Pervez Khan - Cisa

Pervez Khan - Cisa Email and Phone Number

Senior Manager Cybersecurity, SOX, Risk and Compliance @ Haleon
Karnataka, India
Pervez Khan - Cisa's Location
Bangalore Urban, Karnataka, India, India
Pervez Khan - Cisa's Contact Details

Pervez Khan - Cisa work email

Pervez Khan - Cisa personal email

About Pervez Khan - Cisa

Pervez Khan, an Audit, Risk & Compliance Leader and accomplished People Manager with over 14 years of experience, including tenure at Big Four firm PwC, specializing in IT & Cyber Internal Audits, Application Audit, Risk and Compliance, control testing, and comprehensive risk management. Expertise spans IT Applications, IT Infrastructure, Cloud and Cyber Security, Security Operations, Vulnerability Management, Data Privacy, Cloud Security, Data Governance, AI/ML, ITGCs for SOX reporting, IT SOX Compliance, IT Application Controls, ISO 27001 Implementation and Audit, and NIST 800-34 BCP-DR audits. Experienced in formulating Annual Audit Plans based on Continuous Risk Assessments and aligning IT controls to NIST and COBIT frameworks.• Progressive expertise in audit planning, scoping, execution, and reporting, delivering comprehensive evaluations of control designs and operational effectiveness within Internal Audit functions, particularly within the Banking & Insurance sectors.• Proven leader in managing technology audits, project assessments, and application audit engagements, adept at identifying and mitigating key operational risks across critical business processes.• Strategic in IT & Cyber Audit planning, with a refined ability to perform risk assessments and develop robust, risk-based audit plans.• Strong GRC and Risk Management oversight, ensuring thorough assessments of the organization's control environment across IT and Cyber (InfoSec) domains.• Subject-matter expertise in SOX compliance, implementing risk-based testing through integration of SOX control risk ratings into annual scoping, reinforcing robust internal controls.• Knowledge of industry standards such as COSO, COBIT, NIST, and ISO27001, as well as regulatory frameworks like SOX, GDPR, and PCI-DSS.• Exceptional analytical and problem-solving acumen, committed to achieving high performance standards and exceeding expectations.• Dynamic leadership and communication including listening skills, fostering a motivating environment and providing impactful coaching, mentorship, and guidance to team members.• Trusted partner to top management and stakeholders, consistently building collaborative relationships to drive successful outcomes and strategic alignment.

