Snehal (Dhote) Jadhav
Summary
- To secure a rewarding position as an Information Security Officer or a Risk Specialist or a Cyber Security Specialist in a challenging and competitive environment wherein I can develop and effectively contribute to the growth and progress of the organization Summary
- Total 14+ Years of experience
- Certified lead auditor ISO
Overview
15
15
years of professional experience
Work History
Manager, Cyber Controls Specialist
Cyber Security Controls, Vodafone India Services Private Limited
Pune
04.2022 - Current
- VOIS India Organization under Vodafone India Services
- Nature of the organization: _VOIS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group
- Plc, creating value and enhancing quality and efficiency across 28 countries, and operating from 6 locations: Albania, Egypt, Hungary, India, Romania, and the UK
- Job responsibilities included:
- Being a part of Cyber Security Baseline team we support the Group CYBER with Security, Technical management and Audit expertise, so as to ensure that targeted Cyber measures are implemented adequately on Cyber platforms and services
- Driving Cyber Security Baseline requirement within Cyber Security
- Lead Audit requirement and Cyber Security Baseline scoring for Cyber Security Platforms
- Track findings and ensure that proper security and safety measures or mitigating controls are in place
- Independent planning, commissioning, control and tracking of IT security measures within Cyber
- Platforms
- Perform general and application control reviews for Cyber Platforms
- Direct and/or perform reviews of internal control procedures and security for systems under development and/or enhancements to current systems
- Prepare audit finding memoranda and working papers to ensure that adequate documentation exists to support the completed audit and conclusions
- Prepare and present a written and oral reports and other technical information in a pertinent, concise, and accurate manner for distribution to management
- Consult with and advice administrators, faculty, and staff on various operational issues related to cyber platforms audit findings, and on general business operations as needed
- Follow up on audit findings to ensure that management has taken corrective action(s)
- Coordinate and interact with internal auditors, risk and assurance teams as needed
- Assist and train other audit staff in the use of audit techniques, and in developing methods for review and analysis of information systems
- Conduct operational, compliance and investigative audits, as assigned
- Risk Management & ISO Certification
Vice President
BNY Mellon India
Pune
08.2019 - 04.2022
- Internal BNY Mellon Processes- an ISO certified Company
- Nature of the organization: BNY Mellon is an American worldwide banking and financial services holding company
- The organization requirement is to establish and support maintenance of Information Security
- Management System as well as quality management system
- Which includes conducting internal ISO audits, identify gaps, provide remediation support and support in audit readiness efforts, risk assessment
- Job responsibilities included:
- Perform gap assessment on the processes and create remediation / mitigation plan, present the plan to management to plan further action
- Support the implementation of the organization's information security policies standards and procedures
- Host Project Information Security trainings and awareness to all employees, new hire’s, contractors, alliances, project managers
- Define an annual calendar for ISO activities
- Plan and schedule the ISO Internal audits for all the processes
- Work on the closure of all the findings observed
- Plan and contribute in an ISO external audits for ISO27001 and ISO9001
- Work on the closure of the finding received during the external audits
- Perform risk assessments on different functions of an organization
- Conduct periodic Management Review Meetings with the steering Committee
- Work on an automation for ISO internal audits
- Risk
Associate Consultant Risk & Compliance
Wipro Technologies
Pune
02.2018 - 07.2019
- A German Based Re-Insurance Company - an ISO certified Company
- Nature of the project: The project requirement is to establish and support maintenance of Information
- Security Management System (ISMS)
- This effort also includes conducting internal audits, identify gaps, provide remediation support and support in audit readiness efforts, risk assessment, implementation and assessment of legal and regulatory requirements such as GDPR
- Job responsibilities included:
