Thunikipati Swathi

Professional Summary:

• 10 Years of experience in internal/External Auditing in financial applications and Banking servers.
• As an ISO 27001 LA, have exposure on security frame works. Currently handling a team of 15 members and attending client calls.
• Participation in ISO meetings with the external team. Knowledge of PCI/DSS, HIPPA, SOX compliance.
• Supporting Critical and internal facing servers via ansible scans and planning for the quick action plan for remediating critical servers.
• First Point of contact for the identified deviations and escalating timely if those are not remediated within a time frame.
• Escalation to Global Security team if findings are not remediated.
• Planning Root Cause analysis for the findings.
• Main point of contact for the external audits and supporting in documentation.
• Knowledge of giving sessions to team mates on Security basics, Security Scans, and security frameworks. Support audit team reporting summary of internal audit activities including key audit findings to both local management and Internal Audit team.
• Good in customer interfacing, logical thinking & excellent analytical skills Experience in Information Security Audits (KPMG audit & CTP audit, etc....).
• Evaluating Operational Risk and Control management effectiveness of assigned Accounts/Area/ Processes; identify possible areas of operational control improvements and giving appropriate recommendations.
• Summarizing and reporting review results to the client on monthly basis.
• Evaluate and verify management action plan proposed by issue owners for the identified deviations. Follow-up for implementation of controls for key risks within timelines & escalate overdue issues.
• Applying security updates and scanning servers using BigFix for15000+ endpoints.
• Generating and publishing reports of vulnerabilities; using these reports, assess level of compliance with the Security Vulnerability Management process.
• Attend weekly Steering committee calls and update the status for internal audit. Escalating any potential overdue Noncompliance Issues (NCI’s) issues or action plan to the responsible team manager, audit teams and following up. Summarize audit findings in draft audit exceptions. Strong Ability to communicate and explain, in a convincing manner and sharing ideas to stakeholders in a clear and transparent way that enables them to easily understand and take necessary actions to avoid any findings.
• Currently focusing on Cloud Security & CISSP certification.

• Received 5 R&R (1 silver award, 3 bronze awards) from the GE Customer & GENPACT Management for exemplary & consistent performance at GENPACT.
• Received 4 client Recognition awards for the best employee of the year and multiple appreciations from the client at IBM.

• IT Auditing
• Audit Management
• Risk Management
• Compliance
• Patch Management & Windows Administration
• IT Security
• Anti-virus administration
• Vulnerability management