SlideShare a Scribd company logo

Resume-APOORVA KABRA

Download as DOCX, PDF
A
Apoorva Kabra
1 of 2
APOORVA KABRA IT/IS AUDITOR PHONE: 09716299151 EMAIL: apoorv akabra@hotmail.com PROFILE  IT Risk & business consulting professional with 6 years of div erse experience across IT Statutory audit, IT General control testing, Information security (ISMS) testing, ISO 27 001 control testing,, SOX 404 control testing, SSAE 16 (SOC) report and compliance rev iew.  Working as a part of the core assurance team to test the automated and IT dependent manualcontrols. Documenting the ov erall engagement in a central audit file over AURA depicting the testing performed for each individual controls and the lev el of ev idences v erified and tested with observ ations.  Dy namically involved in assessment of organization information technology (IT) architecture, casing the scope, which comprises – ISO 27 001:2013 compliance review and pre-certification assessment, review of policies and procedures dev eloped by the organizations, identifying and testing the critical financial controls, gap assessment to ISMS (Information security management system)and ISO 27001, Information security risk assessment, Access management, Change management, VAPT, BCP/DRP  Served leading multinational / fortune 500clients in industries viz., Telecom,Manufacturing,Technology,Publication, ITES/BPO and E-commerce etc.  Business Process rev iews such as P2P, FA, RnR, Pay roll etc. for audit clients.  Business Dev elopment Activ ity , Proposals for new Business EXPERIENCE S No INDUSTRY TENURE Methodologies worked upon 1 Price Waterhouse & Co (PWC) March 2015 – tillpresent IT audit, SOX 404 control testing, Report Testing, OS & DB testing,SSAE 16 report v alidation,ICFRreporting 2 Aircel March 2013-Feb 2015 InternalAudit Team, IT and NWsecurity audits, Marketing and Revenue AssuranceAudits etc. 3 Nokia Siemens Networks Dec 2009-Feb 2013 IT and NW security , NetworkOptimization OVERVIEW: Price waterhouse Coopers- Sy stem Process Assurance  Executed ITGCs audits focusing on the critical financial risk. Domains covered as part of testing includes User access testing, Change management, Program dev elopment and Computer operations.  Piloted sev eralclient engagements vis-à-vis mentoring teams of 5-6 people, managing project profitability, reporting to senior management and working closely with key client stakeholders and process owners  Executed Information technology general controls (ITGC) assignments at various client/organizations. This includes rev iew of policies and procedures, contract management,change and incident management, server and networkdevice hardening, physical and logical security controls of critical devices, compliance management, backup and recovery, asset management and CIA.  Conducted audits for application & database hosted over Oracle, SQL, technologies. Reviewed applications in respect to master database management, logical security, log management, change and incident management, data flow,link monitoring, I/O v alidation and data integrity , data leakage.  IT Project Lead for 2 big telecom operators in India and ov erseas for deliv ering end to end ITGC audit  Report testing  Business Process rev iews for audit clients  ICFR documentation for audit clients ( ITGC and Business Process)  Business Dev elopment Activ ity , Proposals for New Business Aircel- Internal Audit  Responsible for conducting end to end Business and IT/ NW security audits  Regulatory Audits,Application security audits,Data center audits, Marketing and sales , Revenue Assurance Audits etc.  Responsible for designing gap reports for audit committee meetings.
Nokia Siemens Networks- Security and Compliance  Network deploy ement  Network Security complaince  Worked on many intenational assignments inclduing staying in Africa for 4 months for deploy ement of networkfor a leading telecom operator  Domestic telecom operators audit engagements  Optimization audits EDUCATION & CERTIFICATIONS YEAR DEGREE/COLLEGE 2005-2009 Bachelor in Technology (Electronics and Telecom): Amity University, Noida 2005 Grade twelve: St.John’s School Mahrauli,Varanasi 2003 Grade tenth: St.John’s School Mahrauli,Varanasi 2010 Certified CCNA i.e. Ciscocertified NetworkAssociate

