E.

MURUGAN MUTHU
[email protected]
[email protected]
Mob: +91 9840002437

Professional Summary

More than 15 years in Information Technology, including Disaster Recovery management, IT Security
Compliance and Risk assessment, Lead Auditor for ISMS/QMS, Business Continuity management,
Mainframe Development.

• DR plan development in conjunction with DR Coordinator

• Proficient in using DR / BCP techniques and tools(Archer)
• Driving key operational services such as Problem Management and Change Management.
• Driving Client governance calls on operational performance, risk and challenges
• Conducting Information Security Audits for various vital internal clients .
• Prepare Risk Assessment methodology and Risk Scoring Methodology
• Responsible for managing Information Security controls through consistent, reliable and
documented processes of data management.
• Maintains the detailed project plan and schedules –MPP.
• Prepare Design Document for Change request and Unit Test Plan
• Extensively involved in analyzing the metrics data, carrying out various audits, Defect tracking.

Certification
• CBCI ( Certificate of the Business Continuity Institute )
• AWS Certified Solutions Architect - Associate
• Prince 2 Foundation and Practitioner
• ISO 9001:2000 QMS (Quality Management System ) Lead Auditor
• ISO 22301 BCMS (Business Continuity Management System) Lead Implementer
• ISO 27001 ISMS (Information Security Management System ) Lead Auditor
• ITIL V3 Foundation

Experience Summary

• Manager, Cognizant Technology Solution from Jan‘15 to till date.

• System Analyst, UST Global, from Jan’13 to Feb’14.
• Senior Software engineer, HCL Technologies Ltd, from April’10 to Dec’12.
• Programmer Analyst, Cognizant Technology Solution, from June04 to Sep 08.

Educational Qualification
Bachelor of Mechanical Engineering from Government College of Engineering, Tirunelveli, Manonmaniam
Sundaranar University in 1997, Tamilnadu.

1
Technical Skill Sets

Operating Systems Z/OS, OS/390, MVS/ESA

OLTP CICS
Databases DB2, IMS/DB
Tools & Utilities File-Aid, Xpeditor, CA-INTERTEST, Endevor, Changeman; Appian BPM ;Archer
Languages COBOL, JCL, VSAM

PROFESSIONAL EXPERIENCE Infra FMO 22 USD

Project: Infra FMO 22 USD

Client : ERICKS
Duration : May’2020 to till date

Role : Compliance /Risk/ Disaster Recovery Manager.

Responsibilities:

Disaster Recovery Exercises

 Establish the framework from the Disaster Recovery Program (DRP) and the corporate policy
establishing authority and approval for DRP

 Document and build out infrastructure and recovery procedures as appropriate.

 Contribute to the development of Disaster Recovery procedures and Post Test Reports

 Conducted in scheduling DR exercises, recoveries

 Build a strong relationship with key business stakeholders.

Risk Management

IR RiSC practice with a goal to improve compliance and reduce risk by developing and refining existing
processes to improve overall security posture.

 Identify the operational risk and update the risk register.

 Follow up with Internal (CTS) team and stack holder and find the impact and owner of the risk.
 Schedule the meeting and discuss on risk mitigation plan.
 Follow up with the risk owner for closure of risk

2
Project: MM AD Disaster Recovery

Client : Mass Mutual- USA

Duration : Jan’15 to March 2020

Role : BCP/ Disaster Recovery Co coordinator.

Client Details:

Massachusetts Mutual Life Insurance Company (MassMutual) is an American mutual life insurance company.
MassMutual provides financial products such as life insurance, disability income insurance, long-term care
insurance, retirement/401(k) plan services, and annuities MassMutual is headquartered in Springfield,
Massachusetts and its major affiliates include Haven Life Insurance Agency LLC; Babson Capital
Management LLC; Baring Asset Management Limited.

Responsibilities:

• Prepared a comprehensive plan considering DR plans for Infrastructure, Processor, and

application
• Assessed and implemented changes and determine impact to DR plans, and co-ordinate
updates as needed
• Developed and implement DR program structure and framework in alignment with ISO22301
• Designed and wrote IT DR Standards documents maintained in Archer
• Road map for complete implementation of DR program. Experienced in test scope preparation
aligned with application team and vendor
• Experienced in Testing DR environment health check for datacenter failover and failback.
• Maintained detailed DR plans through strong collaboration with individual IT teams.
• Conducted in scheduling DR exercises, recoveries
• Provided formal gap analysis after each exercise
• Experienced in identification of Technology domain causing issues during a disaster recovery
exercise
• Prepared posttest report
• Present feedback for risk management, mitigation, and prevention
• Managed and track project risks, issues, and dependencies via Weekly status report
• Plan and conduct training sessions for members on disaster recovery ways and methodology
• Involved in internal audit for auditing and examination of disaster recovery processes

Project: Well Point-USA

Duration : Jan’13 to Feb14.

Role : InfoSec Auditor

Client Details:

WellPoint Health Insurance Company is one of the leading providers of medical insurance in the nation
with over 35 million members. WellPoint works closely with physicians and hospitals continually reviewing
their policy and procedures. Health plans have created a variety of PPOs, HMOs, various hybrid and
specialty products, network-based dental products. 

