SlideShare a Scribd company logo

Saikiran_CV_Operational Risk_updated

Download as DOCX, PDF
K
konchada
1 of 2
CONFIDENTIAL SAI KIRAN KONCHADA Mobile: +966 565381954 / E-Mail:konchadasaikiran09@gmail.com LinkedIn Profile: http://in.linkedin.com/in/saikirankonchada Career Objective To pursue a challenging career in the field of Operational Risk and add value to the organization by leveraging my knowledge, skills, determination and hard work. Education 2011 Post Graduate Program in Information Security Management from MIEL e-Academy, Mumbai, India 2010 B.Tech (Computer Science Engineering) from Roland Institute of Technology, affiliated to Biju Patnaik University of Technology, Orissa, India Professional Certifications 2012 ISO/IEC 27001:2005 Lead Auditor in Information Security Management Systems 2012 ISO 22301:2012 Lead Auditor in Business Continuity Management System 2012 ISO/IEC 20000-1:2011Lead Auditor in Information Technology Service Management 2012 QUALYSGUARD® Certified Specialist – Vulnerability Management 2012 EC Council Certified Ethical Hacker v7 2012 Completed online course in Data Privacy Law (India) conducted by Asian School of Cyber Law 2012 Completed online course in Cyber Crime Protection Program conducted by Asian School of Cyber Law 2009 Oracle: Program with PL/SQLs 2009 Introduction to Oracle 9i:SQL Work Experience Consultant with Abdullah H.AL-Mutawa Sons Co. deputed in Banque Saudi Fransi, Riyadh. June 2013 – Till date I am responsibletoassistindeveloping,implementingandoverseeingthe Operational Risk Management Process for the Bank as well as its group companies which are into the business of Insurance, Capital Markets etc. The areas of work include but not limited to:  Develop operational risk policies and standards for Risk management.  Develop Operational Risk Incident procedure for Risk Management.  Conduct root cause analysis for the reported operational risk Incidents  Perform rapid risk assessment of the reported Operational Risk incidents and Operational Risk losses in order to assess adequacy of controls implemented.  To provide recommendation, if control improvement is required and to obtain management agreement for it.  Follow up on control recommendations as per the resolution target date and escalate in case of no response.  Perform operational risk identification and detailed Risk Assessments including IT Risk Assessments (Batch Job Assessment, change management, Digital Banking, Business continuity management assessment, Customer Profile Changes), Handling IT Risk Projects (Having experience in the products like SAS Enterprise GRC, SAS Enterprise Case Management, SAS Fraud Risk management system)  Assist in the Operational Risk Management System Deployment covering Incident Management, Loss Data, Risk & Control Assessments, Key Risk Indicators, Stress Testing and Remediation Management,  Develop Group-wide Risk Register Development Project covering Process Landscape, Risks, Controls, KRIs and Detailed Process Maps,
CONFIDENTIAL  Stress Testing / Scenario Analysis as per SAMA Regulation,  Develop content on Operational Risk Training courses,  Implement strategic plan to prevent, eliminate and mitigate operational risks.  Assist Operational Risk Analysts in development of key risk and control indicators.  Report operational risk issues and decisions to senior management on regular basis.  Conducting Profile Reviews, Product Review & Policy Reviews,  Risk Analytics Security Engineer with Netmagic Solutions – an NTT Japan Company. November 2011 – February 2013 Responsible to provide Managed Security Services for major NTT customers operating in a variety of domains such as Banking, Insurance, Capital Markets, Retail, Telecom, Logistics, Healthcare and Media.  Responsible for Security monitoring for critical information assets  Threat and Impact analysis  Ensure appropriate escalation and follow-up for security incidents until closure  Management and analysis of security incidents  Ensure compliance with Service Level Agreements  Management of firewall/IDS/IPS infrastructure  Perform vulnerability assessments and penetration testing for customers Projects and Internships Organization: MIEL e-Security Pvt.Ltd Month/ Year:Feb’2011 Duration: 35 days Description: Intern at Security Operation Centre: Technologies Used: TrendMicro Server, Helios MEDS –Aggregator and Secure Device Management. Organization: MIEL e-Security Pvt.Ltd Month/ Year:Jul’2011Duration: 3 months Description: Mapping PCI DSS controls with ISO/IEC 27001:2005 controls Organization: MIEL e-Security Pvt.Ltd Month/ Year: Jan'2011 Duration: 45 days Description: Developed a website in php and demonstrated three OWASP vulnerabilities. Operational Risk Tools SAS Incident Management System SAS Fraud Risk Management System Extra Curricular Activities / Other Accolades o Received Best Customer Service award at Netmagic for providing quality services to customers while ensuring compliance to SLA within 1 year duration at Netmagic. o Awarded “Excellent” performance in SlideWars (The Paper Presentation contest) by ECOSS held on Software Freedom Day 08 Celebration at Roland Institute of Technology. o Worked as Team Executive of ECOSS (Engineers Consortium for Open Source Software) – The Orissa State PLUG (Power Linux User Group) for the session 2009 – 10. Personal Details Date of Birth: 9th July, 1988 Languages Known: English, Hindi, Oriya and Telugu Present Address: Al-Mather Street, Riyadh, Kingdom of Saudi Arabia - 11554 Permanent Address: Happy Home, Joura Street, Berhampur -760009, Orissa, India. REFERENCES AVAILABLE ON REQUEST

