Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Sundarrajan R

Chennai, TamilNadu

Summary

OVERALL PROFESSIONAL EXPERIENCE: 15 years in Information Technology RELEVANT EXPERIENCE: 10 years in IT Information Security Risk; Compliance and Audit; Third Party Risk Management & Review of MSA/RFP proposals.

Overview

17
17
years of professional experience
1
1
Certification

Work History

Information Security Consultant

TATA COMMUNICATIONS LTD
Chennai, TamilNadu
10.2020 - Current
  • Lead risk management processes in accordance with the guidelines set by Tata Communications
  • Monitor and manually track the risks identified across various business units using the risk registers
  • Direct business-critical risks are identified as per the risk management lifecycle process of identification, categorization, analysis, and mitigation, in collaboration with appropriate business teams, to implement corrective and preventive actions and achieve planned objectives
  • Plan and conduct kick-off meetings, IT Internal control testing, and internal/external audits (ISO 27001, SOC 2 Type 2, and ITGC statutory and regulatory) in accordance with the audit cycle of the TC organization
  • Conduct audit closure meetings and align with clients/auditors on the gaps identified across various business units as part of internal/external audits (ISO 27001, SOC 2 Type 2, and ITGC statutory and regulatory)
  • Ensure the timely closure of gaps reported across various business units and conclude the internal/external audits with a final report to management
  • Facilitate the annual review of policies, processes, standard operating procedures, and workflows across Tata Communications' business domains in a controlled and consistent manner
  • Organize and present weekly, monthly, and quarterly decks to the CISO, detailing the status of security compliance related to audits and assessments, risk management, information security/data breaches, and vulnerabilities reported within TC business units and associated customers/vendors
  • Review of Customer/Vendor MSA’s/RFPs & ensure they meet the requirements of Information security & Data privacy guidelines of the Tata Communications (TC)
  • Coordinate & assist new/existing stakeholders of Tata Communications queries/requests related to Information security & Data privacy guidelines
  • Lead the creation, review, and update of business continuity and disaster recovery plans in collaboration with all departments/business units
  • Plan, coordinate, and facilitate regular business continuity exercises (e.g., tabletop exercises, simulation drills)
  • Maintain detailed documentation of BCM activities, plans, and audit results for compliance and review purposes
  • Ensure continuous improvement by analyzing past disruptions, audits, and exercises to refine and improve the BCM process
  • Ensure that third-party risk management processes and policies are documented and communicated effectively with the Tata Communications existing/new vendors
  • Coordinate the identification and assessment of risks associated with TC existing/new vendors
  • Perform due diligence processes via TPRM One Trust toll during the vendor selection and onboarding phase, ensuring that third parties meet the organization’s risk and compliance requirements
  • Track and maintain details of vendor risk assessments, due diligence reports, contracts, and performance metrics via One Trust Tool and internal sharepoint
  • Report Bi-weekly to CISO on status of existing/new vendors on-board, risk associated and their mitigations

Lead Consultant

WIPRO TECHNOLOGIES
07.2018 - 09.2020
  • Support in the development of risk identification / categorization & analysis of business-critical processes and risks as per risk management principles
  • Plan and initiate Internal & External Audit Schedule (ISO 27001:2013; SOC 2 TYPE II)

Consultant

TECH MAHINDRA LTD
11.2016 - 07.2018
  • Conduct risk assessments to define and analyze possible risks in the IT environment of Retail projects (Solenis)
  • Plan and initiate Internal Audit Schedule (ISO 27001:2013 & ISO 20000)
  • Review of organizational policy documents and ensure compliance metrics are met

IT Operations Manager

TATA CONSULTANCY SERVICES
02.2011 - 11.2016
  • Responsible for handling Problem & Change tickets as per the SLA defined
  • Manage risk register and do follow-up on the possible risks identified in the IT environment for Manufacturing projects (General Motors & Carlsberg)
  • Assist Internal Audit Schedule (QMS & ISO 27001:2013) & track internal audit findings

IT Associate Operations Engineer

WIPRO TECHNOLOGIES
10.2007 - 02.2011
  • Responsible for handling Incident; Problem & Change tickets as per the SLA defined
  • Defining best practices related to ITIL v3 standards in the account

Education

Bachelor of Engineering - Electronics & Communication

ANNA UNIVERSITY
Chennai, India
01.2007

12th State Board -

10th -

Skills

  • MS Office Suites
  • ITSM
  • HPSM
  • Remedy75
  • Service-now (Fuji, Geneva & Helsinki)
  • GRC (ARCHER & One Trust)
  • SIEM
  • Nessus
  • Qualys
  • Risk Management
  • Compliance & Audits (ISO 27001; 31001; 23001, SOC2 Type2 & Statutory)
  • Data Analytics
  • Problem Solving

Certification

  • Data Analyst Professional, 2023, In-progress
  • Internally Trained on Data Privacy Concepts, 2022, 05/10/22
  • ISO/IEC 27701:2019-Information security, Cybersecurity and Privacy protection, 2019, 02/14/20
  • ISO 22301- Business Continuity Management (BCM), 2019, 09/24/19
  • ISO/IEC 27001:2013- Information Security Lead Implementer, 2013, 12/16/18
  • Service Now Administration, Helsinki, 05/04/13
  • ITIL 2011 Foundation & Intermediate Qualification: Planning; Operational & Service Offerings and Agreements, ITILv3, 2012-2015

Timeline

Information Security Consultant

TATA COMMUNICATIONS LTD
10.2020 - Current

Lead Consultant

WIPRO TECHNOLOGIES
07.2018 - 09.2020

Consultant

TECH MAHINDRA LTD
11.2016 - 07.2018

IT Operations Manager

TATA CONSULTANCY SERVICES
02.2011 - 11.2016

IT Associate Operations Engineer

WIPRO TECHNOLOGIES
10.2007 - 02.2011

Bachelor of Engineering - Electronics & Communication

ANNA UNIVERSITY

12th State Board -

10th -

Similar Profiles

CREATE PROFILE
Sundarrajan R