Sr. Manager
Current• Played the leading role in the Security & Compliance Track team on multiyearOracle Cloud ERP implementation. Led the SDLC compliance effort.Worked with business process owners, PMO and system implementers onsecurity role design, SOD analysis, access provisioning validation, dataconversion validation and business process re-design/readiness for SOXcompliance and ITGC readiness. Coordinated Internal Audit to performreal time assessment, to prevent potential deficiencies after system golive• Led the efforts to remediate a SDLC related Significant Deficiencyconcluded by external auditor. Established corporate-wide SDLCcompliance policy. Trained Project Manager Office on SDLC requirements.Monitored SDLC compliance for new application implementation projects tominimize the impact to SOX control effectiveness.• Performed annual SOX planning, coordinated walkthrough & testing forITGC, automatic controls and Electronic Audit Evidence in a highlydynamic IT environment with 3 live ERPs (Oracle Cloud, SAP, Oracle EBS)and more than 30 SOX applications. Performed risk assessment for SOXissues and remediation, Evaluated ITGC improvement opportunities andimplemented more streamline ITGCs.• Led the vendor evaluation program. Reviewed 3rd party service providers'SOC-1 reports. Evaluated service providers' control environment forcontrol reliance and verified sufficient controls in place in Western Digitalto satisfy service providers' Complementary User Entity Controls (CUECs).• Performed interface data mapping between old legacy systems and ERPs.Created a data flow diagram for significant financial data and key reports.Identified financial statement reporting risks and design IT dependentmanual controls.• Interviewed billing specialists to understand and document billingStandard Operating Procedure. Evaluated the root causes of erroneoussubscription billing and reported the remediation recommendations toCFO and Controller.