Profiles search
Shikha Singh
Technology & Information Security
Austin, TX, United States
Details
Education:
Master of Science - MS
Information Technology and Management
The University of Texas at Austin - Red McCombs School of Business
2019 : 2020
B.Tech
Computer Science
Amity University, Noida
2007 : 2011
Nazareth Academy
Information Technology and Management
The University of Texas at Austin - Red McCombs School of Business
2019 : 2020
B.Tech
Computer Science
Amity University, Noida
2007 : 2011
Nazareth Academy
Experience:
• Manage, implement and maintain the Technology & Information Security Compliance and Readiness program within PayPal Holdings, Inc.
• Support, facilitate and coordinate internal, external audits and regulatory examination support on behalf of Technology and Information Security Oversight including PCI compliance and SSAE18 compliance.
• Manage the overall Governance Risk and Compliance (GRC) management process and strategy from a compliance framework and oversight point of view.
• Work with cross-functional teams in performing reviews and tests of technical internal controls to ensure teams are operating adequate controls for various security and compliance objectives.
• Collaborate with IT functional teams in the development, implementation, monitoring and reporting of control processes, documentation and compliance routines.
2020 : Present
PayPal
Information Security
Togglr is an open source software project with an API as a Spring Boot application, a Spring Boot Client, leveraging Docker, Nuxt/VueJS and Redis.
Responsibilities include :
Creating new requirements and user stories to increase the usage of Togglr, enhance user-experience and improve security and flexibility. Managed end-to-end feature delivery, from concept through development to launch.
2019 : 2020
H-E-B, Inc.
Capstone Project : Project Lead
- Designed and implemented enterprise-wide Third-Party Risk Management (“TPRM”) solution incorporating 14 third-party types and 7 risk domains leveraging RSA Archer to enable and assist ETPRM workflow activities.
- Designed and implemented NERC CIP v5 compliance management solution for a US based Power and Utilities major as a part of their v3 to v5 transition program – automating their key compliance processes such as asset management, patch management, self-assessment, issue management and change management.
- Planned and executed Common Control Framework (CCF) based on industry standards and best practices aligning with multiple regulatory and legal requirements such as HIPAA, GDPR, PCI DSS, SOX, etc. Created analytical reports and interactive dashboards for business teams and auditors to monitor compliance health in real time.
- Created data models for 10 million + assets and softwares for Business Intelligence reporting by bringing data from disparate sources to a unified platform (Oracle database).
- Lead governance, risk and compliance transformation projects crossing industries, security domains, tools and technology with team size ranging from 2 to 12.
- Developed identity lifecycle management strategy and roadmap for improving the maturity of IAM services, operational efficiency, and end-user satisfaction for multiple clients.
2015 : 2018
Deloitte
Senior Consultant
- Delivered IAM engagements that include, current state assessment, requirements analysis, process design and implementation across various vendors.
- Configured Single sign on solution for various client applications using OAM 11g, OID, OVD in high availability.
2011 : 2014
Wipro Technologies
Senior Project Engineer
• Support, facilitate and coordinate internal, external audits and regulatory examination support on behalf of Technology and Information Security Oversight including PCI compliance and SSAE18 compliance.
• Manage the overall Governance Risk and Compliance (GRC) management process and strategy from a compliance framework and oversight point of view.
• Work with cross-functional teams in performing reviews and tests of technical internal controls to ensure teams are operating adequate controls for various security and compliance objectives.
• Collaborate with IT functional teams in the development, implementation, monitoring and reporting of control processes, documentation and compliance routines.
2020 : Present
PayPal
Information Security
Togglr is an open source software project with an API as a Spring Boot application, a Spring Boot Client, leveraging Docker, Nuxt/VueJS and Redis.
Responsibilities include :
Creating new requirements and user stories to increase the usage of Togglr, enhance user-experience and improve security and flexibility. Managed end-to-end feature delivery, from concept through development to launch.
2019 : 2020
H-E-B, Inc.
Capstone Project : Project Lead
- Designed and implemented enterprise-wide Third-Party Risk Management (“TPRM”) solution incorporating 14 third-party types and 7 risk domains leveraging RSA Archer to enable and assist ETPRM workflow activities.
- Designed and implemented NERC CIP v5 compliance management solution for a US based Power and Utilities major as a part of their v3 to v5 transition program – automating their key compliance processes such as asset management, patch management, self-assessment, issue management and change management.
- Planned and executed Common Control Framework (CCF) based on industry standards and best practices aligning with multiple regulatory and legal requirements such as HIPAA, GDPR, PCI DSS, SOX, etc. Created analytical reports and interactive dashboards for business teams and auditors to monitor compliance health in real time.
- Created data models for 10 million + assets and softwares for Business Intelligence reporting by bringing data from disparate sources to a unified platform (Oracle database).
- Lead governance, risk and compliance transformation projects crossing industries, security domains, tools and technology with team size ranging from 2 to 12.
- Developed identity lifecycle management strategy and roadmap for improving the maturity of IAM services, operational efficiency, and end-user satisfaction for multiple clients.
2015 : 2018
Deloitte
Senior Consultant
- Delivered IAM engagements that include, current state assessment, requirements analysis, process design and implementation across various vendors.
- Configured Single sign on solution for various client applications using OAM 11g, OID, OVD in high availability.
2011 : 2014
Wipro Technologies
Senior Project Engineer
Company:
PayPal
Years of Experience:
11
Skills
advanced java, Archer GRC, Asset Management, C, C (Programming Language), C++, C++ Language, Compliance Management, Core Java, Enterprise Risk Management, Flask, General Data Protection Regulation (GDPR), Google App Engine, GRC Strategy, HTML, IAM Strategy, IT Risk Management, IT Strategy, Java, Java Enterprise Edition, JavaScript, Jinja, Kotlin, Miscrosoft SSIS, Oracle, Patch Management, Payment Card Industry Data Security Standard (PCI DSS), PL/SQL, Python 3, Regulatory Compliance, Requirements Analysis, Software Development Life Cycle (SDLC), SQL, Third Party Vendor Management, U.S. Health Insurance Portability and Accountability Act (HIPAA), Unix, Oracle Access Manager, OID, OVD, WebLogic, SailPoint
Profile Photo
