Puppala Rajanikanth

● Supported Governance, Risk and Compliance management process end-to-end.

● Reviewed Information Security policies, Procedures, and Work instructions with respective operational teams, and updating any changes performed on Annual basis.

● Carry out Internal Audits to ensure that the standard is well maintained, facing client security audits & conducting security internal reviews/audits and assessments on operational teams.

● Performing Control Design effectiveness testing (TOD – Test of Design) on Annual basis.

● Supporting External and Client Audits.

● Working with operations teams for collecting evidence and artifacts based on the audit requirements.

● Ensure action items taken to address the findings to close and to prevent repeat findings

• Conducted IT audits in accordance with ISO 27001 standards, ensuring compliance and identifying security gaps.
• Conducted internal audits against ISO 27001, NIST, PCI DSS etc frameworks. Assisted stakeholders and business owners in achieving security certifications and requirements.
• Performed IT General Controls (ITGC) testing, assessing the effectiveness of controls over critical systems.
• Led internal audits across various departments, identifying process inefficiencies and recommending improvements.
• Conducted ITGC testing and evaluated internal processes and IT controls for SOC 1 and SOC 2 attestations.
• Executed SOX compliance audits, evaluating IT control over financial reporting systems.
• Conducted risk assessments to identify and prioritize potential risks to IT systems and data.
• Managed vendor risk assessments, evaluating Third-party vendors for compliance with security standards.

• Assisted in IT audits focusing on ISO 27001 compliance and security controls.
• Conducted ITGC testing to ensure the integrity and reliability of information systems.
• Supported SOX compliance audits, documenting findings and recommendations.
• Participated in internal audits to assess operational effectiveness and adherence to policies.
• Assisted in conducting risk assessments and developing risk mitigation strategies.

• Coordinating with the application IT owners and application supporting team and performing the audit covering the IT Control (Ensure System Security) over the Sox and financial applications.
• Client walkthrough on the process gaps and critical findings.
• Verifying all the defects identified via review is remediated in a timely manner with proper approvals.
• Writing the test cases to identify the flaws in applications user access and remediate them to ensure compliance policies.
• Hands on experience in all aspects of Cyber Security and Risk, Identity Access Management Compliance & Security areas.