Recommended

SOC Services- Enhancing Organization's Cyber & Digital Security Posture
SOC Services- Enhancing Organization's Cyber & Digital Security PostureSOC Services- Enhancing Organization's Cyber & Digital Security Posture
SOC Services- Enhancing Organization's Cyber & Digital Security Posturemanoharparakh
 
S sdlc datasheet q1-2015 v fnl
S sdlc datasheet q1-2015 v fnlS sdlc datasheet q1-2015 v fnl
S sdlc datasheet q1-2015 v fnlSally Chan
 
Alert Logic - Corporate Overview
Alert Logic - Corporate OverviewAlert Logic - Corporate Overview
Alert Logic - Corporate Overviewbmiller144
 
CQI-IRCA 27001:2013 Lead Auditor Course
CQI-IRCA 27001:2013 Lead Auditor Course CQI-IRCA 27001:2013 Lead Auditor Course
CQI-IRCA 27001:2013 Lead Auditor Course Desmond Muchetu
 
The impact of GDPR on UK employers
The impact of GDPR on UK employersThe impact of GDPR on UK employers
The impact of GDPR on UK employersRalf Braga
 
EC-Council Products and career path
EC-Council Products and career pathEC-Council Products and career path
EC-Council Products and career pathKushantha Gunawardana
 
Iso 27001 audits_guide
Iso 27001 audits_guideIso 27001 audits_guide
Iso 27001 audits_guideRico Firmansyah
 
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...Enterprise Mobile
 

Recommended

SOC Services- Enhancing Organization's Cyber & Digital Security Posture
SOC Services- Enhancing Organization's Cyber & Digital Security PostureSOC Services- Enhancing Organization's Cyber & Digital Security Posture
SOC Services- Enhancing Organization's Cyber & Digital Security Posturemanoharparakh
 
S sdlc datasheet q1-2015 v fnl
S sdlc datasheet q1-2015 v fnlS sdlc datasheet q1-2015 v fnl
S sdlc datasheet q1-2015 v fnlSally Chan
 
Alert Logic - Corporate Overview
Alert Logic - Corporate OverviewAlert Logic - Corporate Overview
Alert Logic - Corporate Overviewbmiller144
 
CQI-IRCA 27001:2013 Lead Auditor Course
CQI-IRCA 27001:2013 Lead Auditor Course CQI-IRCA 27001:2013 Lead Auditor Course
CQI-IRCA 27001:2013 Lead Auditor Course Desmond Muchetu
 
