Santosh Sonavane

Senior Manager with over 25 years of experience in IT, audit, risk management, and governance within the banking and financial sector. Proven expertise in leading internal, external, and regulatory audits (RBI, ISO, CMMI) and ensuring compliance with international standards including ISO 27001, ISO 20000, and ISO 22301. Skilled in audit coordination, vendor management, data centre operations, and cross-functional leadership. Currently pursuing an MBA in Business Analytics from Symbiosis School for Online and Digital Learning (May 2025), demonstrating ongoing commitment to strategic and data-driven decision-making.

HDFC Bank | Senior Manager – Tech & Digital WBO-FCU | Mar 2023 – Present

• Overseeing regulatory, internal, and external audits including RBI CSITE Annual review covering 400+ applications.
• Coordinating audit responses, evidence collection, and closure activities across multiple stakeholders.
• Publishing weekly and fortnightly management reports for audit observation tracking and closure.
• Facilitating walkthroughs with external auditors (PwC, KPMG, Deloitte) and ensuring timely evidence submission.
• Managing quarterly submissions for governance committees (APEX, ISRMC) and compliance tracking of OS/MW/DB baselines.
• Engaging in risk review and mock regulatory audits to ensure organizational readiness.

• Engaging in external audit, GRC compliance. SOX audit, US GAAP Audit conducted by external auditors.

• Engaging in various internal, ISO, pre-implementation, concurrent audit conducted by internal governance team, Closure of internal draft reports.

• Engaging in timely completion of regulatory tranche, various circulars published, interfaces, DPIA Assessment, DPDP act.

Protean e-Gov Technologies Ltd | Assistant Manager | Jul 2012 – Mar 2023

• Conducted internal audits based on ISO 9001, ISO 20000, ISO 27001, and CMMI-SVC Level 5 standards.
• Facilitated client and external audits (KPMG, DNV, PFRDA) ensuring smooth audit readiness and compliance.
• Led implementation of ITSM and ISMS frameworks, risk assessment, and business continuity management.
• Conducted vendor audits and process trainings for teams and new joiners.
• Managed configuration and asset control for CRA department, ensuring data integrity and compliance.

NSDL | Executive | Jan 2002 – Jun 2012

• Supported ISO, CMMi, and internal audit processes ensuring project-level compliance.
• Member of Enterprise Risk Management and Business Continuity teams.
• Supervised 24x7 production support team and conducted process awareness training.

ARI World | Resident Network Engineer | May 2001 – Dec 2001

• Handled on-site hardware and network management ensuring system uptime and support.

Yasho Computers | H/W & Network Engineer | Jun 1999 – Apr 2000

• Provided technical support for network setup, troubleshooting, and client service.

• MBA (Business Analytics) – Pursuing (May 2025), Symbiosis School for Online and Digital Learning (SSODL)
• Bachelor of Computer Applications (BCA), JRN Rajasthan Vidyapeeth University – 2015