Pervez Khan - Cisa's Current Company Details
Haleon

Haleon

View
Senior Manager Cybersecurity, SOX, Risk and Compliance
Karnataka, India
Website:
haleon.com
Employees:
17103
Pervez Khan - Cisa Work Experience Details
  • Haleon
    Senior Manager Cybersecurity, Sox, Risk And Compliance
    Haleon
    Karnataka, India
    View
  • Osb Group
    Senior Manager - Cyber & It Risk
    Osb Group Jun 2023 - Nov 2024
    Bengaluru, Karnataka, India
    Lead the Risk & Compliance Team with a Governance, Risk, and Compliance (GRC) focus, delivering rigorous assessments to ensure the resilience of the organization's IT and Cyber (InfoSec) control environment. Oversee periodic validation and reporting of ITGCs to senior management, maintaining alignment with organizational risk appetite through monthly monitoring. Provide specialized operational risk guidance across IT domains, including Information and Cyber Security, leveraging deep expertise in Operational Risk Management (ORM) processes and regulatory standards. Knowledge of network and information security, Cyber risk mitigation, and third-party IT and information security requirements. Others BAU tasks include (not limited to):• Strengthen IT and Cyber 2nd Line of Defense (2LOD) oversight through robust development and enhancement of Risk Control Self-Assessments (RCSA).• Author and own the IT & Cyber Risk Management Framework, defining and continuously refining the organization’s approach to risk.• Ensure Key Risk Indicators (KRIs) accurately reflect IT and Cyber risk exposure, providing meaningful insights into risk levels.• Validate IT and Cyber policies, ensuring they are effectively implemented, enforced, and optimized for purpose.• Design and maintain IT and Cyber 2LOD risk dashboards, offering clear, data-driven insights into risk landscapes and trends.• Review and approve risk waivers, managing exceptions relating to policy or standard compliance.• Investigate and assess risk events on behalf of the 2LOD, identifying causes and proposing preventative measures.• Represent 2LOD in relevant committees, advocating for and aligning IT and Cyber risk considerations across the organization.• Exercise 2LOD oversight of critical IT & Cyber security initiatives, ensuring alignment with the organization’s risk and compliance objectives.
    View
  • Accenture
    Lead Audit Manager
    Accenture Jun 2021 - Jun 2023
    Bengaluru, Karnataka, India
    Lead a team of seasoned audit professionals, overseeing comprehensive audit planning, scoping, execution, and reporting to evaluate the design and operational effectiveness of controls. This role spans Thematic process audits (IT & Cyber), Application audits ITGC audits, and SOX Compliance audits from initial scoping through remediation monitoring.• Support the Head of IT Audit by contributing to IT and Cyber Audit planning and execution, including meticulous risk assessments to guide audit strategies.• Conduct IT Audits with focus on assessment of Cybersecurity posture, Compliance audits (GDPR, SOX etc.), ITGC audits, Operational audits to examine efficiency of IT processes, Risk assessment audit to identify & prioritize IT related risks, and Data security audit to ensure data integrity & protection. •Conduct Application Audits for critical applications from the business impact analysis (BIA) incorporated in the annual audit calendar.•Auditing product development including SDLC data migration, testing, release management and testing•Drive IT General Controls (ITGC) Audit focusing on the review of program and data access controls (e.g., access provisioning/de-provisioning, user access reviews, and password parameter testing), computer operations, SDLC and program change management across multiple applications.•Conduct Group wide Thematic process audits (IT & Cyber) including infrastructure security audits, Vulnerability Assessment and Penetration Testing audits, Security Policy and Procedure Compliance audit, Access Control audit, Network Security audit, Incident Response Plan audit, Business Continuity and Disaster Recovery (BCDR) Plan audit, Cloud Security audit with in-depth reviews. Some of Audits performed (not limited to): o Vulnerability Assessment and Penetration Testing, Access Control, Network Security audit, Incident Response Plan, BCM/DR, Cloud Security, Cybersecurity Risk Assessment, Phishing and Social Engineering Awareness, Email Security.
    View
  • Aig
    Audit Manager - Internal Audit Group (Sox Compliance)
    Aig Jan 2015 - Jun 2021
    Bengaluru Area, India
    Lead a team of seasoned audit professionals, overseeing comprehensive audit planning, scoping, execution, and reporting to evaluate the design and operational effectiveness of controls. This role spans Internal Audits (IT & Cyber), ITGC Audits, Application Audits, and full-cycle SOX Compliance from initial scoping through remediation monitoring.• Oversee SOX ITGC compliance audits, encompassing all phases from scoping and planning to execution, documentation, and review of work papers.• Direct IT General Controls (ITGC) assessments, reviewing critical applications, databases, and infrastructure for GITC/ITGC adherence.• Collaborate with SOX business teams to identify and test completeness and accuracy for ITDCs, including key reports, automated controls, and interface controls.• Review Process Flows and Narratives, conducting both Design and Operating Effectiveness testing including review of IT processes, document audit results, communicate findings to management, & oversee follow-up on action plans.• Partner with process owners to finalize observations, develop robust remediation plans, & assist in defining Management Action Plans (MAP) for addressing control findings.Developed and maintained comprehensive SOX control documentation, including risk assessments, process flowcharts, control narratives and control testing. Executed end-to-end walkthroughs of critical processes with reliance on Technology & security. Collaborated with external auditors to ensure compliance with SOX regulations and industry best practices. Identified and implemented process improvements to enhance efficiency and reduce risk.Control Testing: • Performed detailed testing of IT General Controls (ITGCs) and application controls.• Designed and implemented effective testing strategies, including test plans and scripts, to assess the design and operating effectiveness of controls.• Analyzed test results and identified control gaps and weaknesses.
    View
  • Pricewaterhousecoopers - Service Delivery Center (Pwc Sdc)
    Senior Analyst
    Pricewaterhousecoopers - Service Delivery Center (Pwc Sdc) Jul 2010 - Jan 2015
    Kolkata Area, India
    Provide critical support to engagement teams in the execution of diverse audit assignments, leading a team of 10 Associates and Experienced Associates by reviewing their work, delivering targeted training, and guiding them in their daily BAU activities.• Conduct comprehensive Business Process Reviews that include IT General Controls (ITGCs) and IT Application Controls (ITACs) as part of SOX engagements.• Review and test ITGC domains, focusing on program and data access controls (e.g., access provisioning/de-provisioning, user access reviews, and password parameter testing), computer operations, and program change management across multiple applications.• Engage regularly in client walkthroughs and conduct Tests of Design (TOD) and Tests of Operating Effectiveness (TOE), fostering strong client relationships.• Analyze segregation of duties (SOD), identifying and addressing potential control risks.• Execute audit procedures to evaluate control and application deficiencies, ensuring that audit insights are thorough and actionable.• Perform detailed tests, including revenue, cost of sales, lease, accounts receivable aging, unrecorded liabilities, and operating expense testing to verify transaction accuracy and completeness.• Conduct SEC Reporting reviews, performing internal consistency checks of financial statements and ensuring mathematical accuracy and compliance with reporting standards.• Lead external confirmation processes for cash, debt, contracts, derivatives, and other critical contractual information to verify and validate audit findings.
    View
  • Icici Bank
    Customer Service Office
    Icici Bank Jan 2008 - Jun 2010
    Worked as an Officer on various types of banking departments starting from Teller, Demat, RTGS, KYC, General query etc.Worked as part of Internal Audit upskill programme• Worked on guidelines covering AML, KYC, Process Audits, Branch Audit, Centre Processing Centre audit.• 6 Months of Internal Audit upskill programme• Reviewing the GL balances & other financial transactions of Branches• Corporate Client relationship Manager, Trade, Forex & Demat (2nd Year)• Customer Service Branch Banking (1st Year)
    View