The impact of GDPR on UK employers
The impact of GDPR on UK employersThe impact of GDPR on UK employers
The impact of GDPR on UK employersRalf Braga
 
EC-Council Products and career path
EC-Council Products and career pathEC-Council Products and career path
EC-Council Products and career pathKushantha Gunawardana
 
Iso 27001 audits_guide
Iso 27001 audits_guideIso 27001 audits_guide
Iso 27001 audits_guideRico Firmansyah
 
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...Enterprise Mobile
 
Azure AD - Password attacks - logging and protections
Azure AD - Password attacks - logging and protectionsAzure AD - Password attacks - logging and protections
Azure AD - Password attacks - logging and protectionsAndres Canello
 
Need of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless EnterpriseNeed of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless Enterprisehardik soni
 
G-CISO
G-CISOG-CISO
G-CISONamrata Bhise
 
Jeff kushner trends in grc management
Jeff kushner trends in grc managementJeff kushner trends in grc management
Jeff kushner trends in grc managementjpkush
 
Risk monitoring and response
Risk monitoring and responseRisk monitoring and response
Risk monitoring and responseZyrellLalaguna
 
Enterprise Risk Management Software
Enterprise Risk Management SoftwareEnterprise Risk Management Software
Enterprise Risk Management SoftwareMike Taylor
 
Sosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layananSosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layananSarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Azure multi factor authentication - Global Azure bootcamp 2018 security
Azure multi factor authentication - Global Azure bootcamp 2018 securityAzure multi factor authentication - Global Azure bootcamp 2018 security
Azure multi factor authentication - Global Azure bootcamp 2018 securityJoTechies
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNA Putra
 
Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how Craig Willetts ISO Expert
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassA-lign
 
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCALead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCAmyTectra Learning Solutions Private Ltd
 
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Community IT Innovators
 
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...PECB
 
233307 ITIL
233307 ITIL233307 ITIL
233307 ITILSridharan AS
 
ISO 27001:2013 - Changes
ISO 27001:2013 - ChangesISO 27001:2013 - Changes
ISO 27001:2013 - Changesn|u - The Open Security Community
 
Boards of Directors and GDPR Prof. Hernan Huwyler, MBA CPA
Boards of Directors and GDPR Prof. Hernan Huwyler, MBA CPABoards of Directors and GDPR Prof. Hernan Huwyler, MBA CPA
Boards of Directors and GDPR Prof. Hernan Huwyler, MBA CPAHernan Huwyler, MBA CPA
 
google-apps-security-and-compliance-whitepaper (1)
google-apps-security-and-compliance-whitepaper (1)google-apps-security-and-compliance-whitepaper (1)
google-apps-security-and-compliance-whitepaper (1)Mohit Sharma
 
5 Proven Success Strategies for your Software Security Program - LASCON 2013
5 Proven Success Strategies for your Software Security Program - LASCON 20135 Proven Success Strategies for your Software Security Program - LASCON 2013
5 Proven Success Strategies for your Software Security Program - LASCON 2013Bankim Tejani
 
Balaji Jagan -Resume
Balaji Jagan -ResumeBalaji Jagan -Resume
Balaji Jagan -ResumeBalaji Jagannathan
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Mahalakshmi_Profile
Mahalakshmi_ProfileMahalakshmi_Profile
Mahalakshmi_ProfileMahalakshmi S
 

More Related Content

What's hot

Azure AD - Password attacks - logging and protections
Azure AD - Password attacks - logging and protectionsAzure AD - Password attacks - logging and protections
Azure AD - Password attacks - logging and protectionsAndres Canello
 
Need of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless EnterpriseNeed of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless Enterprisehardik soni
 
Jeff kushner trends in grc management
Jeff kushner trends in grc managementJeff kushner trends in grc management
Jeff kushner trends in grc managementjpkush
 
Risk monitoring and response
Risk monitoring and responseRisk monitoring and response
Risk monitoring and responseZyrellLalaguna
 
