Summary
Overview
Work History
Education
Skills
Certification
Tools
Languages
Websites
Timeline
Generic
Soniya Masrani

Soniya Masrani

Bangalore

Summary

IT Audit and GRC professional with 10+ years of progressive experience across Fortune 50, Big 4, BFSI, Capital Markets, Insurance, and Retail environments. Strong expertise in IT Audit, SOX, Enterprise GRC, Security Compliance, and Regulatory Governance, with a proven track record of delivering complex audits and strengthening technology control environments.

Demonstrated ability to own end-to-end audit and compliance portfolios, lead multi-location teams, advise leadership on technology risk, and align control frameworks with business and regulatory expectations. Experienced in ERP audits, cybersecurity governance, regulatory audits (SEBI, RBI, IRDAI, NPCI), and policy development, with increasing responsibility in people leadership, program governance, and risk advisory.

Overview

11
11
years of professional experience
1
1
Certification

Work History

Senior Auditor (IT)

Lowe’s
Bangalore
08.2024 - Current
  • Lead SOX IT Audit programs across enterprise applications and infrastructure, overseeing planning, scoping, testing, issue evaluation, and reporting.
  • Led pre-implementation and DevSecOps risk assessments covering SDLC controls, Bitbucket repositories, and CI/CD pipelines, ensuring new applications were securely onboarded into enterprise control frameworks.
  • Well-versed in applying Agile auditing methodologies to accelerate audit delivery and enable iterative, continuous stakeholder communication throughout the audit lifecycle.
  • Leveraged AI-driven solutions to develop an Agile audit scheduling tool and control delivery dashboard for senior management reporting; additionally automated select control testing activities, reducing manual effort and repetitive tasks.
  • Performed threat modeling–driven security governance reviews across data migration, network/security architecture, and integration layers, identifying material risks.
  • Led high-impact audits covering ERP systems, Marketplace, IOT platforms, GCP Cloud Governance, and Data Governance.
  • Led post-acquisition IT risk and audit scoping assessments for newly acquired entities, enabling large organizations to identify material risks and prioritize integration into enterprise governance frameworks.

Assistant Manager

Deloitte
Mumbai
08.2023 - 08.2024
  • Led Internal Financial Control (IFC) IT audits and external technology audits for multiple reputed BFSI and capital market clients, overseeing audit planning, execution, team coordination, and stakeholder communication.
  • Led an ATM channel technology and security audit for a leading private bank, covering application interface testing, application security controls, and regulatory gap assessments against RBI, NPCI, and PCI DSS requirements for in-scope ATM infrastructure; developed Risk & Control Matrices (RCMs), performed in-depth security control analysis, and identified material risks.
  • Led end-to-end annual and half-yearly system and cybersecurity audits for an international exchange in accordance with SEBI guidelines and drafted Cyber Security Master Policies for stockbrokers and depository participants, ensuring full alignment with SEBI regulatory requirements.
  • Conduct status meetings with senior management and stakeholders, including directing team operations for fieldwork across multiple projects, ensuring alignment with audit standards and objectives.
  • Performed specialized audit of pre-implementation application-based audits as per SEBI guidelines before their deployment, ensuring required controls defined in the guidelines are adhered by the developed application and provided recommendation wherever improvement was required to meet the compliance.
  • Drafting policy/procedure documents and executing process-based and cybersecurity maturity assessment audits.
  • Managed a pre-implementation review of price discovery algorithms for a Power Exchange, evaluating automated application controls governing code changes, client onboarding, order management, bid matching, and price discovery across multiple products.

Manager

Edelweiss Tokio Life Insurance
Mumbai
03.2023 - 08.2023
  • Reviewed penetration testing reports, assessed risk severity of identified findings, and tracked remediation and closure in coordination with Technology and Security teams.
  • Identified and defined Key Control Requirements (KCR) for IT in line with IRDAI cyber audit master circular.
  • Utilized vulnerability management tools such as Qualys to analyze vulnerabilities and patch management gaps across cloud and on-premises infrastructure.
  • Formulated and upheld policies and procedures in compliance with regulatory standards.
  • Achieved a successful IRDAI audit with no observations, underscoring the efficacy of the compliance framework.

