RAVIVARMA CHALLAGALI
Mequon,USA
Summary
A seasoned information security specialist with several years of knowledge in governance, risk, and compliance (GRC) across several sectors, including banking and technology. shown history in creating and implementing strong protocols, standards, and information security policies. Knowledge in risk assessment, mitigating techniques, third-party risk management, Proficient in using GRC instruments such as ServiceNow IRM to improve risk management and security control capacity. Designed to work with cross-functional teams to handle audit results, legal requirements, and compliance obligations, thereby guaranteeing flawless regulatory adherence and protection of private information.
Overview
9
9
years of professional experience
1
1
Certification
Work History
Graduate Assistant
Concordia university
Mequon, USA
01.2024 - Current
- Managed the creation, configuration, and troubleshooting of virtual machines (VMs) for undergraduate students, ensuring smooth operation for their academic projects
- Provided hands-on support and guidance, explaining VM concepts to students to improve their understanding of virtualization technologies
- Worked closely with professors to design and implement a virtual lab environment tailored for the Computer Science Department
- Coordinated with Microsoft and Amazon cloud services to set up cloud infrastructure, ensuring the lab was scalable and accessible for all students
- Contributed to the design and development of applications for the 3D printing lab, improving the workflow and user experience
- Played a key role in the deployment and automation of these applications, ensuring efficiency and reliability in the 3D printing processes
- Designed and developed a comprehensive, user-friendly website for the 3D printing lab, enhancing accessibility and the overall user experience for students and faculty
- The website served as a central hub for lab resources, scheduling, and project management
- Led a team of student workers, effectively delegating tasks, managing timelines, and overseeing the successful completion of various departmental projects
- Ensured project goals were met by scheduling and leading weekly review calls, tracking progress, and adjusting plans as needed
- Database Management and Optimization: Worked on database projects to support and optimize the functionality of virtual machines and lab resources
- Focused on ensuring data integrity, efficiency, and accessibility, while supporting the virtual lab environment's ongoing operation and performance
Deputy Manager (DM II) - GRC Risk Management Analyst
ICICI Bank Limited
Hyderabad, India
10.2019 - 12.2022
- Developed and enforced information security policies, standards, and protocols to align with stringent security demands and business needs
- Enhanced third-party risk management through refined assessment methodologies, process innovation, and comprehensive vendor risk analysis
- Bolstered and enriched the security controls framework to ensure robust risk management practices
- Conducted risk assessment initiatives to identify, analyze, and mitigate risks impacting the organization
- Collaborated with internal audit, legal, and compliance teams to address audit outcomes, legal requirements, and compliance obligations
- Provided expert guidance on information security concerns to management and business stakeholders, emphasizing regulatory compliance and risk governance
- Assisted with the enhancement and efficient use of Governance, Risk & Compliance (GRC) tools, particularly ServiceNow IRM
- Innovated and implemented strategies to refine objective, data-driven risk models for improved risk assessment and management
- Crafted detailed reports and presentations to contribute to the continuous advancement of the IT Security Risk Registry
- Accurately documented risk and compliance activities to ensure transparent governance
- Strengthened cybersecurity posture by bridging gaps with internal and external stakeholders, aligning GRC undertakings with corporate and regulatory aims
- Managed and mitigated cybersecurity risks with adeptness, ensuring the protection of sensitive financial data and maintaining the trust of banking clients
Governance, Risk, and Compliance (GRC) Analyst
Wipro Limited
Hyderabad, India
01.2022 - 09.2022
- Developed and enforced information security policies, standards, and protocols to align with stringent security demands and business needs
- Enhanced third-party risk management through refined assessment methodologies, process innovation, and comprehensive vendor risk analysis
- Bolstered and enriched the security controls framework to ensure robust risk management practices
