Why Hyqoo
Find Jobs
About Us
Community

Hire Talent

Sai Niteesh Gundu

Cyber Governance Risk Compliance Analyst

Bengaluru, Karnataka, India

5+ Years Exp

Summary

Sai Niteesh is an accomplished Cyber Governance Risk Compliance Analyst with 5+ years of experience in Cyber Security. He excels in GRC and application security, conducting risk assessments for application deployments and working with ISO 27001, SOC1, SOC2, GDPR, and NIST frameworks. Sai Niteesh is also skilled in cloud security assessments for AWS, GCP, and ALI cloud, collaborating with stakeholders to reduce organizational risks. With proficiency in RSA Archer, he develops advanced workflows and applications for Vendor Risk Management and Anti Bribery and Anti-Corruption. As a crucial member of SOX-Governance teams, Sai Niteesh ensures meticulous controls testing and quality checks. His expertise and dedication make him a valuable asset in Cyber Security and Governance.

Technical Skills

Detailed View

ISO 27001 Standard
Risk Management
Cloud security assessments
Vendor Risk Assessments
SOC2 controls assessment
Vulnerability Assessment
PCI DSS
NIST
SOC1
SOX Compliance
GDPR
GRC
Information Security
Microsoft Windows
Mac OS

Other Skills

Analytical Skills

Work Experience

Senior Consultant

KPMG

Full Time | 26/12/2022 - Present

Singapore

  • Responsible for performing the General IT control, IT automated controls testing for multiple clients across sectors, which includes Financial, Entertainment and Food & Agriculture.
  • Performing gap analysis against the Technology Risk management and outsourcing requirements by Monetary Authority of Singapore (MAS).
  • Assisting in conducting cyber maturity assessments based on an organization-built Maturity framework covering areas like Governance, Business continuity, operations & Technology and Compliance.
  • Part of planning, testing and reporting phases for the scope of work, including IT automated controls, General IT controls, Technology and Regulatory controls.
  • Drafting the control testing work paper and the corresponding audit findings report to highlight the internal control deficiencies, and non-compliances and lead discussions of issues and remedial actions with an appropriate level of management.
  • Acting as a Senior In-charge for multiple engagements and leading the engagements from the planning phase to reporting phase.
  • Managing and coordinating client audit plans and fieldworks, including IT, operational and regulatory audits.
  • Supervising staff members, including assistance in developing audit procedures and testing techniques.

Senior Security Associate

Tokopedia

Full Time | 27/12/2021 - 07/09/2022

Hyderabad, Telangana, India

  • Performed Third-party risk assessments for the vendors that Tokopedia is associated with and provided scoring according to the identified gaps.
  • Developed SOC2 controls as part of the readiness activity for obtaining SOC2 Type -1 certification for the organization.
  • Performed cyber maturity assessments for subsidiaries associated with the organization and provided scoring and recommendations based on the gaps that were identified.
  • Performed security assessments covering ISO 27001, PCI DSS, SOC 1, SOC 2, SOX ITGC controls and identified the current situation of the controls and collaborated with the product engineering, security, GRC and Enterprise Risk management team to make sure that the controls are in line with the policy and procedures that organization has developed and making it compliant with the other standards.
  • Collaborated closely with product engineering team to execute the design, performance, amendments of IT controls.
  • Performed cloud security assessments for AWS, GCP and ALI cloud. Identified the major findings and interacted with PICs to close the gaps to reduce the organization's risks.
  • Reviewed Information security policies and procedures for various subsidiaries and vendors.
  • Conducted review of privileged user account activity review for operating systems like Windows and Mac OS.
  • Performed user access reviews across all internal and external application and database layers.
  • Implemented RBAC controls across the organization and ensured that IAM was in place.

Technology Risk Consultant

Ernst & Young India LLP

Full Time | 22/06/2020 - 09/12/2021

Bengaluru, Karnataka, India

  • Performed IT general and IT application controls testing as part of the large-scale risk assessment program for a leading US Bank.
  • Performed SOX ITGC internal controls testing in the areas such as access management, change management and computer operations.
  • Reviewed Information security policies and architecture for various BFSI and Mutual funds clients.
  • Conducted review of security configurations for operating systems like Windows, Unix/Linux and databases like Oracle and MSSQL.
  • Part of 1st line of defense and executed test of design and performance for Risk and Controls Self Assessments (RCSA) controls in domains like Technology Resiliency, Technology Development and Technology asset management.
  • Collaborated closely with process owners and control owners to execute the design, performance and amendments of IT controls and procedures.
  • Conducted cloud security assessments particularly for Azure and provided recommendations based on the identified gaps.
  • Monitored data protection control procedures and ensured that the control design and performance were in place to mitigate the risk.
  • Measured the inherent risk of applications against Firm’s controls to identify how effectively the risks are mitigated. Gaps in the control placement are identified and breaks/issues are raised to remediate the identified risks.
  • Assisted in the development of advance workflows for several domains in an e-GRC platform - RSA Archer.
  • Prepared monthly compliance and ISMS dashboards/trackers in Tableau, which helped the stakeholders to empower decisions.
  • Assisted in client onboarding and project management activities.

