Sudhir K. Kondisetty Principal, Risk Advisory Services McGladrey LLP Blue Bell, Pennsylvania sudhir.kondisetty@mcgladrey.com 215.648.3121 Summary of Experience Sudhir Kondisetty leads the Philadelphia region risk advisory practice. In his role, Sudhir oversees financial, operational and information technology (IT) audit engagements. Prior to leading the risk advisory practice, Sudhir was involved in leading IT risk advisory projects, including IT risk assessments, IT general controls reviews, network infrastructure security testing, Sarbanes-Oxley IT reviews, Payment Card Industry (PCI) audits, Service Organization Control (SOC) attestation engagements and IT project management. He has 20 years of consulting experience in various industries. Representative Experience Internal audit/cosourcing Sudhir currently oversees a variety of internal audit projects, from cosourced to fully outsourced engagements. He oversees a wide range of internal audits, including financial, operational, IT, compliance and security projects. His role is to provide quality assurance and meet client expectations. IT security and risk assessment Sudhir’s responsibilities include analyzing client network security systems, evaluating established corporate security controls, analyzing the accuracy and adequacy of security processes and procedures, substantiating and documenting discovered security control weaknesses, and formulating and presenting recommendations for improvement to management. His experience includes analysis and reviews of: Security operations Corporate security policies and procedures Business continuity/disaster recovery planning Physical security Application-level security Enterprise intrusion testing IT general controls Sudhir K. Kondisetty Principal Firewall infrastructure analysis, design and implementation Sudhir has experience designing and implementing firewalls for organizations in various industries (financial, government, health care, manufacturing, etc.). He has been engaged in numerous projects that involve the evaluation, acquisition, design, implementation, documentation and testing of firewall hardware and software. Sudhir has experience with various firewall technologies, most predominantly the CheckPoint Firewall-1 and Cisco Pix products. Additionally, he has implemented various vendors’ VPNs and remote access products, including CheckPoint, Cisco, Nokia and Citrix. IT project management In addition to IT security-related projects, Sudhir has a broad range of experience in managing and implementing projects across the various IT disciplines. Sudhir has been project manager, technical lead and/or implementation specialist for various projects in the following IT disciplines: Network system implementations - Microsoft-based network operating systems - Enterprise desktop management infrastructure Client/server-based applications Web-based applications IT governance procedures - Change control - Project management office - Service request management - Problem resolution Professional Certifications Certified Information Systems Security Professional (CISSP) Certified Information Systems Auditor (CISA) Payment Card Industry Security Standards Council Qualified Security Assessor (QSA) Certified in the Governance of Enterprise IT (CGEIT) CheckPoint Certified System Administrator (CCSA) Microsoft Certified Systems Engineer (MCSE) Education Bachelor of Science, computer science, Bucknell University