Pragya Poddar
Vice President
Bangalore
Summary
Bringing over 8 years of expertise in Information Security, I excel in Data Loss Prevention, Incident Management, and Insider Threat Programs. My background spans Governance, Risk, and Compliance, including Vendor Risk Management and Incident Response. With deep knowledge in SIEM, Vulnerability Management, and IAM, I am poised to drive impactful security solutions and elevate risk management strategies in a dynamic organization.
Overview
8
8
years of professional experience
6
6
years of post-secondary education
10
10
Certifications
Work History
Vice President
Goldman Sachs
12.2023 - Current
- · Led cross-functional teams for the successful completion of major projects in Data loss Prevention and Insider Threat.
- · Collaborated with senior management to develop strategic initiatives for DLP and Insider Program.
- · Served as SME for DLP and Insider tools to expand DLP program by defining additional processes/controls for continuous risk reduction.
- · Tune DLP policies on a continuous basis to maintain a mature set of policies within the scope of the DLP Program.
- · Provide support in defining and building upon metrics and reporting to enhance understanding of DLP and Insider Program development and maturity.
- · Supporting process improvement initiatives and maturity assessment program for insider threat.
- · Developed an insider threat detection system to identify instances of impersonation within current roles and flag them as potential suspicious hiring activities.
Associate
Goldman Sachs
08.2021 - 12.2023
- · Analyzed potential infrastructure security incidents to determine if incident qualifies as legitimate security breach.
- · Worked in Virtual cyber fusion and led significant incidents over call coordinating with multiple team.
- · Handled moderate to complex incidents including significant events reporting and Sr leadership communications.
- · Conducted triage on significant user reported data security incidents.
- · Conducted end to end triage on insider threat cases and escalated issues to senior management as warranted.
- · Conducted table top drills to create awareness of current process and procedure to follow while triaging of cases.
- · Lead security projects assigned by taking ownership of planning, implementation and coordination.
GRC Analyst
Netapp
05.2020 - 07.2021
- Perform vendor security assessments, drive risk remediation, and collaborate with various teams across NetApp
- Responsible for conducting Information security assessment for third party vendors and engaged with technical and business process owners to understand third party relationships and the services provided to NetApp
- Review Risk Assessment Questionnaire and Information Security Survey from different vendors and provide Information Security Assessment result to satisfy compliance requirements and mitigate risks to an acceptable level
- Initiate Business Risk Acceptance/Business Risk Waiver for third party vendors in order to document security controls not in line with Netapp requirement
- Perform Information security contract review for Master Service Agreement (Security Exhibit) for third party vendor
- Developed process documentation for completing third party reviews and assessments along with the monthly reporting on all functions related to third party risk management functions
- Collaborate with VM team on third party scanning software (RiskRecon) to assist in review of third parties and report for different vendors to mitigate vulnerabilities associated
- Part of Security awareness training development program and also conducted engagement level Information security awareness sessions at Organization level
- Track of status of mandatory compliance trainings taken by employee.
Cyber Security Analyst
NetApp
05.2019 - 04.2020
- · Performing daily operational real-time security monitoring and analysis of security events from different sources including SIEM, IPS, EDR, etc.
- · Analysis of emails being reported into environment with bad factors such as Phishing URL , malware download, unusual redirections etc.
- · Follow operational process and procedures to investigate alerts.
- · Proactively 'hunt' for potential malicious activity and incidents using advanced threat network and host-based tools.
- · Releasing Weekly and Monthly reports for update of regular metrics to leadership.
Information Security Analyst
Accenture
05.2018 - 05.2019
- · Managing tools and technologies :Qualys Guard, Splunk (ES and UBA), Active Directory, Akamai WAF.
- · Analyzing and investigating the abnormal behavior on Splunk and suspecting the potential threats in the environment.
- · Threat hunting via deep diving into logs and find abnormal activity.
- · Performing vulnerability scan and preparing customized report for remediation in Qualys Guard.
- · Coordinating with teams for short term mitigations and long term remediation identified via vulnerability scans.
- · Exposure on user access management including provisioning and de-provisioning of users on Active Directory in IAM domain.
- · Hands on experience in SIEM tool – Splunk and having good exposure for notable investigation and logs analysis.
- · Creating SNOW reports and dashboards require to prepare metrics for presenting to Sr Leadership and other forums.
Information Security Associate
Accenture
10.2016 - 05.2018
- · Working in Security operations center managing all aspects of security environment of e-commerce website
- · Performed Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from multiple sources including events like IDS / IPS, Firewall Logs and Network Devices logs
- · Analyzed and assess security incidents and escalate to client resources or appropriate internal teams for additional assistance.
Education
PGDM - Business Management
Narsee Monjee Institute Of Management Studies(NMIMS)
01.2018 - 05.2020
BTech - Computer and Science Engineering
Accurate Institute of Management And Technology - Greater Noida
08.2012 - 05.2016
Skills
SIEM: Splunk, Qradar
Certification
Splunk Power User, 05/2018
Accomplishments
- Appreciation for leading security awareness program at NetApp.
- Awarded as Star of Business at Accenture.
- Recognized as Top performer in Incident handling continuously for 3 months at Accenture.
- Completed Intern Project applied for Summer Internship program at IIT Guwahati.
Timeline
Vice President
Goldman Sachs
12.2023 - Current
Associate
Goldman Sachs
08.2021 - 12.2023
GRC Analyst
Netapp
05.2020 - 07.2021
Cyber Security Analyst
NetApp
05.2019 - 04.2020
Information Security Analyst
Accenture
05.2018 - 05.2019
PGDM - Business Management
Narsee Monjee Institute Of Management Studies(NMIMS)
01.2018 - 05.2020
Information Security Associate
Accenture
10.2016 - 05.2018
BTech - Computer and Science Engineering
Accurate Institute of Management And Technology - Greater Noida
08.2012 - 05.2016
Similar Profiles
Meghana MusunooriMeghana Musunoori
Associate at Goldman Sachs & Co. LLCAssociate at Goldman Sachs & Co. LLC
Keerthi Suman VKeerthi Suman V
Senior Support Engineer at Goldman SachsSenior Support Engineer at Goldman Sachs
Piyush GulatiPiyush Gulati
Virtual intern at Goldman Sachs (Forage)Virtual intern at Goldman Sachs (Forage)
Daisy MoralesDaisy Morales
Phone Representative at Goldman SachsPhone Representative at Goldman Sachs
Simran SSimran S
Travel Consultant at BCD TravelTravel Consultant at BCD Travel