Manikumar Subramanian
Wellington,New Zealand
Summary
Experienced Technology Risk Manager with a background in managing and mitigating technology risks through compliance monitoring. Strong skills in risk analysis, strategy development, and regulatory compliance. Previous work has demonstrated ability to improve efficiency and reduce potential threats by implementing effective risk management strategies. Known for leadership ability, critical thinking, and problem-solving acumen.
Overview
12
12
years of professional experience
Work History
Technology Risk Manager
KPMG Mew Zealand
, Wellington
03.2024 - Current
- Perform external audit and advisory service for diversed clients including Banking, Government sector, Manufacturing companies.
- Work closely with the clients to understand their IT environment and the associate technology Risk and control team of the entity
- Managing multiple clients at each audit phase which includes conducting walkthrough around ITGC control such as (Access management, Change management and control operation) ITAC control and report and interface testing
- Preparing and communicating audit planning and budget in a timely manner with both internal stakeholders and clients
- Played a significant role in Building a strong team in different locations
- Determined to deliver quality work papers, resolve conflicts, communicate transparently among the team
- Managing the team in terms of allocation of work, monitoring day to day deliverable
- Performing review for the control testing and supporting team members in testing the control
- Conducted risk analyses to manage organizational risk profile, form reliable control systems and monitor legal issues.
- Identified, assessed, and reported on risk management issues.
- Reported findings on risk exposures to senior executives.
- Created and implemented policies and procedures to manage identified risks effectively.
- Conducted regular reviews of internal controls to ensure compliance with relevant regulations.
IT Audit Manager
Accenture/American International Group
, Bengaluru
09.2020 - 03.2024
- Led the team of 13 to deliver high quality SOX audit.
- Work with Audit heads to plan and execute the audit work throughout fiscal year.
- Contributed innovative ideas and solutions to enhance team performance and outcomes.
- Collaborated closely with team members to achieve project objectives and meet deadlines.
- Working with suppliers and internal business team to ensure that Key ITGC controls are designed appropriately and operated effectively
- Working with control automation and standardization team within SLOD to address the inconsistencies the control design and standardize the key IT controls towards effective operations
- Advising management to design and implement security controls in alignment with industry standards such as ISO270001 and NIST frameworks
- Reviewing the industry standards on a periodic basis to provide effective recommendations to management
- Provided recommendations to improve the process of vendor risk assessment process to cover the key security risks
- Working closely with external auditors to provide them with the control testing work papers on a periodic basis
- Providing the required evidence to the external auditor for their audit by coordinating with the internal stakeholders
- Document the test results along with finding details and remediation plans
- Communicate audit results and finding details to stakeholders for their review and acceptance of action plans.
Risk and Control Advisor
Royal Dutch Shell
, Bengaluru
06.2018 - 09.2020
- Act as the Control SME to assess the risks around the new projects and design the appropriate controls to address the risk
- Review the control appropriateness and provide signoffs as Control SME towards closure of project before run & maintain
- Identify the gaps in the “as is” process and implement new controls to address the gaps
- Working with suppliers and internal business team to ensure that Key ITGC controls are designed appropriately and operated effectively
- Working with control automation and standardization team within SLOD to address the inconsistencies the control design and standardize the Key IT controls towards effective operations
- Remediation of gaps identified by internal compliance team/auditors and initiate an action plan for open items and ensure timely closure
Senior Analyst IT Audit
Goldman Sachs
, Bengaluru
03.2017 - 05.2018
- Perform walkthroughs with stakeholders to evaluate the design of IT controls such as Access Management (User administration and Role administration, periodic access, recertification, SOD, privilege access, Logical access), change Management, Data Integrity controls, physical security
- Being a part of planning and scoping meetings with key stakeholders for the assigned audits
- Supporting and leading the execution of audits/assessments of IT controls against defined frameworks
Information Risk Analyst
JP Morgan Chase
, Bengaluru
09.2015 - 03.2017
- Being the Part of walkthroughs with Application Owner to understand the end- to- end process
- Document the Test of Design and Test of effectiveness based on the sampling standards
- Document the identified finding and communicate to the Manager
- Performing Root cause analysis for the identified deficiencies
- Providing testing evidence to Internal/External auditors for their demand base audit requests
- Documenting and communicating the remediation action plan with management
- Retest the closed action plan and close the issue formally in tool
Analyst
RBS Business Services
, Chennai
10.2012 - 08.2015
- Conducting process walkthrough with application owners
- Executing audits for the third-party teams and applications
- Updating the audit documents into TRAC (Tracking, Reporting, Audit and Control) applications
- Reviewing the authorization matrix document for access controls
- Reviewing Third party data centers and BCP strategy for the ABN AMRO vendors
- Tracking and maintaining issues through Risk registers
Education
ISO/IEC 270001:2022 -
TUV SUD
11-2024
Certified Information System Auditor -
ISACA
07-2024
Master of Science -
University of Madras
India06-2012
Bachelor of Science -
Alagappa University
India06-2009
Skills
- Sarbanes-Oxley Act (SOX) Compliance
- COSO Framework
- NIST Framework
- ISO270001
- SOC report
- Issue Management
- Remediation testing
- Information Security
- Incident management
- RCSA
- Operational risk management
- Cyber Security
- IT governance
- Identity management
- Access control
- Disaster recovery
- Cloud security
- Business continuity
Work Right in New Zealand
- NZ Resident
Timeline
Technology Risk Manager
KPMG Mew Zealand
03.2024 - Current
IT Audit Manager
Accenture/American International Group
09.2020 - 03.2024
Risk and Control Advisor
Royal Dutch Shell
06.2018 - 09.2020
Senior Analyst IT Audit
Goldman Sachs
03.2017 - 05.2018
Information Risk Analyst
JP Morgan Chase
09.2015 - 03.2017
Analyst
RBS Business Services
10.2012 - 08.2015
ISO/IEC 270001:2022 -
TUV SUD
Certified Information System Auditor -
ISACA
Master of Science -
University of Madras
Bachelor of Science -
Alagappa University