Enterprise Risk Management Software
Enterprise Risk Management SoftwareEnterprise Risk Management Software
Enterprise Risk Management SoftwareMike Taylor
 
Azure multi factor authentication - Global Azure bootcamp 2018 security
Azure multi factor authentication - Global Azure bootcamp 2018 securityAzure multi factor authentication - Global Azure bootcamp 2018 security
Azure multi factor authentication - Global Azure bootcamp 2018 securityJoTechies
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNA Putra
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassA-lign
 
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Community IT Innovators
 
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...PECB
 
Boards of Directors and GDPR Prof. Hernan Huwyler, MBA CPA
Boards of Directors and GDPR Prof. Hernan Huwyler, MBA CPABoards of Directors and GDPR Prof. Hernan Huwyler, MBA CPA
Boards of Directors and GDPR Prof. Hernan Huwyler, MBA CPAHernan Huwyler, MBA CPA
 
google-apps-security-and-compliance-whitepaper (1)
google-apps-security-and-compliance-whitepaper (1)google-apps-security-and-compliance-whitepaper (1)
google-apps-security-and-compliance-whitepaper (1)Mohit Sharma
 
5 Proven Success Strategies for your Software Security Program - LASCON 2013
5 Proven Success Strategies for your Software Security Program - LASCON 20135 Proven Success Strategies for your Software Security Program - LASCON 2013
5 Proven Success Strategies for your Software Security Program - LASCON 2013Bankim Tejani
 

What's hot (19)

Azure AD - Password attacks - logging and protections
Azure AD - Password attacks - logging and protectionsAzure AD - Password attacks - logging and protections
Azure AD - Password attacks - logging and protections
 
Need of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless EnterpriseNeed of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless Enterprise
 
G-CISO
G-CISOG-CISO
G-CISO
 
Jeff kushner trends in grc management
Jeff kushner trends in grc managementJeff kushner trends in grc management
Jeff kushner trends in grc management
 
Risk monitoring and response
Risk monitoring and responseRisk monitoring and response
Risk monitoring and response
 
Enterprise Risk Management Software
Enterprise Risk Management SoftwareEnterprise Risk Management Software
Enterprise Risk Management Software
 
Sosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layananSosialisasi sni iso iec 20000 - sistem manajemen layanan
Sosialisasi sni iso iec 20000 - sistem manajemen layanan
 
Azure multi factor authentication - Global Azure bootcamp 2018 security
Azure multi factor authentication - Global Azure bootcamp 2018 securityAzure multi factor authentication - Global Azure bootcamp 2018 security
Azure multi factor authentication - Global Azure bootcamp 2018 security
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation Guide
 
Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access Pass
 
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCALead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
 
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
 
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
 
233307 ITIL
233307 ITIL233307 ITIL
233307 ITIL
 
ISO 27001:2013 - Changes
ISO 27001:2013 - ChangesISO 27001:2013 - Changes
ISO 27001:2013 - Changes
 
Boards of Directors and GDPR Prof. Hernan Huwyler, MBA CPA
Boards of Directors and GDPR Prof. Hernan Huwyler, MBA CPABoards of Directors and GDPR Prof. Hernan Huwyler, MBA CPA
Boards of Directors and GDPR Prof. Hernan Huwyler, MBA CPA
 
google-apps-security-and-compliance-whitepaper (1)
google-apps-security-and-compliance-whitepaper (1)google-apps-security-and-compliance-whitepaper (1)
google-apps-security-and-compliance-whitepaper (1)
 
5 Proven Success Strategies for your Software Security Program - LASCON 2013
5 Proven Success Strategies for your Software Security Program - LASCON 20135 Proven Success Strategies for your Software Security Program - LASCON 2013
5 Proven Success Strategies for your Software Security Program - LASCON 2013
 

Similar to Saikiran_CV_Operational Risk_updated

Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan MMohan M
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Resume-Amit 1.0
Resume-Amit 1.0Resume-Amit 1.0
Resume-Amit 1.0Amit Verma
 
Venkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and ComplianceVenkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and ComplianceVenkatesh M S
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?rbrockway
 
Process Maturity Assessment
Process Maturity AssessmentProcess Maturity Assessment
Process Maturity Assessmentpchronis
 
Quality and Information Security Assurance
Quality and Information Security AssuranceQuality and Information Security Assurance
Quality and Information Security AssuranceKumud Mishra
 
Pankaj's Resume Information Security Professional
Pankaj's Resume Information Security ProfessionalPankaj's Resume Information Security Professional
Pankaj's Resume Information Security ProfessionalPankaj Kumar
 
Happiest Minds NIST CSF compliance Brochure
Happiest Minds NIST CSF compliance BrochureHappiest Minds NIST CSF compliance Brochure
Happiest Minds NIST CSF compliance BrochureSuresh Kanniappan
 
Bayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore.
 
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Mohamed Aman Elhelw
 

Similar to Saikiran_CV_Operational Risk_updated (20)

Balaji Jagan -Resume
Balaji Jagan -ResumeBalaji Jagan -Resume
Balaji Jagan -Resume
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISA
 
Mahalakshmi_Profile
Mahalakshmi_ProfileMahalakshmi_Profile
Mahalakshmi_Profile
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISA
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISA
 
CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1
 
Resume-Amit 1.0
Resume-Amit 1.0Resume-Amit 1.0
Resume-Amit 1.0
 
Venkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and ComplianceVenkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and Compliance
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?
 
ESA for Business
ESA for BusinessESA for Business
ESA for Business
 
Process Maturity Assessment
Process Maturity AssessmentProcess Maturity Assessment
Process Maturity Assessment
 
Quality and Information Security Assurance
Quality and Information Security AssuranceQuality and Information Security Assurance
Quality and Information Security Assurance
 
Pankaj's Resume Information Security Professional
Pankaj's Resume Information Security ProfessionalPankaj's Resume Information Security Professional
Pankaj's Resume Information Security Professional
 
CV
CVCV
CV
 
Infoprive Brochure
Infoprive Brochure Infoprive Brochure
Infoprive Brochure
 
Michael Bowers Resume
Michael Bowers ResumeMichael Bowers Resume
Michael Bowers Resume
 
Happiest Minds NIST CSF compliance Brochure
Happiest Minds NIST CSF compliance BrochureHappiest Minds NIST CSF compliance Brochure
Happiest Minds NIST CSF compliance Brochure
 
Bayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance Analyst
 
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
 

Saikiran_CV_Operational Risk_updated

  • 1. CONFIDENTIAL SAI KIRAN KONCHADA Mobile: +966 565381954 / E-Mail:konchadasaikiran09@gmail.com LinkedIn Profile: http://in.linkedin.com/in/saikirankonchada Career Objective To pursue a challenging career in the field of Operational Risk and add value to the organization by leveraging my knowledge, skills, determination and hard work. Education 2011 Post Graduate Program in Information Security Management from MIEL e-Academy, Mumbai, India 2010 B.Tech (Computer Science Engineering) from Roland Institute of Technology, affiliated to Biju Patnaik University of Technology, Orissa, India Professional Certifications 2012 ISO/IEC 27001:2005 Lead Auditor in Information Security Management Systems 2012 ISO 22301:2012 Lead Auditor in Business Continuity Management System 2012 ISO/IEC 20000-1:2011Lead Auditor in Information Technology Service Management 2012 QUALYSGUARD® Certified Specialist – Vulnerability Management 2012 EC Council Certified Ethical Hacker v7 2012 Completed online course in Data Privacy Law (India) conducted by Asian School of Cyber Law 2012 Completed online course in Cyber Crime Protection Program conducted by Asian School of Cyber Law 2009 Oracle: Program with PL/SQLs 2009 Introduction to Oracle 9i:SQL Work Experience Consultant with Abdullah H.AL-Mutawa Sons Co. deputed in Banque Saudi Fransi, Riyadh. June 2013 – Till date I am responsibletoassistindeveloping,implementingandoverseeingthe Operational Risk Management Process for the Bank as well as its group companies which are into the business of Insurance, Capital Markets etc. The areas of work include but not limited to:  Develop operational risk policies and standards for Risk management.  Develop Operational Risk Incident procedure for Risk Management.  Conduct root cause analysis for the reported operational risk Incidents  Perform rapid risk assessment of the reported Operational Risk incidents and Operational Risk losses in order to assess adequacy of controls implemented.  To provide recommendation, if control improvement is required and to obtain management agreement for it.  Follow up on control recommendations as per the resolution target date and escalate in case of no response.  Perform operational risk identification and detailed Risk Assessments including IT Risk Assessments (Batch Job Assessment, change management, Digital Banking, Business continuity management assessment, Customer Profile Changes), Handling IT Risk Projects (Having experience in the products like SAS Enterprise GRC, SAS Enterprise Case Management, SAS Fraud Risk management system)  Assist in the Operational Risk Management System Deployment covering Incident Management, Loss Data, Risk & Control Assessments, Key Risk Indicators, Stress Testing and Remediation Management,  Develop Group-wide Risk Register Development Project covering Process Landscape, Risks, Controls, KRIs and Detailed Process Maps,
  • 2. CONFIDENTIAL  Stress Testing / Scenario Analysis as per SAMA Regulation,  Develop content on Operational Risk Training courses,  Implement strategic plan to prevent, eliminate and mitigate operational risks.  Assist Operational Risk Analysts in development of key risk and control indicators.  Report operational risk issues and decisions to senior management on regular basis.  Conducting Profile Reviews, Product Review & Policy Reviews,  Risk Analytics Security Engineer with Netmagic Solutions – an NTT Japan Company. November 2011 – February 2013 Responsible to provide Managed Security Services for major NTT customers operating in a variety of domains such as Banking, Insurance, Capital Markets, Retail, Telecom, Logistics, Healthcare and Media.  Responsible for Security monitoring for critical information assets  Threat and Impact analysis  Ensure appropriate escalation and follow-up for security incidents until closure  Management and analysis of security incidents  Ensure compliance with Service Level Agreements  Management of firewall/IDS/IPS infrastructure  Perform vulnerability assessments and penetration testing for customers Projects and Internships Organization: MIEL e-Security Pvt.Ltd Month/ Year:Feb’2011 Duration: 35 days Description: Intern at Security Operation Centre: Technologies Used: TrendMicro Server, Helios MEDS –Aggregator and Secure Device Management. Organization: MIEL e-Security Pvt.Ltd Month/ Year:Jul’2011Duration: 3 months Description: Mapping PCI DSS controls with ISO/IEC 27001:2005 controls Organization: MIEL e-Security Pvt.Ltd Month/ Year: Jan'2011 Duration: 45 days Description: Developed a website in php and demonstrated three OWASP vulnerabilities. Operational Risk Tools SAS Incident Management System SAS Fraud Risk Management System Extra Curricular Activities / Other Accolades o Received Best Customer Service award at Netmagic for providing quality services to customers while ensuring compliance to SLA within 1 year duration at Netmagic. o Awarded “Excellent” performance in SlideWars (The Paper Presentation contest) by ECOSS held on Software Freedom Day 08 Celebration at Roland Institute of Technology. o Worked as Team Executive of ECOSS (Engineers Consortium for Open Source Software) – The Orissa State PLUG (Power Linux User Group) for the session 2009 – 10. Personal Details Date of Birth: 9th July, 1988 Languages Known: English, Hindi, Oriya and Telugu Present Address: Al-Mather Street, Riyadh, Kingdom of Saudi Arabia - 11554 Permanent Address: Happy Home, Joura Street, Berhampur -760009, Orissa, India. REFERENCES AVAILABLE ON REQUEST