Sridhar Kadempally

Associate Director @ Columbia | Information Security, Risk Management

East Brunswick, NJ, United States

Details

Experience: Responsible for IT Risk Management, Application Security, and Data Protection ensuring the confidentiality, integrity, and availability of data University-wide

Oversee and manage the IT risk management process, perform application and third-party vendor security reviews, and develop remediation plans (POAMs)

Define guardrails and security controls for AWS, GCP and Azure

Promote risk-aware culture across the University

Conduct holistic IT Infrastructure and business process reviews

2018 : Present

Columbia University in the City of New York

Associate Director, Information Security and Risk Management

Designed and implemented the workflow to formalize and automate GDPR requests intake and processing.

Developed and implemented third-party risk management program

Conducted holistic IT infrastructure and process reviews and provided advisory services for schools and departments

Performed security and risk assessments of applications administered by various IT departments within the University

2015 : 2018

Columbia University in the City of New York

Manager, Information Security and Risk Management

Managed and led the implementation of application security in the various ERP application projects

Designed and delivered privileged access monitoring capabilities

Improved operational efficiency by 30% by enhancing and automating security operations

Automated provisioning and de-provisioning of access within HR, Finance, and Identity Access Management System University-wide

Leveraged functional, industry and ERP knowledge to develop value propositions; define project scope; understand business needs; estimate work effort, skills, and resource requirements; and develop high level and detailed project plans during ERP implementation projects

Leveraged ITIL’s IT Service Management methodologies for continual service improvement for operations of various ERP applications

Designed and implemented security controls and processes for ERP applications

2011 : 2015

Columbia University

Application Security

2005 : 2011

S4 Consultants

Sr PeopleSoft Consultant

2008 : 2009

Deutsche Bank

Sr PeopleSoft Consultant

Company: Columbia University in the City of New York

About

Accomplished Information Technology and Risk Management professional with proven expertise in leading and managing Information Security and Risk Management, Data Protection, Application Security, Development and Administration of Enterprise Applications, and Product Development.

An energetic leader with experience in delivering highly complex, mission-critical projects and achieving optimal business results in various industry sectors, including Higher Education, Utilities, Pharmaceutical, Healthcare, Financial Services and Manufacturing.

Successful in creating a vision, identifying opportunities, technology and process improvement initiatives, partnering with teams and building successful organizations.

Key Areas:

- Security Advisory Services

- IT Risk Management

- Governance, Risk and Compliance program

- Holistic IT infrastructure and business process reviews

- Third-Party Risk Management

- GDPR Compliance Program / Data Privacy

- Cloud Security controls/guardrails (AWS, GCP, and Azure)

- Working knowledge of NIST 800-53, NIST 800-171, ISO 27001, COBIT 5