Vinay Madapati
Assistant Manager
Hyderabad
Summary
"Vinay is a seasoned professional with over five years of hands-on experience specializing in data privacy and cybersecurity maturity assessments. With a keen eye for detail and a thorough understanding of industry best practices, Vinay has successfully led numerous cyber and data privacy engagements, ensuring compliance with regulatory standards and mitigating risks for organizations across diverse sectors. Eager to leverage expertise in a challenging role that contributes to the ongoing protection of digital assets and fosters organizational resilience."
Overview
5
5
years of professional experience
15
15
years of post-secondary education
3
3
Certifications
3
3
Languages
Work History
Senior Associate
PwC
06.2023 - Current
- Data Privacy Assessments: Conducted and identified Gaps with respect to GDPR and PDPB controls and documented the same. Provided recommendations to close/mitigate identified gaps. Developed and Implemented a comprehensive privacy framework involving policy creation and procedural establishment
- Cyber Security Maturity Assessments: Conducted maturity assessments by broadly covering 3 categories (Governance & People, Process & Technology) as per NIST CSF framework v1.1 identified for organization’s IT environment.
Consultant
KPMG India
11.2020 - 05.2023
- Data Privacy Assessments: Conducted Data Privacy Impact Assessments (DPIA) of IT applications, gap identification against impacted privacy regulation and DoT guidelines to ensure protection of PII/SPI data of subscriber and employee
- Risk Categorization Matrix (RCM) for 150+ IT applications as a part of privacy application review
- Performed Data Privacy Impact Assessments (DPIA) and created record of processing activities (ROPA's) for business functions to understand personal data flow analysis as a part of process review
- Information Security Risk Assessment: Conducted Access Control Matrix (ACM) for applications to reduce risks related to user access management, by analyzing and confirming roles/rights of users and also ensuring confirmation of SOD, while granting access levels
- Understanding architecture of applications, downstream, upstream applications, PII/SPI shared through APIs and ensure purpose of its collection
- Conducted Risk closure activities for open privacy risks
- Data Privacy Gap Assessments: Conducted and identified Gaps with respect to GDPR and PDPB controls and documented the same
- Provided recommendations to close/mitigate the identified gaps
- Cyber Maturity Assessment: Conducted assessments by broadly covering 3 categories (Governance & People, Process & Technology) and 9 cyber security domains identified for the organization's IT & OT environment
- OT Security Assessment: Conducted assessment across OT environment for an organization NIST 800-53 based Assessment: Conducted cyber maturity assessment based on NIST domains-Identify, protect, detect, respond and recover and NBFC framework
- Performed TOD and TOE for all cyber security framework controls
- BCMS Sustenance: Prepared and updated all BCM working documents like BIA reports, risk assessments, FRP documents ISO 27701(PIMS) Review: Responsible for ISO 27701 (PIMS) certification readiness
- Performed process walk throughs, Identified Gaps and prepared required PIMS audit deliverables for certification audit.
Intern
Acquisory Risk Consulting Ltd
04.2019 - 06.2019
- Web Application Penetration Testing: Performed penetration testing of test server with the help of Burp Suite against OWASP top 10 vulnerabilities and documenting findings in the report Forensics: Carried out Digital Forensics Analysis for three (3) of the clients
- Work consisted of performing due diligence, retrieving potential evidences by Imaging of hard drives, Indexing, data recovery, data analysis and email analysis by archiving and taking backup of suspects E-mail correspondence in PST with the help of forensic software tool AccessData FTK (Forensic Tool Kit)
- Documenting the findings and preparing forensic audit reports.
Software Engineer
Tech Mahindra Ltd
8 2016 - 1 2018
- SAP Security Administrator: Work consisted of creation of roles, user maintenance and resolving tickets raised by users, handling of SAP authorization related issues of users, analysis of users, profiles, roles and authorization objects, generating authorization profiles, inserting missing authorizations, maintain authorization objects and their field values, analyze user authorization failures, maintain user master records, execute and analyze multiple SUIM reports.
Education
Class X -
Bhashyam High School
MBA (IT Business Management) -
Symbiosis International University
B. Tech (Electronics and Communication) -
GITAM University
04.2001 - 04.2016
Class XII (Science) -
Narayana Junior College
Skills
Certification
CIPP/E (Certified Information Privacy Professional/Europe)
Extracurricular Activities
Contributed as Member of Institutional Social Responsibility (ISR) Committee, at Symbiosis Centre for Information Technology, Pune. Received Appreciation Certificate from Election Commission of India for web casting 'General Elections 2014' as student volunteer. Contributed as Member of NSS (National Service Scheme), GITAM University
Timeline
CIPP/E (Certified Information Privacy Professional/Europe)
03-2024
Senior Associate
PwC
06.2023 - Current
OneTrust Privacy Management Professional
01-2021
Consultant
KPMG India
11.2020 - 05.2023
ISO 27001 LA (Lead Auditor) – IRCA Certified Information Security Management System Auditor
10-2020
Intern
Acquisory Risk Consulting Ltd
04.2019 - 06.2019
B. Tech (Electronics and Communication) -
GITAM University
04.2001 - 04.2016
Software Engineer
Tech Mahindra Ltd
8 2016 - 1 2018
Class X -
Bhashyam High School
MBA (IT Business Management) -
Symbiosis International University
Class XII (Science) -
Narayana Junior College
Similar Profiles
Joseph MooreJoseph Moore
W/R SR Treat PLT Operator at PWCW/R SR Treat PLT Operator at PWC
Nikolas SchmidtNikolas Schmidt
Consultant / Teamlead / People Manager - Forensics at PwCConsultant / Teamlead / People Manager - Forensics at PwC
Hubert NowakHubert Nowak
Senior Consultant at PwCSenior Consultant at PwC