Professional Documents
Culture Documents
Naukri DevakumarMahadevan (15y 0m)
Naukri DevakumarMahadevan (15y 0m)
Summary
Being an enthusiast, passionate towards IT Project Management, IT Risk & Security Management
and always ready to grab new challenging opportunities in any domain.
Currently dealing with the IT Security aspects of a Bank's Data Centre where the main focus is on
the compliance posture and the emphasize is on Regulatory Guidelines on Data Security, BCP and
Maximum uptime.
Dedicating time and effort to analyze, test, compare and improve every aspect of the Project
Management / IT Risk & Security. Always keep client's requirement on priority and try to be more
creative in meeting their expectation. Time is the key to manage any project which I have experienced
till date.
Certifications
Certified Information Systems Security Professional(CISSP) by ISC2
Oracle Cloud Infrastructure Foundations 2021 Certified Associate
Microsoft Certified: Security, Compliance, and Identity Fundamentals(SC-900)
Oracle Cloud Platform Identity and Security Management 2021 Certified Specialist
DISA by IIBF
JAIIB by IIBF
AML and KYC Certification by IIBF
Network+ by Comptia
Skill Highlights
Implementing security controls as per the Regulatory guidelines
Coordinate the DR Drill activity conducted every quarter as per the Regulatory
guidelines
Coordinate various IT Audits like Internal, External and Third-Party Audits
SOC Operations
Incident Response based on EDR alerts
BCP – DR Drills
Mentoring newly recruited employees on the emerging Banking Technologies and
Security aspect
Experience
Manager - 04/2017 to Till Date
The Karur Vysya Bank, Data Centre, Chennai, India
As a Manager in the Payment and Delivery Channels, heading the team which monitors the
transactions happening through Internet Banking, Mobile Banking and UPI for issues due to
Infrastructure or security related issues.
Monitoring of alerts triggered from SIEM and EDR Soultions. Analyzing the alerts to determine
whether any false postive alerts are triggered, if it is found to be true positive then escalating
the same to the concerned team for their response to proceed with the Incident Response
process.
Regular monitoring of the EDR for IOCs
Configuring and updating the automated playbooks for handling requests originating from
malicious IP addresses and blacklisted countries of origin.
Used to co-ordinate with the Application team and the various IS Audit teams in implementing
the compliance related points observed during various IT Audits like Internal, External and Third-
Party Compliance Audits. This includes ISO 27001 ISMS Audits, Compliance Audits on PCI-DSS
and audits on the guideliness issued by RBI and NPCI.
Being a member of the BCP and IR teams, used to co-ordinate the DR drill activities once in a
quarter as per the Regulatory compliance requirements.
Have been a valid contributor of the team which worked for the Internet Banking migration to a
newer version.
Have been a part of the team which involved in the testing and implementation of the newer
version of the Mobile Banking App (mPAY) which includes newer feature like Educational Fee
Payment, Bill Payments by integrating with a Payment service Aggregator.
Developed and Implemented the online Debit Card Hot-listing services using the ESB.
Education
Master of Computer Applications
Implementation of eFRM solution in the Bank to monitor transactions happening through UPI.
On an average around 2 million transactions are getting processed.
Implementation of WAF solution on the UPI, Internet Banking and Middleware solutions of the
Bank.
Monitor vendor compliance. Undertake extensive vendor evaluations from information security
perspective using risk based questionnaires and reports and then make active recommendations
to the business / vendor to mitigate the risks and provide risk based clauses for the agreements
with the vendor.
Performing compliance review as per regulatory requirement (RBI) and reporting to audit
committee of the board. Process of auditing information system with RISK perspective.
Experience in accessing the information risk involved while engaging vendor/ Outsourcing to
third party for both On-Premise or over the cloud solutions.
Assisting and monitoring the digital financial flow through Internet banking, Mobile Banking and
UPI.
Having a granular control on channel transaction log management across all channels.
Implementation of Bugzilla
A need araised in our Bank to implement a tool to track bugs encountered in the day to
day operations. To address this requirement suggested the tool Bugzilla to the managment and
implemented Bugzilla to track the various bugs that were encountered in day to day operations
through various channels like Internet Banking and Mobile Banking. And to report it to the CBS
vendor team and to track the progress of the bugs raised.
Previously our Bank’s Mobile Banking solution was in a hosted model with a vendor. We
are not able to implement any customized option in our Mobile Banking. Raised this
disadvantage with our Management and received approval for implementing a new Mobile
Banking Solution. Evaluated various solutions and conveyed the pros and cons of various
soultions to the management. Based on their approval did POC with the finalized solution and
implemented a new solution as per the recommendations obatined from Management.