HARITHA THALAPANENI
Information Security and Compliance
Bangalore
Summary
Information Security Professional with 6 years of experience in internal security audits, risk & compliance management, ISO 27001 gap assessment, ITGC controls design and implementation, incident management. Possess strong logical reasoning skills, an eye for detail, and a drive for emerging technologies to understand and interpret IT strategy and operations.
Overview
8
8
years of professional experience
Work History
Information Security Consultant
PwC - PricewaterhouseCoopers
12.2022 - Current
- Worked as Security and Compliance analyst in the client’s first line of defence prior to onboarding applications to IT landscape in adherence to ISO 27001, NIST 800-53 and GDPR requirements,
- Operated as the focal for onboarding client applications and their user access to automated access provisioning tool and facilitating the entire process, controls and operation shift for a global oil and gas industry,
- Performed end to end risk assessment including business impact analysis, legal and regulatory assessments followed by controls gap assessment,
- Collaborated with application IT and Business owners to design and implement IT controls and gap remediations plans,
- Documented work instruction documents and trained control operators to set them up for successful execution of controls,
- Assisted assurance process by conducting walkthrough of design and effectiveness of controls and providing supporting documents and evidence,
- Reviewed and monitored control operator’s activities for status and timeliness of control execution in line with defined internal controls,
- Built trackers and reports to keep the management updated about the progress and health of IT risk assessment projects
Information Security Analyst
Capgemini Technology Services India Pvt Ltd
10.2021 - 12.2022
- Conducted information risk assessments, identified gaps, and prepared risk mitigation strategy
- Conducted internal security Audits, and furnished ISMS - ISO27001 audits
- Assisted teams in remediation of the observations and non-conformances noted during the audits
- Assisted in the implementation of ISMS & ensured security hygiene is followed
- Comprehend client requirements on managing third-party risk by performing inherent risk assessment, identifying and nonconformities based on artefact review and liaising with third-party in the remediation process
- Reviewed the client contractual documents such as MSA, SOW, etc
- And documented the security controls Conducted review of security controls implemented for cloud projects.
Senior Executive
Medi Assist India
11.2018 - 09.2021
- Conducting financial audits, assessing internal controls, and reviewing compliance with regulations
- Tested controls related to Access Management, Computer Operations, Access Reviews, Change Management, Logical Access
- Tested IPE controls (Completeness and Accuracy testing)
- Independently handled multiple engagements and ensured the deliverables were on time
- Responsible for team building activities such as knowledge sharing, training and development of team.
Associate auditor
Tangoe India Softek Services
06.2016 - 08.2018
- Performed Internal audits while coordinating in closing Non-Conformities (NCs)
- Ensured vendor compliance to the business agreement, audits, policies, procedures, & regulations
- Mapped controls and compliance requirements
- Implemented ISMS policies and Do's & Don'ts.
Education
MBA -
Annamalai University, Chennai
B.Com - undefined
Dayananda Sagar College of Commerce, Bangalore
PUC - undefined
NMKRV PU College, Bangalore
SSLC - undefined
Green valley English School, Bangalore
Skills
IT Audit-ITGC
undefinedPersonal Development
- Certified ISO 27001:2022 Lead Auditor
- Completed Microsoft Azure Fundamentals training
- Six Sigma Yellow Belt (SSYB) Professional
- ISO 27701:2019 Lead Implementor For Privacy Information Management
- ISO 31000:2018 Lead Implementor For Risk Management
Awards
- Assisted in ISO 27001:2013 implementation for client and certified for ISO 27001:2013 standard
- Received Above and Beyond Individual Award (2022-23)
- Successfully closed 50+ IS incidents to mitigate risks and maintain Company’s integrity & confidentiality
Timeline
Information Security Consultant
PwC - PricewaterhouseCoopers
12.2022 - Current
Information Security Analyst
Capgemini Technology Services India Pvt Ltd
10.2021 - 12.2022
Senior Executive
Medi Assist India
11.2018 - 09.2021
Associate auditor
Tangoe India Softek Services
06.2016 - 08.2018
MBA -
Annamalai University, Chennai
B.Com - undefined
Dayananda Sagar College of Commerce, Bangalore
PUC - undefined
NMKRV PU College, Bangalore
SSLC - undefined
Green valley English School, Bangalore
Similar Profiles
FALGUNI MAGGOFALGUNI MAGGO
Associate – FinTech & Regulatory at PwC (PricewaterhouseCoopers)Associate – FinTech & Regulatory at PwC (PricewaterhouseCoopers)
Kiranpreet BajwaKiranpreet Bajwa
Tax Consultant at PwC (PricewaterhouseCoopers International Limited)Tax Consultant at PwC (PricewaterhouseCoopers International Limited)
Aqeelah NaidooAqeelah Naidoo
Assurance Senior Associate at PwC (PricewaterhouseCoopers)Assurance Senior Associate at PwC (PricewaterhouseCoopers)
Sandeep SinghSandeep Singh
Senior Associate at PwC (PricewaterhouseCoopers)Senior Associate at PwC (PricewaterhouseCoopers)
Sajal BhardwajSajal Bhardwaj
People Advisor Analyst, HRBP at AccenturePeople Advisor Analyst, HRBP at Accenture