Varun Vohra

Varun Vohra Email and Phone Number

Global Head - Technology Audit, Strategic Assurance and SOX @ S&P Global
New York, NY, US
Varun Vohra's Location
New York City Metropolitan Area, United States, United States
Varun Vohra's Contact Details

Varun Vohra work email

Varun Vohra personal email

n/a
About Varun Vohra

Enterprise leader, change agent and innovator with 18 years of progressive international experience working in critical leadership roles in all three lines of defense (LOD) across F100 companies in Technology Risk Management, Information Security, Governance, Risk & Compliance (GRC), IT Audit and Regulatory Compliance related to Sarbanes-Oxley (SOX), GDPR, PCI DSS and HIPAA. Motivating leader with strengths in building collaborative partnerships, trust at all levels and talent development to drive productivity to achieve enterprise goals. Well-known name in Cyber Security, IT Audit, Technology Risk & Compliance with over 50 publications, 300+ YouTube videos and peer-reviewed over 150 white papers in this domain.PROFESSIONAL ACCOMPLISHMENTS• Created and led strategic alliances with senior leaders and key stakeholders across all three LOD to design and implement processes and controls for effective security, risk management and regulatory compliance to ensure a successful roll-out of the following key enterprise cyber initiatives in a global environment:o Cyber resiliency program designed and implemented post 2017 cyber incident to inform the cyber security strategy and strengthen the security posture across critical assets in key areas like Identity & Access Management (IAM), Endpoint Detection & Response (EDR), Intrusion Detection, secure SDLC, Back-up & Recovery and Security Operations including Threat Intelligence, Incident Response, SIEM, Vulnerability and Patch management.o SailPoint IdentityNow solution to automate the account provisioning, account revocation, termination, access certification and Segregation of Duties (SOD) processes across critical assets.o Privileged Account Management (PAM) solution like Delinea Secret Server and TPAM to discover and manage privileged accounts across critical assets.o Third-party governance framework for top enterprise third parties including supplier risk assessment, security baseline in contracts and compliance monitoring.o Insider risk program to enhance data protection leveraging Data Loss Prevention (DLP) and encryption solutions. o Artificial Intelligence (AI) governance framework and guidelines to leverage AI in technical and business areas in a secure and compliant way. o Enterprise digital transformation program leveraging Cloud and Automation technologies like AWS, Azure and UiPath.o Enterprise digital and data governance program for business digitization areas leveraging digital health solutions as promotional vehicle and big data for commercial decision making.

