Sudipta Deb

A competent and result-driven technology risk professional with 9.5+ years' experience in Information Technology, SOX Compliance, SOC, ISAE, AUP Audit, IT Risk Consulting, Risk Assessment, and risk assurance domains with in-depth knowledge of Oracle GRC development and testing. Hold expertise in Oracle application design and implementation per the business requirement using the Oracle Relational Database Management System (RDBMS). Experience in COSO & COBIT testing (ITAC & ITGC Controls). Managing a team (6-7 members) responsible for delivery of control testing and reporting, assessment and implementation of automated controls in key banking business processes, streamlining technology general and automated controls within Wholesale, Consumer, and Lending operations with the objective of successful execution of design & operating effectiveness and monitoring for these controls. Proactive manager with leadership abilities, strategic planning expertise, and problem-solving acumen. Assists senior managers with accomplishing demanding targets by encouraging staff and coordinating resources. Methodical and well-organized in optimizing coverage to meet operational demands.

• Religion: Hindu
• Passport Number: M8002401
• Father's Name: Shib Sankar Deb
• Date of Birth: 01/28/91
• Gender: Male
• Nationality: Indian
• Marital Status: Married

• PWC, Responsible for mid size team to manage and deliver audit assignments to the respective stakeholders for NBFC customers ensuring the quality and timely delivery. Managing end to end ownership of audit planning, execution, reporting., Stakeholder management, Audit planning and work allocation, Coaching of the new team members, Quality assurance of the delivered work, Review of ITAC , ITGC and KR deliverable, Escalation management, Admin activities to ensure the account compliances
• Genpact Enterprise Risk Consulting, Responsible for driving a micro size team in order to identify risk, performing Walkthrough meetings, evaluating tests of design & effectiveness and documenting the same highlighting the risk backed up by evidence and mitigation plan. Maintain a healthy relationship with clients in close coordination with business operational teams., Carried out IT Automated controls for Oracle, Mainframe, UNIX & legacy applications based on Windows for banking & insurance sectors., Critical analysis of key banking processes and applications in order to identify risks and implement internal controls to mitigate them., ITACs (Interface, Edits, Validation, Reports, Authorization & Configuration), ITGCs (Change Management, Logical Access & Physical Access).
• Protiviti India Member Private Limited, Responsible for performing internal audit on both IT and process to analyze, discuss, figure out process gap, risk regardless of application and processes and conclude with business designated head and convert potential risk as audit point close looping management, IT and other applicable stakeholders., Address significant business and IT risks through value-added audits and fostering a control-oriented environment., Participate in risk assessment that covers all IT risk management functions including security, outsourcing, and business continuity; conduct general IT Controls, vulnerability testing, and business impact analysis., Performing the SOX Compliance ITGC Control testing including the Identity and Access Management, User provisioning ,Configuration Management, Change Management, segregation Of Duties Testing, Data Backup Monitoring and Configuration., Developed Risk matrix for various IT environments based on the key financial control., Managed and monitored small size teams for performing regional audit and reviewed for the purpose of cross functional engagement., Aside from IT audit several process audits were performed like Material forecasting, Admin expense review, site electrification, Energy process review.
• Bharti Airtel Limited, Responsible for maintaining the Sanity in terms of SOD and maintaining Compliance relevant to GRC tools along with developing, testing new controls and enhancing existing controls. Responsible for new control rollouts and user training. Close loop new requirement between cross functional business user and Internal IT/IT support Team. Perform inputs for Internal and External Audit. Also responsible for risk evolution of roles (RBAC) containing oracle responsibilities to prevent and maker checker conflict apart from SOD using Tivoli Access Manager. Perform MIS and Dashboard of various analysis of substance processes., Collaborated with audit in designing mitigating control for SOD violations., Performed numerous stress testing on various applications prior to deployment in production environment from GRC end., Configured controls to be SOX compliant and passing both internal and external audit deficiency previously identified., Evaluated KFC (Key financial control) and ICOFR (Internal Control for financial reporting) control., Managed and team during various transitions like Telenor and TATA telecom merger., Enhanced and reviewed various reports, developments in close coordination with IBM support team from Governance perspective., Supported cross-functional teams in designing SOD rules at the entitlement, model and control levels according to client specific goals objectives., Advised project team on design of various access points while recommending best practices during requirement gathering., Worked on projects as a functional expert in responsibility redesign and Segregation of Duty (SOD) detection and prevention., Developed automated and semi-automated control on ERP environment in order to track the sanity of various data points and highlight red flags in case of sensitive incidents like duplicate payment, payment before due date, DOA violation and misuse of excessive accesses within ERP.

CISA

As a street photographer, I love to explore the streets on the go and capture them through my lens. Cycling and music together give me pleasure, and encouragement, and help me cope with stress.