Zoher Mala

Zoher Mala Email and Phone Number

Governance, Risk and Compliance Consultant @ Solarium Consultants Inc.
Zoher Mala's Location
Toronto, Ontario, Canada, Canada
Zoher Mala's Contact Details

Zoher Mala personal email

Zoher Mala phone numbers

About Zoher Mala

Over 20 years of Consulting and Industry experience with top tier clients in Canada, India, US and Middle East.Top Areas of Experience and Expertise:a) Cyber Security• Policy, Procedures and Directives for a) Infrastructure/Network, b) Logical Access and c) Cloud Security.• Socializing Policies with a larger group of 100 plus stakeholders including Security Architects, Cloud Security teams, IT Operations team, IAM teams, CISO teams.• CISO/CIO Reporting– - Using multiple tools and data sources: End Point Detection and Response, Web Application Firewall, Advanced Malware detection, Data Science/Risk Based Vulnerability Management system, PAM, phishing tools, etc.- Establish trends and action plan based on the trends.- Mapping reports to areas of NIST – Identify, Protect, Detect, Respond and Recover.• Business Continuity Planning – Single point of contact for the Information Security Department covering 100 plus staff members across 5 locations. Updated the BCP in ‘Fusion’ software.b) Information Technology General Controls (ITGC/GITC)• Policy, Procedures and Directives• Identifying and documenting Risks and associated controls and test procedures (advisory)• Testing of Design Effectiveness and Operating Effectiveness of controls (audit capacity)• Expertise in PCAOB guidelines, Sarbanes Oxley Act (SoX), SOC assignments, PCI-DSSc) Identity and Access Management• Documenting Access Policy and Procedure• Identifying tools that would help manage the Privilege and other access• Integrating the tools with existing authentications and managing periodic recertificationsFrameworks and Standards used:NIST, ISF, COSO, COBIT, ISO 27001 and PCI-DSS

Zoher Mala's Current Company Details
Solarium Consultants Inc.

Solarium Consultants Inc.

