• Providing key input and decision making on project strategy and management, implementation, resource planning and budgeting. Partnering with cross-functional teams and first and second lines of defense to execute risk and control assessments.• Performing root cause analysis and identifying risk mitigation strategies based on compliance testing results.• Enhancing project integration between the US and India firms. Elevating Internal Audit performance and value using Agile Methodology.• Training, mentoring, and coaching multi-functional project team members, including offshore resources, and client's Internal Audit team; coordinating and monitoring fieldwork.• Scrum Master role: Coordinating team Sprint ceremonies (Daily stand-up meetings, Sprint backlog refinement meetings, Sprint Planning, Sprint Retrospective)• Managed multiple teams of 10+ members (Managed hours: 9k) through different phases of audit lifecycle, USI lead for Client and External Auditor, PMO: workpaper reviews, control assignments, scheduling and budgeting, monthly invoice support for client billing• Managed all client coordination independently including project management, status updates, project deliverables, liaison with External Auditor, preparing Steerco decks for Leadership• Engagement close-out activities (QRM Reviews, Archives)• Integral part of Leadership/PMO team for multiple workstreams managing client interactions, leading market level status calls, and mentoring team - all while delivering high quality, assist client with remediation strategies for controls.• Demo sessions on Deloitte Proprietary tool to Client Leadership (involved in proposal and selling)• Involved in SOXWise transition activities with Client Leadership, assisted SOXWise team for PMO activities, held transition workshop for Client Leadership• Prepared Confidentiality Information Management Plan (CIMP) for client account team• Assisted with a client Cyber project on Vulnerability Management.

• Contributing to Advisory engagements in the capacity of a Lead Senior, planning and determining scope of audit, providing coaching and guidance to team members, reviewing audit workpapers for delivery of quality output within assigned timelines, interacting with client contacts to understand key processes and performing detailed audit procedures while also delivering high-level status updates to stakeholders on a periodic basis.• Secondment experience with Deloitte India (Mumbai) member firm, International experience at client locations (Atlanta and San Francisco).• Fast tracked to Sr. Consultant, selected for onshore exposure and New Senior Program at Deloitte University (Dallas).• Leading team(s) of 10+ professionals across locations and working with global teams and clients to deliver risk assessments and control testing. Portfolio of over 10k client service hours till date across Consumer & Financial Services industry verticals.• Evaluating internal IT controls design and operating effectiveness, communicating audit findings, providing risk mitigation and control remediation consulting to management, and coordinating with the client’s external auditor.• Led diverse range of engagements helping clients assess, test and improve their processes, controls and underlying systems in the areas of technology risk processes, internal controls and risk management.• Advised clients on addressing gaps identified during internal audits and perform remediation testing.• Performed tests of design and operating effectiveness of controls, report testing (IPE/IUC), led client walkthroughs and delivered recommendations to management for addressing risks and other issues.• Experienced in project management (staffing, budgeting, request lists, workpaper template preparation), reporting (status updates and trackers, executive committee decks).• Responsible for work allocation, supervision, monitoring performance & review of work by the team within the scheduled timelines.

• Identify and evaluate complex business/ technological risks, internal controls which mitigate risks, and related opportunities for internal control improvement• Perform system evaluation and/or audit IT and business process as a part of SOX 404, SSAE 18 or ICFR assessment in accordance with PCAOB/AICPA guidance using Deloitte audit methodology• Perform complete GITC evaluation and testing across IT platform including, operating systems, databases, and network components• Manage multiple assignments and ensure timely completion of activities with quality, complete ownership of deliverables and early escalations to management, if required• Communicate and coordinate with local & onsite/US team members within Deloitte and also with client stakeholders• Share periodic status updates with the stakeholders• Supporting organization and function initiatives

• Involved in project management and execution of IT Internal and External Audits governed by AICPA & PCAOB guidelines including the test of Internal Controls over Financial Reporting and General IT controls in accordance with Deloitte methodology• Actively involved in risk assessment, application scoping and control evaluation for the financially critical applications of client• SOX 404 Readiness for General IT controls testing in areas like Access Security, Change Management and Data Centre and Network Operations• Executing Operating Systems Security Audits (Windows/Unix/Mainframe), Database Security Audits (Oracle/SQL), ERP Audits (SAP/PeopleSoft) and generic application audit• Testing of Business Process automated and manual controls, IPE/IUC• Participating in client walkthroughs • Documented Risk of Material Misstatements depicting the Risks and Controls Mapping• Perform review, reperformance & independent testing of controls• Deciding the strategy for the testing of internal controls• Assess, analyze, and improve the effectiveness and efficiency of governance, control processes, offer recommendations to improve operations, and assist clients with enterprise risk and compliance activities• Assisted in preparing a training deck on long-term care process for the Internal Audit team of healthcare and pharmaceutical client• Prepared IT Governance Audit plan (aligned to COBIT 5) for a healthcare client • Preparation of Risk Control Matrix and Audit Request List • Documented Service Auditor Review Memos for SSAE16/CICA/SOC 1/2 (Type I/II) reports• Participating in proposal development efforts/RFPs• Learning and Development SPOC for organizing internal trainings for professionals • Demonstrates leadership, team management, problem solving, and strong verbal and written communication skills• Ability to work on multiple engagements both independently and as part of a team with professionals at all levels

Liaison with potential recruiters across the globe to bring the best opportunities to students at SCIT.

Information Security Vendor Audit: As a Lead Auditor, I independently carried out 25 Information Security Vendor Assessments at pan India locations for a banking client (one of the largest private sector banks in India). My responsibilities included assessing the Information Security posture of the bank’s vendors, identifying risk related data leakage, reporting audit findings and publishing periodic project audit documents.Application Security Risk Assessment: My second project included a process review of the bank’s applications. I used ISO27001, PCIDSS and SANS framework as the baseline for the checklist, identified vulnerabilities, assigned a risk level, recommended mitigating controls and documented assessment reports.Information Security Awareness Collateral: Created an organization wide Information Security Awareness Collateral on Internet Safety Guidelines.

Liaison with recruiters for providing summer internship opportunities to students at SCIT.

• Information Security Awareness: Conducting security awareness sessions for new joiners, interns and account teams, Administrator of Security Awareness Quiz, Creating and sending org wide security awareness mailers and tips, Anchoring org wide security awareness initiatives and events.• Information Security Risk Management: Consulting account/delivery teams on risk management and security practices to ensure compliance to ISO 27001 controls, org wide Information Security policy and that of customers (as applicable).• Information Security Metrics: Identifying the metrics to be captured, collating and analyzing the information, representing the data, highlighting the risk to the stakeholders and implementing corrective actions.• Information Security Audit Closure: Understanding gaps/non compliance identified in internal audits, communicating the same to the auditee, suggesting mitigation controls/processes, verifying evidences, implementing process improvements where necessary and closing the findings.• Risk Assessment: Understanding the requirements from stakeholders, analyzing information flow/data exposure, identifying threats, vulnerabilities and calculating the risk level, recommending necessary controls and processes to mitigate risks to an acceptable level.