Harshitha Dasari
Hyderabad
Summary
Third Party Risk Management Professional offering 3 solid years of progressive experience in overseeing people, processes, and technology in the design and implementation of security controls to secure the protection of Information assets and compliance with company policies and regulatory requirements. Risk Management Professional with hands-on experience in Third Party Risk Management, ISO 27001 audits, Review of Third Party Audit reports (SSAE18), Compliance and Security Management. Certified Certified Third Party Risk Management Expert with experienced knowledge of compliance and regulatory requirements for a successful risk management program aligned with applicable laws and regulations. Effective team player and collaborator, with strong service excellence in identifying, evaluating, and addressing relevant risks and issues, at both the third-party and product/service levels.
Overview
3
3
years of professional experience
1
1
Certification
Work History
Information Security Analyst
Mindpool Technologies
Hyderabad
04.2025 - Current
- Monitored enterprise applications and infrastructure to identify security incidents, system anomalies, and compliance violations, ensuring continuous business operations.
- Conducted security compliance reviews and supported adherence to organizational security policies, standards, and regulatory requirements.
- Analyzed application logs, system events, and security alerts to detect potential threats, vulnerabilities, and unauthorized activities.
- Collaborated with IT, infrastructure, and business teams to investigate security incidents and implement corrective actions.
- Assisted in risk assessment activities by identifying security gaps and recommending mitigation strategies to reduce operational risk.
- Supported implementation and monitoring of security controls to maintain confidentiality, integrity, and availability of critical business systems.
- Participated in incident management processes, including issue triage, root cause analysis, and remediation tracking.
- Maintained detailed documentation of security findings, investigations, remediation plans, and compliance evidence.
- Worked closely with cross-functional teams to ensure adherence to security standards, governance policies, and best practices.
- Contributed to continuous improvement initiatives focused on enhancing system reliability, security posture, and operational efficiency.
- Assisted in vulnerability management activities by reviewing security reports and coordinating remediation efforts with relevant stakeholders.
- Provided support during internal and external audits by gathering compliance documentation and responding to audit requests.
- Developed expertise in security compliance frameworks, risk management principles, and enterprise security monitoring processes.
- Mentored junior team members on security awareness, incident response procedures, and compliance requirements.
Information Security Analyst
Wipro
Hyderabad
03.2023 - Current
- Conduct third party security risk assessments for all new vendor relationships and annually for existing vendor relationships.
- Conducting comprehensive risk assessments of third-party vendors to identify potential security vulnerabilities, compliance gaps.
- Performing regular security audits and evaluations of third-party systems, networks, and applications to identify and mitigate potential security threats.
- Monitored vendors' adherence to security best practices and contractual obligations, ensuring compliance and risk mitigation.
- Tracked and verified progress of remediation efforts, ensuring timely resolution of identified security issues.
- Analysing the results of security assessments and providing recommendations for remediation and improvement.
- Assessed and tested internal controls for compliance with Sarbanes-Oxley Section 404.
- Prepared and presented reports to senior management and stakeholders, summarising security posture of third-party vendors and advising on risk management.
- Scheduled kick-off calls with vendor's contact or security team for assessment process walkthrough and validation of vendor's technical controls.
- Experienced in Walk-through activities (Audit request lists, SmartSheet template preparation), Reporting (Weekly and Monthly status updates, Escalations and Activity trackers).
Education
B. Tech - ECE
Raghu Institute of Technology
06-2022
Skills
- Third Party Risk Assessment
- One-Trust TPRM Tool
- ISO 27001
- Governance Risk Compliance
- Risk Management
- Risk assessment
- Control Testing
- Internal Audit
- Internal Auditor
- Remediation tracking
- Security compliance
- Threat detection
- Security monitoring
- Data protection
- Security awareness
- Cybersecurity awareness
- Lead Point of Contact
- Stakeholder communication
- Continuous improvement
Certification
- Governance, Risk, and Compliance (GRC) Professional Certification
- ISO/IEC 27001:2022 lead implementer TUV SUD
- Third Party Risk Management Expert
- Salesforce Administrator
Accomplishments
- Lead point of contact with external auditors for ISO 27001, Nist-CSF, ITGC
- Performed third party security risk assessments for all new vendor relationships and annually for existing vendor relationships.
- Monitored and ensured efficient assessment completion rates through third-party vendor communication channels.
- Engaged in third-party vendor touchpoints, delivering progress updates to key senior stakeholders across Technology, Business, and Global Security.
- Knowledge in assessment and testing of internal controls, i.e. IT General Controls under Sarbanes-Oxley Section 404.
Timeline
Information Security Analyst
Mindpool Technologies
04.2025 - Current
Information Security Analyst
Wipro
03.2023 - Current
B. Tech - ECE
Raghu Institute of Technology