Priyanka Shetti

• Project Manager for a large team (40+ members) and experienced in performing third party security assessments for a leading multi-national technology corporation based on security and resiliency requirements derived from various industry standards and best practices such as ISO 27001, ISO 27701, ISO 14001, ISO 45001, CTPAT, RBA, ISO 9001, NIST CSF etc. Supported in identifying and remediating the gaps.
• Mentored and offered trainings in TPRM space for new joiners.
• Established a new service line for the Labor and Human Rights training for suppliers. Led the program to completion by successfully rolling out training to over 350 suppliers worldwide.
• Contributed to the review of existing requirements and suggested recommendations for revisions, additions, or a revamp of the assessment framework.

• Spearheading compliance operations by executing vendor assessments for in-house products
• Perform review of policies and procedures
• Weekly status reporting to the leadership.

• Member of Internal Compliance team managing training and awareness, collaborating with stakeholders for upcoming audits etc.

Conducted independent maturity assessments using NIST 800-53 for security and privacy in leading NBFC industry.

Executed multiple maturity assessments based on ISO 27001:2013, covering IT, plant, product, and supplier evaluations in automotive sector.

Performed vulnerability assessments and penetration testing on over 100 servers and network devices in banking sector.

Executed Web Application Security Assessments utilizing OWASP methodologies for prominent BFSI clients.

Provided consultancy as Subject Matter Expert (SME) for Identity and Access Management requirements across various clients.

· Managed the Access management product stack: Lab setup in AWS, understand product functionalities, evaluate product strengths, map product functionalities to specific use-cases and recommend solutions based on the business requirement.

· Implemented Customer Facing Identity & Access management solution using ForgeRock's OpenAM and OpenDJ.

· Owner of ForgeRock OpenAM products in the Organization: Includes PoC OpenAM setup and documentation, manage OpenAM projects with the responsibility of understanding problem statements, providing resolution and communicating the same to the relevant stakeholders.

· Handle customer demos during sales pitches on OpenAM functionalities with use cases.

· Worked on RFP and RFQs specifically for Access management, including effort estimation and use cases.

· Implemented user self-service functionalities like new user registration, password reset, forgot username, forgot password, configuring security questions and user confirming the self-service actions through the confirmation link sent to personal email.

· Implemented social login using Facebook/Google, OTP-based authentication (through email and ForgeRock’s mobile app), Device fingerprinting, RBAC, etc.

· Performed Google Captcha integration with OpenAM.

· Customized the default OpenAM web pages for branding/logo changes/header-footer updation.

· Worked on addition of custom attributes by modifying the default OpenDJ schema.

· Captured the functional requirements, performed functional testing of the IAG solution.

· Created hundreds of positive and negative test cases, maintaining it in appropriate test case template, logging defects in Project management software.

· Suggested process improvements and UI enhancements to improve user friendliness and security

• Conducted internal audits across multiple departments to ensure compliance and efficiency.
• Performed access reviews and physical security checks to identify vulnerabilities.
• Maintained policy and procedure documents to uphold organizational standards.
• Facilitated cyber security awareness sessions to educate staff on best practices.