Team Leader A Manager

Location:

Bridgewater, NJ

Posted:

September 24, 2024

Contact this candidate

Resume:

Suresh N. Bharadwaj – Audit, Compliance, Risk Assessment

Specialization – Governance, Risk and Compliance, Audit

Industry Experience (US) – HCL, Communications (Brightstar, AT&T,) Pharma (Bristol Myers Squibb, Syneos Health), Financial (American Stock Transfer, Computershare), Defense and Aerospace (Loral Space and Communications, L3 Communications).

Residence : Bridgewater, NJ (US Citizen)

Qualifications/ Certifications

Expertise/Specialization

Certified Information Systems Auditor

Compliance – Contractual, Regulatory,

Certified Internal Auditor

IT Security Assessments

Bachelor of Science in Physics

Controls Evaluation and Design including Third Party Risk Assessment

Certified Public Accountant (Inactive)

Audits / Audit Support – Internal and External

Chartered Accountant

Systems Development to mitigate/resolve control weaknesses

Profile:

Developed Control Self Assessment Processes

Performed Financial /Operational audits, SOX/Compliance, Information Systems Audits, Design, implementation and maintenance of internal controls to meet Operational, Regulatory and Contractual requirements, in line with applicable standards such as NIST / COBIT / PCI standards.

Managed Contractual Compliance for large enterprises. Improved operational execution for SLA compliance and service quality.

Remediated high control risk environments to zero deficiency perfection. Optimized service delivery plans, follow up on execution and provide periodic status reports to customer and delivery teams.

Third Party Risk Management including Evaluation of operational and regulatory risk, Internal Control Environment and Contractual Performance.

Business Continuity and Disaster Recovery Management, Risk Assessment, Third Party Risk Management, and Financial Reporting.

Effected systems and process improvements to strengthen Internal Control environment and ensure operational, financial, regulatory, Internal Control framework compliance.

Skills:

Process design and implementation, Training, Documentation, Communication, ServiceNow (Problem, Incident, Change Management, Asset Management) • OneTrust, SailPoint, MS Suite • SharePoint • Identity and Access Management • Information Security• Application Security Assessments• Data Privacy• NIST CSF • GDPR • PCI DSS • Regulatory Compliance • Business Continuity Management • Vendor Management • COBIT • COSO • PCI-DSS •

Professional Engagements Portfolio:

Engagement Experience – HCL Technologies (May 2019 – Sept 2024)

Manager – Compliance in large Pharma, and Communications customer accounts.

Overview

Developed, Implemented and Maintained Internal Control Self Assessment processes.

Contributed significantly in building, updating and maintaining the SOX Control Framework according to COSO and COBIT, enabling managers to bridge the gap between control requirements, technical issues and business risks. Planning, management, oversight and execution of SOX 302 and 404 test work. Responsible for SOX Testing and reporting for Financial Accounting and IT cycles. Analyze the reliability and integrity of internal controls; identify gaps/deficiencies and recommend opportunities for improvement through system and procedural changes.

Performed Quarterly risk assessments. Developed and maintained Key Risk Indicators, Key Performance Indicators, systems for recording, reporting, monitoring and dispositioning of Operational Risk events.

Tracked and monitored SLA’s to identify trends that may indicate operational control weaknesses. Participate in operational SLA metrics review and coordinate with stake holders to resolve identified issues. Review internal Key Performance Indicators (KPIs) and assist in evolving action plans, when necessary, to improve performance.

Instituted IT General Controls and IT operational controls to comply with SOX and regulatory compliance as well as Data Protection and Privacy requirements.

Executed Projects to automate User Access Provisioning/Deprovisioning, training and Attestation processes. Implemented controls to restrict privileged access, designed approval requirements, participated in CyberArk implementation for monitoring privileged access and drafted UAM policies and procedures.

Drafted IT Security Policies and Procedures and process documentation to meet control and regulatory requirement and in alignment with organizational objectives.

Developed Training Programs and rolled them out to the teams to ensure all team members were aware of the requirements that needed to be complied with.

Reviewed SOC Audit reports to evaluate vendor control environment and identify key risks. Coordinated the execution of SOC 2 Reviews.

Periodic Internal Audits. Ensures that all deliverables agreed under the Customer agreement are duly completed, delivered and approved.

Strengthened control environment to mitigate risks and reduce audit exceptions by over 80 percent.

Coordinate training/update programs.

Evaluated information security program in coordination with the IT Security Department, and identified open risks that required mitigation.

Maintained overall relationship management with the Customer. Coordinated with customer and HCL for ongoing benefits, opportunities, and innovation for continual service improvement.

Aligned stakeholders and functional groups to identify complex business and challenges face by the Customer, improving Customer satisfaction, resolving Customer escalations, and overall service performance. Organized and coordinated periodic meetings between customer and HCL SPOCs to work towards resolution of open items.

