Performance-driven cybersecurity risk and audit professional with 17 years of experience. Consistently achieves and exceeds expectations through leadership in complex projects. Expertise includes IT governance, SOX-404, internal and external audits, information security, third-party risk assessment, security architecture and solutions, supplier onboarding and supplier risk management, application security assessments, responding to RFPs, and representing the Info Sec team in client sales deal discussions. Worked at Deloitte and Touché (Big 4 firm) as an IT Engineer with an M.B.A. in Advanced Information Technology. Proficient in SAP General Computers Controls (GCC), SAP Segregation of Duties (SOD), SAP Business Computer Controls, Oracle DB, HP-UNIX, AIX, and Windows Testing. Well-versed in user access, change management, BCP/DR controls, policy/framework creations and review. Experienced in automating ITGC controls end-to-end using tools like ALTARYX and UI PATH. Strong communication and presentation skills with significant exposure to close client interactions and coordination during Information Security audits and SOX Audits. Practical industry experience spans across Financial Services, Retail, Consumer Goods, Telecommunications, Life Sciences, Transportation, Hospitality, and Automotive/Industrial sectors. Adept at defining, analyzing, and collaborating with various teams to achieve project goals on time while fulfilling self-responsibilities and commitments. Extensive experience in performing Audit lifecycle related activities including creating audit charters, defining scopes, control benchmarking based on IIA & PCAOB guidelines. Thorough knowledge of data privacy requirements with familiarity in GDPR, PCI-DSS, SOC Reporting, ISO 27001, NIST COBIT COSO GDPR Security by Design Privacy by Design. Worked on control monitoring and reporting tools like Cadency and Metrics Stream. Good understanding of issues and ability to identify areas for improvement in the control environment using acquired technical experience. Excellent team player capable of coaching training mentoring working effectively within a global team environment.
&Johnson and Johnson (Internal Audit) – Across various geographical locations and for SAP & SAP GRC