Summary
Overview
Work History
Education
Skills
Accomplishments
Disclaimer
Timeline
Generic
GANGA BHAVANI GEDDAM

GANGA BHAVANI GEDDAM

Senior Security Analyst
Visakhapatnam

Summary

With about 5 years of experience in the IT Risk Management sector, I have been involved in ISMS implementation. As a lead implementer, I forefront of the assessment of IT controls in the operation, identifying gaps, risks and areas for improvement. Developed, implemented, and monitored Policies and SOPs. Worked with key stakeholders, including key service providers to ensure compliance requirements. Worked with IT Asset Manager with expertise in managing hardware and software assets, ensuring compliance, and optimizing costs. Proven track record of successfully implementing asset management processes and improving IT efficiency. Initiate corrective action and meet business and regulatory requirements. Performed internal audit and compliance w.r.t. ISMS. Have experience and understanding of Risk Management, Incident Management, Business continuity Management, TPRM, Software licensing, Capacity Management, Vender negotiation, BMC and expertise handling in Splunk.

Overview

5
5
years of professional experience
2013
2013
years of post-secondary education

Work History

Senior Security Analyst

SBC(V) Defence
09.2022 - Current
  • Implemented software asset management (SAM) strategies, reducing licensing costs and mitigating legal risks
  • Negotiated enterprise software agreements, securing cost-effective terms while ensuring alignment with business needs
  • Collaborated with vendors and procurement teams to optimize licensing structures, renewals, and support agreements
  • Negotiated cost-effective hardware procurement agreements, optimizing vendor contracts and reducing expenses
  • Collaborated with vendors to ensure timely delivery, warranty management, and service-level agreements (SLAs) compliance
  • Standardized hardware purchasing processes, reducing procurement lead time and ensuring compatibility with IT infrastructure
  • Managed the full lifecycle of IT hardware assets, from procurement to disposal, ensuring optimal utilization and compliance
  • Developed and maintained an accurate inventory of IT hardware assets, reducing asset loss and improving resource tracking
  • Conducted capacity forecasting and scalability assessments to ensure IT infrastructure met security and business continuity needs
  • Explained to all levels of the organization the purpose of an Information Security Management System (ISMS) and processes involved in establishing, implementing, operating and monitoring, reviewing, and improving ISMS as defined in ISO 27001
  • Planning and execution of operational audits in various business areas using risk-based audit methodology
  • Developed strategies to balance security requirements with system performance, ensuring optimal resource utilization
  • Established continuous monitoring of IT resource utilization to prevent performance degradation and security incidents
  • Work with IT partners in Application Security, Security Engineering and Operations, Enterprise Applications, Desktop Support, Help Desk, Networking and Infrastructure Operations to get data and information needed to support GRC work
  • Work with GRC team and IT partners to bridge technology between GRC goals and cybersecurity / technology solutions such as IAM, PAM, MFA, RBAC, SSO, DLP, IDS/IPD, XDR, MDM, SIEM, etc
  • Maintained accurate and up-to-date records of all IT assets in the Configuration Management Database (CMDB), ensuring proper categorization, location tracking, and ownership management
  • Coordinated with cross-functional teams to schedule regular maintenance and upgrades for IT assets, minimizing system downtime and improving asset longevity
  • Managed license renewals efficiently, preventing compliance violations and maintaining accurate records for audit purposes
  • Led end-to-end contract negotiations, ensuring favorable terms while mitigating legal and financial risks
  • Analyzed total cost of ownership (TCO) for IT assets, identifying areas for cost savings through efficient lifecycle management and hardware/software optimization
  • Successfully executed multiple asset management projects within given timeframes, demonstrating effective task prioritization and multitasking abilities
  • Consistently delivered high-quality results while managing a wide range of responsibilities, meeting all deadlines and maintaining operational continuity
  • Conducting ISO training (which includes process/continual improvement/customer satisfaction) training related to Information Security Management Systems
  • Authored & revised information security policies, standards, procedures, and guidelines supporting Information security awareness, training, and educational material, in conjunction with the Information Security Forum
  • Drafted, reviewed, and negotiated contracts, aligning business objectives with compliance and regulatory requirements
  • Utilized data-driven negotiation techniques to achieve win-win agreements while maintaining strong business relationships
  • Worked closely with legal, procurement, and finance teams to ensure contracts met operational and strategic goals
  • Managed software licensing agreements across multiple vendors, ensuring compliance with contractual and regulatory requirements
  • Conducted software audits and license reviews to identify non-compliance risks and optimize software asset utilization

Compliance Analyst

SBC (V) Defence
02.2020 - 08.2022
  • Implemented asset tagging and tracking systems to enhance visibility and accountability across the organization
  • Identified and managed risks associated with outdated IT assets, ensuring compliance with security policies and mitigating technology obsolescence by driving remediation campaigns for legacy hardware and software
  • Collaborated with Application Management teams to retire unsupported operating systems, databases, and hardware, reducing risk exposure and improving system security
  • Maintained detailed records for all IT assets, including status, location, and ownership, providing stakeholders with regular, accurate, and actionable reports
  • Developed comprehensive documentation and standard operating procedures (SOPs) for asset management processes, improving team efficiency and knowledge sharing
  • Conducting Internal Security Audits, Management Reviews, and Process compliance Reviews
  • Conduct Regular security monitor from various security solutions and act as per service level agreement
  • Conducting training & awareness programs on compliance & security within the organization through mailers, quizzes & during induction
  • Conducting quarterly MRMs with the steering committee to demonstrate the continual progress of information security within the organization
  • Experience with Microsoft SQL Server database and Oracle
  • Have an Information Security and Software services background to speak intelligently to both technical and non-technical teams and understand the variety of risks posed to the firm in different situations
  • Conducting gap analysis, internal audit & spot checks of various support departments (HR/Admin/IT/Applications) to ensure their conformity to the information security controls, providing recommendations & follow-up closure within timelines
  • Expertise in metrics, reporting, Analysis, Presentations & dashboards with the ability to customize reporting
  • Conducting Third Party Risk Management to all vendors on annual basis and reviewing their activities occasionally

Education

Bachelor’s - Electrical and Electronics Engineering

J.N.T.U Kakinada University

12th Grade - undefined

Board of Intermediate Education

10th - undefined

Board of Secondary Education Andhra Pradesh

Skills

Internal Audit

undefined

Accomplishments

  • Certified in GRC - One Trust
  • Certified in TPRM - One Trust
  • Certified in ITIL - One Trust
  • Certified in Incident Management - One Trust
  • Certified ServiceNow certified administrator(CSA)
  • ISO 27001:2013 Lead Auditor for BSCIC
  • Implemented asset management processes, resulting in 25% reduction in IT costs
  • Ensured 100% compliance with software licensing agreements
  • Developed and maintained comprehensive documentation for IT asset management processes

Disclaimer

I hereby declare that the information given above is true to the best of my knowledge and belief.

Timeline

Senior Security Analyst

SBC(V) Defence
09.2022 - Current

Compliance Analyst

SBC (V) Defence
02.2020 - 08.2022

12th Grade - undefined

Board of Intermediate Education

10th - undefined

Board of Secondary Education Andhra Pradesh

Bachelor’s - Electrical and Electronics Engineering

J.N.T.U Kakinada University

Similar Profiles

CREATE PROFILE
GANGA BHAVANI GEDDAMSenior Security Analyst