- Document and update the information security policies and procedures instituted by the project’s
- Information security steering committee
- Implementation of policies and procedure according to the different security standards such as
- GDPR
- Prepare and maintain the project security manual
- Perform gap assessment on the project set up and create remediation / mitigation plan, present the plan to management to plan further action
- Support the implementation of the organization's information security policies standards and procedures
- Host Project Information Security trainings and awareness to all employees, new hire’s, contractors, alliances, project managers
- Define a Risk methodology, Conduct Risk Assessment and prepare a Risk register for the project
- Define risk treatment plan along with the recommended controls and cost benefit analysis
- Present the risk register to management as well as to the client to select the appropriate treatment plan
- Define an annual calendar for compliance activities by referring the MSA with the client
- Conduct weekly calls / meetings with Client Information Security team to understand / discuss the client compliance requirements
- Plan, implement, test and maintain the entire client security requirements to meet the expected compliance level
- Incident Management: Maintain the records of Information Security incidents
- Perform the detail investigations on reported incidents and prepare the detail incident report which includes Root cause analysis, corrective actions taken, preventive action etc
- Change Management: Maintain the change records, verify if the define process of change (plan, approve, test, implement, and roll back) is being followed
- Asset Reconciliation: Verify the project asset inventory periodically
- Access Control Reconciliation: Review the access rights for employees periodically
- Verification of employee On & off boarding process and records
- Face internal as well as external audits
- Maintain the records / reports, processes according to the GDPR requirements and face GDPR internal assessments
- Face customer audits and work on the closure of non conformities (if any).
Information Security
Cybage Software Pvt.Ltd
Pune
05.2008 - 02.2018
Information Security
Cybage Software Pvt.Ltd
Pune
05.2013 - 02.2018
Sr. Information
Cybage Software Pvt.Ltd
Pune
05.2008 - 05.2013
- Security Admin
- Project Title: Information Security Management System (ISMS – ISO 27001) – Maintenance program
- Client:Cybage Software Private Limited is an ISO certified Company
- The Company was founded to develop innovative productivity tools for the world market
- It later diversified, in August 1996, from product development to providing offshore software development services to the global IT industry
- Today, after 14 successful years of operation, its array of services includes software development, maintenance, re-engineering, testing, consulting, UI design, technical documentation and 24x7 production support
- Cybage deals with various international clients e.g
- Google, Symantec Etc
- Nature of the project: The project requirement is to establish and support maintenance of Information
- Security Management System (ISMS)
- This effort also included conducting internal audits, identify gaps, provide remediation support and support in audit readiness efforts, transition from ISO27001:2005 toand risk assessment
- Job responsibilities included:
- Document and update the information security policies and procedures instituted by the organization's Information security steering committee
- Support the implementation of the organization's information security policies standards and procedures
- Implementation / migration of ISMS version from ISO 27001:2005 standard to 2013
- Host Information Security trainings and awareness to all employees, new hire’s, contractors, alliances, project managers and other third parties, this also includes implementing awareness drives to embed a culture that understands information value and information security
- Perform planned gap assessments to monitor compliance with the organization's information security policies and procedures
- Conduct Quarterly Internal Audits for all projects in scope of ISO 27001 and evaluate the effectiveness of the controls in place and in effect
- Prepare presentations to top management during and at the closure of the audit; discuss observations and recommended corrective actions to improve operations and to reduce cost
- Arrange MRMs on defined period of time
- Manage records for Vulnerability Assessments, arrange external Vulnerability Assessments
