Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

Sandhya Rani Kolli

Frisco,TX

Summary

Experienced Privacy Analyst with a proven track record in utilizing BigID, OneTrust, and TrustArc tools for comprehensive data privacy and protection. Skilled in data discovery, classification, inventory, and compliance management. Proficient in GDPR, CCPA, and HIPAA regulations. Adept at conducting privacy impact assessments (PIAs), data flow mapping, and risk assessments. Strong understanding of data protection techniques like masking, encryption, and tokenization.

Overview

11
11
years of professional experience
1
1
Certification

Work History

Sr Privacy Analyst

Keurig Dr Pepper, Inc.
Frisco, TX
01.2024 - Current
  • Data Discovery and Classification: Utilized BigID to discover and classify sensitive data within the organization. Developed custom classifiers to accurately identify personally identifiable information (PII). Conducted scan result analysis to identify new PII or changes in existing data.
  • Data Inventory and Cataloging: Maintained data catalog and inventory to track data sources, locations, and sensitivity levels. Performed data mapping to understand data flows and dependencies. Tagged data as per organizational policies.
  • Assists data compliance and legal teams in handling and processing DSAR requests, utilizing BigID as the primary tool for implementation.
  • Successfully conducted a proof of concept for data classification using BigID. Integrated the classification results with Microsoft Purview for comprehensive data management.
  • Helped lay the groundwork for organizational data retention by contributing to the development of policies and programs.
  • Successfully identified and selected a data masking and encryption solution that meets our data deletion requirements. This involved researching and evaluating multiple tools available in the market and conducting demos to understand their capabilities.

Sr Analyst

PWC Consulting
07.2021 - 12.2024
  • Worked closely with clients to understand the requirements for businesses to implement applicable security and regulatory controls.
  • In line with CCPA regulations, by creating policies and assessments.
  • In line with CPRA regulations, create One Trust assessments.
  • Designing the One Trust assessment to cover all the details required to assess and audit the end system for the required regulation.
  • Identifying assets for recertification based on scope.
  • Maintaining the confluence page for record of process.
  • Understanding the legal status of assets for storing PII or other sensitive information.
  • Examining the data retention policies for the assets.
  • Scoping and descoping the asset based on the answers provided by data source owners and reviewing the status of the asset and the data it is managing.
  • Communicating and detailing the scope of asset and necessary steps to implement to asset owners.
  • Maintaining end-to-end lifecycle of the process.

Privacy Specialist

PWC Consulting
01.2022 - 11.2022
  • Data Onboarding and Configuration: Worked closely with application owners and stakeholders to onboard applications to BigID. Configured data sources and connectors within BigID to scan data for sensitive information. Conduct initial scans and review scan results. Schedule full scans on a monthly or required basis.
  • Data Discovery and Classification: Ran full scans to identify sensitive data within the onboarded applications. Reviewed scan results to classify data based on sensitivity levels. Updated data catalog and inventory with discovered information.
  • Data Governance and Stewardship: Developed and implemented data governance policies and procedures. Ensured compliance with data privacy regulations. Provided guidance and support to data owners and stewards.
  • Conducted in-depth analysis of applications to identify data processing activities.
  • Configured ROPAs for onboarded applications to document data processing activities.
  • Created data flow maps to visualize data movement within the organization.
  • Updated ROPAs and data flows based on scan results and changes in data processing activities.

Analyst

Cognizant Technologies Solutions
11.2013 - 06.2021

Additional roles.

  • SME on data protection tools like Protegrity, Data obscure, IBM guardium
  • SME on data protection techniques like masking, encryptiona and tokenization
  • Sr. Data Analyst (Radiant Logic tool).| Aetna Healthcare (Sep 2019 - Jun 2020)
  • Identity Access Management Analyst (CA Identity Manager, QL, CAS, Medhok) |CVS Healthcare (June 2019 - Sep 2019)
  • Java Developer.| eBay (June 2014 - Dec 2014)

Education

Bachelor of Science - Computer Engineering

Vignans Nirula Institute of Science And Technology
India
04-2013

Skills

  • Data Privacy and Protection
  • Data Classification
  • Data Discovery
  • Data Inventory
  • ROPA's
  • Data Flow Maps
  • Risk registry
  • Data Masking, Encryption, Tokenization
  • Data Inventory and Cataloging
  • Regulatory Compliance (GDPR, CCPA, HIPAA)
  • Risk Assessment and Management
  • Data Governance and Stewardship
  • ITIL Processes (Incident and Request Management)
  • Access Management
  • SQL and Databases
  • Risk Analysis
  • Regulatory Compliance
  • Workflow Analysis
  • Policy improvements

Certification

  • BigID certified Professional

Languages

English
Professional

Timeline

Sr Privacy Analyst

Keurig Dr Pepper, Inc.
01.2024 - Current

Privacy Specialist

PWC Consulting
01.2022 - 11.2022

Sr Analyst

PWC Consulting
07.2021 - 12.2024

Analyst

Cognizant Technologies Solutions
11.2013 - 06.2021

Bachelor of Science - Computer Engineering

Vignans Nirula Institute of Science And Technology
Sandhya Rani Kolli