1. CONFIDENTIAL
SAI KIRAN KONCHADA
Mobile: +966 565381954 / E-Mail:konchadasaikiran09@gmail.com
LinkedIn Profile: http://in.linkedin.com/in/saikirankonchada
Career Objective
To pursue a challenging career in the field of Operational Risk and add value to the organization by
leveraging my knowledge, skills, determination and hard work.
Education
2011 Post Graduate Program in Information Security Management from MIEL e-Academy, Mumbai, India
2010 B.Tech (Computer Science Engineering) from Roland Institute of Technology, affiliated to Biju Patnaik
University of Technology, Orissa, India
Professional Certifications
2012 ISO/IEC 27001:2005 Lead Auditor in Information Security Management Systems
2012 ISO 22301:2012 Lead Auditor in Business Continuity Management System
2012 ISO/IEC 20000-1:2011Lead Auditor in Information Technology Service Management
2012 QUALYSGUARD® Certified Specialist – Vulnerability Management
2012 EC Council Certified Ethical Hacker v7
2012 Completed online course in Data Privacy Law (India) conducted by Asian School of Cyber Law
2012 Completed online course in Cyber Crime Protection Program conducted by Asian School of Cyber Law
2009 Oracle: Program with PL/SQLs
2009 Introduction to Oracle 9i:SQL
Work Experience
Consultant with Abdullah H.AL-Mutawa Sons Co. deputed in Banque Saudi Fransi, Riyadh.
June 2013 – Till date
I am responsibletoassistindeveloping,implementingandoverseeingthe Operational Risk Management
Process for the Bank as well as its group companies which are into the business of Insurance, Capital
Markets etc. The areas of work include but not limited to:
Develop operational risk policies and standards for Risk management.
Develop Operational Risk Incident procedure for Risk Management.
Conduct root cause analysis for the reported operational risk Incidents
Perform rapid risk assessment of the reported Operational Risk incidents and Operational
Risk losses in order to assess adequacy of controls implemented.
To provide recommendation, if control improvement is required and to obtain management
agreement for it.
Follow up on control recommendations as per the resolution target date and escalate in
case of no response.
Perform operational risk identification and detailed Risk Assessments including IT Risk
Assessments (Batch Job Assessment, change management, Digital Banking, Business
continuity management assessment, Customer Profile Changes), Handling IT Risk Projects
(Having experience in the products like SAS Enterprise GRC, SAS Enterprise Case
Management, SAS Fraud Risk management system)
Assist in the Operational Risk Management System Deployment covering Incident
Management, Loss Data, Risk & Control Assessments, Key Risk Indicators, Stress Testing and
Remediation Management,
Develop Group-wide Risk Register Development Project covering Process Landscape, Risks,
Controls, KRIs and Detailed Process Maps,
2. CONFIDENTIAL
Stress Testing / Scenario Analysis as per SAMA Regulation,
Develop content on Operational Risk Training courses,
Implement strategic plan to prevent, eliminate and mitigate operational risks.
Assist Operational Risk Analysts in development of key risk and control indicators.
Report operational risk issues and decisions to senior management on regular basis.
Conducting Profile Reviews, Product Review & Policy Reviews,
Risk Analytics
Security Engineer with Netmagic Solutions – an NTT Japan Company.
November 2011 – February 2013
Responsible to provide Managed Security Services for major NTT customers operating in a variety of
domains such as Banking, Insurance, Capital Markets, Retail, Telecom, Logistics, Healthcare and Media.
Responsible for Security monitoring for critical information assets
Threat and Impact analysis
Ensure appropriate escalation and follow-up for security incidents until closure
Management and analysis of security incidents
Ensure compliance with Service Level Agreements
Management of firewall/IDS/IPS infrastructure
Perform vulnerability assessments and penetration testing for customers
Projects and Internships
Organization: MIEL e-Security Pvt.Ltd
Month/ Year:Feb’2011 Duration: 35 days
Description: Intern at Security Operation Centre:
Technologies Used: TrendMicro Server, Helios MEDS –Aggregator and Secure Device Management.
Organization: MIEL e-Security Pvt.Ltd
Month/ Year:Jul’2011Duration: 3 months
Description: Mapping PCI DSS controls with ISO/IEC 27001:2005 controls
Organization: MIEL e-Security Pvt.Ltd
Month/ Year: Jan'2011 Duration: 45 days
Description: Developed a website in php and demonstrated three OWASP vulnerabilities.
Operational Risk Tools
SAS Incident Management System
SAS Fraud Risk Management System
Extra Curricular Activities / Other Accolades
o Received Best Customer Service award at Netmagic for providing quality services to customers while
ensuring compliance to SLA within 1 year duration at Netmagic.
o Awarded “Excellent” performance in SlideWars (The Paper Presentation contest) by ECOSS held on
Software Freedom Day 08 Celebration at Roland Institute of Technology.
o Worked as Team Executive of ECOSS (Engineers Consortium for Open Source Software) – The Orissa
State PLUG (Power Linux User Group) for the session 2009 – 10.
Personal Details
Date of Birth: 9th July, 1988
Languages Known: English, Hindi, Oriya and Telugu
Present Address: Al-Mather Street, Riyadh, Kingdom of Saudi Arabia - 11554
Permanent Address: Happy Home, Joura Street, Berhampur -760009, Orissa, India.
REFERENCES AVAILABLE ON REQUEST