Governance Risk And Compliance Manager Resume
5.00/5 (Submit Your Rating)
Chicago, IL
SUMMARY:
- Close to 13 Years of experience in Information Security Management Systems, Quality Management System and Governance and Risk and Compliance.
- Worked on various industry standards/regulatory requirement such as ISO 27001, SSAE 16, SOX, ISO 9001 and PCI DSS requirements.
- Very good implementation knowledge in Risk Assessment and Risk treatment methodology.
- Worked directly with the project/client senior leadership team providing governance status on the InfoSec and compliance activities.
- Worked for a Confidential and HIPPA requirement.
KNOWLEDGE AND EXPERIENCES:
- Managing the Data Security and Privacy requirement for the project.
- Trained and Certified for COBIT
- Implementation and audit knowledge in SSAE 16 requirement.
- Good implementation knowledge on Risk Assessment and Risk Treatment
- Trained as Business Continuity Specialist
- Involved in maintaining PCI DSS (Payment Card Industry - Data Security Standard) Compliance
- Good knowledge on HIPPA/ Confidential compliance.
PROFESSIONAL EXPERIENCE:
Confidential, Chicago, IL
Governance Risk and Compliance Manager
Responsibilities:
- Work for ITO requirement to demonstrate the security and governance requirement to the Client at onsite in Ireland. Dublin.
- Develop Governance Risk & Compliance dashboard and present to client in monthly/quarterly governance meeting
- Support Internal and External Audit and assessment, track the observation till closure
- Coordinate with the vendor and monitor the security requirement for the project.
- Responsible to support the Confidential process for the client.
- Coordinate with team and client for review and signoff the InfoSec process/policy/guidelines
- Implement ISO 27k requirement for internally and support the ISO certification process
- Deployed as Advisory Consultant for Data security and Privacy. As part of compliance with Confidential ’s Data Security and Privacy requirement
- Monitoring for SOX compliance for SAP system on regular basis as per the client requirement
- Preparing evidence for SOX testing for Client and External audits on regular basis
- Review the evidence for compliance
- Manage the External and Client auditors during the audit process
- Implementing Confidential Data Security and Privacy controls to multiple projects internally
- Review the scope of ISO assessment and prepare the Gap analysis Report
- Identify controls to be implemented and prepare SOA
- Revise the security controls on the basis of identified risks
- Implementing and improving policies, processes and procedures
- Monitor the Implementation
Confidential
Governance Risk and Compliance ManagerResponsibilities:
- Review the scope of assessment
- Understanding the existing processes
- Identify new functions to be incorporated and re-assess the same
- Analyzing the areas for improvement & establishing procedures to bridge the same
- Implementing and improving policies, processes and procedures
- Corrective and Preventive action
- Define the scope of the certification
- Understanding the existing processes
- Implementation of processes across the organization
- Review the scope of assessment
- Implementation of changed/new processes across the Data Center
- Revise the security controls on the basis of identified risks
- Liaise with the external consultants and auditors
- Prepare training material and presentations for ISO 27k/ ISO 9001/ PCI DSS
- Visit all branches and functions and conduct training programs for all the employees in the organization.
- Evaluate the results of the training
- Auditing
- Planning and conducting functional/Technical Internal Audits against the established processes and Standard Requirements
- Evaluating non-conformances and possible risks
- Reporting the results to the respective functions and ensuring closure via follow-up audits
- Escalation to the management in case of Non-conformances
- Client appreciation award for best performance maintain the compliance requirement with no escalation
- Received best performer award in Confidential for the Information Security and Risk management project deputed for 4 projects.
- Implementing Confidential Data Security and Privacy controls to multiple projects as per the timeline
- Successful completion of ISO 27001 implementation and certification in a short period of 6 months.
- Star performer award for implementing ISO 27001 with in target time effectively.
- Appreciation by TUV lead auditor for effective performance of RISK MANAGEMENT activity across the organization
- Implemented ISO 14000 and ISO 18000 for a major client in Engineering industry in Chennai
- Conducted more than 20 internal audits against ISO 27001 and ISO 9001 Standard Requirements for different industry
- Provided Awareness Training for more than 1000 employees on ISMS requirements
- Conducted Information security audit against ISO 27001 standard for projects & supports functions as a individual
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