Recommended

Swetana A Purohit
Swetana A PurohitSwetana A Purohit
Swetana A PurohitSwetana Purohit
 
Thomas reinheimer resume 04152016
Thomas reinheimer resume 04152016Thomas reinheimer resume 04152016
Thomas reinheimer resume 04152016Tom Reinheimer
 
Jason Allred Resume
Jason Allred ResumeJason Allred Resume
Jason Allred ResumeJason Allred, MBA, CISA, CRISC, ITIL v3
 
Assessing IT Security and Compliance Risk for Acquisitions and Mergers
Assessing IT Security and Compliance Risk for Acquisitions and MergersAssessing IT Security and Compliance Risk for Acquisitions and Mergers
Assessing IT Security and Compliance Risk for Acquisitions and MergersMelanie Brandt
 
What is a Firewall Risk Assessment?
What is a Firewall Risk Assessment?What is a Firewall Risk Assessment?
What is a Firewall Risk Assessment?VISTA InfoSec
 
Industrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018 ben murphyIndustrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018 ben murphyPROFIBUS and PROFINET InternationaI - PI UK
 
Linda Lopez Resume 20170130 IT Security
Linda Lopez Resume 20170130 IT SecurityLinda Lopez Resume 20170130 IT Security
Linda Lopez Resume 20170130 IT SecurityLinda Lopez
 
Redspin HIPAA Security Risk Analysis RFP Template
Redspin HIPAA Security Risk Analysis RFP TemplateRedspin HIPAA Security Risk Analysis RFP Template
Redspin HIPAA Security Risk Analysis RFP TemplateRedspin, Inc.
 

Recommended

Swetana A Purohit
Swetana A PurohitSwetana A Purohit
Swetana A PurohitSwetana Purohit
 
Thomas reinheimer resume 04152016
Thomas reinheimer resume 04152016Thomas reinheimer resume 04152016
Thomas reinheimer resume 04152016Tom Reinheimer
 
Jason Allred Resume
Jason Allred ResumeJason Allred Resume
Jason Allred ResumeJason Allred, MBA, CISA, CRISC, ITIL v3
 
Assessing IT Security and Compliance Risk for Acquisitions and Mergers
Assessing IT Security and Compliance Risk for Acquisitions and MergersAssessing IT Security and Compliance Risk for Acquisitions and Mergers
Assessing IT Security and Compliance Risk for Acquisitions and MergersMelanie Brandt
 
What is a Firewall Risk Assessment?
What is a Firewall Risk Assessment?What is a Firewall Risk Assessment?
What is a Firewall Risk Assessment?VISTA InfoSec
 
Industrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018 ben murphyIndustrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018 ben murphyPROFIBUS and PROFINET InternationaI - PI UK
 
Linda Lopez Resume 20170130 IT Security
Linda Lopez Resume 20170130 IT SecurityLinda Lopez Resume 20170130 IT Security
Linda Lopez Resume 20170130 IT SecurityLinda Lopez
 
Redspin HIPAA Security Risk Analysis RFP Template
Redspin HIPAA Security Risk Analysis RFP TemplateRedspin HIPAA Security Risk Analysis RFP Template
Redspin HIPAA Security Risk Analysis RFP TemplateRedspin, Inc.
 
