Varghese Samuel
IT Security and Systems Analyst, System Auditor
Brampton,Ontario
Summary
Summary
Strong Technical Leader and GRC Management and IT Security Professional with good interpersonal skills. I have served various sizes of companies, including many Fortune 500 rated global companies, in various industries, in my years of professional services (mostly Information Technology related) and consulting experience. I have developed and deepened my facilitation and consultative delivery skills across global projects, enabling me to now incorporate multi-disciplinary, multi-cultural skills into every facet of delivery. As a Consulting Director and Consulting Partner, I have specialist competencies in regulated environments, including HIPAA, GLBA, and IT security frameworks. I am certified in Cloud Auditing and my qualifications have previously included: B.Tech(Mech.), M.S, PMP, CRISC, CISA. My solid credentials as an IT professional along with previous experience as Project Management Professional (PMP), Certified in Risk and Information Systems Control(CRISC), CISA, Governance, Risk and Compliance (GRC), and certification in Cloud Auditing (CCAK) enable me to view any project from multiple dimensions and collaborate closely with clients to develop detailed requirements and specifications designed to have long-term benefits. I have strong skill sets as a leader who brings projects in on time and within budget. Below are some of my additional skills and abilities: Engineering mind set to tackle challenges Experienced in assessing, designing, and implementing IT controls, engineering controls, and safety controls. Exceptional risk mitigation, management, and information systems governance experience. Adept at IT security threat and vulnerability assessments; development and implementation of IT control objectives. Focused client service professional dedicated to continuous improvement through education and certification in leading practice technologies and methodologies. Superior communications skills including proficiency with both technical and business writing. Guest Lecturer - Various Universities Experience working with business intelligence tools, data visualization and reporting Services provided include Project Management, IT Risk Management; IT Governance Training; Engineering Services (REVIT MEP); SOX; IT Operational Process Improvements; SAP B1 ERP Training; IT and Business Process Integration; IT security consulting (ISO 27001, COBIT 5); IT Staff Augmentation.
Overview
30
30
years of professional experience
3
3
Certifications
1
1
Language
Work History
Senior Systems Analyst
First USA Bank
Wilmington
03.1995 - 04.1996
IT Security Analyst
State Farm
01.2015 - 09.2015
- Contract consulting member of the Enterprise Key Control Testing Team of the Information Technology Risk and Management Practices department doing key controls testing as part of the IT Audit and GLBA , HIPPA regulatory requirements
- Determined scope of implemented controls on assets evaluated in control testing cycles
- GLBA and IT controls testing
- Partnered with asset and control owners to facilitate the testing of key controls, assess the results, and worked through any necessary remediation
- Participated in the reporting and communication of key control testing results.
GRC, Principal
GRC Consultancy Services
Toronto
12.2016 - Current
- Started a full-service Consulting firm providing professional services in Engineering and IT Services
- Provide contract services to clients on an interim basis or more long term
- For our clients: Performed vulnerability analysis and documented multiple networks and controls, automation planning.
Guest Lecturer
York University
Toronto
01.2015 - 12.2022
- Guest lectures on Cyber Risk Management and the NIST Cyber Security Framework,
Consultant Engineer
Major Industrial Distributor
Chennai
12.2016 - 11.2020
- Consulted, managed projects, provided website design, IT security, infrastructure and email administration, website development, IT security controls consulting against ransomware attacks to IT servers
- Provided policy guidance on anti-virus and software updates, preventing ransomware attacks
- Deployed tactical resources to solve short-term demand, supply chain and maintenance planning challenges
- Analyzed forecasts, centered on baseline trending, sales initiative, and market trends
- Identified opportunities and made strategic decisions to bridge gaps, managed meetings to optimize use of company resources to fulfill demand, supply expectations and provide logistics services
- Planned review of orders, schedules and execution of demand, capacity and maintenance requests for logistics and service requests and scheduling of services
- Coordinated with maintenance departments of customers in fulfilling their maintenance, service requests
- Used business intelligence tools, data visualization tools for reporting
- Risk Management and IT Controls documentation and testing
Consultant
Various Companies
Various Cities
03.1993 - 12.2014
- Multiple Global Locations
- Global Technology, Telecommunications, and Financial Services Organizations
- Early career focused on building and honing the technical and consulting skills I use today
- Started out as Analyst / Programmer and moved on to senior roles in Programming, IT Systems Administration
- After clearing the CISA exam in 2003, did projects on IT assurance, IT Governance, and IT Risk Management
- After clearing the PMP examination by PMI, did Project Management assignments in IT and related fields
- Specifically, I have designed, planned, and delivered solutions including IT risk assessments, design, testing, and configuration of IT Controls, IT Risk in Information Systems, - Guest lectures on IT Governance, including ”Effective IT Governance through IT Security” at York University, Toronto, as part of the course “IT Governance and Monitoring Strategies”
- Executed multiple IT Risk Reports, IT Governance Presentations and customer/vendor liaisons.
Information Systems Engineer
The Vanguard Group of Investment Companies
Valley Forge
01.1993 - 01.1995
Education
B.Tech - Mechanical Engineering
College of Engineering
M.Sc. - Technological Systems Management
Stony Brook University
Post Graduate program - Post Masters - Computer Science, Information Systems
Drexel University
Skills
IT security consulting and IT controls testing
undefinedCertification
Certificate of Cloud Auditing Knowledge (CCAK)
Additional Information
- Honors-Awards , Topper - ISACA - CISA exam - 2003 Publications Design of a Protocol for File Transfer
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Quote
There is a powerful driving force inside every human being that, once unleashed, can make any vision, dream, or desire a reality.
Tony Robbins
Timeline
GRC, Principal
GRC Consultancy Services
12.2016 - Current
Consultant Engineer
Major Industrial Distributor
12.2016 - 11.2020
IT Security Analyst
State Farm
01.2015 - 09.2015
Guest Lecturer
York University
01.2015 - 12.2022
Senior Systems Analyst
First USA Bank
03.1995 - 04.1996
Consultant
Various Companies
03.1993 - 12.2014
Information Systems Engineer
The Vanguard Group of Investment Companies
01.1993 - 01.1995
B.Tech - Mechanical Engineering
College of Engineering
M.Sc. - Technological Systems Management
Stony Brook University
Post Graduate program - Post Masters - Computer Science, Information Systems
Drexel University
Similar Profiles
Alyson GainesAlyson Gaines
Cook 2 at Compass Group USA ( Bank of America Building)Cook 2 at Compass Group USA ( Bank of America Building)
Karen MateoKaren Mateo
Relationship Banker at Santander Consumer USA BankRelationship Banker at Santander Consumer USA Bank
GAURAV KUMARGAURAV KUMAR
Tibco Spotfire Developer at Capgemini/GE- USA, Bank/ HealthcareTibco Spotfire Developer at Capgemini/GE- USA, Bank/ Healthcare
Dhruv KalyanDhruv Kalyan
Delivery Associate at Ontario Cash & CarryDelivery Associate at Ontario Cash & Carry
Hardeep KaurHardeep Kaur
Banking Advisor at Tek SystemBanking Advisor at Tek System