Devakumar Mahadevan

2/111, 19TH AVENUE, BANU NAGAR, AMBATTUR, CHENNAI, INDIA 600053

+91 8939728723 # kumar.deva@hotmail.com # linkedin.com/in/devakumar-mahadevan-647068100

Summary
Being an enthusiast, passionate towards IT Project Management, IT Risk & Security Management
and always ready to grab new challenging opportunities in any domain.
Currently dealing with the IT Security aspects of a Bank's Data Centre where the main focus is on
the compliance posture and the emphasize is on Regulatory Guidelines on Data Security, BCP and
Maximum uptime.
Dedicating time and effort to analyze, test, compare and improve every aspect of the Project
Management / IT Risk & Security. Always keep client's requirement on priority and try to be more
creative in meeting their expectation. Time is the key to manage any project which I have experienced
till date.

Certifications
 Certified Information Systems Security Professional(CISSP) by ISC2
 Oracle Cloud Infrastructure Foundations 2021 Certified Associate
 Microsoft Certified: Security, Compliance, and Identity Fundamentals(SC-900)
 Oracle Cloud Platform Identity and Security Management 2021 Certified Specialist
 DISA by IIBF
 JAIIB by IIBF
 AML and KYC Certification by IIBF
 Network+ by Comptia

Skill Highlights
 Implementing security controls as per the Regulatory guidelines
 Coordinate the DR Drill activity conducted every quarter as per the Regulatory
guidelines
  Coordinate various IT Audits like Internal, External and Third-Party Audits
 SOC Operations
 Incident Response based on EDR alerts
 BCP – DR Drills
 Mentoring newly recruited employees on the emerging Banking Technologies and
Security aspect

Experience
Manager - 04/2017 to Till Date
The Karur Vysya Bank, Data Centre, Chennai, India
 As a Manager in the Payment and Delivery Channels, heading the team which monitors the
transactions happening through Internet Banking, Mobile Banking and UPI for issues due to
Infrastructure or security related issues. 

 Monitoring of alerts triggered from SIEM and EDR Soultions. Analyzing the alerts to determine
whether any false postive alerts are triggered, if it is found to be true positive then escalating
the same to the concerned team for their response to proceed with the Incident Response
process.
 Regular monitoring of the EDR for IOCs
 Configuring and updating the automated playbooks for handling requests originating from
malicious IP addresses and blacklisted countries of origin.
 Used to co-ordinate with the Application team and the various IS Audit teams in implementing
the compliance related points observed during various IT Audits like Internal, External and Third-
Party Compliance Audits.  This includes ISO 27001 ISMS Audits, Compliance Audits on PCI-DSS
and audits on the guideliness issued by RBI and NPCI.
 Being a member of the BCP and IR teams, used to co-ordinate the DR drill activities once in a
quarter as per the Regulatory compliance requirements. 

Assistant Manager - 10/2011 to 03/2017

The Karur Vysya Bank, Data Centre, Chennai, India
 Coordinated with NPCI for implementing IMPS P2P, P2A and Merchant modules in both Mobile
Banking and Internet Banking.

 Have been a valid contributor of the team which worked for the Internet Banking migration to a
newer version.
  Have been a part of the team which involved in the testing and implementation of the newer
version of the Mobile Banking App (mPAY) which includes newer feature like Educational Fee
Payment, Bill Payments by integrating with a Payment service Aggregator.

 Developed and Implemented the online Debit Card Hot-listing services using the ESB.

Senior Specialist Software Engineer - 12/2006 to 10/2011

Sutherland Global Services, Chennai, India
 Worked as the SME for the Virgin Digital Help developed for M/s Virgin. It is a PC optimizing
software to optimize the performance and security of Microsoft Windows based PCs.
 Mentored the development team with the development activities in developing the software in
a time bounded manner.

Education
 Master of Computer Applications

July 2003 - June 2006 || Paavai Engineering College, Anna University

 Bachelor of Science - Physics
June 2000- May 2003 || Presidency College, Chennai

Major Projects Handled

IT Security related Projects

 Implementation of eFRM solution in the Bank to monitor transactions happening through UPI.
On an average around 2 million transactions are getting processed.

 Implementation of WAF solution on the UPI, Internet Banking and Middleware solutions of the
Bank.

 Monitoring SIEM and EDR alerts.

 Monitor vendor compliance. Undertake extensive vendor evaluations from information security
perspective using risk based questionnaires and reports and then make active recommendations
to the business / vendor to mitigate the risks and provide risk based clauses for the agreements
with the vendor.

 Performing compliance review as per regulatory requirement (RBI) and reporting to audit
 committee of the board. Process of auditing information system with RISK perspective.

 Experience in accessing the information risk involved while engaging vendor/ Outsourcing to
third party for both On-Premise or over the cloud solutions.

 BCP (DC-DR) coordination during Disaster Recovery Drill.

 Information system acquisition development and implementation. SLA, OLA requirement.

 Performing module change management by confirming operation through UAT (user

acceptance testing) and subsequent deployment in production.

 Performing IS AUDIT OF BANK’S Data Center as a part of Internal IS audit team.

 Compliance to Regulatory guidelines.

 Vulnerability assessment, Risk Management, IS policy framework, DR strategy, penetration

testing, maintenance of certificates used for public key encryption (PKI) across all channels.

 Assisting and monitoring the digital financial flow through Internet banking, Mobile Banking and
UPI.

 Having a granular control on channel transaction log management across all channels.

Implementation of Bugzilla

A need araised in our Bank to implement a tool to track bugs encountered in the day to
day operations. To address this requirement suggested the tool Bugzilla to the managment and
implemented Bugzilla to track the various bugs that were encountered in day to day operations
through various channels like Internet Banking and Mobile Banking. And to report it to the CBS
vendor team and to track the progress of the bugs raised.

Mobile Banking Migration

Previously our Bank’s Mobile Banking solution was in a hosted model with a vendor. We
are not able to implement any customized option in our Mobile Banking. Raised this
disadvantage with our Management and received approval for implementing a new Mobile
Banking Solution. Evaluated various solutions and conveyed the pros and cons of various
soultions to the management. Based on their approval did POC with the finalized solution and
implemented a new solution as per the recommendations obatined from Management.