Summary
Overview
Work History
Education
Skills
Miscellaneous Information
Profile
Languages
Timeline
Generic

Harini Sree Boinpally

Frankfurt Am Main

Summary

Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for Third-party vendor security.

Overview

7
7
years of professional experience

Work History

Internship-Information Security Governance & Risk

Deutsche Börse Group
05.2020 - 09.2020
  • Accountable for overseeing Information Security compliance among third-party vendors and reviewing pertinent documentation.
  • Responsible for upholding the status reports of third-party vendors regarding Information Security Annex documentation and communication.
  • Tasked with overseeing and vigilantly monitoring third-party vendors to ensure their compliance with the Deutsche Börse Information Security Requirements and Guidelines.
  • Assisted the team by managing documentation and maintaining status for third-party vendor risk assessments. Conducted testing on Risk assessment and Gap Analysis tools, documenting their functionality.
  • Acquired proficiency in utilizing Risk Register and Risk Assessment Planning tools, specifically JIRA, through active engagement in the process.
  • Attained robust understanding of Third-party security, Information Security Management, and Incident Management Standards, ensuring alignment with Third-party vendor's Information Security requirements.

Working Student - Third-Party Risk Management

Deutsche Börse
09.2020 - 12.2022
  • Tasked with conducting Information Security Governance and Risk Assessment Reviews (ISGR Reviewer), and overseeing Risk assessment operations, including training Business owners on third-party vendor security risk assessment processes.
  • In charge of identifying newly onboarded third-party vendors pertinent to information security using tools such as SLP Ariba, and collecting data for risk assessments.
  • Assisted the team in testing tool functionalities including CLM, SLP, and JIRA for new change requests. Monitored third-party vendor's risk assessment documentation and Information Security Annexes. Gathered and maintained supplier information from various DBAG sources for future assessments.

Business Process and Operations Associate

Amazon Development center private limited
06.2017 - 08.2018
  • In charge of managing product delivery operations encompassing logistics, customer service, and resolving product-related issues. Utilized advanced calculations to derive insights from data sourced from various departments.
  • Responsible for resolving diverse customer issues and multitasking for effective resolution. Utilized CRM tools to tackle product challenges and analyze client data, showcasing ability to simplify complex concepts.
  • Notable Achievements: Appreciated for taking an extra step with respect to scaling and optimizing the issues by generating feasible solutions for problems that are broadly relevant and for the ability to focus on key results of the data and for adapting the insights quickly.

Senior Information Security Analyst

Deutsche Börse AG
01.2022 - Current
  • In charge of conducting assessments on third-party vendors to verify their compliance with security standards such as ISO2700 and SOC reports, and executing routine security reviews following Criticalities and third-party information security protocols.
  • Tasked with identifying internal control needs, evaluating their design and operational efficiency, assessing and analysing risk exposure, and formulating remedial strategies. Communicating identified risks and recommendations to Business Owners.
  • Entrusted with designing operational procedures for the Third-party risk management cycle as a crucial component of the transformative project "Evolve." This initiative aimed to conduct third-party risk assessments on the AaaS platform Prevalent.
  • Conducted informative knowledge-sharing sessions with the team, emphasizing the significance of Machine Learning in Cybersecurity within the context of Vendor Threat Monitoring. This function serves to enhance financial and business monitoring capabilities pertaining to Third-party vendors.
  • Directed the comprehensive migration of Third-party vendor data to the new Prevalent platform, coordinating efforts across various procurement and outsourcing teams. This involved extracting data from disparate sources including Onboarding (SLP Ariba), Contract Life Cycle Management (CLM), and Outsourcing (Appway), and processing it to meet the standards for Third-party vendor risk assessment. Additionally, established a robust process for ongoing third-party vendor onboarding, facilitating direct integration with the Prevalent platform.
  • Engineered Incident monitoring processes to detect incidents involving Third-party vendors, in close collaboration with CERT (Computer Emergency Response Team). Conducted thorough analysis of CERT reports on third-party incidents and conducted ad-hoc risk assessments in collaboration with Data Protection and Business Continuity Management teams.


Education

Master of Science - Informatics

Technical University of Clausthal Zellerfeld
Clausthal-Zellerfeld, Germany
10.2023

Skills

  • Third-party risk assessments
  • Risk handling and monitoring
  • Incident Management
  • Incident based Ad-Hoc Risk assessments
  • ISO 27001:2022, SOC, MaRisk and EBA
  • Statistical methods of Machine Learning
  • Data Analysis
  • Database Management Systems
  • Network Security
  • Information Security Management
  • Information Security Governance and Risk
  • Third-party vendor Information Security

Miscellaneous Information

R language, Python, Database Management systems, Data modelling technique, Machine learning, MS Project and Office, VBA, SAP(CLM), SLP Ariba, Data Visualization tools (Neo4j), Tableau, Power BI, Prevalent (AaaS)

Profile

Technische Universität Clausthal (TU Clausthal), Masters: Informatics (Thesis), 09/2013 till 05/2017 Jawaharlal Nehru Technological University, Computer Science

Languages

English
Advanced (C1)
Telugu
Bilingual or Proficient (C2)
Hindi
Upper intermediate (B2)
German
Intermediate (B1)

Timeline

Senior Information Security Analyst

Deutsche Börse AG
01.2022 - Current

Working Student - Third-Party Risk Management

Deutsche Börse
09.2020 - 12.2022

Internship-Information Security Governance & Risk

Deutsche Börse Group
05.2020 - 09.2020

Business Process and Operations Associate

Amazon Development center private limited
06.2017 - 08.2018

Master of Science - Informatics

Technical University of Clausthal Zellerfeld

Similar Profiles

  • Kateřina Utěšená

    Kateřina UtěšenáKateřina Utěšená

    Compliance Services Monitoring Officer at Deutsche Börse GroupCompliance Services Monitoring Officer at Deutsche Börse Group

    View Profile
  • Nataliia Iskra

    Nataliia IskraNataliia Iskra

    Director/Head of IT Security at Clearstream Deutsche Börse GroupDirector/Head of IT Security at Clearstream Deutsche Börse Group

    View Profile
  • Katja Karthe

    Katja KartheKatja Karthe

    Regulatory Specialist at Deutsche Börse GroupRegulatory Specialist at Deutsche Börse Group

    View Profile
Harini Sree Boinpally