American Stock Transfer & Trust Co;

Senior Consultant / Internal Audit Sept 2014 to Feb 2019

Participated in annual risk assessment process. Develop and maintain Key Risk Indicators, Key Performance Indicators, systems for recording, reporting, monitoring and dispositioning of Operational Risk events. Conducted risk based approach assessments of IT business segments to ensure that focus of in-depth reviews related to high risk/high criticality areas.

Planning, management, oversight and execution of SOX 302 and 404 test work. Responsible for SOX Testing and reporting for Financial Accounting and IT cycles. Analyze the reliability and integrity of internal controls; identify gaps/deficiencies and recommend opportunities for improvement through system and procedural changes.

Instituted IT General Controls and IT operational controls in anticipation of SOX and regulatory compliance to meet stock listing requirements.

Monitoring of controls environment to assess maturity levels and maintain adequate test coverage based on changing risk profile.

Directed and coordinated the New York Department of Financial Services requirements for the protection of sensitive customer information including an incident response plan, annual penetration testing and vulnerability scans. Compliance reviews included all regulatory requirements related to the financial services industry.

Identified and resolved weaknesses / errors in system/process, resulting in significant strengthening of operational controls and prevention of penalties/fines.

In collaboration with Vendor Management function, built Third Party Risk Management Program. Evaluation of vendor Internal controls and risks via inquiry and review of SOC reports. Performed Third Party security assessments.

Communicate with operating and financial management, establish and maintain strong working relationships with all levels of management

Created and implemented system automations, policy changes, customer education and account security procedures

Computershare; Senior Internal Auditor June 2013 to July 2014

IT and Business Process Internal Control reviews

Execute audits end to end; Planning, Risk analysis, Process Documentation, Scoping, Audit Programs, Audit Reports.

Evaluated off-shored vendor services for compliance with contractual and regulatory requirements. Vendor SOC Report Reviews to evaluate adequacy of controls.

Evaluated on-shore and off-shore data centers for adequacy of internal controls to meet contractual, regulatory requirements.

Special projects as assigned.

Loral Space and Communications Manager, Internal Audit May 2004-Mar 2013

Participated in the creation of the enterprise-wide framework for management of operational risks to ensure adherence to legal, regulatory and internal requirements, collaborating with Audit Director.

Delivered value-added recommendations and process improvements which strengthened internal controls for disaster recovery. Identified the need for redundancies as a disaster recovery strategy in ground control stations to protect against loss of control over satellites during an outage.

Reviewed transition to vendor based cloud computing. Evaluated agreements for compliance with control, privacy, regulatory requirements. Reviewed IT controls over cloud environment – Software, and Infrastructure as a service sourced from IBM.

Performed evaluation of third party data centers for compliance with contractual requirements with focus on IT Security

Performed audit engagements from concept to execution including drafting detailed scope memos, creating work papers, and producing audit reports and action plans supported by business unit input.

Perform Financial Audits for compliance with GAAP and SEC reporting requirements. Identified process weaknesses, Improved monitoring controls over use of spreadsheets in financial accounting.

Monitoring of controls environment to assess maturity levels and maintain adequate test coverage based on changing risk profile.

Develop and maintain Key Risk Indicators, Key Performance Indicators, systems for recording, reporting, monitoring and dispositioning of Operational Risk events.

IT Application systems review included; Operating and Application security controls, System Migration Reviews, Disaster Recovery Reviews, Business Application controls, Change Management, Network Security. Oracle 11i, SAP, Industrial and Financial Systems (IFS), Hyperion, Solomon.

AT&T Senior Internal Auditor May 2003-May 2004

Instituted audit policies, concepts, and process controls that enabled transparency and clearer risks/rewards in compliance with SOX guidelines and management of operational exposures.

Instrumental in SOX compliance testing for Purchasing, Accounts Payable, Contracting, Restricted Access, Internal Use Software and Oversees Operations.

Through strategic partnering with management, conducted gap analysis that uncovered cost-saving opportunities; assisted in implementing risk treatments to minimize roadblocks in achieving strategic goals.

L3 Communications Senior Internal Auditor May 2001-May 2003

Operational, financial, regulatory and IT reviews

Provided recommendations for strengthening compliance and bolstering corporate governance in IT areas of System Migration, Network Security, Disaster Recovery, Access Controls and Change Management.

Investigated and uncovered appropriate interventions to reduce risk, costs, and liability to the organization

Assisted in designed an annual audit plan and drove identification, assessment and management of risk exposures in accordance with business objectives.

Loral Space and Communications Senior Internal Auditor June 1999 – May 2001

Performed operational and financial audits under the supervision of the Audit Manager.

Made significant findings and process improvements in the areas of inventory control, sales compensation payments, ground station infrastructure, revenue recognition, duplicate payments and program management.

Contact this candidate