Rohil Garg

Moody’s Third-Party Risk Management program which includes conducting the scoping, performing risk assessment, preparing Risk matrix and recommending risk mitigating strategies. Conducting the high-level cyber risk posture analysis of vendors at the time of vendor screening phase Hands on experience in Brinqa tool, enabled with Shared Assessments questionnaires (SIG) Responsible for end to end on-boarding of new Cloud (AWS) based SaaS/ Mobile/ Enterprise software’s

1. Performed and managed HITRUST engagements for multiple BPO, ITES and Healthcare service providers (AWS hosted SaaS provider). Hands on experience with HITRUST MyCSF tool 2. Prepared and contributed the knowledge book for executing HITRUST engagement in EY 3. Managed and delivered multiple SOC 2 engagement reports for KPOs, Manufacturing, and Healthcare and telecom industry. 4. Assisted Healthcare SaaS (AWS hosted) provider in the implementation and assessment of NIST Framework.

• Performed the control rationalization and testing of IT general and automated application controls (interfaces/ Reports/ Edits/ Validations/ Authorization) for US based Insurance company • Learned and performed HITRUST certification for major US based insurance clients. • Played key role in designing and testing the IT General controls for newly on-boarded customers, in collaboration with business teams.

• Performed IT GC controls testing infrastructure for various manufacturing clients under multiple engagements. Supporting project manager in preparing status dashboard and client reports. • Performed Logical access and Security Infrastructure review for major US based healthcare company • Worked on several ISO 27001 projects, performed ISO 27001 compliance assessments • Worked on multiple project projects to support managers in Business development activities.

Computer Science, Information Technology, Electrical and Electronics Engineering