Summary
Overview
Work History
Education
Skills
Accomplishments
Affiliations
Languages
Timeline
Hi, I’m

PARARA (PJ) JEGA

Northwood,Middlesex
PARARA (PJ) JEGA

Summary

IT professional with 23 years of experience developing and implementing security and executing cybersecurity and IT audits in global banks. Skilled cybersecurity and resilience with proven history of delivering exceptional audit planning and execution across APAC and EMEA.

Detail-orientated and thorough individual with strong problem solving and critical thinking skills. Committed to creating secure digital environment and developing solutions to limit access to protected data and systems.

Detail-oriented team player with strong organizational skills. Ability to handle multiple projects simultaneously with a high degree of accuracy.

Overview

23
years of professional experience
4
years of post-secondary education

Work History

Protiviti/Fintech , 3LOD
London, United Kingdom

Internal Audit Manager
06.2023 - 09.2023

Job overview

  • Planned and executed AWS and GCP cloud audits
  • Worked as a specialist for GCP, AWS and Google Workspace IAM audit

JPMC, 1LOD
London, United Kingdom

Information Security Management
04.2022 - 05.2023

Job overview

  • Worked as a Risk Treatment specialist for Cyber and Technology controls for all business segments
  • Worked as a partner with IB, Markets, Consumer and Commercial bank ISMs and Application owners to improve the control environment by measuring risks against NIST, COBIT 2019 frameworks
  • Worked as a SME for Cyber and Technology control framework and producing KRIs and KPIs
  • Acted as a coordinator for 2LOD, 3LOD audit issue management associated with GRC function
  • Worked with the GRC Product team to automate and effectively manage cyber & technology control findings

DB IB Technology, 3LOD
London, United Kingdom

Senior Audit Manager
07.2021 - 03.2022

Job overview

  • Planned and executed IT audits for IB and Global Markets units.
  • Worked with the Global Audit teams to validate regulatory findings associated with EU, US and Asia based regulators.
  • Performed MDS, EURIBOR, New Product Approval and Trader Mandate related audit action validations to see through closure.
  • Worked with the Global Internal Audit management to effectively manage audit workload to ensure timely and within budget delivery.
  • Prepared audit reports, providing clear description of findings and issues identified and recommending appropriate solutions.
  • Worked with Markets, Credit and Operational risk teams to complete audits and validation work.
  • Designed and executed policies and procedures to align with audit requirements and regulations.

LSE, 1LOD

Cyber GRC Manager
01.2020 - 01.2021

Job overview

  • Worked with senior management to assess the control environment and strengthen cyber controls
  • Worked with cybersecurity teams to provide Governance, Compliance and Control inputs to board meetings
  • Worked with senior management to effectively manage audit, regulatory issues related to LCH and LSE

PAY.UK, 3LOD

Senior Audit Manager
01.2019 - 01.2020

Job overview

  • Planned and executed cyber audit for Pay.UK directorates: BACS, FPS and ICS
  • Worked with the audit team to plan and execute risk management audit and assess the effectiveness of the RCSA ( Risk and Control Assessment ) and ISO27001 framework being rolled out across all directorates
  • Participated in the business integration audit of service lines (BACS,FPS and ICS) integrated into Pay.UK
  • Worked with the Pay.UK Audit Management to plan 2019/2020 audit cycle

UK HMLR, 2LOD
London, United Kingdom

Business Continuity Head
01.2018 - 01.2019

Job overview

  • Implement Business Continuity and Crisis Management Plan for 15+ locations across England and Wales
  • Incorporate Cyber Incident Management and GDPR Data Breach Management into CMP
  • Enhance ISO27001, Cloud Security Alliance (CSA3.0.1), NIST and SANS20 Controls to protect Critical National Infrastructure
  • Work with the Executive Board to strengthen operational resiliency and strengthen control environment

CITI, 3LOD
Dublin, Ireland

Senior Audit Manager(SVP)
01.2016 - 01.2018

Job overview

  • Oversee Markets Technology audits for Global Markets Front Office audit entities across the globe
  • Provide audit assurance for Global Commodities and Markets Operations technology audits
  • Oversee and provide assurance for Electronic Execution trading platforms - DMA, DSA and trade matching activities
  • Represent ICG EMEA Technology IA in global calls and meetings to plan and execute audits, business monitoring and issue validation activities undertaken by Citi Internal Audit
  • Work with Global Markets, Markets OPS, Product Control Group, Markets and Credit Risk stakeholders and associated IA stakeholders to scope projects and ad-hoc emerging regulatory activities to rectify issues and improve control environments
  • Audit and provide assurance on ISO27001 compliance and adherence to GDPR DP compliance
  • Manage two VP level and one AVP level auditors to plan, execute audits, business monitoring, issue validation and risk assessment work assigned to my team

