Prinson Varghese

Review the regional regulatory documents as part of the regulatory change management program and analyze the technology impact.

·Identify and evaluate cybersecurity and technology risks related to the systems and information supporting the Firm.

Identifying associated firm wide defined policies, control procedures or standards to address regulatory requirements.

. In-Depth analysis of Technology Control Design requirements from regulators like FFIEC, NIST, MAS, HKMA, EBA, CISSF.

· Articulating requirements at citation level to determine the technology impacting controls and remediate the identified gaps from controls design perspective.

· Engaging control domain officers for gap assessment and defining remediation or action plans respectively.

· Provide regular updates to management and stakeholders on the progress of ongoing regulatory tasks.

· Review of Third party policies and engagements to align with firm-wide policies and controls.

- Discovery program lead - Identifying & monitoring the new regulatory requirements globally for regions and conduct technology risk assessment.

· Clear understanding on existing control policies and procedures to address critical audit and regional regulatory requirements from all control domains perspective for articulating the technology impacting requirements.

· Managing a team of 10+ employees with respect to the user onboarding process for Commercial Banking LOB within the firm from all aspects including oversight of SLA management, Task assignments, team management, employee appraisals and reviews, team work relationship, procedure controls etc.

· As part of the transition, travelled to United States for a month to understand the processes, operations model that needs to be transitioned to India.

· End-to-End involved in growing the team by hiring new resources to the team based on the requirements and skills that match to the job requirements.

· Managing escalations and issues within the process, also focusing on prioritization of urgent or rush cases for user onboarding in the required timeframe.

· Client and stakeholder management for the business that the team supports within the firm.

· Mobilizing the India team to bring more efficiency and productivity by enhancing the process knowledge, gaining additional skills through trainings and mentoring.

· Conduct year end and midyear reviews for the team including monthly one-on-ones, team meetings, team huddles and providing regular updates for the management on all required intervals.

· Focus on the strategic road map for the process, and work with the onshore transformation team by closely liasing with the I&AM teams in India.

· Handle multiple regional projects from Access controls or remediation perspective as required by APAC regional regulatory requirements with both tactical & strategic solutions.

· Planning, resourcing, budgeting and execution of projects by working closely with I&AM counterparts, regional TCOs, stakeholders by following company standards on change management policies.

· Proactive Risk analysis & mitigation plans for sensitive APAC regions on access governance by implementing strong preventive & detective measures as required by the regional compliance.

· Work closely with the APAC stakeholders, Technology control officers on addressing all I&AM activities as a single point of contact (SME) within APAC representing whole LOB (Corporate & Investment Bank).

· Focus on all regulatory requirements within the region and address all RFI’s as requested from access controls perspective.

· Work with multiple teams across LOB and other security administration teams with respect to remediation programs, regulatory requirements & access control gap analysis as a single LOB representation.

· Tracking, monitoring and timely delivering regular dashboards, updates and reports to Stakeholders, LOB heads and management.

· Work and manage own time and take ownership and leadership of tasks assigned

· Work closely with the business for Onboarding SOX and SAS70/SSAE16 applications with high criticality.

· Manage multiple tasks at the same time

· Working closely with IRMs and AD teams to gather requirements for the development team.

· Assisting other team members understand the workflow for development from Operational perspective.

· Conducting Unit Acceptance Testing with the respective Risk Managers also perform a System testing.

· Reviewing and QA of connectors developed by other team members before moving to UAT phase.

· Manage deadlines and work against project plans

· Key Role in Change Management for Development, UAT and Production environments.

· Provide regular scorecards and progress metrics to management

User access Role Mining in I&AM

· Lead the data gathering, role mining, and analysis of all applications to be onboarded to the I&AM Toolset

· Ensure alignment between recertification and provisioning tools

Provide signoff on all role mining plans prior to implementation

• Developing XML connectors to integrate the applications with Sailpoint IIQ.
• Development of the project based on JAVA/J2EE, XML, to automate the existing workflow process and as required for recertification by modifying the IdentityIQ tool.
• Code implementation, modifying and debugging using Eclipse IDE tool.
• Implement Rules and policies as required using XML: programming language to apply into the workflow as per the process knowledge with the required logic.
• Worked on connecting to the applications using Oracle, Sybase, or LDAP(Active Directory)connectors.
• Create/Modify/debug/Delete databases on MySQL databases.
• Deploying code to development, UAT and production environments using ant build scripts as a developer.

· As a team member involved in providing technical troubleshooting to the customers through E-mails supporting HP PSC units/ DeskJet printers.

· Escalating the required cases to the supervisor and replying to the customers within the given average time.

· Accessing various tools and collecting the correct steps for troubleshooting the issues related to product line.

· Troubleshooting on concepts like PC Hardware, Networking, Wireless configuration, error correction and other windows issues.