Summary
Overview
Work History
Education
Skills
Timeline
Generic

Krishna R

Summary

Overall, with 9 years of experience in Governance, Risk, and Compliance (GRC), I have specialized in the RSA Archer GRC platforms, working across various phases of the Software Development Life Cycle (SDLC), including requirements analysis, design, development, enhancement, testing, migration, documentation, and implementation of risk and compliance solutions. My expertise extends to customizing the Archer platform, ensuring seamless user experiences, and tailoring applications to meet business needs. I have worked extensively with Archer versions up to 6.14, managing installations, upgrades, and understanding platform enhancements across different releases. My experience covers the full spectrum of Integrated Risk Management (IRM) processes, including Risk Management, Policy Management, Audit Engagements, Issues Management, Model Risk Management, Compliance. I have played a key role in managing access controls, implementing LDAP configurations, defining user roles and permissions, and ensuring data integrity across multiple applications. My technical expertise includes building new solutions, applications, questionnaires, and sub-forms, as well as migrating configurations across environments using data imports, data feeds, and Archer packaging. I have developed global and statistical reports, created mail merge templates, and set up admin notifications and scheduled reports to enhance reporting efficiency. Additionally, I have configured and optimized advanced workflows to automate governance processes, improving operational efficiency and risk visibility. Beyond technical execution, I have worked closely with business stakeholders to translate complex use cases—such as vendor management, incident handling, and risk management—into Archer solutions. My experience includes developing and enhancing both core and on-demand applications within Archer, customizing layouts, creating workflows, and defining roles and actions to streamline governance and risk processes.

Overview

12
12
years of professional experience

Work History

GRC Consultant

McKesson Corporate
Irving, TX
08.2023 - Current
  • Experience in designing, configuring, and implementing Archer solutions.
  • Collaborated with Archer IRM to integrate a third-party document governance tool.
  • Develop and maintain secure APIs, enabling integration with third-party systems.
  • Performed end-to-end tasks to configure instances of Archer-Enterprise and vendor risk management.
  • Hands-on experience designing with solution migration and deployment, supporting production and development environments.
  • Providing Level 3 support for the GRC platform, including troubleshooting and resolving production issues.
  • Conducted a thorough assessment of the existing on-premise Archer GRC environment, including database dependencies, application configurations, and integrations, to identify potential migration challenges.
  • Performed data extraction, transformation, and migration (ETL) from on-premise databases to Azure SQL, ensuring data integrity, encryption, and compliance with security policies.
  • Configured web, application, and database servers in the Azure environment, optimizing Archer services, IIS settings, and performance tuning for cloud compatibility.
  • Conducted UAT, load testing, and security validation to benchmark performance against the on-prem environment, optimizing Archer workflows, IIS configurations, and SQL queries for improved efficiency in Azure.
  • Full administration, configuration, testing, maintenance, and deployment of all modules, ensuring the platform is effective.
  • Overseeing incident tickets, workflow redesign, and process change requests related to integration efforts.
  • Optimizing system performance and maintaining a good user experience, which can be tackled through regular monitoring, analysis, and improvement efforts.
  • Monitor and maintain the integration, addressing any performance or maintenance issues that arise.
  • Configure the API calls and data transfer processes using RSA Archer's available integration tools, or custom scripts.
  • Debug the error logs on the server in case of any system failures, and provide resolutions for them based on the error log information.
  • Creation and deletion of bulk user accounts by using the Archer Bulk User tool.
  • Bulk extracting of attachments from Archer using the API tool.
  • Troubleshooting the RSA Archer Services (RSA Archer Configuration, RSA Archer Job Engine, RSA Archer LDAP Synchronization, RSA Archer Queuing, and RSA Archer Workflow), and Job Engine Server.