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj Purandare ☁
 
Soc
SocSoc
SocMukesh Chaudhari
 
Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1Sivasankaran Krishnan
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainInfosecTrain
 
7 essential steps to achieve, measure and prove optimal security risk reduction
7 essential steps to achieve, measure and prove optimal security risk reduction7 essential steps to achieve, measure and prove optimal security risk reduction
7 essential steps to achieve, measure and prove optimal security risk reductionmag4freemagazine
 
CMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentCMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentInfosec
 
Analyzing Your Government Contract Cybersecurity Compliance
Analyzing Your Government Contract Cybersecurity ComplianceAnalyzing Your Government Contract Cybersecurity Compliance
Analyzing Your Government Contract Cybersecurity ComplianceRobert E Jones
 
Technology Controls in Business - End User Computing
Technology Controls in Business - End User ComputingTechnology Controls in Business - End User Computing
Technology Controls in Business - End User Computingguestc1bca2
 
BCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsBCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsGareth Niblett
 
Qa Financials - 10 Smart Controls for Software Development
Qa Financials - 10 Smart Controls for Software DevelopmentQa Financials - 10 Smart Controls for Software Development
Qa Financials - 10 Smart Controls for Software DevelopmentHernan Huwyler, MBA CPA
 
Analyzing Your GovCon Cybersecurity Compliance
Analyzing Your GovCon Cybersecurity ComplianceAnalyzing Your GovCon Cybersecurity Compliance
Analyzing Your GovCon Cybersecurity ComplianceRobert E Jones
 
Audit of it infrastructure
Audit of it infrastructureAudit of it infrastructure
Audit of it infrastructurepramod_kmr73
 
Scope of work IT DD
Scope of work IT DDScope of work IT DD
Scope of work IT DDIvan Piskunov
 
Facility Environmental Audit Guidelines
Facility Environmental Audit GuidelinesFacility Environmental Audit Guidelines
Facility Environmental Audit Guidelinesamburyj3c9
 
Proteus OCM Company Profile
Proteus OCM Company ProfileProteus OCM Company Profile
Proteus OCM Company ProfileKGanzy
 
Cdpse course content infosec train
Cdpse course content infosec trainCdpse course content infosec train
Cdpse course content infosec trainShivamSharma909
 
HIPAA Safeguard Slides
HIPAA Safeguard SlidesHIPAA Safeguard Slides
HIPAA Safeguard Slidesprojectwinner
 
Building a SOC - hackmiami 2018
Building a SOC - hackmiami 2018Building a SOC - hackmiami 2018
Building a SOC - hackmiami 2018Jose Hernandez
 
Cybersecurity Compliance in Government Contracts
Cybersecurity Compliance in Government ContractsCybersecurity Compliance in Government Contracts
Cybersecurity Compliance in Government ContractsRobert E Jones
 
Why should I do SOC2?
Why should I do SOC2?Why should I do SOC2?
Why should I do SOC2?VISTA InfoSec
 
Bayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore.
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan MMohan M
 

More Related Content

What's hot

Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj Purandare ☁
 
Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1Sivasankaran Krishnan
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainInfosecTrain
 
7 essential steps to achieve, measure and prove optimal security risk reduction
7 essential steps to achieve, measure and prove optimal security risk reduction7 essential steps to achieve, measure and prove optimal security risk reduction
7 essential steps to achieve, measure and prove optimal security risk reductionmag4freemagazine
 
CMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentCMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentInfosec
 
Analyzing Your Government Contract Cybersecurity Compliance
Analyzing Your Government Contract Cybersecurity ComplianceAnalyzing Your Government Contract Cybersecurity Compliance
Analyzing Your Government Contract Cybersecurity ComplianceRobert E Jones
 
Technology Controls in Business - End User Computing
Technology Controls in Business - End User ComputingTechnology Controls in Business - End User Computing
Technology Controls in Business - End User Computingguestc1bca2
 
BCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsBCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsGareth Niblett
 
Qa Financials - 10 Smart Controls for Software Development
Qa Financials - 10 Smart Controls for Software DevelopmentQa Financials - 10 Smart Controls for Software Development
Qa Financials - 10 Smart Controls for Software DevelopmentHernan Huwyler, MBA CPA
 
Analyzing Your GovCon Cybersecurity Compliance
Analyzing Your GovCon Cybersecurity ComplianceAnalyzing Your GovCon Cybersecurity Compliance
Analyzing Your GovCon Cybersecurity ComplianceRobert E Jones
 