CITI, APAC Markets, 1LOD

Senior Vice President - Operational Risk Senior Manager
01.2013 - 01.2016

Job overview

  • Responsible for operational risks associated with Front Office technology, information security and Business Continuity Disaster Recovery (BCDR) controls
  • Coordinate all Front Office technology, Information Security and BCDR control initiatives with Middle Office, Operations, Technology, and Product Control Group
  • Provide guidance for Equities electronic sales and trading desks on hard, soft block and kill switch controls
  • Attend monthly Electronic Execution Governance meetings and provide first line defense perspectives to assure all controls are in place for bank's DSA, DMA channels and Matching engines
  • Represent Risk and Control in Capital Markets Origination (CMO) and Emerging Markets Credit Trading (EMCT) weekly, monthly control meetings
  • Point person for licensing issues, private side information protection, multi-firm chat relates issues, plan of supervision, and trading mandate related projects
  • Resolve Regulatory (i.e
  • Dodd Frank, Volker, CFTC etc.) issues identified by Product Compliance, ORM, and Internal Audit
  • Lead and manage Fraud Management Program for APAC MSS desks
  • Prepare and present to APAC Markets Head, CAO in monthly APAC and Hong Kong control governance meetings
  • Audit and provide assurance on ISO compliance (SOC 2, ISO27001 reviews etc.) and assure IT compliance with local policies
  • Lead and manage Business Continuity Program (BCP) for the Hong Kong Markets and Securities Services (MSS) trading desks (Employees: +500)
  • Assist the Business Managers to assure compliance with suitability and appropriateness requirements - deal, client categorization for corporate customers
  • Maintain up-to-date procedures for after-hours, off-site trading supervision, pandemic and people loss plans for Hong Kong Markets
  • Supervise a VP level Third Party (TP) Officer and overseeing TP program roll-out for APAC Markets
  • CITI, APAC Internal Audit

Citi
London/Hong Kong, UK/Hong Kong

Various AVP/VP 1LOD/3LOD roles at Citi
04.2000 - 12.2012

Education

Middlesex University
London

Master of Science from Business Information Technology
09.1994 - 10.1998

ISC2
London

CISSP from Information Security
/2013

ISACA
London

CISA from Information Systems Audit
/2017

Skills

  • KEY SKILLS AND EXPERTISE
  • Information security auditor
  • Internal and external audit governance
  • Compliance analysis and issue resolution
  • Regulatory and policy risk management
  • Log review oversight and management
  • Business continuity and Disaster recovery
  • Program management - CSA CCM, SANS Top 20 and NIST Cyber framework gap analysis
  • ICT security systems

Accomplishments

  • Perform quarterly Business Monitoring, Audits for APAC Markets businesses with the primary focus on Technology, Information Security and BCDR
  • Provide front to back Audit coverage support for APAC Markets trading desks, operations, technology and support functions
  • Lead Audits for MAS, HKMA, APRA, FSA, and EU regulatory compliance with the primary focus on Technology, Information Security and BCDR
  • Assist and perform routine risk assessments on Markets entities to prioritize and schedule risk based audits
  • Complete MIFID transposition readiness reviews and other regulatory compliance reviews for Citi's EU businesses
  • Lead and perform quarterly business monitoring, audits to assess business risks across all business units in EMEA with the primary focus on Technology, Information Security and BCDR
  • Plan and execute internal Audits in EMEA Markets, CTS ( transactional banking) and consumer businesses
  • Supervise and manage Information Security and COB/DRP global, regional initiatives undertaken by IA
  • Key point of contact for coordinating technology and project activities sponsored by Tech Audit teams
  • Complete post-acquisition and termination reviews for Citi franchises in Europe
  • CITI, EMEA International Private Banking (retail and wealth management) and SME Banking
  • Assistant Vice President/Vice President - In-Business Risk and Control (2000-2004)- First Line Defence
  • Supervise and implement Information Security and COB/DRP Programs in IPB (International Personal Banking) businesses in 5 markets- Jersey, Monaco, London, Geneva and Zurich
  • Lead and manage Information Security Programs in EMEA ICG business units
  • Recruit, train and develop team of ISOs (74 information security officers) and roll out Citi Information Security program in EMEA ICG businesses
  • Manage roll out of Citi's CITMP (Citi Information Technology Management Plan) in ELC (SME banking business in 18 markets) when it was adopted in 2000
  • Develop Information Security and CoB Monthly Metrics to help the seniors measure the effectiveness of the Information Security and CoB Program effectiveness
  • Act as a point person and coordinate for business units across the world to coordinate activities sponsored by Citi's Information Security Services and Business Continuity Office
  • ECDPO-European Certified Data Protection Officer- EU GDPR - 2018

Affiliations

Bachelor of Science (Mathematics and Chemistry) Masters of Science ( Business Information Technology) CISSP - Certified Information Systems Security Professional (standing member since 2013) Member of ACAMS - CAMS certified in November 2016

Languages

English
Fluent

Timeline

Internal Audit Manager

Protiviti/Fintech , 3LOD
06.2023 - 09.2023

Information Security Management

JPMC, 1LOD
04.2022 - 05.2023

Senior Audit Manager

DB IB Technology, 3LOD
07.2021 - 03.2022

Cyber GRC Manager

LSE, 1LOD
01.2020 - 01.2021

Senior Audit Manager

PAY.UK, 3LOD
01.2019 - 01.2020

Business Continuity Head

UK HMLR, 2LOD
01.2018 - 01.2019

Senior Audit Manager(SVP)

CITI, 3LOD
01.2016 - 01.2018

Senior Vice President - Operational Risk Senior Manager

CITI, APAC Markets, 1LOD
01.2013 - 01.2016

Various AVP/VP 1LOD/3LOD roles at Citi

Citi
04.2000 - 12.2012

Middlesex University

Master of Science from Business Information Technology
09.1994 - 10.1998

ISC2

CISSP from Information Security
/2013

ISACA

CISA from Information Systems Audit
/2017

Similar Profiles

CREATE PROFILE
PARARA (PJ) JEGA