CAREER SUMMARY
Dedicated Information Security Auditor with 7 plus years of experience in evaluating and strengthening information system security. Demonstrated expertise in conducting comprehensive audits and identifying vulnerabilities while ensuring compliance with ISO 27001, NIST, and GDPR standards. A track record of effectively assessing risks and recommending corrective actions to protect organizational assets.
Overview
10
10
years of professional experience
Work History
Senior Compliance Analyst (IT Compliance Auditor)
WPP
Bangalore
09.2021 - Current
Develop and manage plans for IT controls improvement especially on Cloud Governance
Lead the assessment of IT controls operation, identifying gaps, assessment of risks, and identifying areas for improvement on both On-Prem and Cloud Estate
Work closely with key stakeholders, including key service providers to ensure a clear understanding of WPP IT compliance requirements
Take responsibility for delivery specific workstreams within the WPP IT SOX compliance and Risk
Liaising with internal and external Auditor on findings
Performed the role as both the 1st and 2nd lines of defense by identifying and remediating risks, while providing assurance of compliance and operational controls
Taking responsibility to complete cloud compliance security control testing in Microsoft Azure platform
Conducted vendor risk assessments to evaluate third-party compliance with regulatory requirements and security policies
Reviewed contractual agreements to ensure the inclusion of relevant compliance controls and standards
Tested vendor controls for design and operating effectiveness, identifying gaps in compliance and recommending corrective actions
Developed comprehensive reports on vendor compliance, highlighting risk levels and areas for improvement
Preform TOD and TOE of ITGC controls in Azure platform
Helping the operation team to close the Gap within the process
Prepares work papers documenting the audit procedures performed
Analyzing and updating existing compliance policies and related documentation
Communicating compliance policies and guidelines to Management and designated departments
Training employees on industry compliance requirements.
Internal Auditor (Junior Manager)
Accenture
Bangalore
09.2019 - 09.2021
Analyzing and updating existing compliance policies and related documentation
Developing value-added recommendations to improve internal IT controls and operating efficiency
Determine the technical and business impact of identified security and control issues, and provide remediation guidance
Performed regular risk assessments and devised mitigation strategies to protect critical business data by enforcing robust security controls and ensuring compliance with regulatory standards
Provide progress reports on the implementation of information systems controls to inform stakeholders and to ensure that deviations are promptly addressed
Liaising with internal and external Auditor on findings
Evaluated security controls within Microsoft Azure, AWS, and GCP hybrid cloud environments, providing actionable recommendations for improvement
Perform testing over ITGC and Business Process to the management on the appropriateness and of the security controls in place
Use GRC tool to evaluate configuration and policy compliance, database logs
Document Walkthrough call and prepare process flowchart.
Internal Auditor
Bangalore
05.2019 - 08.2019
Performed IT General Control testing, including Internet Security, Access Management, Change Management, Problem Management, Computer Operations, and Infrastructure testing
Participated in walkthrough calls with the engagement teams and the client to understand the process and identify risks related to the controls.
Internal Auditor
Price Waterhouse Coopers (Pwc)
Bangalore
05.2017 - 05.2019
Assessed vendor and third-party risk management practices, ensuring secure data handling and compliance with contractual obligations
Performed control testing pertaining to Operating systems, Data base (Windows, Unix, Oracle, MSSQL)
Performed control testing for basic and automated ERP ITGC controls
(SAP application)
Assisted in flowcharting assignments, updated narratives/Risk, and control matrices basis client requirements
Assisted the US, UK and Canada teams with an Engagement Service Quality Initiative where we track engagement feedback and quality standards
Mentored/Coached and guided new joiners on different engagement deliverables as well as on the firm culture
Performed Test of Design and Operating Effectiveness for controls
Assist organizations to improve risk management and internal controls
Communicate with operating and financial management, establish and maintain strong working relationships with all levels of management
Performed IT General Control testing including Internet Security, Access Approvals, Change Management, and Computer Operations
Assisted in writing test plans for clients based on the new PCAOB standards
Assist organizations to improve risk management and internal controls.
Junior Specialist
Siemens Technology and Services Pvt Ltd
Bangalore
01.2015 - 05.2017
Preparation of project Management in SAP as per the process requirement
WBS creation (Work Break Structures)
Preparation of service maintenance contract (AMC)
Customer code creation
Continues interaction with customer
Preparing monthly review meeting reports
Checking customer credit limit
Preparing daily team huddle MOM (Minutes of meeting)
Coordinating with the counterparts and the requestors to finish the month-end, quarter-end and year-end closing of accounts.
Education
Master of Business Administration - Finance
Bangalore University, Dayananda Sagar College of Commerce Arts and Science
01.2014
B.com - Computer Application
M G University, M A College
01.2011
Skills
Auditing
Internal Audit
Sarbanes Oxley Act
Identifying key business risks
Team Management
ISO 27001
ITGC
Cloud Audit
IT Risk Management
Audit framework
ACHIEVEMENTS
Recognized as an Emerging Leader during Graduation at MA college
Won 1st price in Siemens badminton tournament
Won 1st price in WPP badminton tournament
PERSONAL INFORMATION
Languages Known
English
Hindi
Malayalam
Tamil
Kannada
Accomplishments
Preform TOD and TOE of IT SOX audit
Tests IT General Computer Controls
Tests IT Application Controls
Prepares work papers documenting the audit procedures performed
Good understanding of risks and controls for Information Technology
Developing value-added recommendations to improve internal IT controls and operating efficiency
Determine technical and business impact of identified security and control issues and provide remediation guidance
Performs audits and special projects to evaluate the efficiency and effectiveness of corporate operations, compliance with laws, government regulations, and corporate policies and procedures
Title : A study on “FUNDAMENTAL ANALYSIS ON CEMENT INDUSTRY”
Duration : 4 weeks
Description: Collected last five years Financial and Economic data of Five major cement companies in India
Analysed and evaluated the information’s collected
This would help the firm to understand the financial growth and take Investment and Strategic decisions
Interests
DECLARATION
, I hereby declare that the above-mentioned data are true, complete and correct to the best of my knowledge and belief
Additional Information
DATE:
, PLACE: BIBIN KURIAN
Timeline
Senior Compliance Analyst (IT Compliance Auditor)
WPP
09.2021 - Current
Internal Auditor (Junior Manager)
Accenture
09.2019 - 09.2021
Internal Auditor
05.2019 - 08.2019
Internal Auditor
Price Waterhouse Coopers (Pwc)
05.2017 - 05.2019
Junior Specialist
Siemens Technology and Services Pvt Ltd
01.2015 - 05.2017
Master of Business Administration - Finance
Bangalore University, Dayananda Sagar College of Commerce Arts and Science