Audit of it infrastructure
Audit of it infrastructureAudit of it infrastructure
Audit of it infrastructurepramod_kmr73
 
Facility Environmental Audit Guidelines
Facility Environmental Audit GuidelinesFacility Environmental Audit Guidelines
Facility Environmental Audit Guidelinesamburyj3c9
 
Proteus OCM Company Profile
Proteus OCM Company ProfileProteus OCM Company Profile
Proteus OCM Company ProfileKGanzy
 
Cdpse course content infosec train
Cdpse course content infosec trainCdpse course content infosec train
Cdpse course content infosec trainShivamSharma909
 
HIPAA Safeguard Slides
HIPAA Safeguard SlidesHIPAA Safeguard Slides
HIPAA Safeguard Slidesprojectwinner
 
Building a SOC - hackmiami 2018
Building a SOC - hackmiami 2018Building a SOC - hackmiami 2018
Building a SOC - hackmiami 2018Jose Hernandez
 
Cybersecurity Compliance in Government Contracts
Cybersecurity Compliance in Government ContractsCybersecurity Compliance in Government Contracts
Cybersecurity Compliance in Government ContractsRobert E Jones
 
Why should I do SOC2?
Why should I do SOC2?Why should I do SOC2?
Why should I do SOC2?VISTA InfoSec
 

What's hot (20)

Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...
 
Soc
SocSoc
Soc
 
Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | Infosectrain
 
7 essential steps to achieve, measure and prove optimal security risk reduction
7 essential steps to achieve, measure and prove optimal security risk reduction7 essential steps to achieve, measure and prove optimal security risk reduction
7 essential steps to achieve, measure and prove optimal security risk reduction
 
CMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentCMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessment
 
Analyzing Your Government Contract Cybersecurity Compliance
Analyzing Your Government Contract Cybersecurity ComplianceAnalyzing Your Government Contract Cybersecurity Compliance
Analyzing Your Government Contract Cybersecurity Compliance
 
Technology Controls in Business - End User Computing
Technology Controls in Business - End User ComputingTechnology Controls in Business - End User Computing
Technology Controls in Business - End User Computing
 
BCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider ThreatsBCS ITNow 201606 - Insider Threats
BCS ITNow 201606 - Insider Threats
 
Qa Financials - 10 Smart Controls for Software Development
Qa Financials - 10 Smart Controls for Software DevelopmentQa Financials - 10 Smart Controls for Software Development
Qa Financials - 10 Smart Controls for Software Development
 
Analyzing Your GovCon Cybersecurity Compliance
Analyzing Your GovCon Cybersecurity ComplianceAnalyzing Your GovCon Cybersecurity Compliance
Analyzing Your GovCon Cybersecurity Compliance
 
Audit of it infrastructure
Audit of it infrastructureAudit of it infrastructure
Audit of it infrastructure
 
Scope of work IT DD
Scope of work IT DDScope of work IT DD
Scope of work IT DD
 
Facility Environmental Audit Guidelines
Facility Environmental Audit GuidelinesFacility Environmental Audit Guidelines
Facility Environmental Audit Guidelines
 
Proteus OCM Company Profile
Proteus OCM Company ProfileProteus OCM Company Profile
Proteus OCM Company Profile
 
Cdpse course content infosec train
Cdpse course content infosec trainCdpse course content infosec train
Cdpse course content infosec train
 
HIPAA Safeguard Slides
HIPAA Safeguard SlidesHIPAA Safeguard Slides
HIPAA Safeguard Slides
 
Building a SOC - hackmiami 2018
Building a SOC - hackmiami 2018Building a SOC - hackmiami 2018
Building a SOC - hackmiami 2018
 
Cybersecurity Compliance in Government Contracts
Cybersecurity Compliance in Government ContractsCybersecurity Compliance in Government Contracts
Cybersecurity Compliance in Government Contracts
 
Why should I do SOC2?
Why should I do SOC2?Why should I do SOC2?
Why should I do SOC2?
 

