SOUJANYA HB

• Perform peer reviews of compliance documentation and processes to ensure regulatory adherence.
• Review and test controls to identify weaknesses and recommend improvements.
• Prepare and present review report to higher management.
• Collaborate with teams to address review findings and implement continuous improvements.
• Maintain accurate records of peer reviews.
• Reviewed and tested regulatory controls to ensure compliance with regulatory standards.
• Identified areas of non-compliance and potential risks and communicated findings to stakeholders.
• Improved team performance by providing comprehensive training and fostering collaborative work environment

• Conduct detailed audits/assessments of information and cyber security related controls to ensure compliance with regulatory standards and best practices.
• Reviewing quality of responses and providing regular intervention to enhance narration/ artifacts to meet regulatory ask.
• Identified areas of non-compliance and potential risks and communicated findings to stakeholders.
• Developed strong company culture focused on employee engagement, and collaboration

Conducting comprehensive information risk assessment and management program focused on identification, treatment and management of key business risks.

• Collaborate with cross-functional teams to address issues, implement solutions and prevent recurrence.
• Providing 'consultative' support to management based on awareness of industry security.
• Exception management for business.
• Being part of certification audits and ensure compliance attestation by successfully delivering various Client/Third party assessments and audits, SSAE 18/ISAE 3402 Type I/II, ISO 27001, etc.
• Review of contracts/security annexures.
• Managing customer audits/visits by showcasing security and continuity best-practices at corporate, account and site levels.
• Facilitate between various projects and accounts for overall implementation of Client Security requirements as per contract and respective security annexure(s).
• Develop and manage performance metrics through tracking/reporting and active engagement with stakeholders for continuous service improvement.
• Active contribution in designing & documenting of security management plan as per client security requirements.
• Improved security awareness among staff through regular training sessions and informative materials
• Conducted thorough investigations into suspected security incidents, ensuring prompt resolution and appropriate follow-up actions

• Exception management for business.
• Being part of certification audits and ensure compliance attestation by successfully delivering various Client/Third party assessments and audits, SSAE 18/ISAE 3402 Type I/II, ISO 27001, etc.
• Review of vulnerability assessment scan results and engage with relevant IT team and business units in order to resolve identified vulnerabilities within SLAs.
• Validating and report on endpoint security compliance for engagements.
• Compile data and prepare IS reports for management.
• Coordinated with clients and audit teams to validate effectiveness of implemented security controls, identifying areas for improvement during periodic assessments

• 24*7 support on analyzing events that triggered in IDS and IPS sensors.
• Analyzed log files for anomalies, identifying potential intrusions or malicious activity before significant damage occurred
• Managing and administering IDS Monitoring Application server, Network IDS Sensors, Host IDS servers and IPS appliances.
  Monitoring health compliance of IDS sensors