RSA Archer/GRC Consultant

USAA
San Antonio, TX
04.2020 - 06.2023
  • The scope of this "Sensitive Data Management (SDM) – Discovery" project is to provide meaningful and actionable insight into sensitive data pertaining to the process of identifying sensitive data elements (SSN, ITIN, credit card information, etc.). From the source systems.
  • The results of scanning tools, which scan the source systems, are evaluated and prioritized to determine sensitive data elements based on business rules.
  • This is followed by the process of data cleansing and verification to maintain the structure and accuracy of the data.
  • The project deliverable can be divided into three modules: extracting sensitive data with a scanning process (structured and unstructured data), transforming sensitive data elements with a remediation process, and loading the remediated sensitive data into the DataMart.
  • The scope of this project is to maintain high-level duties, which include the creation and implementation of standards, guidance, and processes for GRC software solutions.
  • The project was to implement, configure, and maintain RSA Archer solutions – Vendor Risk Management, Policy, Enterprise, Compliance, Risk Management, and Business Continuity, which document the issues, standards, and coordinate with the respective business users in delivering the applications using the Archer tool.
  • Performed end-to-end tasks to configure instances of Archer Enterprise Management and Vendor Risk Management.
  • Configured Archer’s DBQ transporter to move filtered datasets to an external data source, executing SQL queries with conditional filters.
  • Ensured Archer service accounts had appropriate read access, and established secure connections using SQL authentication, user credentials, and port configuration management.
  • Established SOAP API connections in Archer, leveraging session tokens with authentication (username, password, instance) to retrieve and transmit data.
  • Designed and executed API calls for structured data transfer to external systems.
  • Developed an automated data flow where Archer data was extracted via SOAP APIs, processed, and stored in a shared folder for consumption in Power BI dashboards, facilitating real-time analytics and reporting.
  • Worked with the .NET development team to ensure seamless data extraction from Archer via the SOAP API, storing the output in a shared drive for further application integration, and business intelligence purposes.
  • Ensured secure user authentication and role-based access control for Archer API integrations, implementing session management best practices to maintain data integrity and access security.
  • Develop business requirements/user stories; conduct business analysis, understand business practices and approaches, and recommend business process changes.
  • Configured Archer applications to support third-party/vendor use cases, including custom fields, workflows, and access controls, tailored to the specific needs of external vendors, ensuring compliance with internal governance policies.
  • Followed Agile methodology in implementing the project.
  • Develop and maintain Archer documentation that reflects the latest system configuration for application consistency and integrity.
  • Worked closely with the RSA team to resolve several issues related to the Archer upgrade.
  • Collaborate with the GRC team on the development of the GRC solution. Experience with having contact with RSA support to get resolutions, fixes for application issues, and enhancements.
  • Auditing and monitoring projects to address specific compliance risks.
  • Following up on corrective actions in response to identified issues and audits.
  • Review existing systems and processes against the GRC framework, and prioritize remediation plans based on business risk.
  • Worked on Integration Services, such as Data Feed, Data Import, and Packaging.
  • Responsible for monitoring compliance with the policies, standards, and technical controls, and processing Incident Management and Change Management.
  • Used Archer APIs to update the roles and groups of users in Archer.
  • I used the bulk import tool to import thousands of users, and created, updated, and deleted the files.
  • Developing compliance policies and procedures, emphasizing prior success in roles.
  • Manage user access with access roles, groups, record permissions, and private fields.
  • Provide Archer operational support, including troubleshooting issues, and report and data request support.
  • Performed highly complex analysis and design with a good understanding of the methodologies used in requirements gathering, usability testing, and documentation.
  • Environment: RSA Archer, Windows, Agile Methodology, SQL, MS Visio, and Six Sigma.

RSA ARCHER DEVELOPER/ADMINISTRATOR

BCD Travels
Atlanta, GA
01.2019 - 03.2020
  • Involved in the configuration and maintenance of RSA Archer solutions – Vendor Risk Management, and Issue Management.
  • Designed, developed, and implemented new use cases: IS Standards Management Solution, Inherent Threat Protection Program (ITPP), and enhancements to existing use cases: SOI Documents Management, Operational Risk Management, Supplier Management, and Request and Maintenance.
  • Responsible for developing end-to-end configuration of the new and existing Archer applications, managing every aspect of the SDLC, including layout, workflow, reporting, notification, questionnaires, access controls, and packaging.
  • Implemented a system of complex calculations, data-driven events, custom objects, customized dashboards, and 30+ internal and external data feeds, and APIs.
  • Configured complex data feeds for sources like Qualys Vulnerability Management, MetricStream Issues Management, and to load records into Archer.
  • Building reporting capabilities: custom iViews, reports, dashboards, and workspaces for the look and feel of the Archer.
  • Involved in developing the questionnaire module using the Archer Application Builder functionality.
  • Implemented workflow using Events, Record permissions, Calculations, and Notifications.
  • Extensively worked on Mail Merge template creation for applications with multiple levels, and cross-referenced applications.
  • Manage user access with access roles, groups, record permissions, and private fields.
  • Provide Archer operational support, including troubleshooting issues, and report and data request support.
  • Interfaced with developers, analysts, customers, and project managers to discuss requirements and recommend solutions to help resolve issues.
  • Created formal project documentation, including requirements specifications, system design documents, current and future state workflow process diagrams, use cases, and a user manual.
  • Overseen the installation of patch upgrades for 6.4 SP1 P1, 6.3 P5, and 6.3 P2.
  • Environment: Archer e-GRC SmartSuite Framework 6.x, 5.x, MetricStream, Qualys, ServiceNow, SharePoint, MS Visio, and Enterprise.

