Krishna Rohit Josyula

Locating a Good number to reach customer using internet tools provided by the company. o Collecting the payments from customer. o Reminder calls to customers regarding the due date of bill payment and the informing the usage limits.

o Account management of UNIX accounts for the bank employees on Solaris, Linux, IBM AIX and HP-UX servers by using ESS Application. o Provide access to various applications on mainframes and UNIX like Summit, Sybase, Fiscal, Cisco, etc. o Administering of user accounts and groups on UNIX like Operating Systems, including /home folder creation, bash console password reset, Enable Locked Accounts, Account Restoration. o Administering High Privilege, Dec Application user accounts for premium users for online Trading. o Analyzing suspicious and malicious file attachments and facilitate any Virus, Worm or Trojan detections. o Password reset for UID 0 root accounts on UNIX Servers, to maintain Confidentiality and Security. o Resolving Incident Management and escalation tickets raised by helpdesk and Level 1 support, to meet the customer satisfaction. o Coordinating with HTSE Business Partners for daily updates and weekly audit checks of user accounts.

o Worked as Security Consultant responsible for performing Risk Assessments for various banking applications used in HSBC. 3 o Coordinating with respective Application Mangers to understand the requirement of Findings regarding application security. o Conducting review of the Compensating Controls, Risk Strategy, Finding Requirements and Action Plan. o Helping Application Manager to close the Findings and to build Action Plan. o Conduct Application technical vulnerability scanning and process security control gaps assessment based on IT policies and Standards. o Conduct Security technical and process audits for internal systems and network performing the server OS hardening before the server going live. o Guiding and helping clients (HSBC Project Owners) to remediate security vulnerabilities and implement adequate controls to secure IT environment. o Conducting Web application security assessment against OWASP web vulnerabilities. o Conducting Security Reviews for Network Devices like Routers & Switches. o Performing Windows Server Reviews. o Performing Vulnerability Assessment and Penetration testing.

Worked as Technology Risk Lead responsible for Business Controls Monitoring & Readiness in Bank of America. o Performing Application Access Reviews for all existing application to ensure appropriate access are being provided to the authorised users. o Performing Application Risk and Control audits on the Assessments submitted by the Application on CMS (Control Management System) an RSA Archer eGRC Questionnaire module. o Performing Comprehensive reviews of Change management procedure to ensure all emergency & regular changes are planned and executed as per the set procedures of the Bank. Working with LOB towards preparedness for the SAS 70 & Fed audits to ensure total compliance. o Perform Secure Data Governance audits on the Applications with the respective Application managers. o Define and Implement Global Information Security Policies and ensuring that these policies are communicated to all the Application Managers for their adherence. o Performing Internal audits on all the SOX applications for the respective Line of Business to ensure that they are all compliant. o Ensuring that all the Risk deliverables captured in the Risk Management tool are closed within the stipulated time. o Discussing with the Application Managers to understand why a specific Information Security deliverable has been extended and analyzing the justification provided. o Performing periodic Incident Management reviews on the Incidents in order to identify Operational Risk. o Ensuring that all critical business units within the function are tested as part of the Business Continuity Plan at least once a year.

o Worked as a Risk Assurance Manager within the Global Security Organization division of CDK Global. o Responsible for identifying, tracking and remediation of risks internally within CDK using the RSA Archer. 2 o Coordinating with the Product Mangers and their teams for to establish remediation plans for the identified risks. o Ensure that all the identified risks are being remediated and are tracked until closure. o Performing Vendor Risk Assessments on new and existing vendors for the services they provide to CDK. o Responsible for reviewing the Business Recovery Plan document for the respective businesses o Ensuring that all critical business units are tested as part of the Business Continuity Plan as scheduled. o Monitoring and Testing of the Data Loss Prevention Systems.

Currently working as a Manager for Governance Risk & Compliance with Cloud4C Services (Unit of CtrlS Data Centers). o Involved in Review and implementation of Policies, Procedures, and Standards, Guidelines and supportive documentation and ensuring that it is aligned with best practices o Assisting IT and other teams in closing information security incidents and vulnerabilities. o Perform Risk assessment for the new deployment prior to production setup o Perform compliance reviews of IT changes o Assist in maintaining security of IT and Information Assets and responsible for EUC, Network and security devices configurations, management and Hardening o Monitored information security metrics, highlighting and helping remediate gaps / non-compliances o Reviewing internal compliance process to meet client requirements and industry standard requirement, this include includes Assets Governance, Network Security, Systems (end-point) Security o Responsible for driving all internal/external audits in organization, including customer audit o Ensure that all observations marked by external auditor for non-compliances are being remediated and are tracked until closure.