Madhu Chetan Ananda

The GBS Security Risk Advisor (SRA) will be a subject matter expert to the project teams as well as serve as a source to other subject matter experts, reference information, documents or templates as needed to help the project teams to best understand the project risks, controls and how to implement controls. The GBS SRA will operate consistent with a global competency program but at the same time, will be required to understand and perform to unique geographic requirements that are in place to address geographic specific needs as a supplement the global base program

Develop, implement, and maintain the Data Security Plan and processes to comply with the Client's and IBM's security requirements • Document and maintain a Risk / Incident Management Log and ensure account/project leadership review • Own the account's on-boarding and off-boarding processes and ensure (monitor) execution • For Large Accounts, manage a team of Security Experts or personnel who are implementing and maintaining controls. Overall responsibility to ensure they are in place and operating as intended ASM Extension Tasks. • Document and communicate to the account team, the account's incident response and breach notification process consistent with IBM's process and client requirements • Leverage breach and incident information to address pervasive issues and improve compliance across the account • Guide the Account team through the development and implementation of the Change Management Process. Quarterly review to ensure the process is being sustained properly, if applicable • Guide the Account team through the development and implementation Patch Management Process. Perform a Quarterly review to ensure the process is being sustained properly, if applicable • Communicate & Promote Account Data Handling Procedures based on client, IBM, and regulatory requirements; monitor the cleansing of workforce member workstations during off-boarding; approve any documents to be retained by departing workforce members • Monitor contract and contract changes for client information security compliance requirements; disseminate to the appropriate roles on the account; update the baseline controls execution plan and disseminate • Oversee remediation of risks and issues that result from Data Security & Privacy reviews, incidents and other Lines of Defence activities • Lead teams to guide teams implement access and identify lifecycle processes. Conduct reviews to ensure they are implemented properly • Document and communicate to the account team, the account's incident response and breach notification process consistent with IBM's process and client requirements • Leverage breach and incident information to address pervasive issues and improve compliance across the account • Guide the Account team through the development and implementation of the Change Management Process. Quarterly review to ensure the process is being sustained properly, if applicable • Guide the Account team through the development and implementation Patch Management Process. Perform a Quarterly review to ensure the process is being sustained properly, if applicable • Communicate & Promote Account Data Handling Procedures based on client, IBM, and regulatory requirements; monitor the cleansing of workforce member workstations during off-boarding; approve any documents to be retained by departing workforce members • Monitor contract and contract changes for client information security compliance requirements; disseminate to the appropriate roles on the account; update the baseline controls execution plan and disseminate • Oversee remediation of risks and issues that result from Data Security & Privacy reviews, incidents and other Lines of Defence activities • Lead teams to guide teams implement access and identify lifecycle processes. Conduct reviews to ensure they are implemented properly.