Vikas Krishnappa

• Took ownership and accountability and performed Multiple Assessment such as PRS,ASA and SBD processes from design to implementation phases for all application/Infra.

• Follow up on vulnerability management and ensured 100% remediation through governance and tracking.
• Managed penetration testing and remediation programs in coordination with our scope departments

• Performed Third Party Risk Assesments and Data Go Assessments for our scope.
• Executed audit recommendations and ensured closure within GTS-defined timelines.
• Conducted security validations for USB access, admin rights, mail access, and Browsing exception handling.
• Implemented security controls via SG Tool processes such as Browsing exception,Proxy and SecureHub rights management.

• Validate Route opening request for all the application /Infra within our scope
• Performed risk analysis, root cause determination, and recommended mitigation based on SOC alerts.

• Supported RAF (Risk Acceptance Form) processes for legacy and high-risk applications.

• Tracked and managed global security KPIs related to our scope. • Performed weekly/monthly monitoring of vulnerabilities, security alerts, and compliance dashboards. • Investigated incidents and ensured SLA-driven resolution of crises and security issues.

• Created dashboards and presented security risk summaries during monthly reviews and stereo meetings.

• Exposure to various types of on Prem and cloud infrastructure.
• Working in Risk and Compliance team performing PCI DSS compliance audits.
• Possess strong knowledge on compliance standards like PCI DSS,3DS, SAQ D and ISO 27001.
• Experienced in conducting audits for BFSI, BPO, Merchant, E-commerce sites, etc.
• Managing end to end projects for PCI DSS standard which includes project planning, scope finalization, gap and risk analysis, implementation advisory, final audit, Roc writing, and AOC writing.

• Conduct comprehensive network penetration tests (Internal and External) to identify vulnerabilities and potential risks.
• Performing ASV scans and Mitigation support based on the vulnerabilities as per the client requirements.
• Performing Internal and External Vulnerability Assessment and Penetration Test.
• Communicate technical vulnerabilities and remediation steps to clients and management.
• Visiting onsite to perform VAPT activities.
• Performing firewall rule reviews and Configuration rule review scanning.
• Performing Wifi scanning.
• Experienced in crafting authentic phishing email templates and landing pages, replicating current social engineering tactics.
• Prepare detailed reports with actionable recommendations to strengthen clients' security posture.

• Interacting with the B2B vendors for gathering information required for Designing & Implementation.
• Prepare implementation plans for the complex solutions and prepare High level and Low-level design documents.
• Vulnerability assessment & Pen testing of Web Applications and Networks, analyzing threats, testing cyber-Attacks, Internal Auditing.
• Provide Technical Solutions for various customer requirements.
• Presenting Final Reports and Remediation Plans