Tanusree Mondal (IIT Dhanbad)
Summary
Experienced Information Security Delivery Team Lead adept at driving the successful implementation of robust security solutions. Skilled in strategic planning, process enhancement, and regulatory compliance. Dedicated to fostering collaborative relationships and promoting excellence within the team.
Overview
8
8
years of professional experience
Work History
Security Delivery Team Lead
Accenture
Noida
06.2022 - Current
- Perform Risk assessment using Secure by Design Framework
- Perform data security and privacy initiatives, ensuring compliance and implementing robust measures to protect sensitive information
- Perform IAM assessments, identifying risks, ensuring compliance, and providing actionable recommendations for improvement
- Enhanced hosting platform security through rigorous cloud hosting security assessments, addressing vulnerabilities to improve data protection
- Conduct comprehensive database security assessments to fortify data integrity against potential breaches
- Leading in development of information security framework, Risk Assessment documents
- Shaping an AI security framework for Generative AI, implementing robust protocols for next-gen systems
- Improved governance by performing ISO 27001 monthly audits and providing risk management recommendations
- Perform assessments and improvements of software development practices aligned with NIST Secure SDLC guidelines, ensuring robust security integration across the development lifecycle
- Ensured successful project completion by leading the team, delegating tasks, and providing timely updates to stakeholders
- Contribute to RFP development and proposal writing for information security solutions, leveraging technical expertise to align solutions with client needs
- Assist the leadership by providing recommendations to improve the Governance and risk management
- Successfully coached diverse cross-functional teams, fostering collaboration to achieve organizational goals and promote individual career growth
- Enhanced team productivity by providing consistent coaching, feedback, and guidance to delivery staff.
- Attained maximum client satisfaction through spearheading the Security Delivery Team's success in securing the ACE (Accenture Celebrates Excellence) award for excellence.
Senior Consultant
Genpact Enterprise Risk Consulting LLP
Noida
12.2019 - 05.2022
- Executed ITGC and SOX 404 audits, enhancing operational integrity and regulatory compliance through streamlined processes and strengthened controls aligned with business objectives
- Enabled team success by offering crucial support, managing project tasks, and ensuring seamless coordination among team members
- Assisted in developing custom policies and procedures to meet client needs, ensuring compliance with industry standards and regulations
- Delivered Information security awareness training.
- Mentored junior consultants, helping them enhance their skills and contribute more effectively to projects.
Associate Consultant
Ernst & Young (EY)
Bangalore
11.2018 - 12.2019
- Executed detailed ITGC audits, identifying vulnerabilities and implementing proactive measures to mitigate operational risks, ensuring organizational efficiency and reliability
- Conducted targeted ITGC audits for SAP applications, securing critical business processes and data integrity through proactive measures
- Conducted SOC1 and SOC2 audits, ensuring compliance with industry standards through comprehensive reports assessing internal controls' effectiveness.
- Managed multiple projects simultaneously while maintaining attention to detail, organization, and adherence to deadlines.
Senior Security Analyst
Capgemini India Private Limited
Bangalore
11.2017 - 11.2018
- Conducted SOX 404 audits to ensure regulatory compliance and mitigate operational risks, enhancing business integrity
- Performed data privacy assessments to evaluate compliance with regulations and identify potential risks, ensuring the protection of sensitive information and maintaining regulatory adherence
- Third Party Vendor Audit: Performed security assessment with 3rd party vendor and connecting with client for the same
- Communicate appropriate risk levels and corrective actions with the vendor for further processing
- Report on assessment outcomes, risk level and associated recommendations, corrective action plans in the audit report
- Follow-up on the corrective action plans and review evidence for closure.
Junior C++ Developer
Emudhra Limited
Bangalore
08.2016 - 10.2017
- Started professional career as C++ developer by contributing to the development of C++ projects, gaining hands-on experience in software engineering principles and coding practices.
- Assisted in developing reusable components and libraries for increased efficiency across multiple projects.
Education
M.Tech - Computer Science & Information Security
Indian Institute of Technology
Dhanbad, India06.2016
Skills
- Risk Assessment & Mitigation
- Good Understanding and knowledge of industry standards/ frameworks like PCI DSS, NIST
- Privacy Regulation (GDPR, CCPA)
- Cloud Security
- ISO 27001
- Multi Tasking
- Stakeholder Management
- Task Delegation
- Team Supervision
Certification
- ISO / IEC 27001:2013 ISMS Lead Auditor (BSI).
- ISO 31000:2018 Risk Management Principles & Guidelines Implementation
- CLF C02 : AWS Certified Cloud Practitioner.
Areas Of Interest
- Data Privacy
- Gen AI
- Cloud Security
- ISO 27001
- ITGC Audit Support and SSAE 16
- Information Security Governance and COBIT
- Vulnerability Assessment and Penetration Testing
Languages
English
Advanced (C1)
Hindi
Advanced (C1)
Bengali
Advanced (C1)
Personal Information
Nationality: Indian
Disclaimer
I hereby certify that above mentioned information is correct to the best of my knowledge and belief.
Timeline
Security Delivery Team Lead
Accenture
06.2022 - Current
Senior Consultant
Genpact Enterprise Risk Consulting LLP
12.2019 - 05.2022
Associate Consultant
Ernst & Young (EY)
11.2018 - 12.2019
Senior Security Analyst
Capgemini India Private Limited
11.2017 - 11.2018
Junior C++ Developer
Emudhra Limited
08.2016 - 10.2017
M.Tech - Computer Science & Information Security
Indian Institute of Technology