Country manager for Malaysia and Thailand markets.

• Executed HITRUST CSF readiness and validated assessments, providing close advisory support to clients in achieving their HITRUST CSF certifications.• Conducted comprehensive ISO/IEC 27001, SOC 2, and PCI DSS readiness assessments to identify critical compliance gaps.• Developed practical, actionable remediation plans and assisted clients in monitoring the progress and completion of remediation efforts, ensuring adherence to compliance timelines.• Provided virtual CISO services to selected clients to deliver strategic oversight and security programs aligned with business objectives, enhancing security posture and compliance with regulatory requirements.

• Led reviews of general IT controls and application controls to support the financial audit process for clients across various sectors such as banking and insurance, healthcare, manufacturing, logistics, telecommunications and hospitality.• Provided third party attestation services for numerous global and regional service providers, including SOC 1 and SOC 2 reporting according to SSAE 18 and ISAE 3000/3402 standards.• Developed the software license compliance business in Southeast Asia, where we managed and executed software license reviews on behalf of leading software publishers, ensuring that their customers comply with software licensing requirements.• Delivered software asset management services to identify use of unauthorized software, alleviate license compliance risks, and optimize licensing costs by eliminating waste and redundancy.• Conducted IT due diligence assessments for mergers and acquisitions to identify key risks, challenges and competitive advantages, as well as identify gaps in current operating procedures and enhancements opportunities.

• Executed comprehensive IT audits across Asia Pacific and Sub-Saharan Africa regions across Express, Global Forwarding & Freight, and Supply Chain business units.• Conducted detailed reviews of SAP Basis security controls in FI, CO, SD and MM modules, including application embedded controls and segregation-of-duties.• Evaluated IT service delivery processes, recommending improvements that enhanced efficiency and alignment of Business IT and IT Shared Services with business goals.• Managed the governance and operational processes of group-wide software license management program in accordance with ISO/IEC 19770-1 standards.• Assessed IT financial management processes to ensure IT accounting, budgeting and costing practices within Business IT are transparent and inline with business demands.• Reviewed the PCI governance, compliance and self-assessment procedures for business units that process, transmit and/or store credit cardholder data.

• Review of general IT controls, application embedded controls and segregation of duties controls supporting the financial audit process. Portfolio of clients includes public listed companies and GLC’s involved in various industries such as banking and insurance institutions, pharmaceutical, manufacturing, logistics, telecommunications, and hospitality.• Co-source internal auditor for a multinational oil and gas company, which included a review of the client’s strategic outsourcing programme and an audit of a regional offshore customer service centre.• Co-source internal IT auditor for a multinational general insurance company, which included reviews of the general IT controls and application embedded controls over the client’s core insurance systems, as well as business-to-business and business-to-consumer insurance applications.• Outsourced internal IT auditors for a local general insurance company, which included a review of the general IT controls over the client’s core insurance system and a review of the client’s business-critical vendors.• Third party assurance review and SAS70 type-2 attestation of general IT controls and business process controls (Payroll, Expense Claims, and Financial Reporting), for a global business process outsourcing provider.• Assessment of internal IT controls and development of the IT Risk Control Matrix for a multinational copper foil manufacturing company for JSOX readiness.• Assessment of internal IT controls for a multinational cement and construction aggregates company and a multinational embedded memory modules company for SOX readiness and compliance.• Risk management assessment and consulting to design and implement an internal IT controls framework for a multinational general insurance company.

• Team Leader for the Technical Projects Division; supervise and manage a team of graduate engineers, as well as represent the Projects Division in management level meetings.• Technical specialist for the Digital Video Surveillance and Access Control Systems and was key in growing Secom's business in these markets. Responsibilities also include the training of new graduate engineers and all technicians within Secom.• Manage and supervise Project Sales and pre-sales of building security systems which include turn-key designs and solutions of medium to large scale contracts for residential, commercial and industrial clientele.