• Conducted evaluation of the design and performance of internal controls to assess whether the controls and underlying attributes are designed appropriately and operating effectively to mitigate risk.• Interacted with line of business leaders and conduct walkthroughs to understand control processes• Documented testing results and report on controls effectiveness• Effectively communicate and interact with client business leaders• Lead the development of client deliverables or for internal business needs• Serve as workstream lead on complex projects and actively participate in discussions on project management and work delivery needs• Work as part of a large, complex engagement with onshore and offshore team members to conduct controls assessment • Produced quality work products with minimal management oversight throughout project and controls evaluation lifecycle (from control evaluation planning to results documentation)• Served as subject matter advisor on projects, including providing recommendations to improve or remediate control deficiencies or reduce risk for our clients• Identified, evaluate, and prioritize business, operational, regulatory, and technology risks as well as risk mitigation strategies for our clients

• Evaluate the design adequacy and operating effectiveness of IT controls around financial systems, and the underlying IT Infrastructure. • Develop an understanding of the organization business processes, and the financial, regulatory, strategic, and operational risks affecting it. • Review pre and post system development life cycle (SDLC) and project management reviews of new information systems initiatives. • Conduct walkthroughs and detailed testing of IT internal controls within the Company's business units to ensure compliance with Sarbanes-Oxley compliance (SOX) Act. • Perform risk assessments, planning and scoping of ITGCs-related audits and IT Application Controls (ITAC) testing. • Document detailed work papers to present audit results and assisting with the communication of issues and recommendations via written reports and oral presentations. • Collaborate with business stakeholders and IT & non- IT auditors providing subject matter expertise on embedded IT risk and control areas during project reviews and integrated audits. • Strong ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability for tasks, and delivering on commitments. • Working knowledge of internal audit processes generally accepted auditing standards and information systems processes.• Expert knowledge and experience auditing and/or supporting operating systems (Unix/MS Windows), databases (Oracle and SQL), business applications, network infrastructure, change control, project management, and IT security concepts.• Test and identify internal control weaknesses, regulatory compliance risks, and other areas of risk.

• Reviewed and tested users' access control - physical access relating to server room or data center, and logical access control relating to various applications, operating systems, database, networks and Windows Active Directory.• Performed review and tested IT controls such as incident management, change management, segregation of duties, data integrity.• Performed review of organizational IT policies, standards, procedures and provided advice on their adequacy, accuracy and compliance with government guidelines and regulatory requirements.• Evaluated organization's disaster recovery readiness - DR plan, business impact analysis (BIA), annual testing, site adequacy; assisted management in the identification and assessment of technology related risks, reported risk-based controls adequacy; evaluated technology and business-related controls for integrated IT and business auditing efforts.• Coordinated and executed projects and ensured security risks/vulnerabilities are identified, communicated, and remediated.• Measured the adequacy of the quality of IT service delivery, through the review of key controls in incident management (help desk), problem, and release and change management.• Promote a cooperative and productive work environment and build effective working relationship• Execute cyber security audit, testing administrative, physical, and technical safeguards.• Liaise and foster strong professional relationships with first-line, second line of defense of support and information security Perform leadership roles and other duties as needed to accomplish departmental objectives. • Communicated weekly with IT department on the status of outstanding audit recommendations, both internal and external; that facilitated timely remediation.