Summary
Overview
Work History
Education
Skills
Certification
Websites
Timeline
Generic
Anna Carolin

Anna Carolin

Summary

IT Auditor

IT Security Professional with nearly 8 years of experience in IT and Information Security auditing. Expert in providing an independent assessment on effectiveness and efficiency of systems and infrastructure, compliance with corporate policies, and regulatory requirements carried out in conformance with the IIA’s International Standards for the Professional Practice of Internal Auditing. Possess a proven track record in project management, audit program development, delivering comprehensive training and effectively bridging communication between diverse stakeholders.

Overview

7
7
years of professional experience
1
1
Certification

Work History

Senior Security Analyst

Accenture
Bengaluru
09.2021 - Current
  • Performing information security audits and assessments within organization Corporate Functions as a Senior Analyst - Internal Auditor in the third line of defense with direct hierarchical reporting to C-Suite.
  • Conducting the end-to-end Internal Audit lifecycle as an in-charge, overseeing all aspects of the audit lifecycle, including developing in-depth work programs for technical and operational domains, and timely execution of pre-planning, wrap-up, and planning activities for each review
  • Liaison with leadership and business teams on audit observations, observation remediation and discussion on process improvement opportunities.
  • Experienced in information technology and cloud security auditing for contracts belonging to Insurance, Banking, Healthcare, Textile, Travel and Hospitality, Products and Platform and other verticals across the globe.
  • Executing wide-ranging scope of audits like service delivery reviews, venture and acquisition- based reviews and client/internal organization-based application/platform reviews with an emphasis on assessing emerging areas of risk including cyber security, data privacy and cloud security.
  • Performed comprehensive audits of application security.
  • Evaluated the security of infrastructure, including on-premises and virtual/cloud assets.
  • Reviewed and assessed the configuration of native cloud services from AWS, GCP, and Azure to align them with industry best practices and security standards.
  • Conducted a detailed audit of Accenture's Responsible AI framework, assessing both its design and operating effectiveness.
  • Drafting and presenting final audit report along with Internal Audits recommendations in line with organizational security requirements, business teams management response, target remediation owner and target remediation date.
  • Leading the departmental initiatives for building capability to audit/review Azure and AWS cloud platforms in terms of contractual/organizational security compliance.
  • Coaching and mentoring junior team members on security concepts and audit process to stay current and relevant within the Internal Audit team.
  • Conducted On-site audit for clients of Accenture in Germany location.

Senior Risk Consultant

Deloitte
07.2021 - 09.2021
  • Developed and Implemented security governance, including security frameworks, in accordance with the Information security manual.
  • Performed analysis and developed information security policies and procedures at organization level for a client.
  • Conducted external risk assessment and Information security compliance audits for clients from banking sector.
  • Conducted PCI-DSS compliance audits.
  • Provided guidance and recommendations to clients for risk mitigation and security improvement initiatives.

Security Analyst

Wipro
06.2019 - 07.2021
  • Expertise in conducting internal security audits and third-party risk assessments.
  • Successfully transitioned a new client into the security services including implementation of security scanning and monitoring tools and identifying critical assets and applications.
  • Involved in OWASP Top 10 based Vulnerability Assessment of various web applications and network infrastructure.
  • Consecutively awarded as the best employee for two quarters.
  • Collaborated with cross-functional teams to provide actionable recommendations and mitigation strategies for identified vulnerabilities.
  • As a team lead for multiple clients, I oversaw risk assessments and security audits to ensure compliance with industry standards and best practices. My role involved coordinating with various stakeholders to identify potential risks, develop mitigation strategies, and provide recommendations for enhancing security posture. I also led a team of professionals, providing guidance and support to ensure the successful completion of projects.

Security Engineer

UST Global
01.2017 - 04.2019
  • Expertise in implementing and maintaining ISO 27001 security structure.
  • Conducted internal security audits and risk assessments for various clients across globe.
  • Developed Internal Risk assessment programs and Conducted training sessions for junior employees to foster a culture of cybersecurity.
  • Involved in Social Engineering and Information Security awareness programs at enterprise level.
  • Part of new initiative in the information security management team, concentrating on vulnerability and penetration testing, along with risk assessments.

Education

Bachelor of Technology - Electronics And Communication Engineering

Mahatma Gandhi University
07-2016

Skills

  • Business continuity planning
  • Control Testing
  • Data Management
  • Information Security Audit
  • Infrastructure and Application Security
  • IT Audit
  • Cloud Security

Certification

  • ISO 27001 LA
  • EC Council Security Analyst

Websites

Timeline

Senior Security Analyst

Accenture
09.2021 - Current

Senior Risk Consultant

Deloitte
07.2021 - 09.2021

Security Analyst

Wipro
06.2019 - 07.2021

Security Engineer

UST Global
01.2017 - 04.2019

Bachelor of Technology - Electronics And Communication Engineering

Mahatma Gandhi University

Similar Profiles

CREATE PROFILE
Anna Carolin