SUMMARY:

• Expert experience with RSA Archer GRC platform - research and industry.
• Proficiency in enterprise systems, applications development, and auditing process.
• 6 years of IT experience with 4+ years on Archer GRC Tool with its implementation in multiple Business Units.
• Expertise in Vendor Management, Policy Management & Risk management modules
• Expertise in DDEs, Data Feeds, Data Imports
• Knowledge in RSA Archer Installation & Configuration
• Extensive in troubleshooting performance related issues
• Expertise in On Demand & Core applications, Sub-Forms
• Experience in Cross-References, Questionnaires
• Expertise in Access Controls: Manual, Automatic, Inherited
• Archer-LDAP Synchronization
• Requirement Gathering, Analysis and Development
• Expertise in Smoke Testing, & UAT
• Expertise in Front end technologies including HTML, JavaScript,Angular, CSS.
• Proficient in MS Office Excel, SharePoint, PowerPoint.
• Extensive experience in conducting JAD sessions - participated in varied roles ranging from facilitator, preparing visual aids, setting goals and objectives, providing read-ahead materials to participants, etc.
• Proficient in the implementation of production change management techniques and service delivery disciplines.
• Written Use cases and have produced Use Case Models, creating Behavioral diagrams (use case diagram, Activity diagrams and Sequence diagrams) based on UML Methodology & Business process flow diagrams.
• Extensive experience in documentation of business requirements and system functional specifications, including BRD, FRD.

TECHNICAL SKILLS:

Application: RSA Archer Version 4.x,5.x, 6.x.

Programming Languages: C, C++, C#, .NET, HTML, XML, PL/SQL,SQL

Operating Systems: LINUX, UNIX, Windows

Software Modeling Tools: Microsoft Office Suite, SQL Server

PROFESSIONAL EXPERIENCE:

Confidential, Calabasas, CA

GRC Consultant

Responsibilities:

• Techno-Functional Consultant
• Implemented project in Archer 6.1 by gathering requirements from stakeholders and creating BRD followed by High Level and Low-level Design
• Performed import and export functionalities by migrating applications, questionnaires, configurations, triggers, reports and workflows of existing solution from Archer 5.5 to new instance of Archer 6.1
• Archer consultant specialization in managing and executing GRC IT Risk governance design Framework programs.
• Developed an ODA from the scratch
• Compliance related tasks and enabling them an upload functionality of NERC-CIP Evidence to ease Auditing
• Developed processes to implement key governance, risk and/or compliance initiatives through the use of an Archer e-GRC platform.
• Implemented event driven workflows for better traceability of Tasks
• Handled Functional documentation like Learning Development Plans and Operational Readiness Assessment
• Created detailed RTVM (Requirement Traceability Verification Matrix) to track the Business Requirements and map associated technical and functional requirements
• Responsible for installation of Archer 6.1 in the new infrastructure
• Guide the implementation of IT compliance control objectives, provide gap analysis between archer versions, track timely closure of identified control gaps and provide input to continuously improve relevant services and processes.
• Designed calculated fields to implement CIP Compliance and mapped the Tasks with CIP Requirements.
• Perform risk assessment of new IT projects, identify areas of potential technical and process vulnerability, recommend compensating controls and maintain the IT risk register.
• Review existing systems and processes against the GRC framework and prioritize remediation plans based on business risk.
• Evaluate and maintain up-to-date knowledge of the effectiveness of GRC standards and compensating controls in mitigating IT risk.

Environment: Archer e-GRC SmartSuite Framework 5.5 and 6.1

Remote GRC Archer Consultant

Responsibilities:

