KRISHNA VAMSI KONDU
Hyderabad
Summary
Experienced IT Auditor with 5+ years of expertise in information security, risk management, and compliance. Skilled in developing and implementing security policies, conducting risk assessments, performing security audits, and managing vendor risks. Strong focus on testing security controls and ensuring compliance with industry standards to enhance organizational security posture. Seeking opportunities to contribute to a company's security framework and effectively mitigate risks.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Risk Analyst - Vendor Risk Management
FIS Global
08.2022 - Current
- Conducted annual due-diligence, risk assessments and reviews for internal and external client vendors.
- Facilitated the vendor onboarding process through detailed third-party risk assessments, ensuring proper classification and timely completion of assessments as per the Vendor Risk Management (VRM) policy
- Evaluated vendor security risks using key control objectives from FFIEC, GLBA, FTC, and HIPAA to ensure regulatory compliance and mitigate potential threats
- Ensured compliance with ISO 27001, PCI DSS, HIPAA, RBI, and GLBA.
- Facilitated third-party risk assessments and vendor classification.
- Perform Critical Relationship Management assessment for Critical vendors to identify and document risks and recommendations based on vendor lack controls
- Conducting Control Testing Team Program to assess technology, information security, data handling and privacy controls for the company and Performed control testing in alignment with data security standards for APAC and AUS business units, ensuring global compliance requirements were met
Information Security Analyst
Cergis Software Solutions Pvt Ltd
01.2020 - 07.2022
- Conducted ISO 27001:2013 internal audits and identified non-conformities.
- Managed external and regulatory audit lifecycles.
- Ensured compliance on third-party suppliers.
- Led security risk assessments and vendor selection support.
- Managed supplier lifecycle compliance and remediation.
- Conducted internal audits to identify areas of improvement within the organization's information security program.
Education
B.COM(HONOURS) - Commerce
Gitam Institute of Management
01.2019
Skills
- Vendor Risk Management (TPRM)
- Control Testing Team Program (CTT)
- Critical Relationship Management (CRM) Assessment
- Governance, Risk, and Compliance (GRC)
- IT Audits & Security Risk Assessments
- Change & Patch Management
- Compliance with ISO 27001:2022, SOC 2, GDPR, HIPAA, PCI DSS
- ITGC
- Change Management & Infosec Exception Management
- Microsoft Suites
- Excellent written and verbal communication skills
Certification
- ISO 27001:2022 Lead Auditor
- ISO 27001:2022 Lead Implementor
Languages
English
Hindi
Telugu
Personal Information
Date of Birth: 08/27/97
Areas Of Interest
- IT Governance & Compliance (ITGC)
- Control Testing & Assessments
- Risk & Critical Management Assessments
- Issue Management
- Information Technology Internal & External Audits
- Data Loss Prevention (DLP)
- Change Management
- Third-Party Risk Management (TPRM)
Timeline
Risk Analyst - Vendor Risk Management
FIS Global
08.2022 - Current
Information Security Analyst
Cergis Software Solutions Pvt Ltd
01.2020 - 07.2022
- ISO 27001:2022 Lead Auditor
- ISO 27001:2022 Lead Implementor
B.COM(HONOURS) - Commerce
Gitam Institute of Management
Similar Profiles
RIA CHAKRABORTYRIA CHAKRABORTY
Principle Business Analyst at FIS GlobalPrinciple Business Analyst at FIS Global
Gabby PhanthavongGabby Phanthavong
Implementation-Conversion Product Consultant I at FIS GlobalImplementation-Conversion Product Consultant I at FIS Global
Anjumaara ShaikhAnjumaara Shaikh
Business Analyst Specialist at FIS GlobalBusiness Analyst Specialist at FIS Global