Information Security/Audit - Senior Associate
Price Waterhouse Coopers
Total des années d'expérience :12 years, 4 Mois
Analyst 1 | Price Waterhouse Coopers | www.pwc.com/lk
100, Braybrooke Place, Colombo 02, Si Lanka | From May 2012 to present (2 years completed)
PricewaterhouseCoopers (PwC) is one of the world's pre-eminent professional services organisations
following the three main service lines Assurance Services, Tax Advisory and consultations which also
includes IT security services.
As an IT auditor of PWC I was permanently employed on the Risk Assurance sector engaged in internal and external IT security audits for various industries. I was also engaged in taking part and
conducting IT security projects with the IT security advisory and consultation services division.
Key Milestones and Achievements at PWC:
• Successfully completed 2 years at PWC.
• Got promoted from Analyst 2 to Analyst 1 last year, and I await promotions to senior
associate in July 2014.
• Performed internal and external IT security audits for more than 35 clients of PWC allied to various industries such as Telecommunication, Airlines, Banking, Manufacturing, Financials and Insurance, Logistics and apparels, Hospitality, Health care, Food and beverages,
Broadcasting, electricity etc.
• I was sent on business tours twice to Maldives PWC to conduct IT security audits for clients in
Male and Islands. There, I gained good exposure in handling overseas clients allied to several
industries and robust technologies.
• I also performed reviews and GAP analysis on ISO 27001:27002 standards for two leading
organizations.
• I learnt to develop well-crafted audit reports including results and recommendations for management based on the outcome of the audit. Address auditing and operational issues in
promptly with the client's management and was able to schedule to analyse each company's
policies and process.
Technical exposure gained at PWC:
• I improved my expertise in database security analysis on production environment of various
clients. (Analysed databases such as Oracle, DB2, UDB, MS SQL, MY SQL and etc)
• Gained good exposure on network security auditing within the client's network perimeter,
firewalls, switches and routers.
• Learnt to audit ERPs and accounting applications such as JD Edwards, HIS (on AS400),
ACCPAC, FINPAC, Sun Financials, Oracle Financials, SAP, Comanche, HBMS, Tally etc.
• Audited operating systems such as Linux, AIX, OS 400, Microsoft etc.
• I was given basic training on auditing and analysing IT security aspects on the SAP system and its environment.
• I gained expertise in IT security and governance which in-cooperates the following,
o Auditing IT security policies and procedures
o Disaster recovery and Business continuity
o IT security governance,
o Risk assessment and access management
o Data classification and Application security
o In depth Network and Database security
o Cryptography and Encryption mechanism
o Incident management, Change management
o ITGC and application controls
Contact Centre Associate | Dialog Axiata PLC | www.dialog.lk/
Union Place Colombo 02, Sri Lanka | September 2008 to January 2009 (5 month')
Worked as a part-timer at this leading mobile telecommunication organisation during the initial stages of my university life.
• Support and provide superior service via phones assist their problems with concern.
• Use the most appropriate way to communicate with different behaviour types on the telephone.
• Ensure that I meet commitments to customers
• Prove ability to communicate with customers in all three languages fluently.
KEY TECHNICAL SKILLS
Graduate Degree: Bachelor of Science (B.Sc.), Information Technology | Special Honors Sri Lankan Institute of Information Technology, Malabe. http://www.sliit.lk/ Special achievements and projects at university • Fourth year project (final): “i-student” ANDROID application development Technologies: Android SDK, SQLite, MySQL with PHP, JSON, Java Swings, GCM (Google Cloud Messaging framework), GPS. Position: Team Leader Completed my final year project which is an android application named "i-student". Briefly it is a project which connects the whole university within one mobile device. Has functionalities such as student management, access the university library functionality, file transfer over internet, GPS location finder within university premises and friend finder inside building using Wi-Fi technology • Third Year Project (Semester I): Developed a standalone application for a pawn brokering Shop. Technologies: Java Swings, MySQL (5.1) Position: Team Leader • Second Year Project (Semester II): Developed a swing application (Inventory control system). • Stock control system for a textile.