• Develop and maintain a formalized GRC framework, utilizing standards based controls aligned to business specific threats
• Assess, prioritize and update existing IT security policies and standards to reflect the GRC framework
• Perform risk assessment of new IT projects, identify areas of potential technical and process vulnerability, recommend compensating controls and maintain the IT risk register
• Review existing systems and processes against the GRC framework and prioritize remediation plans based on business risk
• Evaluate and maintain up-to-date knowledge of the effectiveness of GRC standards and compensating controls in mitigating IT risk
• Interact with Internal Audit and IT teams to ensure on-going compliance with company IT security policies and standards
• Define GRC framework metrics and key risk indictors, maintain a management dashboard and produce an annual GRC framework compliance report for executive management
• Provide training and support to management and employees regarding GRC programs and requirements
• Work with internal and third-party IT security partners to stay current on industry trends, controls and security technologies and services.
• Archer consultant specialization in managing and executing GRC IT Risk governance design Framework programs.
• Program and project manage archer projects.
• Knowledgeable consultant providing support development and design requirement for customers.
• Consult clients on automating business processes & risk management activities in the RSA Archer GRC platform.
• Highly skilled in working with clients to properly capture and document requirements, including system requirements specification (SRS), use cases, business process flows, user interface design mockups, data maps for data migration and tool integration, and Archer design binders for Archer-specific requirement
• Developed processes to implement key governance, risk and/or compliance initiatives through the use of an Archer eGRC platform
• Liaised with Cyber Security, Production Support, Engineering, and Business
• Collaborated with systems integrators in developing business requirements and designs in GRC-related implementations.
• Executed, planned, and proactively identified potential risks, issues and challenges to mitigate
• Experience with data scrubbing, migration, cleansing, and analysis.
• Experience in developing On-Demand applications.
• Professional experience with RSA Archer data feeds, questionnaires, calculated fields, custom workflows, custom objects, reports, dashboards and also done user acceptance test.
• Consult auditors and Information Security leaders on all GRC tasks.
• Provided extensive contract acquisition research, support, and other related professional services.

Environment: Archer eGRC SmartSuite Framework 5.x, Application Portfolio Catalog, Application Lifecycle Management, archer GRC Tool, IT Service Management, Global Application Platform etc.

GRC Consultant

Responsibilities:

• Develop and maintain a formalized GRC framework, utilizing standards based controls aligned to business specific threats.
• Assess, prioritize and update existing IT security policies and standards to reflect the GRC framework.
• Perform risk assessment of new IT projects, identify areas of potential technical and process vulnerability, recommend compensating controls and maintain the IT risk register
• Review existing systems and processes against the GRC framework and prioritize remediation plans based on business risk.
• Evaluate and maintain up-to-date knowledge of the effectiveness of GRC standards and compensating controls in mitigating IT risk
• Interact with Internal Audit and IT teams to ensure on-going compliance with company IT security policies and standards
• Define GRC framework metrics and key risk indictors, maintain a management dashboard and produce an annual GRC framework compliance report for executive management
• Provide training and support to management and employees regarding GRC programs and requirements
• Work with internal and third party IT security partners to stay current on industry trends, controls and security technologies and services
• Managing access control of the users on Archer. Adding new users to the platform rapid application development tools.
• Workflows based on dynamic record permissions, events and notifications.

Environment: Archer eGRC SmartSuite Framework 4.x,Application Lifecycle Management, archer GRC Tool, IT Service Management, Global Application Platform etc.

ASP.Net Developer

Responsibilities:

• Involved in collecting and analyzing the business requirements from the customers.
• Responsible for developing all the front end screens and the back end database queries for retrieving data and NET Framework 2.0.
• Developed the system frontend using C#.NET, ASP.NET 2.0 and HTML and backend using SQL server 2005 as the backend database.
• Designed the Conversation pattern from existing ASP application to ASP.NET/ C#.NET Web Forms and .NET Framework 2.0.
• Used ADO.NET for retrieving data from backend database SQL Server 2005 and Visual Studio 2005.
• Implement and Deploy of XML Web Services (SOAP) using C#.NET. Created dynamic GUIs with .Net Web Controls.
• Implemented extreme programming by using fast paced Object-Oriented Methodologies, involving in task completion, user stories, and iterations.
• Worked on UI using AJAX for making smaller, faster and user friendly web-page application.
• Developed Server side programming using C#.NET .NET, ASP.NET 2.0 on .NET architecture.
• Implemented AJAX in order to provide pleasant client-side experience.
• Designed XML Schemas and developed XSL and XML gateway.
• Extensively used XSLT language to transform from XML document into HTML web page.
• Developed testing report, Stored Procedures using SQL Server 2005 and SQL scripts, and DTS packages and Data Modeling.
• Used Microsoft Visual Source Safe (VSS) for all the source code maintenance needs.

Environment: Visual Studio, .NET Framework 3.5, ASP.NET 3.5, ASP, ADO.NET, VB.NET, AJAX, XML, HTML, CSS, Java Script, SOAP, SQL Server, JavaScript, jQuery, WCF, SSRS, SSIS, and Team Foundation Server (TFS)