Summary
Overview
Work History
Education
Skills
Certification
PERSONALDETAILS
Timeline
Generic

SAIKUMAR Gundepudi

San Diego,California

Summary

Accomplishment-driven leader with nearly 13 years of IT Security, IT Audit, and GRC experience. Expertise in Governance, Risk, and Compliance (GRC) Management, known for impactful achievements. Skilled in developing and enhancing information security strategies, creating and enforcing IT governance policies, procedures, standards, and guidelines. Successfully conducted gap analyses and implemented standards frameworks such as ISO27001, Data Privacy, NIST, GDPR, and SOX404. Experienced in driving continuous improvement of IT general controls through innovation, automation, and hands-on experience using tools like Audit Board and Archer.

Overview

12
12
years of professional experience
1
1
Certification

Work History

Security Consultant (Risk & Compliance)

Heineken US
06.2022 - 05.2025
  • Reviewed key ITGC controls such as User Access Review, Access Provisioning/ De-provisioning, Enterprise Change Management, Batch Monitoring, Password management, privilege Access on tools and infrastructure for multiple engagements in areas such as healthcare, education technology and retail.
  • Performed testing for IT controls on structured as well as unstructured data to identify and document findings and deficiencies as applicable.
  • Worked on RRA’s (Re Risk Assessment) for existing Contracts.
  • Monitor and regulate business applications from a compliance perspective for the top leading client.
  • Experience in leading IT audit/SOX engagements as part of external financial audit for organization in banking, hospitality, technology pharmacy and manufacturing sectors
  • Performing SOC1, SOC2 type1 and type2 review for the clients in banking, hospitality, technology pharmacy and manufacturing industry.
  • Conducting ITGC and ITAC testing part of external financial audit for the clients in banking, hospitality, technology pharmacy and manufacturing sectors in the areas of Access to programs and data, Program changes, Program development and Computer operations for the applications such as Black line, JD Edwards and other in house developed applications.
  • Attending client meetings and walkthroughs calls with the team to understand client business processes, SLA expectations, and quality requirements.
  • Collaborating with IT, business, and external partners to implement robust and efficient testing methodologies that meet Sox standards.
  • Ensuring Test of Design (ToD) and operational effectiveness (ToE) of IT General Controls (ITGCs) across non-SAP products.
  • Supported internal audits as per ISO27001security controls.
  • Reporting IT Sox compliance control testing results to key stakeholders, including IT-business unit management, senior management, the board of directors, legal management, regulators, and internal/external auditors.
  • Collect the process narrative and evidence from respective application owners and validate according to ITGC.
  • Managed a team of Compliance as sensors who conducted security control assessments supporting SOX regulatory compliance, and European compliance law across various departments.
  • Document and maintain Risk/Incident Management Log and ensure project leadership review Perform continuous monitoring for compliance.
  • Work with the departments audited to resolve risk and compliance issues, provide recommendations, and communicate on status faction resolution.
  • Audits and Internal Reviews: Audit support for various Internal/External/Corporate audits, regulatory requirements.
  • Led proactively to identify projects across multiple platforms to enhance standardization, efficiency, and maturity of GRC function.
  • Maintained updated knowledge in Risk Management and Compliance to efficiently work on frameworks including NIST CSF, CIS Controls, GDPR, SOX 404, & ITIL.

Associate IT Analyst

S.B Organics LTD, Hyderabad
11.2016 - 06.2022
  • Demonstrable practical experience of information security and proven track record of Information Technology Governance.
  • Demonstrable understanding of information security protection and methodologies and assisting users with identification of information threats/ vulnerabilities/ risks.
  • Responsible for developing, managing, and controlling Technology Controls (ISO27001).
  • Working on multiple Risk & Control project in the areas of Event Management, Configuration Management, reporting and 3rd Party risk Management.
  • Grasp business & technology, compliance and regulatory rules and policies in the areas of infrastructure and cyber security architectures.
  • Conducting assessments & writing reports, documentation and comply with standards accurately.
  • Taking ownership of different kinds of Compliance & Audit testing within the teams and deep dives and assist in internal and external security audits.
  • Provide IT pre-audit and post-audit support for both internal audits and external audits to understand and fulfill data requests, understand findings/conditions and establish rightful ownership of the issues.
  • Ensure the appropriate policies, standards & guidelines are in place to mandate and protect on necessary for the business and to meet Security requirements.
  • Work closely with management of other areas within Compliance as well as routinely interact and maintain highly effective partnerships with Key Stakeholders.