RSA ARCHER CONSULTANT

DUKE ENERGY
Charlotte, NC
01.2018 - 12.2018
  • Involved in the configuration and maintenance of RSA Archer solutions – Vendor Risk Management, and Issue Management.
  • Implemented multiple data feeds to import contacts data from the PeopleSoft database, control standards and procedures, and ABAC questionnaire loads.
  • Generated application workflows and questionnaires to enact internal assessments by improving current procedures for vendor assessments.
  • Performed initial installation and version upgrades for RSA Archer SmartSuite - 5.5 SP2 P3, 5.5 SP4 P7, and 6.2 P3 on DEV, UAT, PROD, and DR environments.
  • I served as the primary application administrator for the Dev-SIT-UAT-PROD Archer environments, and I assisted with other applications.
  • Provided quality assurance support to the business and QA teams, essential to the use case production releases.
  • Responsible for maintaining 70,000 user accounts in Archer, with designated access roles and groups in the production environment.
  • Segregated several DDEs to come up with the optimal number, and implemented the same workflow to reduce the calculation effort on the backend.
  • Enhanced the performance of the production environment by performing system checks and search index rebuilds.
  • Workshop experience on Archer Admin I and Admin II courses, conducted by RSA.
  • Environment: Archer e-GRC SmartSuite Framework 6.x, 5.x, Archer GRC Tool, bulk import, IBM, ISM, MS Office, MS Visio, SSMS, and Visual Studio.

Junior Archer Developer

SOCIETE GENERAL
03.2017 - 12.2017
  • Working on the enhancement of the existing on-demand application by adding new fields and updating events as required.
  • Creation of dashboards, including custom iViews and reports as per the client requirements.
  • Creating low-level design documents and project closure checklists, and the creation of dashboards, including custom iViews and reports, as per the client requirements.
  • Worked on various DDE events, such as Apply Conditional Layout (ACL), Generate Notification, Set Date, Set Values list, Filter Values list, etc.
  • Expertise in package and moving applications, questionnaire, access roles, dashboard, and workspaces from one (TEST) environment to another (PRODUCTION) environment.
  • Creating low-level design documents and project closure checklists.
  • Field creation and configuration: cross-reference fields, calculated fields, custom value lists, application level, and field level access.
  • Worked on the end-to-end automation of business continuity management, risk management, and policy management for the client.
  • Develop and maintain multiple solutions for the Archer program.
  • Create, customize, and maintain multiple user groups to ensure the security of the information in Archer.
  • Creation of weekly and monthly feeds, and scheduling of them.
  • Used the bulk import tool to import thousands of users, and created, updated, and deleted the files.
  • Developing compliance policies and procedures, emphasizing prior success in roles.
  • Develop and manage objects, views, workflows, and reports.
  • Environment: RSA Archer 5.x, 6.x, SQL Server 2008, 2012, JIRA, JavaScript, IDM, MS Visio, Six Sigma.

SQL Developer

REDEFINE TECHSOFT
Hyderabad, India
08.2013 - 07.2015
  • Installed Active-Passive SQL Server Clusters on 2 datacenters for server high availability
  • Created documentation for SQL Server Cluster Installation Checklist
  • Migrated databases from SQL 2005/2008 to SQL 2008 R2
  • Configured Mirroring & Transactional Replication for Reporting
  • Troubleshooting Replication issues
  • Configured maintenance plans, backup strategy, logins and Production support
  • Performance tuning and troubleshooting T-SQL Queries
  • Involved in the Database structuring and Tables creation needed for the project

Education

Master’s - information technology

Missouri Western State University
Missouri
12.2016

Bachelor of Technology -

Holy Mary Institute of Technology
India
04-2013

Skills

  • Archer IRM
  • HTML5
  • XSLT
  • JavaScript
  • SQL
  • SQL Server
  • JIRA
  • Archer Engage

Timeline

GRC Consultant

McKesson Corporate
08.2023 - Current

RSA Archer/GRC Consultant

USAA
04.2020 - 06.2023

RSA ARCHER DEVELOPER/ADMINISTRATOR

BCD Travels
01.2019 - 03.2020

RSA ARCHER CONSULTANT

DUKE ENERGY
01.2018 - 12.2018

Junior Archer Developer

SOCIETE GENERAL
03.2017 - 12.2017

SQL Developer

REDEFINE TECHSOFT
08.2013 - 07.2015

Master’s - information technology

Missouri Western State University

Bachelor of Technology -

Holy Mary Institute of Technology

Similar Profiles

  • Davrae Stokes

    Davrae StokesDavrae Stokes

    Senior FP&A Analyst at McKesson Corporate- Financial Solutions & ServicesSenior FP&A Analyst at McKesson Corporate- Financial Solutions & Services

  • Mark Repic

    Mark RepicMark Repic

    Senior Director, Manufacturer Portfolio Teams/Client Relations at MCKESSON SPECIALITY HEALTH, MCKESSON CANADASenior Director, Manufacturer Portfolio Teams/Client Relations at MCKESSON SPECIALITY HEALTH, MCKESSON CANADA

  • Destiny Paul

    Destiny PaulDestiny Paul

    Patient Advocate at McKessonPatient Advocate at McKesson

  • Venkat Dontineni

    Venkat DontineniVenkat Dontineni

    GRC Consultant at TabcorpGRC Consultant at Tabcorp

  • Sunny Nallala

    Sunny NallalaSunny Nallala

    GRC Consultant at Wipro LimitedGRC Consultant at Wipro Limited

CREATE PROFILE
Krishna R