Uma Maheshwari
Senior Analyst
Hyderabad
Summary
Experienced Information Security professional with over 3 years of expertise in Third-Party Risk Management (TPRM), ISO 27001 compliance, risk assessments, and internal audits. Adept at identifying vulnerabilities, mitigating risks, and ensuring adherence to global security standards. Passionate about supporting secure business operations and fostering a culture of security awareness to strengthen organizational cyber security posture.
Overview
3
3
years of professional experience
3
3
Languages
Work History
IT Security - Senior Analyst
Wipro
02.2021 - 02.2024
- Third-Party Risk Management
- Conducted security assessments of vendors, suppliers, and service providers to evaluate their cybersecurity posture and compliance with SOC 2, ISO 27001, NIST, GDPR, and PCI-DSS.
- Identified potential security risks in vendor environments and recommended appropriate remediation measures.
- To ensure third-party security controls aligned with regulatory requirements and organizational security policies.
- Reviewed and validated SOC 2 Type II reports, penetration test results, vulnerability scans, ISO 27001 certifications, and PCI-DSS compliance.
- Collaborated with internal teams to assess and manage cybersecurity risks associated with third-party vendors.
- Engage with vendors to enhance their security posture and ensure compliance with organizational security standards.
- Handling multiple priorities and deadlines concerning review of high risk to client.
- Ensure identified vendor risks were tracked, addressed, and mitigated within a reasonable timeframe.
- Performed internal audits following ISO 27001, ensuring proper implementation of controls and coordinating with stakeholders to address and resolve non-conformities.
- Handled team incidents by providing timely responses and implementing effective remediation measures.
- Conducted training sessions for new team members to enhance their understanding of security processes and best practices.
- Facilitated security awareness initiatives by distributing awareness emails and conducting security quizzes to educate the team.
- Conducted periodic floor walks as part of auditing and submitting reports to the management.
Education
MBA -
Vision PG college
Hyderabad, India12-2021
Bcom - undefined
Little Flower degree college
Hyderabad, India05-2017
Intermediate - undefined
Sri Chaitanya Junior College
Hyderabad, India03-2014
SSC - undefined
Bhashyam High School
Hyderabad, India03-2012
Skills
TPRM
ISO27001
Risk assessment
Vendor Management
ISMS
Enterprise risk management
Incident management
IT risk management
STRENGTHS
- Third-Party Risk Management (TPRM) - Expertise in assessing and mitigating vendor security risks.
- Regulatory Compliance - Strong knowledge of ISO 27001, SOC 2, NIST, GDPR, PCI-DSS, and HIPAA.
- Risk Assessment & Mitigation - Skilled in identifying vulnerabilities and implementing remediation strategies.
- Security Awareness & Training - Passionate about educating teams on cybersecurity best practices.
key Achievements
- Successfully identified and resolved over 150 potential fraud cases,mitigating financial losses.
- Received "OOB Top performing Team" Award for the last Quarter-2022
- Received "Top performer" Award in Wipro-2023
- Appreciated on various occasions by clients/bosses/peers/team members for being a good listener,communicator& being there at their times of need.
- Been appreciated for my work by supervisors and clients.
Timeline
IT Security - Senior Analyst
Wipro
02.2021 - 02.2024
Bcom - undefined
Little Flower degree college
Intermediate - undefined
Sri Chaitanya Junior College
SSC - undefined
Bhashyam High School
MBA -
Vision PG college