IT Admin

State Bank of India, Bahrain
08.2013 - 10.2016
  • Monitored overall network performance and recommend maintenance/upgrades when needed to maintain acceptable response times.
  • Handled infrastructure- related troubleshooting initiatives through resolution and escalate in a timely manner when applicable.
  • Implemented and maintained VOIP, Goldmine CRM and MPLS technology.
  • Produced scheduled and ad-hoc statistics related to Goldmine CRM and network performance. Researched and recommended newer technologies and best practices to support sales for the organization.
  • Communicated with product development group, engineering, and sales regarding emerging technologies.
  • Provide on-site tech support to include installation, maintenance and repairs of desktops, laptops, and peripherals. Monitoring of proprietary application performance, uptime, reliability and operability FIX connectivity and Blomberg Full command of UNIX Command-line operations oversee the daily performance of computer systems. Set up equipment for employee use, performing or ensuring proper installation of cable, operating systems, and appropriate software Conduct computer diagnostics to investigate and resolve problems and to provide technical assistance and support. Trains end users in use of equipment and software. Interacts with broker’s staff and users to determine user PC and Networking needs and resources required to fulfill needs Imaging of Computers, and Laptop. (Symantec ghost) Installing all network applications that were approved

Education

Master of computer Application (MCA) - Computer Science

Vinayaka Mission University
01.2013

Skills

  • IT Audit
  • Security Framework Implementation
  • NIST CSF, Data Privacy
  • SOX Compliance/SOX Audits
  • System Organization Controls Reports (SOC1/SOC2/SOC3)
  • Risk Management
  • Governance Risk and Compliance
  • ITGC
  • Information Privacy Regulations
  • ISO27001
  • IT/IS Controls Management
  • Cloud Security Assessment
  • Vendor Risk Management
  • GDPR Compliance
  • Data Privacy
  • Visionary Thinker
  • Change Management
  • Leadership
  • Risk Taker
  • Team Oriented
  • Oracle, Linux, SQL and Windows
  • Vulnerability assessment
  • Identity and Access management
  • Threat intelligence
  • Open source intelligence

Certification

  • ISO 27001 Lead Auditor
  • Certified Information System Auditor (CISA)-ISACA

PERSONALDETAILS

Languages Known: English, Hindi, Telugu

Timeline

Security Consultant (Risk & Compliance)

Heineken US
06.2022 - 05.2025

Associate IT Analyst

S.B Organics LTD, Hyderabad
11.2016 - 06.2022

IT Admin

State Bank of India, Bahrain
08.2013 - 10.2016

Master of computer Application (MCA) - Computer Science

Vinayaka Mission University

Similar Profiles

  • GRZEGORZ MOZER

    GRZEGORZ MOZERGRZEGORZ MOZER

    Senior Software Developer at Heineken (Heineken Global Shared Services)Senior Software Developer at Heineken (Heineken Global Shared Services)

  • Landry Sahié DAGROU

    Landry Sahié DAGROULandry Sahié DAGROU

    Assistant Logistique Planification & Distribution at IVOIRE BOISSONS (filiale Brassivoire – Heineken CI)Assistant Logistique Planification & Distribution at IVOIRE BOISSONS (filiale Brassivoire – Heineken CI)

  • KHUN SAKDA

    KHUN SAKDAKHUN SAKDA

    Sales Agent at HeinekenSales Agent at Heineken

  • KASSANDRA CONTRERAS

    KASSANDRA CONTRERASKASSANDRA CONTRERAS

    Certified Nursing Assistant at The Cove At La Jolla Post Acute Care CenterCertified Nursing Assistant at The Cove At La Jolla Post Acute Care Center

  • Ryan Mahany

    Ryan MahanyRyan Mahany

    Sales Associate at TJX CompaniesSales Associate at TJX Companies

CREATE PROFILE
SAIKUMAR Gundepudi