Aug 2023 – Mar 2025 · 1 yr 7 mos · Mumbai, Maharashtra, India · On-site

• Worked with the Information Security Department of the 𝐥𝐚𝐫𝐠𝐞𝐬𝐭 𝐏𝐮𝐛𝐥𝐢𝐜 𝐒𝐞𝐜𝐭𝐨𝐫 𝐁𝐚𝐧𝐤 of India.
• Led comprehensive IT vendor risk assessments for a major financial institution, ensuring compliance with RBI outsourcing guidelines and enhancing overall risk management.
• Developed and implemented strategic risk mitigation frameworks for IT outsourcing, improving vendor governance, performance, and cybersecurity resilience.
• Conducted comprehensive reviews of the bank's database infrastructure to assess security vulnerabilities, data integrity, and compliance with regulatory requirements.
• Provided detailed reports outlining findings, risk levels, and actionable recommendations to enhance the bank's database security posture and regulatory compliance.
• Evaluated the bank's operational processes, procedures, and controls to identify inefficiencies, gaps, and compliance risks.
• Conducted walkthroughs and interviews with key stakeholders to understand process workflows, dependencies, and control mechanisms.
• Analyzed digital forensic capabilities, incident response procedures, logging mechanisms, and preservation practices to determine the bank's preparedness for digital forensic investigations.
• Conducted rigorous reviews of the bank's software applications and source code repositories using Fortify, an industry-leading application security testing tool.
• Utilized static code analysis capabilities of Fortify to identify security vulnerabilities, coding flaws, and compliance deviations within the source code.
• Served as the designated Single Point of Contact for a department, streamlining communication channels and enhancing efficiency in handling various operational aspects.
• Led and managed resources under my purview, optimizing workflows and ensuring alignment with departmental goals and objectives.