Profiles search

Uma Bhat GIAC GSEC®, GISF®, CAMS®

Cybersecurity Governance, Risk & Compliance (GRC) Professional| Anti-Money Laundering (AML) Specialist| Visa| Ex-Goldman Sachs| Ex-PwC Big 4|
San Francisco, CA, United States

Details

Experience: Specialties :

Cybersecurity Policy | Regulatory and Industry Frameworks | Internal and External Audits | RCSA | Mergers and Acquisitions (M&A) Controls Assessment | Gap Analysis | Risk Remediation | Compliance Testing | Preventive, Detective, Corrective Controls | Perimeter Security

Experience working with the following industry/regulatory standards :

ISO/IEC 27002

PCI DSS

Center for Internet Security Critical Security Controls (CIS CSC)

EU General Data Protection Regulation (GDPR)

Cyber Resilience (CPMI IOSCO) Principles for Financial Market Infrastructures (PFMI)

National Institute of Standards and Technology Cybersecurity Framework (NIST)

Open Web Application Security Project (OWASP)

FFIEC Cyber Assessment Tool (CAT)

2017 : Present

Visa

Cybersecurity - Governance, Risk, and Compliance (GRC)

Operational Controls Testing of regulatory models for Financial Institutions and Money Service Businesses (MSBs)

•Conducted risk analysis of the clients' OFAC Sanctions Screening engine and AML transaction monitoring system to meet regulatory compliance standards for clients ranging from top financial institutions to technology/product-based organizations

•Identified and enforced global and local regulatory reforms, deemed mandatory by applicable law

•Strategized and implemented defense mechanisms through risk identification, assessment, impact analysis, scenario tuning and process modeling by facilitating meetings with project stakeholders

•Applied structured business rules, AML policies / procedures to identify potential threat vectors, vulnerabilities, system abnormalities across different data hops and drafted remediation techniques

•Identified, classified and measured regulatory, operational and systemic risks across different business domains and segments

•Implemented threat intelligence dashboards to provide meaningful data insights for enabling process transformation and total quality management

Specialties : Fraud Assessment, Transaction Profiling, OFAC Sanctions Screening, Scenario Modeling, Alerts Routing, System Testing, Data analysis, Risk Management

Business/Product Analysis for Revenue Reconciliation and Strategy Development

•Performed balance sheet reconciliation and suggested strategic corporate restructuring methodologies

•Assessed existing IT infrastructure, identifying inefficiencies, redundancies and superfluous controls

•Analyzed product lifecycle and evaluated KPI metrics to understand the value proposition through different channels and customer bases

•Participated in prioritization effort of product enhancements, implementation, deployment and maintenance facilitating customer support as needed

Specialties : Business Acumen, Product Design, Product Innovation/Strategy, Wire-framing and Prototyping

2015 : 2017

PwC

Advisory - Financial Crimes - AML Risk and Compliance Senior Associate

•Liaised with project sponsors such as JPMorgan Chase, KIPP to identify and analyze the business requirements (both functional and non-functional) and project scope

•Formulated project proposal, developed prototypes and tested models for developing an interactive voice response (IVR) system for the Karen Community located in Syracuse

•Conducted in-depth research of different PBX tools such as Asterisk and performed integration analysis of these modules with the front end web-based modules

•Drafted Capstone Program structure and objectives for undergrad seniors

2012 : 2014

Syracuse University

Graduate Research Teaching Assistant

2013 : 2013

Goldman Sachs

Summer Securities Compliance -Technology Analyst Intern

•Studied the project goals and transformed them into tangible requirements by identifying the key performance indicators

•Prepared the project plan consisting of business workflows and flow charts, low-level and high-level design documents using Microsoft Project and Microsoft Visio

•Collaborated with the risk management team and solved high severity incidents related to credit card payments of upto 1 million pounds. Awarded “TCS Gems” award for the same

•Developed and tested code artifacts to transform and integrate the Client ERP (Agresso) with CRM (Siebel) through use of web services implemented through SOA architecture using IBM Websphere Message Broker (WMB) and Rational Application Developer (RAD)

•Built adhoc UNIX scripts for daily monitoring and automated many business processes to improve quality and performance

•Delivered value additions and data fixes which resolved quality issues and automated business processes

•Imparted knowledge-transfer sessions to juniors in the team

2009 : 2012

Tata Consultancy Services

Systems Analyst/ Message Broker Developer
Company: Visa
Spoken Language: English, Hindi

About

Uma has well-rounded experience in information systems assurance, risk monitoring, compliance-based auditing, and project management with a major focus on integrating four indispensable modules - Compliance, People, Process, and Technology. Her core specialties include brainstorming on local/global regulations and industry standards, transforming them into core compliance control objectives, mapping controls objectives to different industry and regulatory frameworks; and enforcing a sophisticated security posture with continued focus on enterprise architecture governance, risk management, and information systems security. She also has significant experience in operationalizing policies, building compliance attestation workflows, and performing controls gap assessments.



In a client-facing capacity, she has participated across different phases of the SDLC, conducted root-cause analysis and monitoring of different problem areas, and proposed process improvements adhering to quality, legal, risk, industry regulations and standards.



As a certified Anti-Money Laundering Specialist, she has been instrumental in developing preventive controls for cross-border transactions, KYC (Know-Your-Customer) screening and Enhanced Due Diligence (EDD). She has implemented compliance controls frameworks and risk scoring models for identifying patterns, anomalies and threats associated with gambling, drug trafficking and organized crime. As part of her AML Specialist role, she has gained expertise in filing Suspicious Activity Reports (SARs), conducting AML investigations and succinctly communicating findings to stakeholders. Her clients have varied from regulatory bodies to fortune 100 companies.



Specialties:

Legal / Regulatory Compliance / Governance,

Data Protection / Privacy,

Information Systems Analysis,

System Integration,

Risk Controls & Gaps Assessment,

Continuous Monitoring,

Process Automation & Improvement,

BSA/AML, FATF, SEC,OFAC Sanctions Screening,

PCI-DSS,

Independent Audit,

Data Quality Assessment,

Tools: Oracle, SQL Server, Tableau, R(Beginner), Microsoft BI, Microsoft Excel (Advanced Data Analysis)





Professional Motto:

Face new challenges, seize new opportunities, test one'​s abilities against the unknown, and in the process, discover one's own potential.