Lalit Kumar

· Periodic risk governance meeting with internal and external stakeholders, publish the risk stats in compliance

· Demonstrating effectiveness of risk mitigation via Test of Design (ToD) and Test of Operational Effectiveness (ToE) for IT systems and internal IT processes.

· Managing stakeholder relationships and interfacing with Information & Operational Risk, Audit, and Security departments. dashboard to customer and internal teams.

· Delivery of cyber security awareness training for colleagues

· Driving Risk Management, Regulatory and Contractual compliance

· Coordinating with IT team members to ensure IT audit findings are addressed in a timely manner

· Assign goals for the team, conduct timely performance reviews and provide constructive feedback to own direct reports

· Guide the team members in acquiring relevant knowledge and develop their professional competence

· Engaging client’s third-party vendor owner, Data Protection and Security team to determine if there are any known security risks or issues that should be investigated in more depth during the assessment.

· Performing third party information security assessments as per the questionnaire provided by client for existing and new in scope third-party vendors and confirmation of provisional findings to third-party vendors for validation.

· Carrying out assurance activity on most critical Third Party suppliers, and QA the work of team members

· Defining and continuously maintaining target assessment plan for the third-party vendors in scope based on completed tiering workbooks and the Prioritization Workflow provided by client.

· Scheduling of in scope existing third-party vendor information security assessments.

· Tracking and periodic MI reporting of third-party information security assessments for third-party vendors.

· Maintaining Remediation tracker and producing periodic remediation status reports weekly.

• Data privacy and access classification reviews.

• Identity compliance- To ensure authorised user access and to prevent unauthorised access to systems, servicesand applications.

• Administration of RSA account for the users who are working remotely by using ACE Admin tool.

• Security access compliance – Group, shared folders, Secure data transfer.

• Project Compliance, Change Management

· Weekly & Monthly reporting to stake holders & Management Client, Cognizant

· Maintaining and monitoring SLA, OLA & KPI (Key Performance Indicators)

· Quality analysis & audit report assessment of SLA breached SRs, incidents

· Daily Dashboard preparation and Application On-boarding as per compliance standard defined by security team

· User access management – AD and Messaging

· Security access management – group and shared folders. Secure data transfer

Account attestation for idle, orphan accounts and recertification

· User Account Administration and access management. Provide a secure and authentic access to users on different Banking and Finance applications.

· Creation XP IDs for new users and other logins like administrative IDs, Desktop Administrative ID, Secondary IDs, Test Accounts.

· Maintaining the ID inventory to trace the stale and orphan accounts.

· Processing the leavers requests on primary accounts, remote secure devices and Blackberry.

· Auditing access levels of users and regular checks between regular intervals as agreed with business and maintaining the proper Access Management system and AD

· Maintaining LAN by providing assistance for troubleshooting and Installation.

· Hardware installations of switches, modem & routers.

· System support for windows users by providing support in sense of installation, configuration & troubleshooting.

· Application support for various web based interface & internet profiles.