View
Governance, Risk and Compliance Consultant
Zoher Mala Work Experience Details
  • Solarium Consultants Inc.
    Director
    Solarium Consultants Inc. Aug 2011 - Present
    Toronto, Ca
    Managed to serve over 15 clients across industry verticals – Financial Services, BPO, Manufacturing and Service industries;Key Clients: KPMG, SunLIfe Financials, Royal Bank of Canada, Rogers Communications Inc. Brookfield Asset Management, Canadian Pacific Rail, MDS Inc., e-nxt Financials (Tata group), Nucleus Software
    View
  • Scotiabank
    Senior It Application Auditor
    Scotiabank Jun 2021 - Oct 2021
    Toronto, Ontario, Ca
    View
  • Allstate
    Grc Consultant
    Allstate Jun 2020 - Jun 2021
    Northbrook, Il, Us
    View
  • Ontario Treasury Board Secretariat
    Senior Internal Auditor
    Ontario Treasury Board Secretariat Oct 2019 - Mar 2020
    Ontario, Ca
    • Responsible for auditing complex infrastructure and applications used across Provincial government departments:- Access Controls including privileged access at the Applications and Infrastructure level- CyberSecurity Controls- Infrastructure controls covering change management, backup and Disaster recovery- Business Applications controls for Hyperion.
    View
  • Arcon
    Business Development, Americas
    Arcon Jan 2018 - Jan 2020
    Managing the Business Development initiatives for Arcon across Americas. This includes - 1) Building new partner and distributor network across Canada and US2) Reaching out to prospects and organizing demos with the help of pre-sales team3) Representing Arcon on events and help them organize events across Canada and US
  • Sun Life
    Security Governance Specialist
    Sun Life May 2019 - Sep 2019
    Oo
    • Policy and Directive Refresh for a) Infrastructure/Network, b) Logical Access and c) Cloud Security Guideline. Received inputs from the Subject Matter Experts (IAM, Infrastructure and Cloud Teams) and socialized with a larger group of 100 plus stakeholders. Ensured compliance to COBIT 2019 Framework• Working on findings of SOX reviews and other regulatory reviews.• CISO/CIO Reporting– Streamlined the Bi-weekly, Monthly and Quarterly reporting process:- Incorporated reports from multiple tools and data sources: End Point Detection and Response, Web Application Firewall, Advanced Malware detection, Data Science/Risk Based Vulnerability Management system, PAM, phishing tools, etc.- Establish trends and action plan based on the trends.- Mapping reports to areas of NIST – Identify, Protect, Detect, Respond and Recover.• Ensured the coverage of Cloud Controls (IaaS, PaaS and SaaS) in the key directives.• Tracking of action points for remediating the key findings by regulators and auditors.• Business Records Inventory – Single point of contact for the Information Security Department to manage the refresh of the Business records covering the classification, ownership, retention and security requirements for the information.• Business Continuity Planning – Single point of contact for the Information Security Department covering 100 plus staff members across 5 locations. Updated the BCP in ‘Fusion’ software.
    View
  • Dhx Media
    Independent Risk And Controls Consultant
    Dhx Media Nov 2015 - Dec 2018
    Using my extensive knowledge and experience in Media sector to implement a Controls Environment covering - - Entity Level Controls- IT General Controls- Business Process Controls - Automated and Manual- Implement GRC Software ‘TeamMate’ successfully- Document the gaps and putting a remediation plan in place;- Communicate the findings and action plan to the Audit CommitteeThe Project involved consultation with regards to documentation of the Policies and Standards as well as conducting the design and operating effectiveness testing. There was significant progress made on the roadmap to compliance over the period of my association
  • Rbc
    Independent Grc Consultant
    Rbc May 2015 - Oct 2015
    Toronto, Ontario, Ca
    Provided expertise to the Enterprise IT Risk group. Was part of the Second Line of Defense as a Subject Matter Expert for drafting Policies and Standards based on Industry standards. Highlights of the project - 1) Worked on drafting the Policies and Standards along with the first line of defense. 2) Socialized the Policies and Standards with the key stakeholders - Right from the drafting stage till the completion stage3) Interacted with key stakeholders across the organisation and across levels to ensure buy in 4) Aligned the Policies and Standards across the Enterprise5) Used COBIT 5 as the framework.
    View
  • Sunopta
    Independent Consultant
    Sunopta Dec 2014 - Oct 2015
    Eden Prairie, Minnesota, Us
    Oracle R12 Implementation review• Reviewing of documentation including the project plan, steering committee meetings, Requirement analysis, testing documents, sign offs etc.• Access controls – This includes the review of the results of a third party automated tool that gives the results of Sensitive access and Segregation of Duty Conflicts in Oracle.• The design and operating effectiveness of the configurable controls and functional controls• Data Migration review
    View
  • Kpmg
    Independent Consultant
    Kpmg Aug 2014 - Nov 2014
    Toronto, On, Ca
    Provided expertise in the areas of IT Audits in the Financial Services Sector - • Was responsible for testing Automated Controls and IT General Controls for 2 large banks. • Managed the testing of controls for SSAE 16 at the Data Center.
    View
  • Pwc
    Senior Manager
    Pwc 2007 - Aug 2011
    Gb
    Review of IT Cotrols and Business Process Controls for Fortute 500 clients. Speicialized in BFSI, Media and Entertainment and Logistics
    View
  • Pwc
    Senior Manager
    Pwc Apr 2003 - Aug 2011
    Gb
    April 2003 till 2005 - PwC Toronto, CanadaApril 2007 till August 2011 - PwC IndiaIT Cotrols and Business Process Controls for Fortute 500 clients. Speicialized in BFSI, Media and Entertainment and Logistics- Review for top tier clients their IT Governance standards, Risk Assessment and Control Environment, IT General Controls and Business Process Controls- Manage SAS 70/ISAE 3402 projects. Also involved in proposals for third party assurance projects (ISAE 3402 and SSAE 16)- Review the Controls at the India Back office Operations of Key Global clients- Present findings, implications and recommendations to the Audit Committee, CFO and CIO- Help the client with the Strategy for key transformation processes specifically for Implementation of New Systems/Applications- Review the Internal Audit work at the client, in order to place reliance. Review includes Assessment of Internal Auditor independence and quality, review of their scope, findings and tracking of the issues- Investigate misappropriation of assets and Financial Statement Fraud- Coach and Train staff across levels in areas like:Aura - PwC audit documentation software, Audit Methodology, Leadership skills, Business Process Controls etc.
    View
  • Zoher Consulting Limited
    Founder And Director
    Zoher Consulting Limited 2005 - 2007
    Provided consulting services in the areas of ITGC and Application Controls (applied extensive knowledge of COSO and COBIT framework, PCAOB guidelines and Sarbanes Oxley Act 2002). The following were some of the keyareas covered during consulting:- Formulating of the SOX Methodology for the client;- Scoping for the purposes of SOX compliance based on – a) Significant Accounts, Disclosures and Business Process/sub processes, b) Locations and c) Qualitative factors;- Documentation of Narratives, Flowcharts, Control Matrices, Deficiency Memos for IT Application controls, General Computer Controls (Program Change and Development, Security and Computer Operations) and Business Process Controls- Testing of the Design and Operating Effectiveness of the Entity LevelControls, IT Application controls, General computer Controls and Business Process Controls;- Review of Segregation of Duties(SOD) component for Key business cycles;- Documentation and testing of the Spreadsheet Controls.Clients - Royal Bank of Canada (RBC), Rogers Communication, Brookfield Asset Management, Canadian Pacific Rail, MDS inc. and KPMG
  • Citibank
    Manager - Information Security
    Citibank 2000 - 2003
    New York, New York, Us
    - Ensured that the Internal Controls and applications/internet banking applications complied with the Global Standards, Procedures and Guidelines as specified in the Bank’s ‘Information Security/Internal Control Policy’- Managed Operational Audits across 50 units and 60 applications- Documented, and flowcharted the Bank’s Processes- Involved in fraud detection and prevention measures and Investigations- Performed regulatory reporting to the regional offices (incidents, patch implementations, advisories, compliance plan, gap analysis, etc)- Managed controls at vendor/third party location including the introduction of encryption for all communication with vendors/third party, vendor evaluation from Controls perspective- Information Security Awareness training rolled out to around 4000 employees of the bank and its subsidiaries, etc- Responsible for the Controls/Information Security at e-Serve (Back office operations of the bank)- Liaised with the external auditors on IT and Financial controls
    View
  • Price Waterhouse Coopers
    Assistant Manager
    Price Waterhouse Coopers Feb 1997 - Jun 2000
    Gb
    View

