Ganga Bhavani Kundem
Associate Consultant
Summary
Currently working in Capgemini India PVT LTD as Associate Consultant in GRC Cyber security, supporting ISAE 3402 based SOC audit for various customers focusing on risk management, information security and internal controls. Experience in providing user organizations and their auditors with independent assurance on controls over processes related to financial reporting. Demonstrated skills in dealing with business risks & compliance issues & designing proactive solutions thus, improving processes & strengthening security. Experience in IT audit, risk assessment, health monitoring, SOX compliance.
Overview
5
5
years of professional experience
Work History
Associate Consultant
Capgemini
04.2022 - Current
- Successfully leading external Audit for ISO 9k and 20k with zero Non-Conformances as Auditee.
- Worked on SOX, ISO27k, SOC 1 & 2 and ITGC Controls.
- Performed Gap Assessment for SOX.
- Prepared Solutioning Workflow for Vulnerability Maturity Model, Compliance and Management.
- Worked as Associate Auditor for Internal Risk Assessment.
- Implemented Access Management Process.
- Worked and improved process of Vulnerability and Risk Management.
- Prepared ISO27k based checklist of total 100+ controls for Internal Risk Assessment.
- Implemented process of Hardening compliance and Baseline formation.
Senior Analyst
Capgemini
04.2020 - 03.2022
- Worked on higher-level activities in ISAE3402 SOC1 type 2 external audit for nearly thirty customers which includes retail, public, critical and government customers.
- Worked on onboarding process for new customers and for generated findings worked on creating exemption request.
- Performed quality checks in inquiry documents and created draft scope letter for each customer and responsible for getting confirmation letter from SDM/ client representative before start of audit period.
- Interacting with service auditors to ensure on going compliance with company IT security policies and standards.
- Conducting Completeness, quality & maturity assessment i.e. closely looking into all the controls, identifying the gaps & working on the remediation plan.
Analyst
Capgemini
04.2019 - 03.2020
- Worked on planning, scheduling, and preparing audit calendar for audit year.
- Worked on gathering reports from delivery teams and fetching from tableau for Change, Incident Managements and creating monthly population list.
- Analyzing requirements, collating and reviewing evidence for ITGC controls like Change, Incident management, logical access, generic accounts, antivirus, password policy, privilege access, firewall logs, backup, storage & monitoring related controls, wherein I worked on tools like Service Now, ITSM, IAM.
- Monitoring off boarded resource data to revoke their access within the agreed SLA.
- Reviewing all accounts network/ active directory, system software and data center access on timely basis.
- Worked on various documentation like work instructions, evidence readers and test of design documents.
Education
Bachelor of Engineering Technology - Electrical, Electronics And Communications Engineering
Lendi Institute of Engineering And Technology
04.2001 -
Skills
Standards: ISO 27001, ISO 27002, ISO 19011, ISAE3402
undefinedTimeline
Associate Consultant
Capgemini
04.2022 - Current
Senior Analyst
Capgemini
04.2020 - 03.2022
Analyst
Capgemini
04.2019 - 03.2020
Bachelor of Engineering Technology - Electrical, Electronics And Communications Engineering
Lendi Institute of Engineering And Technology
04.2001 -
Similar Profiles
Abdoul-rahim DombaAbdoul-rahim Domba
Ingénieur d'études et de recherche at CapgeminiIngénieur d'études et de recherche at Capgemini
Bélinda BONACINABélinda BONACINA
Document Management, quality and configuration at CAPGEMINIDocument Management, quality and configuration at CAPGEMINI
Namrata DwivediNamrata Dwivedi
Front End Developer at CapgeminiFront End Developer at Capgemini