Pervez Khan - Cisa Skills

Financial Modeling Valuation Business Valuation Investment Banking Financial Analysis Corporate Finance Due Diligence Financial Reporting Accounting Auditing Equity Valuation Financial Accounting Capital Iq Offshore Outsourcing Team Management Revenue Analysis Analytics Retail Banking Corporate Social Responsibility Sox 404 Business Development

Pervez Khan - Cisa Education Details

Frequently Asked Questions about Pervez Khan - Cisa

What company does Pervez Khan - Cisa work for?

Pervez Khan - Cisa works for Haleon

What is Pervez Khan - Cisa's role at the current company?

Pervez Khan - Cisa's current role is Senior Manager Cybersecurity, SOX, Risk and Compliance.

What is Pervez Khan - Cisa's email address?

Pervez Khan - Cisa's email address is pe****@****aig.com

What schools did Pervez Khan - Cisa attend?

Pervez Khan - Cisa attended Information Systems Audit And Control Association (Isaca), Sikkim Manipal University - Distance Education, Shri Ram College Of Commerce, Institute Of Finance, Banking & Insurance (Ifbi), The Doon School.

What are some of Pervez Khan - Cisa's interests?

Pervez Khan - Cisa has interest in Children, Environment, Education, Animal Welfare, Health.

What skills is Pervez Khan - Cisa known for?

Pervez Khan - Cisa has skills like Financial Modeling, Valuation, Business Valuation, Investment Banking, Financial Analysis, Corporate Finance, Due Diligence, Financial Reporting, Accounting, Auditing, Equity Valuation, Financial Accounting.

Not the Pervez Khan - Cisa you were looking for?

View similar profiles

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.