Summary
Overview
Work History
Education
Skills
Disclaimer
Timeline
Generic

Vinodkumar Nagaroor

Bengaluru

Summary

Dynamic professional with extensive experience in internal audit and SOX compliance at Tech Mahindra. Proven track record in ITGC assessments and risk management, driving process improvements and ensuring regulatory adherence. Skilled in access control and audit documentation, effectively collaborating with stakeholders to enhance compliance and mitigate risks.

Overview

8
8
years of professional experience

Work History

Associate Tech Specialist

TECH MAHINDRA PVT. LTD.
03.2023 - Current
  • Supported Quarterly Privileged User Access Reviews, identifying gaps, risks, and areas for improvement across various business-critical systems.
  • Collected, analyzed, and interpreted risk and control data to identify emerging trends and drive proactive mitigation strategies.
  • Ensured timely execution and submission of SOX audits, including ITGC and application-specific controls, on a quarterly basis.
  • Performed data reconciliations across Applications, Databases, AWS, and Azure using automated tools; flagged discrepancies and ensured timely remediation.
  • Acted as a liaison with external auditors and internal stakeholders to ensure regulatory compliance within agreed timelines.
  • Confidently articulated business risks and technical issues to senior stakeholders, promoting clarity in audit reporting and control ownership.
  • Reviewed and updated Test of Design (TOD) and Test of Effectiveness (TOE) documentation in Risk & Control Matrices (RCM).
  • Coordinated with cross-functional teams using Slack, MS Teams, and Email to collect audit evidence and resolve outstanding queries.
  • Evaluated end-to-end business processes to identify control weaknesses, inefficiencies, and compliance gaps; recommended and supported improvements.
  • Documented and reported on risk management activities, audit findings, and progress; delivered clear insights to senior management.
  • Streamlined audit evidence collection and delivery through continuous process improvement initiatives.
  • Prioritized and addressed audit feedback, ensuring actionable follow-up and issue resolution tracking.
  • Delivered monthly and quarterly compliance reports, including status of remediation, open items, and upcoming audits.
  • Provided guidance to IT teams during remediation activities, ensuring proper implementation and documentation.
  • Escalated observations or control gaps to senior auditors and IT leadership, supporting timely risk resolution.

Technical Lead

TRIANZ DIGITAL CONSULTING PVT. LTD.
09.2022 - 03.2023
  • Conducted ITGC control assessments and performed Test of Design (TOD) and Test of Effectiveness (TOE) across Access Management, Change Management, and Backup operations.
  • Supported SOX 404 audits by testing internal controls for applications and infrastructure, including SAP ERP environments.
  • Collaborated with control owners to collect evidence, communicate gaps, and track remediation efforts.
  • Drafted and shared risk matrices and test results with senior auditors and stakeholders.
  • Followed up on open audit observations and contributed to closure within defined timelines.
  • Participated in audit fieldwork, supported process walkthroughs, and ensured compliance with audit methodologies.
  • Delivered control testing documentation in compliance with audit guidelines and ensured timely submission of audit deliverables.
  • Participated in regular meetings with external auditors and internal compliance teams to align audit timelines and evidence quality.
  • Recommended process improvements based on lessons learned during testing and supported integration into future control cycles.

Senior Software Developer

HCL TECHNOLOGIES PVT. LTD.
05.2021 - 09.2022
  • Provided technical support and SAP security administration, including user creation, role management, and authorizations.
  • Handled SAP User Access Management by modifying existing roles, managing transaction codes (T-Codes), and maintaining illegal passwords via USR40.
  • Conducted privileged access control testing and standard password policy enforcement for SAP users.
  • Reviewed Logical Access, Change Management, and Security Configurations across SAP applications in accordance with governance and audit standards.
  • Identified and evaluated SAP T-Code risks, recommending controls to mitigate unauthorized access and segregation of duties (SoD) violations.
  • Executed ITGC control testing and evaluations within SAP ERP systems, including preparation of test procedures and documentation of results.
  • Reported audit findings and control deficiencies to senior auditors and IT leadership; supported remediation planning.
  • Maintained strong client engagement, responded to security-related requests, and coordinated with control owners to gather key audit evidence.
  • Performed SAP user access reviews and analyzed transaction codes (T-Codes) to identify unauthorized access, SoD violations, and critical risks.
  • Conducted ITGC control testing within SAP systems, including access provisioning, role assignments, and privileged access controls.
  • Reviewed and validated SAP change management processes, ensuring compliance with audit standards and change authorization protocols.
  • Provided audit evidence and documentation for SOX and internal audits, including test procedures, results, and remediation tracking related to SAP security.

Senior Process Associate

ACCENTURE PVT LTD
05.2017 - 04.2021
  • Provided technical support and SAP security administration, including user creation, role assignments, and transaction code (T-Code) management.
  • Handled user provisioning and de-provisioning, including addition/removal of roles and authorizations based on access requests and business needs.
  • Reviewed Logical Access Management, Change Management, and Governance Controls in SAP environments to ensure audit readiness and policy compliance.
  • Maintained SAP password security, including illegal password configurations (USR40) and standard user password enforcement.
  • Conducted privileged access control testing and monitored elevated access usage in SAP systems.
  • Identified critical risks associated with SAP T-Codes and proposed access control solutions to address SoD conflicts.
  • Performed SOX 404-related internal control reviews and supported testing of IT General Controls (ITGC) in accordance with audit frameworks.
  • Assessed ITGC effectiveness across infrastructure components including computer operations, program changes, and access controls.
  • Collaborated with auditors and compliance teams to gather control evidence and respond to audit findings.
  • Prepared and maintained documentation for audit testing, control remediation, and compliance dashboards.

Education

Bachelor of Computer Science - BSC Computers

Dravidian University
Kuppam, A.P
01.2016

Skills

  • Internal audit
  • Sarbanes-Oxley compliance (SOX)
  • IT general control reviews
  • Change management
  • Access control
  • IT compliance
  • IT application reviews for SAP applications
  • Risk management
  • ITGC assessment
  • Risk analysis
  • Audit documentation
  • Compliance management
  • Internal controls testing
  • Process improvement
  • ITGC control testing
  • SOX compliance
  • Access management
  • IT governance

Disclaimer

I hereby declare that the information furnished above is true to the best of my knowledge.

Timeline

Associate Tech Specialist

TECH MAHINDRA PVT. LTD.
03.2023 - Current

Technical Lead

TRIANZ DIGITAL CONSULTING PVT. LTD.
09.2022 - 03.2023

Senior Software Developer

HCL TECHNOLOGIES PVT. LTD.
05.2021 - 09.2022

Senior Process Associate

ACCENTURE PVT LTD
05.2017 - 04.2021

Bachelor of Computer Science - BSC Computers

Dravidian University

Similar Profiles

CREATE PROFILE
Vinodkumar Nagaroor