27001:2013 assisted in external audits, for a UK based telecom giant in India
- Conducted PCIDSS audits for the telecom client
- Completed SOX ITGC control testing
- Audit for telecommunication giant in India
- Conducted SOX and ITGC compliance audits for telecommunication giant in India.
Security analyst
Network Intelligence India Pvt. Ltd.
Pune
04.2015 - 04.2016
- Completed ISO 22301 BCMS implementation for PAN India location for a leading global software provider from India
- Compliance and sustenance (Internal Audits) of ISO 27001:2013 for leading Government sector Insurance player in India
- Conducted internal audits for global IT and BPO provider
- Conducted VAPT and Application security testing
- Addressed the findings came out from the external audits.
Education
Certified Information Systems Auditor (CISA) -
ISACA
12.2021
Ethical Hacker V9.0 -
EC Council
11.2016
MBA - ITBM -
Symbiosis Centre For Information technology
Pune12.2015
ISO 27001:2013 ISMS Lead Auditor -
BSI
08.2014
B.Sc.(Computer Science) - Computer And Information Sciences
Savitribai Phule Pune University
Pune12.2013
Skills
- Communication
- Adaptability
- Teamwork
- Investigative skills
- Audits management
- Risk Analysis
- Regulatory compliance oversight
- Risk reviews
- Document analysis
Timeline
Sr. Analyst
K-Bridge Consulting Pvt. Ltd. (Infosys Contract)
08.2024 - Current
IT Compliance Manager
Rite Software (Infosys Contract)
09.2023 - 08.2024
Advisory senior solution advisor
Deloitte USI
06.2022 - 09.2023
Senior cyber associate
TIAA GBS
02.2020 - 05.2022
IT risk and control specialist
UBS
09.2018 - 02.2020
Consultant
Aujas Networks
09.2017 - 08.2018
Cyber - i Executive
AGC Networks
06.2016 - 09.2017
Security analyst
Network Intelligence India Pvt. Ltd.
04.2015 - 04.2016
Certified Information Systems Auditor (CISA) -
ISACA
Ethical Hacker V9.0 -
EC Council
MBA - ITBM -
Symbiosis Centre For Information technology
ISO 27001:2013 ISMS Lead Auditor -
BSI
B.Sc.(Computer Science) - Computer And Information Sciences
Savitribai Phule Pune University
Similar Profiles
SURENDAR RAJENDRAN GANAPATHYSURENDAR RAJENDRAN GANAPATHY
Construction Manager at Thane Creek Bridge - III Contract Value - 559 CrConstruction Manager at Thane Creek Bridge - III Contract Value - 559 Cr
MARIANNE MOSSMARIANNE MOSS
INDEPENDENT CONSULTANT - (Signature Consulting) at On Contract To Signature ConsultingINDEPENDENT CONSULTANT - (Signature Consulting) at On Contract To Signature Consulting
Anastasia BlackAnastasia Black
Customer Service Representative at Contract Consulting Jamaica LimitedCustomer Service Representative at Contract Consulting Jamaica Limited