Similar to Resume-APOORVA KABRA

Bayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore.
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan MMohan M
 
Resume_Alok_IT_Audit
Resume_Alok_IT_AuditResume_Alok_IT_Audit
Resume_Alok_IT_AuditAlok Sharma
 
Gourav ladha - Profile
Gourav ladha - ProfileGourav ladha - Profile
Gourav ladha - ProfileGourav Ladha
 
Linder,William H IT Auditor 0216
Linder,William H IT Auditor 0216Linder,William H IT Auditor 0216
Linder,William H IT Auditor 0216William Linder
 
Linder,William H IT Auditor 0216
Linder,William H IT Auditor 0216Linder,William H IT Auditor 0216
Linder,William H IT Auditor 0216William Linder
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offeringeeaches
 
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S proaxissolutions
 
Cyber Security IT GRC Management Model and Methodology.
Cyber Security IT GRC Management Model and Methodology.Cyber Security IT GRC Management Model and Methodology.
Cyber Security IT GRC Management Model and Methodology.360factors
 
Bapaiah Kolli Resume
Bapaiah Kolli ResumeBapaiah Kolli Resume
Bapaiah Kolli ResumeBapaiah Kolli
 
Thomas r sauer_projectresume_2013
Thomas r sauer_projectresume_2013Thomas r sauer_projectresume_2013
Thomas r sauer_projectresume_2013trsauer75
 
TITUS JOHN NJUHIGU- cv
TITUS JOHN NJUHIGU- cvTITUS JOHN NJUHIGU- cv
TITUS JOHN NJUHIGU- cvtitus njuhigu
 

Similar to Resume-APOORVA KABRA (20)

Bayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance Analyst
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
 
Resume_Alok_IT_Audit
Resume_Alok_IT_AuditResume_Alok_IT_Audit
Resume_Alok_IT_Audit
 
Gourav ladha - Profile
Gourav ladha - ProfileGourav ladha - Profile
Gourav ladha - Profile
 
Linder,William H IT Auditor 0216
Linder,William H IT Auditor 0216Linder,William H IT Auditor 0216
Linder,William H IT Auditor 0216
 
Linder,William H IT Auditor 0216
Linder,William H IT Auditor 0216Linder,William H IT Auditor 0216
Linder,William H IT Auditor 0216
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISA
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offering
 
Consulting_Audit_Security
Consulting_Audit_SecurityConsulting_Audit_Security
Consulting_Audit_Security
 
PricewaterhouseCoopers profile
PricewaterhouseCoopers profilePricewaterhouseCoopers profile
PricewaterhouseCoopers profile
 
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S
 
G-CISO
G-CISOG-CISO
G-CISO
 
Vinod_Resume
Vinod_ResumeVinod_Resume
Vinod_Resume
 
Cyber Security IT GRC Management Model and Methodology.
Cyber Security IT GRC Management Model and Methodology.Cyber Security IT GRC Management Model and Methodology.
Cyber Security IT GRC Management Model and Methodology.
 
Bapaiah Kolli Resume
Bapaiah Kolli ResumeBapaiah Kolli Resume
Bapaiah Kolli Resume
 
S Rod Simpson Resume
S Rod Simpson ResumeS Rod Simpson Resume
S Rod Simpson Resume
 
TyroneResume[1]
TyroneResume[1]TyroneResume[1]
TyroneResume[1]
 
Thomas r sauer_projectresume_2013
Thomas r sauer_projectresume_2013Thomas r sauer_projectresume_2013
Thomas r sauer_projectresume_2013
 