- Conducted risk assessment initiatives, identifying, analyzing, and mitigating risks impacting the organization
- Collaborated with internal audit, legal, and compliance teams to navigate audit outcomes, legal requirements, and compliance obligations
- Provided guidance on information security concerns to management and business stakeholders, emphasizing regulatory compliance and risk governance
- Assisted with the enhancement and efficient use of Governance, Risk & Compliance (GRC) tools, particularly ServiceNow IRM
- Innovated and implemented strategies to refine objective, data-driven risk models for improved risk assessment and management
- Crafted detailed reports and presentations to contribute to the continuous advancement of the IT Security Risk Registry
- Accurately documented risk and compliance activities to ensure transparent governance
Security Analyst
Client - Accenture
Bangalore, India
05.2016 - 09.2019
- Investigate security incidents and breaches, determining the extent and impact of the compromise
- Develop and execute incident response plans to contain and mitigate security breaches
- Identify and assess vulnerabilities in systems and applications
- Prioritize vulnerabilities based on risk and work with relevant teams to apply patches or remediation measures
- Educate employees and users about security best practices
- Conduct security awareness training programs and simulate phishing attacks to increase awareness and resilience
- Develop and enforce security policies, procedures, and guidelines within the organization
- Ensure compliance with relevant industry regulations and standards
- Prioritize and investigate security alerts generated by various monitoring tools and systems
- Keep up with the most recent threat intelligence to comprehend adversaries' tactics, methods, and procedures (TTPs) as well as current attack patterns and techniques
- Involved in implementing decoy systems and honeypots to lure and trap potential attackers, allowing for more in-depth analysis
- Examine user and system behavior for irregularities, such as insider threats or attacker lateral movement, that might point to a security breach
- Work closely with other security teams, such as the SOC (Security Operations Center), to share threat intelligence and help refine detection rules and response procedures
- Maintain detailed records of investigations, findings, and outcomes, and provide regular reports to management and relevant stakeholders about the threat landscape
Education
Master's - computers and information sciences
CONCORDIA UNIVERSITY
Wisconsin, USA05.2025
Bachelors - Electronics and communication Engineering
JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY
Hyderabad, INDIA05.2016
Skills
- Cybersecurity Frameworks
- HIPAA
- PCI-DSS
- NIST CF
- HITRUST CSF
- ISO 27001
- NIST SP800-53
- DLP
- SOC
- Security Managed Services
- SEM
- FW
- Audit
- Cloud Security
- Mobile Security
- Cryptography
- Risk Management
- Risk remedial
- Security auditing
- Assessment
- Documentation skills
- Microsoft Office
- Windows OS
- SIEM
- IBM Qradar
- Splunk
- Sentinel
- Dnif
- XDR
- EDR
- Incident Response
- Threat Intelligence
- VirusTotal
- AlienVault
- IBM X-force
- ServiceNow
- Linux
- SQL
- Python
- Azure Cloud
- Docker
- Terraform
- Process innovation
- Vendor risk analysis
- Assessment techniques
- Third-party risk management
- Security rules
- GRC Tools
- ServiceNow IRM
Certification
- Certified Ethical Hacker
- CISP certified
- Threat Modelling (Nullcon)
- Incident response
- First responder (Verizon)
Timeline
Graduate Assistant
Concordia university
01.2024 - Current
Governance, Risk, and Compliance (GRC) Analyst
Wipro Limited
01.2022 - 09.2022
Deputy Manager (DM II) - GRC Risk Management Analyst
ICICI Bank Limited
10.2019 - 12.2022
Security Analyst
Client - Accenture
05.2016 - 09.2019
Master's - computers and information sciences
CONCORDIA UNIVERSITY
Bachelors - Electronics and communication Engineering
JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY
Similar Profiles
Lioness WrightLioness Wright
Student Facilitator at Concordia UniversityStudent Facilitator at Concordia University
Lethiwe Ntombikayise NkwanyanaLethiwe Ntombikayise Nkwanyana
Teaching Assistant at Concordia UniversityTeaching Assistant at Concordia University
Giulio CuccagnaGiulio Cuccagna
Art Facilitator at Concordia UniversityArt Facilitator at Concordia University
Sebastien AddisonSebastien Addison
Maintenance Specialist at Concordia UniversityMaintenance Specialist at Concordia University
Denis Dmitriyevich GusevDenis Dmitriyevich Gusev
Software Engineer Intern at Northwestern MutualSoftware Engineer Intern at Northwestern Mutual