Jan 2023 – Jun 2024 · 1 yr 5 mos

Sep 2021 – Jan 2023 · 1 yr 4 mos

• 1.Orchestrated global governance and compliance certifications external audit for Adobe's suite of products/services (SAAS), including SOC 1, SOC 2, PCI DSS, ISO, IRAP, ISMAP etc.
• 2.Conducted Internal Audits spanning various domains such as Entity Level (Policy and Procedure) Management, Identity and Access Management, Backup Management, Change Management, Network Security, Vulnerability Management, Incident Management, and BIA/DR to align with industry best practices.
• 3.Collaborated with stakeholders including engineering, product, and operations teams to ensure integration of security controls into product and feature development roadmaps. Validated security controls across Adobe cloud platforms(AWS, Gen AI Platform, etc.) within the Software Development Lifecycle (SDLC).
• 4.Identified security gaps and executed root cause analyses (RCA) to address risks through Remediation, Mitigation, Acceptance, or Transfer strategies. Produced comprehensive reports on security findings and recommendations, fostering transparent communication with management and stakeholders.
• 5.Led initiatives to automate security controls, leveraging data optimization techniques to streamline workflows and reduce compliance overhead, demonstrating proficiency in technology-driven solutions.
• 6.Spearheaded the Vulnerability Management Program, ensuring timely treatment of vulnerabilities for cloud/On-Prem Services thereby maintaining robust security postures and compliance with Service Level Agreements (SLAs).

Jun 2020 – Sep 2021 · 1 yr 3 mos · Bengaluru, Karnataka, India

• 1.Orchestrated comprehensive Risk Assessment Audits and formulated Risk Control Matrix (RCM) to effectively address a spectrum of client risks, showcasing adeptness in risk management and mitigation strategies.
• 2.Spearheaded Information Technology General Control (ITGC) and Information Technology Automated/Application Control (ITAC) audits to ensure adherence to SOX regulations.
• 3.Implemented Information Security Management System (ISMS) grounded on the ISO 27001 framework to optimize business processes. Conducted thorough Service Organization Control (SOC 2 Type 2) Attestation audits, underscoring experience in enhancing security frameworks and verifying compliance with rigorous standards.

Apr 2019 – Jun 2019 · 2 mos · Mumbai, Maharashtra, India

• 1.Vodafone Idea Business Services-Large Accounts, Vodafone Global Enterprises, Government, Small Medium Enterprises, Small Office Home Office GST Clean up (Project Synergy) and Machine to Machine Analysis.
• 2.Analyzed problems in each vertical of VIBS back office to save revenue of Vodafone Idea in GST activation and Machine to Machine services.
• 3.The analysis was done from AMDOCS, Oracle CRM and IBM FileNet tool to present a report (master sheet) with all the validations and submitted to Head of VIBS.
• 4.To check plans with respect to activation in CPOS, to analyze COFU added to the plan, to analyze plan SOC ID with Allcos Master sheet.
• 5.Raise EDM to Authorised Signatory for validation and confirmation for correct GST and Enterprise code
• 6.Raise and check VDM (ER Sheet) for plan correction after validation.
• 7.Access Point Number(APN), VAS, Voice Barrier validation and UAT done for all processes.
• 8.Multiple customer ID validation with confirmation of Account Manager, Service Lead, Service managers, Corporate and Marketing team.