Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Timeline
Generic

Vijaya Raghu

Thane

Summary

Results-driven Third-Party Risk Consultant with 2.5 years of expertise in TPRM, vendor risk assessments, and IT compliance audits. Able to identify, mitigate, and manage third-party risks while ensuring strict adherence to ISO 27001, SOC 2, SOX 404, and HIPAA standards. Proven track record in conducting comprehensive vendor security assessments, due diligence, and risk tiering. Strong understanding of ITGC, ISMS, and regulatory compliance frameworks. Collaborates with stakeholders to assess and enhance security controls, driving effective cybersecurity risk management, governance, and compliance across diverse industries including Financial Services, Technology, and Healthcare.

Overview

2
2
years of professional experience
1
1
Certification

Work History

RISK CONSULTANT (Delivery Governance, Risk & Security)

TCS
10.2022 - Current
  • Led the creation and publication of daily, weekly, and monthly audit reports for senior management, ensuring transparency and proactive risk management
  • Conducted in-depth Vulnerability Assessment and Penetration Testing (VA-PT) reviews, identifying security risks and recommending remediation actions aligned with ISMS ISO 27001 principles
  • Supported third-party monitoring and off boarding operations, leveraging industry-leading security tools to dynamically assess and report vendor risks to key stakeholders
  • Assessed and tested IT General Controls (ITGCs) under Sarbanes-Oxley (SOX) Section 404, ensuring compliance with regulatory requirements
  • Contributed to the review and enhancement of Information Security Controls, aligning security practices with ISO 27001 ISMS
  • Developed and implemented a comprehensive Third-Party Management (TPM) Risk Program, ensuring a structured approach to third-party risk mitigation
  • Owned the TPM Policy and framework, overseeing risk reporting to the Board, senior management, and other key stakeholders
  • Identified opportunities for process improvements, implementing innovative solutions to enhance efficiency in third-party risk assessments
  • Conducted Live Over-the-Shoulder (LOTS) observations to ensure compliance with confidential security controls
  • Engaged with clients and vendors regularly, facilitating seamless execution of third-party risk assessments
  • Planned, executed, and reported on third-party security assessments, coordinating with internal and external stakeholders, reviewing security documentation, and developing remediation plans for identified risks
  • Core contributor to TPRM transformation program at TCS, improving risk assessment processes and compliance frameworks
  • Successfully led and executed vendor security assessments across APAC and EMEA regions
  • Played a key role in enhancing information security controls and policy improvements
  • Recognized for process efficiency improvements and effective risk mitigation strategies

Education

Bachelor of Technology (B. Tech) - Electronics and Communication Engineering (ECE)

SRM Institute of Science and Technology

Skills

  • Risk Compliance
  • TPRM
  • SOX Compliance
  • ISO27001
  • NIST
  • SOC 2
  • IT Risks
  • GDPR
  • Due Diligence
  • Risk assessment
  • ITGC
  • ISMS
  • PCI DSS
  • Information Security
  • HIPAA
  • VA-PT Tools

Certification

ISO 27001 Associate

Accomplishments

  • Core contributor to TPRM transformation program at TCS, improving risk assessment processes and compliance frameworks.
  • Successfully led and executed vendor security assessments across APAC and EMEA regions.

Timeline

RISK CONSULTANT (Delivery Governance, Risk & Security)

TCS
10.2022 - Current

Bachelor of Technology (B. Tech) - Electronics and Communication Engineering (ECE)

SRM Institute of Science and Technology

Similar Profiles

CREATE PROFILE
Vijaya Raghu