Manish Vadhavkar

Executed RBI Audit engagements

• Grow The Bank“ Projects engagements
• Identified control gaps in processes, procedures and systems through in-depth research and assessment and suggested methods for improvement.
• RBI Audit engagements
• GDPR / PDPB projects for BDTS
• PCIDSS Certification
• ISO27001 Audits
• Data Localization (SAR) Compliance
• DPSC Compliance for Payment Systems
• Audit Engagements
• Liaise with internal and external auditors for various audit requirements of BDTS (Business & Digital Technology) group
• Assist Auditors in completing a control and risk assessment testing and review Draft Report before Final Report is published
• Audit Tracker is maintained to ensure all open items are tracked and taken to closure by co-ordinating with relevant stakeholders
• Assist the stakeholder in mitigating the risk and/or suggesting alternate compensatory controls
• Ensure timely update to Management in addressing risk and appraise on the risk posture of the unit and strategy around addressing open risk
• Information Security Engagements
• Liaise with Information Security team to manage and mitigate IS risk within BDTS
• Track on vulnerability assessment, Risk Acceptance, IS Policy compliance, SCD
• Partner on Security Council Requirement, RBI Advisory and alerts
• Manage the following
• Risk Acceptance
• Vulnerability Assessment and Penetration Testing
• Regulatory Submission (CSITE Advisory, Cyber Security etc.)
• Operational Risk Management Engagements
• Liaising with Operational Risk team on Risk and Control Self-Assessment (RCSA), Key Risk Indicators (KRI), Key Performance Indicators (KPI), operational errors/incidents, risk acceptances and operational risk events on behalf of the BDTS for tracking, appropriate action and closure
• Liaising with Technology Vendors for Third Party Information System Risk, Technology Vendor Risk
• Working with Technology stakeholders (including Production Support and Development teams) to identify the top technology IT risks impacting the Bank and formulating appropriate remediation strategies based on full understanding of business exposure and compensating controls
• Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate
• Providing support and challenge on aspects such as the Risk and Control Self-Assessment (RCSA) and formulation of controls
• Maintain and Update Technology Risk database with appropriate status
• Regulatory
• Filing of Regulatory returns falling under the purview of BDTS
• Risk Based Supervision & IT Examination: Partner with Technology Stakeholders and other department to collate, assess and review all RBI data required as part of Risk based supervision.

• Ensured Product Release for Arcserve Backup solutions are built and released within strict deadlines
• Assisted in creating / versioning / testing of scripts, chef, maven/ant, Git, Jenkins to achieve high level of automation
• Liaised with teams for Creating / Patching and managing Windows and Linux operating systems
• Automation of installation/ configuration/ management of Apache, Tomcat, MySQL and SQL Server
• Automation using Bash Scripting, Power shell to perform day-to-day support functions and release management activities
• Build/ Configure and maintain source /byte code management system such as GIT and Nexus
• Data migration from on-prem to Cloud and vice-versa
• Establish code base integrity, check-in validation rules, and branching and merging process.

• Frequent engagements with global IT Risk peers and work in special interest working groups such as Internet Facing Applications Working Group
• Assisting in the enhancement and implementation of the Technology Risk, out-sourcing / Vendor Risk management framework
• Work with the Risk & Control teams to analyse latest program and project scorecards, preparing execute summary reports for IT & Control management
• Develop procedures and guidelines to facilitate improved risk management techniques
• Responsible for transition of existing approach of DevOps to DevSecOps
• Responsible for developing and applying advanced techniques in the investigation and solution of advanced system requirements and problems
• Performs advanced technical planning, system integration, verification, and validation, evaluates alternatives
• Guide configuration, debugging, and support for infrastructure and ensure all quality and change control standards are met
• Frequent engagements with global IT Risk peers and work in special interest working groups such as Internet Facing Applications Working Group
• Assisting in the enhancement and implementation of the Technology Risk, out-sourcing / Vendor Risk management framework
• Work with the Risk & Control teams to analyse latest program and project scorecards, preparing execute summary reports for IT & Control management
• Develop procedures and guidelines to facilitate improved risk management techniques.

