Summary
Overview
Work History
Education
Skills
Additional Information
Timeline
Generic

Harini Sree Boinpally

Senior Information Security Analyst
Frankfurt

Summary

Driven by the motto "to take that one extra step," I am a proactive and resolute professional dedicated to capitalizing on opportunities and surmounting obstacles. As a Senior information risk analyst specializing in Third-Party Risk Management, I have made substantial contributions to five distinct projects encompassing over 500 vendor relationships. These endeavors involved meticulous due diligence, streamlined onboarding processes, comprehensive risk assessments, and effective risk mitigation strategies, all aimed at ensuring strict adherence to regulatory standards.

Overview

4
4
years of professional experience
8
8
years of post-secondary education

Work History

Senior Information Risk Analyst - Third Party Risk

Deutsche Börse AG
Frankfurt
01.2023 - Current
  • Incharged with orchestrating the Ariba onboarding process for over 600 integrated third-party vendors, conducting thorough due diligence to evaluate the efficacy of their information security and compliance measures.
  • Conducted comprehensive risk assessments and Gap analysis of 220+ third-parties, utilizing robust evaluation frameworks to identify potential risks and gaps in Information Security domain control requirements (ISO 27001-2022 & ISO 27001-2013). Oversaw the handling of identified risks via detailed risk mitigation, remediation, or acceptance processes, guaranteeing alignment with organizational risk management strategies and regulatory mandates.
  • Maintained accurate records within the risk register and conducted periodic reviews of third-party risk assessments and associated risks.
  • Played an integral role in the development of third-party-related workflows through active participation in collaborative discussions with cross-functional teams including Procurement, Legal, Data Protection, and Outsourcing.
  • Collaborated with legal and procurement teams to evaluate third-party contracts using contract lifecycle management tools. Ensured thorough consideration of information security and compliance requirements during contract review.
  • Played a pivotal role in the migration project - "Evolve" by actively contributing and developing the processes to the implement the Prevalent tool for conducting risk assessments of third-party vendors, thus enhancing efficiency and accuracy in the assessment process.
  • Independently facilitated the migration of data for over 550 legacy third-party vendors, including contract data, onto the Prevalent tool. Created an onboarding process with Procurement teams for capturing information security-relevant third parties on the Prevalent tool, increasing process transparency and boosting third-party vendor data quality by 38%.
  • Partnered with the Incident Response Team (CERT) to develop and execute plans addressing information security incidents with third-party vendors. Conducted ad-hoc risk assessments for more than 12 incidents involving third-party vendors.
  • Conducted informational sessions for internal teams, emphasizing the importance of utilizing Machine Learning and AI in threat monitoring third-party vendors.
  • Demonstrated effective communication skills with diverse stakeholders across the organization, including risk domain owners, information owners, and internal audit teams across multiple legal entities. Successfully guided leadership teams through Third-party life cycle processes.

Working Student - Third-party Risk Management

Deutsche Börse AG
09.2020 - 12.2022
  • Responsible for conducting Information Security Governance and Risk Assessment Reviews (ISGR Review) and supervising risk assessment operations, including training business owners on third-party vendor security risk assessment processes.
  • Identified over 300+ newly onboarded third-party vendors relevant to information security while working with tools such as SLP Ariba and collected data for risk assessments.
  • Supported the team in testing tool functionalities like CLM, Ariba, and JIRA for new change requests.
  • Monitored third-party vendors' risk assessment documentation and Information Security Annexes. Gathered and maintained supplier information from various DBAG sources for future assessments.
  • Generated reports detailing status of third-party risk assessments and active business relationships, disseminating them to business owners and leadership teams.
  • Collaborated across multiple legal entities within the organization to gather and uphold diverse information types aligned with the security principles of Confidentiality, Integrity, Authenticity, and Availability (CIAA). These data sets were instrumental in classifying the criticality levels (Critical, Major, Minor, and Negligible) of third-party services.

Education

Masters of Science (Informatik) - Master of Science

Technical University of Clausthal Zellerfeld
Clausthal Zellerfeld
10.2019 - 10.2023

Bachelor of Technology -

Bhoj Reddy Engineering College
Hyderabad
09.2013 - 05.2017

Skills

undefined

Additional Information

Technical Skills - R Programming, Python, Java

Tools - SLP Ariba, SAP CLM, Appway, Power BI, RStudio, Business JIRA, Prevalent

Timeline

Senior Information Risk Analyst - Third Party Risk

Deutsche Börse AG
01.2023 - Current

Working Student - Third-party Risk Management

Deutsche Börse AG
09.2020 - 12.2022

Masters of Science (Informatik) - Master of Science

Technical University of Clausthal Zellerfeld
10.2019 - 10.2023

Bachelor of Technology -

Bhoj Reddy Engineering College
09.2013 - 05.2017

Similar Profiles

CREATE PROFILE
Harini Sree BoinpallySenior Information Security Analyst