Raj Saha
Senior Audit Manager - Cybersecurity
Bangalore,Karnataka
Summary
Experienced cybersecurity professional prepared for senior leadership role. Strong focus on team collaboration and results. Skilled in risk management, governance, and cloud security. Reliable in adapting to changing needs and ensuring precision in audits.
Overview
10
10
years of professional experience
6
6
Certifications
4
4
Languages
Work History
Senior Audit Manager
Standard Chartered Bank
06.2024 - Current
- Deliver 10 Thematic IT Audits in a year
- Aligned audit activities with business goals by incorporating strategic priorities into the annual audit plan.
- Developed comprehensive audit plans based on thorough risk assessments and business objectives analysis.
- Managed complex audits from planning to completion, ensuring timely delivery of high-quality reports.
- Enhanced audit efficiency by implementing risk-based audit strategies and procedures.
- Presented key findings from audits to senior management, offering actionable insights for enhancing operational efficiency.
- Led a team of auditors, fostering a collaborative environment that promoted growth and professional development.
- Partnered with external auditors to facilitate seamless coordination during annual audits and examinations.
- Streamlined audit processes for improved accuracy and timeliness of IT reporting.
- Mentored junior auditors in best practices, fostering a culture of continuous learning and improvement within the department.
- Kept up-to-date with industry developments, adapting auditing methodologies as needed to maintain relevance in an evolving landscape.
- Collaborated with cross-functional teams to identify process improvements and enhance internal control systems.
Audit Manager
STANDARD CHARTERED BANK
03.2022 - 05.2024
- Part of the Standard Chartered Infrastructure and Technology team participates in 6 infrastructure technology audits in a year.
- Expertise in evaluating the design and operating effectiveness of technology controls over varied IT platforms and servers, such as Windows, Unix/Linux, Mainframe, and Oracle database ERP suites.
- As a team leader, I am responsible for monitoring the audit's preparation and execution, as well as the audit budget, and the audit report.
- Assigning audit work is executed efficiently and effectively, within the budget and timeframes provided.
- Participate in department-wide activities, including annual planning, risk assessment, and training.
- Maintain active contact with top auditee management, and stakeholders.
- Engaged with the audit teams to provide product and country knowledge, and expertise for their audits in the individual's area of competence.
- Engaged to provide ongoing, continuous monitoring support to Heads of Audit (HOAs) regarding the business, as well as to highlight issues and observations outside of formal audit work to expedite control weakness rectification.
- Worked on audit issues; action plans agreed upon during audit fieldwork are monitored through to completion to ensure methodological compliance.
- In addition, carry out other duties as allocated by the Group, Country, Business, or Functional rules and procedures.
- Assisted the HOA in updating the relevant assigned risk assessments on a regular basis to ensure that changes in risk profiles are discovered in a timely manner, as well as suggesting changes to the assigned audit plan to the HOA as needed.
- Represented HOAs, formal committees, and group meetings as needed, such as Governance Committees and Country Non-Financial Risk Committees.
- Facilitated internal audits and prepared detailed reports on findings.
Senior Security Consultant
IBM
09.2015 - 02.2022
- Part of the IBM Information Security team responsible for IS audits and risk assessments.
- Established third-party risk management for ten banking and health care sector accounts.
- Performed cloud risk assessments for five public and insurance sector accounts in Asia Pacific and Australia locations.
- Participated in designing the information security awareness program for a London-based media company through the Proofpoint tool.
- Preparing content and conducting periodic employee awareness training.
- Leading different compliance and audit testing programs, and supporting the successful completion of various external compliance certification programs and internal compliance assessments.
- Organize and facilitate ISO 27001 Management Systems Certification Audits (Internal & External).
- Responsible for developing, documenting, and improving processes and guidelines that support the Disaster Recovery (DR) and Business Continuity Plan (BCP) program for various clients.
- Conducted IT Risk Assessments based on the IBM Data Security and Privacy (DS&P) framework for India GD Projects.
- Responsible for creating a Work Breakdown Structure (WBS) for the upcoming RFI/RPI.
- Designed secure cloud environments for clients migrating from traditional data centers, addressing unique challenges associated with cloud-based infrastructure.
- Improved security incident response times by developing and implementing automated tools for threat detection, analysis, and remediation.
Education
Master of Science - IT
National Institute of Technology
Durgapur 04.2001 -
Skills
ISO 27001 implementation
NIST SP 800-53 risk management
Cloud security management
Proficient in data interpretation
Risk analysis expertise
User access management
Threat data assessment
Information privacy compliance
Endpoint threat management
Security information and event management
Vulnerability remediation management
Business continuity planning
Certification
Certified Information Systems Auditor (CISA)
Extra Circular Activities
Cybersecurity related educational content creator on Udemy.
Awards
Recognized with Manager Choice Award in SCB for outstanding performance for Complex Audits.
Tools Experience
- ServiceNow
- Power BI
- WireShark
- Qualys
- PowerPoint
- MS Excel
- MS Word
- Visio
Timeline
Senior Audit Manager
Standard Chartered Bank
06.2024 - Current
Audit Manager
STANDARD CHARTERED BANK
03.2022 - 05.2024
Senior Security Consultant
IBM
09.2015 - 02.2022
Master of Science - IT
National Institute of Technology
04.2001 -