Professional Documents
Culture Documents
Jaya.BK CV
Jaya.BK CV
Jaya.BK CV
BK
Operational Lead/GRC Security Delivery specialist/
Information security Advisory Compliance /Audit/ Regulatory
Mobile:8885617912
Email:-Jayakandala.b@gmail.com
Professional Summary
COMPANY DESIGNATION /ROLE PERFORMED YEAR
KYNDRYL PVT LTD Lead, Security Sep 2021-Till Date
IBM INDIA PTV LT Security Delivery Specialist April 2016 to Sep 2021
Services Performed Professionals with this Role demonstrate my capability to perform general
Operational /RMS/GRC skills and ensure risk and security compliance guidelines are
met. organizational/Clients the Three Lines of Defense Model issued by the
Institute of Internal Auditors, has been adapted for use by Kyndryl as a simple and
effective way to enhance communications on risk management and control by
clarifying essential roles and responsibilities.
Worked on a Framework of Internal Control that is enterprise wide and have a
pervasive effect toward the achievement of Kyndryl operating, reporting, and
compliance objectives while guarding against inherent risks.
Key Controls & Testing A key control is a specific activity or set of activities that is
executed to mitigate a significant risk and accomplish the objectives.
the related process. Compliance testing serves to validate that a control is working
effectively as designed.
Policy Management and Technical specification along with Operational
implementation
Ensure all Security Control Elements are reviewed annually and is reissued when
revisions are necessary and approved ISO/CIS. Technical Specifications are reviewed
annually. Getting all proposed revisions document reviewed and approved by the
customer CIS Team with client sign off.
Ensure audit readiness internally and externally GTO ,FLOD,SOX 404,
AUP,SAAE 18, Security process testing , Corp Audit,
As part of my role implemented ISO/IEC 27002:2013 Code of
practice for information security management, as a framework for
providing information security.
Services Performed Driving the IT Governance in order to address the Gaps and Improvements relevant
to organization growth. Conducting periodic compliance checks on both the Intel and
Unix servers across the State Street Environment through automated tool IBM Big Fix
(Formerly TEM)Configuring the Fixlets in BigFix as per the agreed value in the
technical specifications and performing the automated scans.Validating the
automated scan results and segregating the false positives and customer approved
exceptions from the valid deviations and working with the respective platform teams
to mitigate the deviations. Documenting the valid deviations found and raising Non-
Compliance Issue on respective teams and documenting the mitigation plans by
continuous follow-ups with the teams. Working closely with the client in technical
specification reviews, Exception letter extensions. Working with the deployment
teams to deploy BigFix agents on Intel and Unix servers and tracking the status by
weekly calls and updating the status to the account team. Periodic reviews and
improvements on SOA, policies, and their relevant operational documents.
Conducting Internal ISO 27001 Audits and Handling External Audits for the
Organizations/Conducting audit readiness programs within the team.
Security Engineer: General Electric (GE) Aug’12-March’16
Services Performed
Maintaining the secure environment across GE for nearly 400,000 endpoints using
McAfee Endpoint Encryption Manager. Presenting the best practices to client Involved in
ITIL ticketing system for Incident, change and upgrade management.
Attended weekly Steering committee calls and updated the Compliance status.
Developed a Standard operating procedures and detailed process maps for support
related activities Handled Incident Management like McAfee Endpoint Encryption client
encryption issues, adding users to related machines, Creating Firewall rules with proper
business justification. Troubleshooting McAfee On-Access and Firewall related issues.
Involved in McAfee Endpoint Encryption Manager Server maintenance, generating
reports and Server Health check monitoring.
Services Performed
Account ID creation/Modification/Deletions using various applications. (IDM, Mainframe
sessions). Windows and NT account administration. Implementation of a VPN to enable
users to securely work remotely. Creating, granting, and revoking different kinds of
access per business requirement. Creation, Modification & Deletion of accounts in
Blackberry Enterprise Server. Responsible for creating mailboxes and shared mailboxes,
managing mailbox sizes. Managing & responsible for the publishing of the team statistics
and communicating it with the team.Taking care of escalated issues and providing Level
2 support for required user administration.
Key accomplishment
Personal Details
Marital Status : Married
Languages Known : Telugu, Hindi, English.
Declaration
I hereby declare that all details furnished above are true to the best of my knowledge.