Audit Assistant

Mehta Sanghvi & Associates
Mumbai
09.2021 - 05.2022
  • Executed internal audits within the FS sector, identified compliance gaps, and formulated corrective measures.
  • Performed audits on business processes, IT systems, and financial transactions to validate control effectiveness.
  • Led Cybersecurity audits, including pre-deployment audits of trading software, to ensure regulatory adherence and ITGC, Application control and interface control testing.
  • Audited back-office applications for ITGC and IT Application controls, branch inspection, E-KYC, E-DIS, and online account opening processes.
  • Authored a generic cybersecurity policy, streamlined operations for over 50 clients, and boosted firm revenue by 5%.
  • Identified and communicated compliance deficiencies for a key client and secured new project acquisitions.

Customer Service Representative

SVC Co-operative Bank Ltd
Mumbai
02.2018 - 08.2021
  • Assessed customer credit risk managing credit control and compliance with risk policies for retail and wholesale clients.
  • Maintained branch financial integrity through accounts receivables and payables management.
  • Ensured accurate financial reporting and compliance with audit queries in the advances department.
  • Managed banking operations, including collateral valuation, bank guarantees, and foreign remittance transactions.
  • Optimized debt collection processes that significantly reduced overdue accounts.
  • Received a nomination for the Best Employee Award for exceptional multi-department management during COVID-19.

Junior Audit Assistant

Mehta Sanghvi & Associates
Mumbai
10.2014 - 12.2017
  • Conducted system and internal audits as per regulatory guidelines, and enhanced client compliance and operational efficiency.
  • Delivered comprehensive audit reports, supporting management in strategic decision-making.
  • Drafted policies and procedures for clients and ensured smooth operations and data integrity.
  • Singularly managed the system audit department, contributed to 50% of the firm’s revenues and achieved significant cost savings.

Education

M.Com -

Mumbai University
Mumbai
01.2018

B.Com -

Mumbai University
Mumbai
01.2014

Skills

  • IT Audit & SOX Compliance
  • Governance, Risk & Compliance
  • Security Compliance & Cyber Governance
  • Enterprise Risk Management
  • Control Frameworks
  • Regulatory Audits
  • ERP & Pre-Implementation Audits
  • Risk & Control Matrix Design
  • Issue Lifecycle & Remediation Management
  • Policy & Standards Governance
  • Stakeholder & Executive Reporting
  • Team Leadership & Audit Program Management
  • ITGC Audit
  • Controls Testing
  • Internal Audit
  • Cybersecurity Assessments
  • Agile Auditing

Certification

  • CISA – Certified Information Systems Auditor, 09/25
  • FRM Part 1 – GARP, 2023
  • CAIIB – IIBF, 2020
  • JAIIB – IIBF, 2019
  • AAIA, in-Progress
  • ISO 27001, in-Progress

Tools

  • AuditBoard
  • Jira
  • Helix
  • ServiceNow
  • Splunk
  • OpenSearch
  • Qualys vulnerability management
  • Cohesity
  • GreyMatter

Languages

  • English
  • Hindi
  • Marathi
  • Gujarati

Websites

Timeline

Senior Auditor (IT)

Lowe’s
08.2024 - Current

Assistant Manager

Deloitte
08.2023 - 08.2024

Manager

Edelweiss Tokio Life Insurance
03.2023 - 08.2023

Audit Assistant

Mehta Sanghvi & Associates
09.2021 - 05.2022

Customer Service Representative

SVC Co-operative Bank Ltd
02.2018 - 08.2021

Junior Audit Assistant

Mehta Sanghvi & Associates
10.2014 - 12.2017

M.Com -

Mumbai University

B.Com -

Mumbai University

Similar Profiles

CREATE PROFILE
Soniya Masrani