Group Technology Audit Manager - Cyber Lead
Sky
مجموع سنوات الخبرة :15 years, 8 أشهر
- Lead the Cyber agenda and support the Group Head of IT Audit in delivering the annual IT audit plan.
- Contribute to the annual IT audit plan by highlighting applicable Cyber risks and trends.
- Plan, lead and end to end delivery of Cyber and IT audits and manage the support auditors.
- Support the execution of integrated audits jointly with other audit teams.
- Formulate audit conclusions, prepare audit reports and present the risk for the Audit Committee.
- Track the status and resolution of issues raised.
- Build and foster relationships with key individuals and decision makers.
- Support enterprise wide risk management activities and monitor key risks.
- Initiate and deliver agreed initiatives to achieve continuous improvement.
- Partner and liaise with the Audit Committee and External Auditors as necessary.
- Keep up to date on relevant technical developments and the associated regulatory and statutory environment.
- Act as a role model and inspire others to embrace Deloitte’s values and purpose.
- Create opportunities to drive impact; anticipate client needs and deliver superior results by leveraging each person’s strengths to build high performing teams.
- Translate broader strategy into a compelling team vision and goals; align the team and set priorities to achieve objectives.
- Develop a keen understanding of the client’s strategy to influence and advise client’s senior leadership on key risk decisions.
- Ensure an effective audit approach and mitigation plan execution in alignment with the enterprise audit framework, risk culture and the overall business strategy.
- Lead projects and provide strategic direction across the account to deliver a superior client experience.
- Develop reports and presentation that are strategically aligned with the client’s goals and drive success.
- Project confidence, establish credibility with and influence clients at all levels.
- Ability to define forward looking and business-aligned solutions.
- Examples of my work include:
Internal Audit Delivery
I managed the delivery of a very large and complex internal audit programme for a global retail bank and advertising company. The audit plan included a variety of emerging topic areas such as Identity and Access Management, ERP Systems, Database Technologies, Perimeter and Network Infrastructure, Change Management, Application Security, PCI-DSS Compliance, Cloud Computing, Incident Management, Security Operations, IT Operations, Backup and Disaster Recovery, Risk Governance, Cyber Awareness and Training.
I delivered the portfolio of audits over a period of two years utilising a core team of four auditors within the agreed scope, budget and schedule to a very high standard. The stakeholders feedback was that the series of audits helped bring positive change in the operating environment and the strong Cyber focus ensured that the organisations remain in touch with emerging risk areas and bring positive step change.
Cyber Incident Response
A global cyber attack had infected the client’s network across ports and offices in over 120 countries. Laptops stopped working, and the world's largest shipping distribution company came to a halt. Deloitte mobilised a team over 130 professionals working in shifts 24/7 to restore systems and get the organisation back up and running.
I was tasked to lead the team providing security validation for all new server builds, processing over 1, 200 servers across the globe in 10 days. My team was responsible to develop the criteria for server hardening, prioritise the business critical servers and provide approval decisions round the clock to aid reconstruction of the server infrastructure. Importantly, our client had their ships moving again.
Cyber Risk Assessments
I managed the team and delivery of the design and implementation of the Cyber Risk Assessment process.
- Perform the technical components of risk assessments and compliance audits to provide an accurate view of the client’s current risk state.
- Manage own work against the project plan, applying quality assurance, and risk procedures to ensure a superior client experience.
- Articulate thoughts and ideas in a clear and composed manner to instil confidence in team and clients.
- Leverage industry-leading technology frameworks, methods, and tools to increase technology effectiveness of solutions.
- Develop and execute compliance audits, strategies, and roadmaps to provide client with need-based, value-adding, and cost-effective technology and data risk solutions.
- Perform complex process assessments and design solutions to improve client’s operational efficiency and compliance.
- Evaluate internal control design issues, develop mitigation plans, and assess and design internal controls procedures and policies.
- Conduct complex business analyses, leveraging a variety of tools and technologies to support project goals and objectives.
- Produce a high-quality work product and collaborate with others to deliver a superior client experience.
- Develop impactful reports and presentations that support the achievement of engagement goals and objectives.
- Understand how business functions operate and how industry trends impact a client’s business.
- Deliver key messages with clarity, confidence, and poise to instil confidence in clients.
- Perform end-to-end business process analysis and design.
- Gather, synthesize, and analyse data using appropriate tools and technologies.
- Understand the client’s business, interpret sector trends, and learn leading practices.
- Effectively interact with colleagues and clients of varying backgrounds to effectively serve clients.
- Form a core technology and data risk skillset through proactively conducting research, and participating to internal and external initiatives.
- Leverage industry-leading frameworks, methods, and tools to increase effectiveness of technology and data risk solutions.
I have completed 42 courses including 2 projects with a major in software engineering and expertise in Technical documentation with a CGPA of 3.6.
I completed my high school with a 78% overall marksin Pre engineering (mathematics) background.