Rahul Gondane CISSP CISA

- Executed 4 integrated risk-based audits every quarter for Investment Banking and Investment Management areas to identify key risks and provide recommendations to address control deficiencies - Collaborated with senior stakeholders to plan the scope of audit, perform control testing, validate issues, draft audit reports, and oversee issue remediation - Analyzed business and technology processes by performing risk assessments to identify control weaknesses and mitigating controls - Designed and executed tests to validate the effectiveness of IT General Controls (ITGCs) and IT application controls using data analysis, code reviews, and re-performance - Partnered with Tech Risk team to validate the effectiveness of vendor oversight controls, such as Vendor Information Security Review, Vendor Application Security Review, and Vendor BCP Review - Conducted pre/post-implementation reviews evaluating system development lifecycle (SDLC) controls

• Pioneered the systems analysis for a legacy financial application to create a baseline for migration to a new system • Collaborated with 7 subject matter experts and stakeholders to identify data dependencies with upstream components • Investigated the data transformations within the application to analyze data flows and documented the outcomes • Established Early Careers Network San Francisco chapter to mentor young professionals and promote inclusive culture

• Streamlined ITSM Change Management processes for Dutch clients using ITIL framework to drive continual service improvement (CSI) • Supervised and led a team of 5 process consultants for offshoring a major project from The Netherlands to India • Redesigned the process flow for quarterly oracle patching using Visio that reduced the lead time by 20% and improved efficiency • Formulated RACI matrix during service transition to clearly establish roles and responsibilities and eliminate duplication of effort • Interviewed 60 plus candidates for first round interviews to determine fit with the organizational requirements

• Directed the IT change management process for a Fortune 500 client to manage technology risks through effective remediation plans • Coordinated Change Advisory Board (CAB) meetings to assess and approve change requests before implementation • Spearheaded risk impact assessment for 30 weekly change requests to proactively identify and mitigate the risks • Communicated change request information to affected IT teams and stakeholders via established communication channels • Reviewed implemented change requests as part of Post Implementation Review (PIR) process to ensure 98% success ratio and drove corrective actions for failed or backed out change requests

• Chaired bridge calls involving 5 cross functional support teams to drive incident resolution and service restoration within agreed SLAs • Audited projects to ascertain compliance with policies, controls and standard operating procedures

• Collaborated with support teams in 3 countries to isolate and resolve unplanned application outages • Analyzed trends for repetitive issues and coordinated Root Cause Analysis (RCA) for implementing permanent fix • Coordinated with 8 cross-functional teams to implement change requests for application enhancements • Partnered in creation of IT disaster recovery plans and business continuity plans to ensure readiness for contingencies • Led the capacity planning initiative for a high traffic server that reduced the CPU and memory utilization by 30% • Authored 4 technical documents for knowledge management repository to ensure smooth on-boarding for new recruits • Initiated and pioneered a monthly guest speaker series at Tech Mahindra, Manikchand location