Risk Analyst Intern

FIS Global Business Solutions Pvt Ltd.

Full Time | 23/04/2019 - 05/06/2019

Gurugram, Haryana, India

  • Performed Vendor Risk Assessment activity through RaaS tool.
  • Conducted due diligence of the vendors and classified them based on the risk.
  • Performed frequent vendor lookups and reviewed artifacts which included ISO 27001:2013 certificate, SSAE 16/18 SOC -1, SOC -2, Business License, VAPT reports, BCP DR Test, Insurance and Financials.
  • Developed On-demand applications related to Vendor Risk Management and Anti Bribery and Anti-Corruption.
  • Designed the workflows to suit the business requirements.
  • Participated in requirement-gathering sessions with business teams to develop solutions in RSA Archer.

Systems Engineer

Tata Consultancy Services Limited

Full Time | 23/11/2015 - 07/06/2018

Hyderabad, Telangana, India

  • Responsible for analyzing and creating test scenarios. Mapping data with test scenarios to ensure compatibility.
  • Created unit test cases for various access roles as per the access model applicable in the e-GRC tool called RSA Archer.
  • Performed various test cases with UFT's help, validating successful/unsuccessful runs using SQL commands.
  • Drafted low-level design and solution user guide documentation for various modules of RSA Archer.
  • Part of SOX- Governance team and supported controls testing in areas such as access and change management.
  • Performed Quality checks of the workpapers for SOX – ITGC before sending them to the client.
  • Performed application business logic testing and created various test scenarios.
  • Provided live-like data elements to facilitate testing of new environments. Test Data is provisioned using various inbuilt tools and Db2 Mainframes environment. Data manufacturing or manipulation is done based on testing team's specifications/requirements.
  • Ensured that all the compliance protocols were met before working on the requests.

Education

Master of Business Administration

Symbiosis Centre for Information Technology

19/06/2018 - 05/05/2020

Major in Management Information Systems

Bachelor of Technology

Vallurupalli Nageswara Rao Vignana Jyothi Institute of Engineering and Technology (VNR VJIET)

15/06/2011 - 06/05/2015

Major in Electronics and Instrumentation Engineering

Certifications

line-stroke

Hire Faster. Innovate Faster.

Hyqoo AI streamlines the entire process, moving seamlessly from precise skill matching to interviews and onboarding. The moment your request enters the system, our intelligent algorithms spring into action, identifying the ideal talent with laser focus. With Hyqoo AI, you spend less time searching and more time building your dream team. Get the best talent, faster, and focus on innovation

1

24 hours

Requirements Discovery

You request talent on the Hyqoo platform and the process formally begins.

2

48 hours

Opportunity Mapping

Hyqoo talent specialists combine AI matching with real-world experience to find the best available talent to fill your role.

3

72 hours

Team Evaluation

Hyqoo specialists review talent profiles and present them to you for evaluation.

4

Offer & Onboarding

Hyqoo talent specialists work with our professionals on your behalf – helping expedit

Build your Cyber Security Team

Hyqoo Experts
Generative AI

Prompt Engineer

AI Product Manager

Generative AI Engineer

AI Integration Specialist

Data Privacy Consultant

AI Security Specialist

AI Auditor

Machine Managers

AI Ethicist

Generative AI Safety Engineer

Generative AI Architect

Data Annotator

AI QA Specialists

Data Management

Data Architect

Data Engineer

Data Modeler

Data Visualization Analyst

Data QA

Data Analyst

Data Scientist

Data Governance

Database Operations

Software Development

Front-End Engineer

Backend Engineer

Full Stack Engineer

QA Engineer

DevOps Engineer

Mobile App Developer

Software Architect

Project Manager

Scrum Master

Cloud Computing

Cloud Platform Architect

Cloud Platform Engineer

Cloud Software Engineer

Cloud Data Engineer

System Administrator

Cloud DevOps Engineer

Site Reliability Engineer

Product Engineering

Product Manager

Business Analyst

Technical Product Manager

UI UX Designer

UI UX Developer

Cyber Security

Application Security Engineer

Security Engineer

Network Security Engineer

Information Security Analyst

IT Security Specialist

Cybersecurity Analyst

Security System Administrator

Penetration Tester

IT Control Specialist

Back to top
CommunityContact UsTermsPrivacy
Instagram
Facebook
Twitter
LinkedIn
© 2025 Hyqoo LLC. All rights reserved.
110 Allen Road, Basking Ridge, New Jersey 07920.
V0.5.5
ISOhr6hr8hr3hr76