Vivek cv
Vivek cvVivek cv
Vivek cv
 
TITUS JOHN NJUHIGU- cv
TITUS JOHN NJUHIGU- cvTITUS JOHN NJUHIGU- cv
TITUS JOHN NJUHIGU- cv
 

Resume-APOORVA KABRA

  • 1. APOORVA KABRA IT/IS AUDITOR PHONE: 09716299151 EMAIL: apoorv akabra@hotmail.com PROFILE  IT Risk & business consulting professional with 6 years of div erse experience across IT Statutory audit, IT General control testing, Information security (ISMS) testing, ISO 27 001 control testing,, SOX 404 control testing, SSAE 16 (SOC) report and compliance rev iew.  Working as a part of the core assurance team to test the automated and IT dependent manualcontrols. Documenting the ov erall engagement in a central audit file over AURA depicting the testing performed for each individual controls and the lev el of ev idences v erified and tested with observ ations.  Dy namically involved in assessment of organization information technology (IT) architecture, casing the scope, which comprises – ISO 27 001:2013 compliance review and pre-certification assessment, review of policies and procedures dev eloped by the organizations, identifying and testing the critical financial controls, gap assessment to ISMS (Information security management system)and ISO 27001, Information security risk assessment, Access management, Change management, VAPT, BCP/DRP  Served leading multinational / fortune 500clients in industries viz., Telecom,Manufacturing,Technology,Publication, ITES/BPO and E-commerce etc.  Business Process rev iews such as P2P, FA, RnR, Pay roll etc. for audit clients.  Business Dev elopment Activ ity , Proposals for new Business EXPERIENCE S No INDUSTRY TENURE Methodologies worked upon 1 Price Waterhouse & Co (PWC) March 2015 – tillpresent IT audit, SOX 404 control testing, Report Testing, OS & DB testing,SSAE 16 report v alidation,ICFRreporting 2 Aircel March 2013-Feb 2015 InternalAudit Team, IT and NWsecurity audits, Marketing and Revenue AssuranceAudits etc. 3 Nokia Siemens Networks Dec 2009-Feb 2013 IT and NW security , NetworkOptimization OVERVIEW: Price waterhouse Coopers- Sy stem Process Assurance  Executed ITGCs audits focusing on the critical financial risk. Domains covered as part of testing includes User access testing, Change management, Program dev elopment and Computer operations.  Piloted sev eralclient engagements vis-à-vis mentoring teams of 5-6 people, managing project profitability, reporting to senior management and working closely with key client stakeholders and process owners  Executed Information technology general controls (ITGC) assignments at various client/organizations. This includes rev iew of policies and procedures, contract management,change and incident management, server and networkdevice hardening, physical and logical security controls of critical devices, compliance management, backup and recovery, asset management and CIA.  Conducted audits for application & database hosted over Oracle, SQL, technologies. Reviewed applications in respect to master database management, logical security, log management, change and incident management, data flow,link monitoring, I/O v alidation and data integrity , data leakage.  IT Project Lead for 2 big telecom operators in India and ov erseas for deliv ering end to end ITGC audit  Report testing  Business Process rev iews for audit clients  ICFR documentation for audit clients ( ITGC and Business Process)  Business Dev elopment Activ ity , Proposals for New Business Aircel- Internal Audit  Responsible for conducting end to end Business and IT/ NW security audits  Regulatory Audits,Application security audits,Data center audits, Marketing and sales , Revenue Assurance Audits etc.  Responsible for designing gap reports for audit committee meetings.
  • 2. Nokia Siemens Networks- Security and Compliance  Network deploy ement  Network Security complaince  Worked on many intenational assignments inclduing staying in Africa for 4 months for deploy ement of networkfor a leading telecom operator  Domestic telecom operators audit engagements  Optimization audits EDUCATION & CERTIFICATIONS YEAR DEGREE/COLLEGE 2005-2009 Bachelor in Technology (Electronics and Telecom): Amity University, Noida 2005 Grade twelve: St.John’s School Mahrauli,Varanasi 2003 Grade tenth: St.John’s School Mahrauli,Varanasi 2010 Certified CCNA i.e. Ciscocertified NetworkAssociate