SHRAVANI SAMAVEDAM
Senior Information Security Analyst
London
Summary
Information Security Professional with over 7 years of experience with expertise in GRC and its implementations. Proven track record in enhancing organizational security postures through risk assessments and strategic planning. Successful career chronicle in leveraging expertise in ISO 27001, PCI DSS, and GDPR compliance. Excelled in conducting enterprise security risk assessments, including internal evaluations and third-party risk assessments. As a recognized Best Team Performer at Cognizant for the United Bank of Switzerland project, successfully oversaw the security risk register and exception processes and provided strategic advisory and process improvement to stakeholders. Strong technical acumen in MySQL, Power BI, and ServiceNow, bringing a holistic approach to information security.
Visa Status: UK Dependent Visa (Tier 2 Skilled Worker).
Overview
5
5
years of professional experience
5
5
years of post-secondary education
8
8
Certifications
Work History
Senior Information Security Analyst
Providence Global Center
8 2020 - 7 2022
- Conducted Enterprise Security Risk Assessments, including internal risk evaluations, third-party security assessments, and specialized assessments such as medical device and mobile application security assessments
- Monitored security risk register and security exception processes, served as security risk expert, and provided comprehensive risk management, strategic planning, advisory, and process improvement for security risks
- Performed vendor risk assessments and offered holistic view of clients' risk through standard information-gathering questionnaires aligned with industry standards (ISO 27001, PCI DSS)
- Maintain updated knowledge in field of Risk Management and Compliance
- Worked on frameworks including NIST CSF, CIS Controls, ISO 27001, GDPR, SOX 404, ITIL, etc
- Performed Security Risk Assessments within organization to identify security risks and key internal controls that mitigate identified gaps.
- Provided strategic planning, advisory, and process improvement to stakeholders for identified security risk
- Collaborate with stakeholders (e.g Senior Leadership, Strategic Business Units, IT, Legal) to ensure consistent process for identifying, assessing, responding, and reporting on IT risks
- Advice stakeholders with identifying compensating control alternatives where Security Risk requirements cannot be met
- Vendor risk assessments were carried out using Standard Information Gathering that are built based on industry standards for Information security
- Follow up, track, analyze and report on Security Risk Assessment results
- Identify security controls based on support provided by vendor
- Identify control gaps in infrastructure, applications, and processes, evaluate risk related to services provided by vendors
- All External Service providers of client were reviewed to ensure they were handling the data provided to them in a secure environment and vendor meets client’s data security requirements
- Manage Information Security, Risk Identification, mitigation and acceptance processes.
Senior Systems Engineer
Cognizant Technology Solutions
06.2015 - 07.2020
- Analyzed Information Security Program to assess maturity of vendor's processes
- Performed risk assessments for client applications earmarked for outsourcing/offshoring
- Advised business on risk-based decisions regarding hiring or continuation of services
- Perform peer review of assessments handled by team and provide guidance on improvements in reports/process
- Analyzed Information Security Program to protect, monitor and remediate issues relating to protection of client's assets
- Identify and assess impact of information security threats, vulnerabilities & risks with a view to manage those risks effectively
- Assisted in supporting internal and client audits
- Recommend risk mitigation approaches and coordinate with Business Information Security Officers & Business Asset Owners for risk management
- Assess client’s information security posture in existing environment and develop solutions to mitigate identified gaps/risks
- Supported internal stakeholders in deploying new security programs
- Ensure that procedures and controls are correctly implemented that are capable of reducing risk to acceptable level
- Identify and assess impact of information security threats
- Collaborate with Legal, Finance and Business teams to establish vendor security risk management program
- Implement enterprise-wide client security requirements program to address client needs and ensure compliance
- Supporting development and embedding of underpinning process and procedure documentation, including assisting service/business/process owners on new policies, new working practices and procedures.
Education
M.Sc. – International Business Management - undefined
University of East London
London, UK 05.2022 - 05.2023
Bachelor of Engineering – Information Technology - undefined
Osmania University
Hyderabad, India 05.2010 - 05.2014
Skills
Security Risk Assessment
Vendor Risk Management
Compliance Management
Risk Management & IT Advisory
Information Security Analysis
Strategic Decision-Making
Information Security and Compliance: ISO 27001 / ISMS, PCI DSS, GDPR
Database: MySQL
Data Visualization and Reporting: Power BI
Service Management: ServiceNow
Notable accomplishments
- Client Appreciation for Portal Launch: Received client appreciation for the successful launch of a new portal and executing changes on multiple occasions, showcasing effective project management skills.
- Exceptional Accuracy Acknowledgment: Acknowledged multiple times for maintaining an exceptional level of accuracy in work processes and procedures, reflecting a commitment to quality and precision.
- Valuable Resource in Team Coordination: Proved to be a valuable resource in coordinating with different teams and multiple stakeholders, demonstrating strong interpersonal and collaboration skills thereby improving communication within the team members.
- Single Point of Contact for External Stakeholders: Functioned as the single point of contact for external stakeholders and project client managers, ensuring seamless communication and client satisfaction.
- Best Team Performer Certificate - UBS Project: Awarded the certificate for Best Team Performer at Cognizant for contributions to the United Bank of Switzerland project, recognizing outstanding teamwork and results.
- GEMS Role and Event Organization Recognition: Received on-the-spot recognition, the GEMS role, and certificates from the manager for exceptional organizational skills in planning and executing events at Cognizant Technology Solutions.
Certification
Inventory Management Foundations
Timeline
M.Sc. – International Business Management - undefined
University of East London
05.2022 - 05.2023
Senior Systems Engineer
Cognizant Technology Solutions
06.2015 - 07.2020
Bachelor of Engineering – Information Technology - undefined
Osmania University
05.2010 - 05.2014
Senior Information Security Analyst
Providence Global Center
8 2020 - 7 2022
Similar Profiles
Jagadish ChigurupatiJagadish Chigurupati
Principal Data Analytics Engineer at Providence Global CenterPrincipal Data Analytics Engineer at Providence Global Center
SAI DEEPTHI DUVVURISAI DEEPTHI DUVVURI
Lead Service Engineer at Providence Global CenterLead Service Engineer at Providence Global Center
Anil Kumar VanteruAnil Kumar Vanteru
Manager / Principal Architect at Providence Global CenterManager / Principal Architect at Providence Global Center