• Led projects and analyzed data to identify opportunities for improvement.
• Identified issues, analyzed information and provided solutions to problems.
• Drove operational improvements which resulted in savings and improved profit margins in Backup Domain
• Used coordination and planning skills to achieve results according to schedule.
• Participated in continuous improvement by generating suggestions, engaging in problem-solving activities to support teamwork.

• Handled Datacenter Migration project from Mumbai to Hyderabad
• Managing PAN India BACKUP Infrastructure with Team of 6 Technical Staff and 6 Vendors
• Coordination with Veritas, HP and IBM Escalation Team for ensuring minimal downtime for any technical issues
• Managing Executive Dashboard for Server Migration across Datacenter, PAN India Backup Dashboard, Patching Dashboard
• Liaised with auditors for ensuring routine audits of systems and software
• Ensuring Server infrastructure is secure as per the Cyber security prospective
• Ensuring Server infrastructure is in line with Banking standards
• Ensuring all the Security and monitoring tools are deployed on the server infrastructure as per the security standards
• Liaised with HSBC Global Team and Procurement Team for deploying Backup Infra Stack
• Ensuring to have appropriate disaster recovery infrastructure at DR location as per the group standards
• Participating in all the DR drills and Business continuity testing and planning’s
• Experience in monitoring tools like SCOM, IBM Tivoli Manager, BMC Patrol, IBM Director and HP SIM maintenance and configuration
• Key Achievements
• Cost savings initiatives migrating physical servers to Virtual Infrastructure
• Application Consolidation by integrating all Applications to consolidated WebSphere
• Windows Patch / Vulnerabilities Management
• Applying patches monthly 500+ Windows Servers, ensuring 100% Compliance
• McAfee updates weekly update releases confirming compliance
• Part of Architecture Team to review architecture and provide endorsement to confirm Project delivery as per Standards and defined Stacks
• Project Management:
• MPS – Managed Print Services Infrastructure delivered for HSBC Bank and Entities Pan India
• The infrastructure was setup in year 2008 has saved huge cost year after year
• The Project Infrastructure and Application is supported by me which helped a lot of Carbon saving
• Project SD – Delta – Cashin Inbuilt Applications need to run from Vendor premises
• XenApp 6.5
• Infrastructure was hosted Pan India for HSBC Bank
• The infrastructure could be accessed from Vendor Locations using Secure VPN Tokens
• This helped the Bank from allowing the Vendors to access the Systems from their premises securely
• The Project was delivered in stringent timelines.

• Server patching for vulnerability issues and updates using tools like GFI Languard, Update Expert and DVMT
• Storage Management for Novell Netware Servers using tools like File Census
• Monitoring Servers using MOM (Microsoft Operations Manager)
• Generating Reports related to Server health checks and Disk Management
• Providing Technical support for Windows and Novell platform.

• Providing 24x7 support for VERITAS NetBackup, Backup Exec, Symantec Enterprise Vault, Continuous Protection Server to global clients
• Working on VERITAS Backup Exec versions 9.0, 9.1, 10.0, 10d
• Disaster recovery of Windows 2000 /Exchange 2000/SQL 2000 servers
• Knowledge of Hardware like Robotic Libraries, Netapp, EMC and Standalone Drives, USB Drives
• Complete Disaster Recovery of Windows 2000/2003, Exchange 2000/2003 and SQL 2000/2005 servers

• Providing technical support over phone on Microsoft OS (XP), MSN ISP
• Mentoring included providing technical help & generating team stats & reports
• Handled customers across geographies.

• Diagnosed hardware problems and fixed faults or contacted appropriate repair service
• Supported all computer lab operations
• Patched software and installed new versions to eliminate security problems and protect data
• Handled lab equipment, cleaned keyboards, monitors and disk drives
• Removed and replaced malfunctioning components to correct hardware problems
• Provided instruction to all lab users on proper use of all equipment.