Varun Vohra's Current Company Details
S&P Global

S&P Global

View
Global Head - Technology Audit, Strategic Assurance and SOX
New York, NY, US
Varun Vohra Work Experience Details
  • S&P Global
    Global Head - Technology Audit, Strategic Assurance And Sox
    S&P Global
    New York, Ny, Us
    View
  • Merck
    Experienced Director, It Risk Management & Security & Biso
    Merck Dec 2012 - Present
    Rahway, New Jersey, Us
    Exp. Director, IT Risk Management & Security & BISO• Head of Governance, Risk & Compliance (GRC) Controls Assessment & Monitoring, BISO and Member of Global CISO’s leadership responsible for leading cross-functional teams with 20+ members to:o Integrate controls and compliance during the process design and solution engineering of strategic enterprise cyber initiatives to achieve ‘Compliance & Risk Management by Design’ for stronger risk posture and security.o Perform technical audits and automate continuous monitoring across business critical internal and third-party applications and their underlying infrastructure in IT General Control (ITGC) areas related to IAM, Operations, Change Management and Cyber resiliency areas related to Endpoint Protection, Intrusion Detection, Incident Response, Security Hardening, Vulnerability and Patch management for SOX and SOC 1 / 2 compliance.• Presented regular reports, metrics and recommendations to senior management on the security posture based on the insights from the technical audits and continuous monitoring.Director, Corporate Audit & Assurance Services• Head of IT Audit, Cyber Risk & Assurance and Member of Corporate Audit leadership responsible for developing, executing and quarterly reporting of the annual IT audit plan to Executive Management / C-Suite and Audit & Risk Committee / Board of Directors for risk-based technical audits related to cyber security, data privacy, third-party, emerging technology areas and regulatory audits related to SOX, GDPR and HIPAA.• Led and mentored teams with 15+ members responsible to plan, scope, budget and perform technical audit of critical internal and external applications, servers, databases, network and IT processes.• Communicated true risks of complex issues to Executive Management / C-Suite through presentations and reports based on the audit insights and helped Process Owners with the design and implementation of pragmatic risk mitigation plans.
    View
  • Ernst & Young
    Senior Consultant, It Risk & Assurance
    Ernst & Young Jun 2011 - Nov 2012
    London, Gb
    • Led cross-functional teams to audit applications, operating systems, databases, network and IT processes for risk-based technical audits related to IT, cyber security, third party, emerging risk / technology areas and regulatory assessments related to SOX, PCI DSS and HIPAA across all three lines of defense for top clients in Financial Services, Healthcare and Technology industry. • Contributed to the growth of the Technology risk practice as an expert practitioner and business development contributor to drive revenue through sale of services. • Partnered with cross-functional teams to drive the development of new business and contributed to the building of new client relationships through expertise.• Prepared reports on the adequacy and effectiveness of control structure including practical recommendations to improve the effectiveness of a control or process and presented them to client’s senior management including C-Suite. • Designed risk control matrices by integrating IT General Controls (ITGCs) related to access administration, operations and change management with advanced information security controls to assess overall risk and security posture across critical enterprise assets.
    View
  • Evalueserve
    Research Associate, Ip Risk & Security
    Evalueserve Apr 2008 - Jun 2010
    Zug, Ch
    • Worked with clients in Financial Services, Healthcare and Technology industry in the area of Intellectual Property (IP) / Data Protection for alignment to their cyber and risk strategy.• Developed client relationships through demonstrated subject matter expertise including preparing and presenting winning proposals.• Analyzed IP / data, tools and scientific literature to devise strategy related to IP / data protection.• Performed feasibility analysis and risk assessments to design and implement appropriate processes and controls related to IP / data protection.
    View
  • Tata Consultancy Services
    Assistant Systems Engineer, Risk & Security
    Tata Consultancy Services Jul 2006 - Apr 2008
    Mumbai, Maharashtra, In
    • Risk liaison for developers to design and implement control and security requirements during the product enhancements and releases. • Assisted Pre-sales teams as a risk and security practitioner in client presentations and proposals.• Worked with Security Operations Center (SOC) to perform vulnerability scans and code reviews. • Supported in the SDLC documentation to ensure regulatory and Policy compliance.
    View

Varun Vohra Skills

Services Assurance Audit

Varun Vohra Education Details

  • Vellore Institute Of Technology
    Vellore Institute Of Technology
    Computer Science And Engineering
  • University At Buffalo School Of Management, The State University Of New York
    University At Buffalo School Of Management, The State University Of New York
    Mis
  • Aiir Consulting
    Aiir Consulting
    Executive Coaching / Leadership Development Program

Frequently Asked Questions about Varun Vohra

What company does Varun Vohra work for?

Varun Vohra works for S&p Global

What is Varun Vohra's role at the current company?

Varun Vohra's current role is Global Head - Technology Audit, Strategic Assurance and SOX.

What is Varun Vohra's email address?

Varun Vohra's email address is va****@****rck.com

What is Varun Vohra's direct phone number?

Varun Vohra's direct phone number is +190874*****

What schools did Varun Vohra attend?

Varun Vohra attended Vellore Institute Of Technology, University At Buffalo School Of Management, The State University Of New York, Aiir Consulting.

What skills is Varun Vohra known for?

Varun Vohra has skills like Services, Assurance, Audit.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.