Zoher Mala Skills

Internal Audit Sarbanes Oxley Act Auditing Internal Controls Business Process It Audit Governance Management Enterprise Risk Management Risk Management Ifrs Accounting Cobit Information Technology Risk Assessment Erp Sas70 Cisa Business Continuity Security Business Continuity Planning It Strategy Assurance Iso 27001 Analysis Consulting Forensic Accounting Cost Accounting Disaster Recovery It Management Coso Financial Reporting Financial Risk Finance External Audit Fraud Sarbanes Oxley Strategy Financial Audits Information Security Management Financial Analysis Business Process Improvement Operational Risk Management International Financial Reporting Standards Banking

Zoher Mala Education Details

  • Isaca
    Isaca
    It Audit
  • Certified Public Accountant (Cpa)
    Certified Public Accountant (Cpa)
    Accounting
  • The Institute Of Chartered Accountants Of India
    The Institute Of Chartered Accountants Of India
    Tax
  • Association Of Certified Fraud Examiners
    Association Of Certified Fraud Examiners
    Forensics And Investigations
  • Institute Of Cost Accountants Of India
    Institute Of Cost Accountants Of India
    Costing
  • Hr College
    Hr College
    Audit And Tax
  • Bharda New High School
    Bharda New High School

Frequently Asked Questions about Zoher Mala

What company does Zoher Mala work for?

Zoher Mala works for Solarium Consultants Inc.

What is Zoher Mala's role at the current company?

Zoher Mala's current role is Governance, Risk and Compliance Consultant.

What is Zoher Mala's email address?

Zoher Mala's email address is zo****@****hoo.com

What is Zoher Mala's direct phone number?

Zoher Mala's direct phone number is +164753*****

What schools did Zoher Mala attend?

Zoher Mala attended Isaca, Certified Public Accountant (Cpa), The Institute Of Chartered Accountants Of India, Association Of Certified Fraud Examiners, Institute Of Cost Accountants Of India, Hr College, Bharda New High School.

What skills is Zoher Mala known for?

Zoher Mala has skills like Internal Audit, Sarbanes Oxley Act, Auditing, Internal Controls, Business Process, It Audit, Governance, Management, Enterprise Risk Management, Risk Management, Ifrs, Accounting.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.