- Assist Organizational BCP/DR plans, Risk Management
- Risk Management- Act as a major consultant in support of senior management to ensure that this activity takes place on an ongoing basis, develop appropriate training materials and incorporate risk assessment into training programs to educate the end users
- Respond to Request for proposals and security questionnaires sent by customers
- Review and respond to the contract amendments, customer security policies and implement the customer specific security requirements
- Attending customer calls as a POC from Information security department
- Assisting external auditors during audits for different industry standards such as ISO, SOC2 etc
- Assisting customers during their visit and during the security assessment
- SOC2 gap assessment, Implementation, third party annual assessment, Nature of the project: IT Asset Management
Sr. Infrastructure Administrator
SAP
- Asset Management – Asset allocation, Inventory management, Asset procurement, Asser
- Inward / outward
- Vendor Management (Procurement, Asset disposal, Repair & replacement)
- Team Management
- Service Desk Management
- Report preparation
- Providing induction to new joiners in the company
- Reply to mails within SLA
- Managing client visits
- Asset tracking through, Skill Set
- Standards and / Or Framework
- ISO 9001:2015
- Standards and / Or Framework
Education
Certified PCI DSS implementerCertified Business Continuity Management Implementer - undefined
Certified PCI DSS ImplementerCertified Implementer for Business Continuity ManagementITIL V3 CertificationTransition & Implementation Course ISO-27001:2005 to ISO-27001:2013Certified lead auditor for ISO9001: - undefined
Standards and / Or Framework ISO 22301 Standards and / Or Framework PCI DSS - undefined
Snehal Jadhav
Certified lead auditor for ISO27001 - undefined
Certified lead auditor ISO9001 - undefined
Bachelors of Commerce - undefined
University of Pune
H.S.C - undefined
CBSE
S.S.C - undefined
State board
Advanced Diploma - Cyber Law
Asian School of Law
ITIL V3 CertifiedStrong verbal and written communication skillsTransition course of ISO27001:2005 to ISO27001:2013 - undefined
Skills
Policies and procedures
undefinedWork Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Quote
There is a powerful driving force inside every human being that, once unleashed, can make any vision, dream, or desire a reality.
Tony Robbins
Timeline
Manager, Cyber Controls Specialist
Cyber Security Controls, Vodafone India Services Private Limited
04.2022 - Current
Vice President
BNY Mellon India
08.2019 - 04.2022
Associate Consultant Risk & Compliance
Wipro Technologies
02.2018 - 07.2019
Information Security
Cybage Software Pvt.Ltd
05.2013 - 02.2018
Information Security
Cybage Software Pvt.Ltd
05.2008 - 02.2018
Sr. Information
Cybage Software Pvt.Ltd
05.2008 - 05.2013
Sr. Infrastructure Administrator
SAP
Certified PCI DSS implementerCertified Business Continuity Management Implementer - undefined
Certified PCI DSS ImplementerCertified Implementer for Business Continuity ManagementITIL V3 CertificationTransition & Implementation Course ISO-27001:2005 to ISO-27001:2013Certified lead auditor for ISO9001: - undefined
Standards and / Or Framework ISO 22301 Standards and / Or Framework PCI DSS - undefined
Snehal Jadhav
Certified lead auditor for ISO27001 - undefined
Certified lead auditor ISO9001 - undefined
Bachelors of Commerce - undefined
University of Pune
H.S.C - undefined
CBSE
S.S.C - undefined
State board
Advanced Diploma - Cyber Law
Asian School of Law
ITIL V3 CertifiedStrong verbal and written communication skillsTransition course of ISO27001:2005 to ISO27001:2013 - undefined
Similar Profiles
Ramya T.VRamya T.V
Renewal Operations Analyst at Rubrik India Private Limited (Cloud Data Management – Data & Cyber Security)Renewal Operations Analyst at Rubrik India Private Limited (Cloud Data Management – Data & Cyber Security)
Prashant VaishPrashant Vaish
Senior Executive at VODAFONE INDIA SHARED SERVICES PRIVATE LIMITEDSenior Executive at VODAFONE INDIA SHARED SERVICES PRIVATE LIMITED
Deepesh ChaudharyDeepesh Chaudhary
Associate at Vodafone India Services Private LimitedAssociate at Vodafone India Services Private Limited
Bogdan PanturuBogdan Panturu
Cyber Security Manager and Security Controls Department Lead at Hella Romania S.R.L.Cyber Security Manager and Security Controls Department Lead at Hella Romania S.R.L.
Lesedi ToussaintLesedi Toussaint
VP, Risk and Controls Officer - Enterprise Technology & Cyber Security at CitiVP, Risk and Controls Officer - Enterprise Technology & Cyber Security at Citi