3
Responsibilities:

• Ensure that all contractual responsibilities for the role are being met at all times
• Reviewing and agreeing the audit schedule with the respective business owners
• Managing internal audits in line with the business, customer and management system
requirements
• Liaising with external audit parties, coordinating and facilitating audit activities
• Producing audit reports, including audit findings in line with the company’s internal audit
procedure
• Effective management of corrective and preventive action plans
• Compiles management information reports as required by the business and customer through
relevant business tools to provide accurate/up to date data
• Prioritize and co-ordinate own work schedules to ensure that business and customer needs are
met and deadlines are adhered to
• Able to communicate on complex issues to meet business and customer requirements to avoid
escalations
• Act in accordance with Information Security Policies and report any potential or actual Security
events or other Security risks to the Organization
• Contribute towards ensuring department and /or customer KPI performance targets are met
• Contribute towards the maintenance & improvement of customer satisfaction levels
• Understand and adhere to policies and procedures

Project: SECORE and US CUSTODY

Client : CITI-Chemistry (CITI Group – UK)

Duration : April 10 to Dec-12
Role : IT- Security Services- Security Lead Auditor

Client Details:

Citigroup Inc. has the world's largest financial services network and custodian services. As part of Citi-
Chemistry, two applications are of Mainframe applications SECORE and US CUSTODY. US CUSTODY supports
Custodian Functionality for US region, where as SECORE supports custodian Functionality for UK and rest
of the world.

Responsibilities:

• Review the Polices and security controls and practices relating to ISO 27001
• Planned, directed, and led security audits for the projects
• Drive compliance for all systems in accordance with Organization Information Security Policies
• Ensure that all documentation and procedures are appropriately updated and maintained to
ensure compliance with all audits
• Review and Enhance the current audit process , generation of reports to Management
• Following up audit recommendation to mitigate relevant.
• Ensure IT controls are consistently being practiced through regular reviews
• Created and implemented a system for identifying risk and threats to the IT systems
• Updated IT documentation process and procedures
• Collaborated with the development team and ensured security policies are in-line with
company's procedure
• Coordination with external ISO Auditors for compliance and closure of audit findings

4
Project: Message Processing and Development (MPD) - IT Risk assessment

Client : CSC-ATT (USA)

Duration : Oct 2007 – Sep 2008
Role : Security Risk Analyst

Project Details:
MPS (Message Processing System), which comprises of several sub-systems for collecting and validating
residential and small business call (usage), resolving the billers for the usage, rating the usage based on
business rules and interfacing with the billers for actual customer bill production.

Responsibilities:

• Involved in Integrated Risk Assessment of various business functions and help identify the risks
related to information processing.
• Participating in various ongoing projects, identifying, and mitigating the risk related to the
applications being developed.
• Prepare presentation for each vendor with detailed Risk analyst summary including the
Vulnerability, Risk & impact description and recommendations.
• Present the final deck to all stakeholders and get it signed off.
• Follow-up for the remediation plan with Relationship managers.
• Upload all artifacts and supporting documents into Archer.
• Provide Risk Analyst review summary for each Vendor

Project: - ISO- Quality Reviewer- QR (AT&T; Covad, Orange Accounts)

Client : AT&T; Covad, Orange

Duration : March 2006 – Sep 2007

Role : ISO- Quality Reviewer-(QR)

As the Quality Reviewer (QR) for Telecom projects and handling major accounts at like AT&T;
Covad, Orange.

Responsibilities:

• Involves in initiating the project kick-off meeting, carrying out process facilitation at the
beginning of the project, tailoring the various processes that needs to be followed at various
points of the life cycle stages of the project.
• Planning and conducting process trainings for various projects.
• Carrying out various audits for the projects like project start up, work product audit at the
completion of a stage, process audit on a monthly basis and delivery audits and project
completion audits. Tracking closure of NCR’s during project audits.
• Preparation of Control charts and doing the Causal Analysis, for the variance and taking
corrective action and bringing the Projects again within the limits.
• Facilitate the projects in collecting and analyzing the metrics data.
• Track to closure the corrective and preventive action in Qsmart tool.
• Report the status of the projects to management through SQAG report.
• To assist Manager-QA in compliance of quality systems e.g. Change controls, Deviations,
Incidences, customer complaints etc. 

5
Project: Instbill – Met Life (USA)

Duration : June 2004 – Feb 2006.

Environment : VS COBOL II, JCL, DB2
Tools & Utilities : TSO/ISPF, FILEAID
Role : Team Member-Cobol Developer

Project Details:

The project is an application value management project. This project involves maintenance and functional
enhancements to some of the billing systems of MetLife, used for meeting the billing needs of the
institutional products of MetLife.

Responsibilities:
• Analysis of the specifications provided by the clients and designing the requirement.
• Prepared unit test plan.
• COBOL coding and creation of the proc’s and JCL’s.
• Conducted unit testing on all the modules of the project.
• Prepared unit test report.
• Checking the Quality standards of various aspects of the project in accordance with the
company and client Quality guidelines.
• Involved in involved in running test cycles in batch in multiple regions for Business Analyst,
User Acceptance, System and parallel Testing.
• Resolving issues and providing solutions to clients related to Small Project Requests
• Monitoring Production support batch cycles. (On call support, Provide fix within the time limit,
Escalation procedure).
• Attended the Corporate BCM awareness training.

Personal Details:

Marital Status : Married

Father’s Name : R.Essakki Muthu
Nationality : Indian
Present address : C1; Asha Kiran Apartment;
Ahshya Colony; Mogappair;
Chennai- 600050- India.
Passport No : N9030614.