RAMYA SWAMINATHAN

Dynamic Information Security Specialist with a proven track record at eNoah i Solution Pty Ltd, adept at implementing robust security policies and conducting comprehensive risk assessments. Skilled in vulnerability management and cross-functional coordination, I successfully facilitated ISO 27001:2022 compliance, enhancing organizational security posture and employee awareness.

• Consultant - Program Manager & Compliance Manager, Kriyatek Delivery Pvt Ltd, 2023-04-01, Present, Planned and executed 30+ 3rd Party certification audits for ISO 9001 and 27001 for a UK based certification body., Internal Audit planning, conducting and reporting Internal Audits for clients., Evaluating security controls, risk management strategies, and compliance against regulatory requirements., Collaborate with clients, and internal teams to develop effective corrective action plans based on audit findings, ensuring timely resolution of security gaps as a part of Implementation., Development of solutions and suggestions proving the capacity to fulfil security specifications within the defined scope., Responding to the risk questionnaire as a part of vendor management and RFP responses., Prepare comprehensive audit reports, detailing findings, risk assessments, and recommended improvements for management review., Developed and implemented information security policies, procedures, and guidelines, aligning with ISO 27001 standards and industry best practices for small and mid-size organizations/customers.
• Internal Audit and Compliance Lead, Kriyatek Delivery Pvt Ltd, 2021-08-01, 2023-04-01, Effectively led the Internal Audit team in planning, conducting, and managing internal audits and assessed information security controls, identified vulnerabilities, and recommended remediation strategies., Focal for internal stakeholders and vendors for the end-to-end RFP process., Conducted assessments to comprehend the security difficulties faced by customers/vendors and record the specific needs that correspond with their security objectives., Proficient in managing RFP processes, in the information security and data privacy domain., Single Point of Contact for all Vulnerability Assessment and Penetration Testing planning, execution reporting, and remediation., Forefront Security monitoring tools implementation projects for both internal functions and customers in EMEA and APAC regions., Collaborate with clients' internal teams to develop effective corrective action plans based on audit findings, ensuring timely resolution of security gaps., Analysed and involved in scope expansion for ISO27001, ISO27017, and ISO27701 standards from Gap Assessment, implementation, Internal Audits, and certification across regions., Orchestrating the successful certification process and maintaining compliance through regular audits, reviews, and facilitation with external certification bodies., Work closely with the teams to identify, track, and remediate information security risks and derive the risk appetite., Develop and review processes, procedures, and standards to improve the accuracy, agility, and efficiency of operations.
• Internal Audit Manager, Temenos India Pvt. Ltd., 2019-01-01, 2021-07-01, Developed and executed a risk-based audit approach aligned with the organization's objectives and risk acceptance level., Collaborated with key stakeholders to identify audit priorities, scope, and objectives., Created detailed audit plans, defining audit procedures, timelines, and resource requirements., Delegated and supervised audit assignments of Audit team members., Identified areas for process enhancement, suggested practical solutions, and drove continuous improvement initiatives in information security practices., Conducted comprehensive Risk assessments, and developed risk-based audit plans that target high-risk areas., Communication of audit progress, findings, and recommendations to senior management and relevant stakeholders., Prepared clear, concise, and insightful audit reports that highlight areas for improvement and best practices., Single Point of Contact in presenting audit results to Senior Management and the audit committee, address any questions or concerns.
• Principal Analyst, Temenos India Pvt. Ltd., 2012-02-01, 2017-07-01, Developed & managed end-to-end project plans / milestones-tracking with quality stage gates & project/product timelines., Worked closely with Product Managers to understand business requirements and non-functional requirements (performance and Security) and map the same to the monthly releases., Review the solutions proposed for non-functional requirements - Security (OWASP, SANS25) and map it with functional and technical requirements., Conduct a walkthrough with the teams for brainstorming and agreeing on the SAP implementations with the Temenos Product customizations for a few banks., Creation of requirements traceability matrix across the team to track the test coverage for requirements.
• Senior Software Engineer, Xchanging Solutions, 2007-05-01, 2012-01-01, As a Software Engineer: Project: Integrated Resources and Information System (IRIS) for the State Government of Wyoming, United States.

• Nominated for the Performance Reward Program for consistent performance in Temenos.
• Track record in multiple GEM (Going the Extra Mile) nominations in Temenos.
• Conferred with Pat on Back Award in Xchanging Solutions on numerous occasions.
• Defined quality controls such as determining KPI measures, exception thresholds, trend analysis, and reporting requirements.
• Contributed to enhancing organizational processes through initiatives, towards lowering risk, improving productivity, refining internal controls & increasing profitability.
• Delivered essential projects for operational efficiency by identifying & solving complex technical problems and dependencies.

• ISO 22301 Lead Auditor, 2024
• ISO 9001 Lead Auditor, 2023
• ISO 27001 Lead Auditor, 2023
• SAFe Implementation, 2022
• Prince 2 Practitioner, 2021
• Certified Scrum Master from Scrum Alliance, 2021
• Trained on Green & Black Belt Six/Sigma, 2019
• ITIL Foundation Certification

Project Management, SAfe Agilist, Agile Practitioner Compliance Management, Information Security and Third party Auditor in ISO 27001:2022, ISO 9001:2015, ISO 22301:2019, ISO 13485:2016, ISO14001:2015, ISO 45001:2018