SIKANDER ALI KHAN
Wellington,New Zealand
Overview
7
7
years of professional experience
1
1
Certification
Work History
Manager IT-Technology Risk services
EY
Wellington, New Zealand
05.2023 - Current
- Auditing/ Security Review of in scope Operating Systems, Applications, and data bases as per EY's Global Audit Methodology
- Understand and evaluate IT General Controls
- Leading SOC I and SOC 2 type II ISAE3402 engagement
- Participating in ISO27001 Audit
- Designing methods and procedures to test the effectiveness of Application Controls
- Finalising IT management letter after completion of audit engagement
- Coached, mentored and trained team members in order to improve their job performance.
- Monitored budgets and expenditures to ensure cost-effectiveness while maintaining quality standards.
Senior Consultant- IT technology Risk
EY
Singapore
10.2020 - 12.2020
- EY Secondment
Senior IT-Technology Risk services
EY
Karachi, Pakistan
11.2017 - 12.2020
- Designing control programs for General IT Controls and IT Application Controls
- Auditing clients covering domains of Cyber Security and IT Governance
- Auditing/ Security Review of Operating Systems, Applications, and databases
- Finding facts to mitigate IT risks
- Performing and reviewing IT Application Controls
- Overall planning of IT Audit engagement and drafting IT management letter after completion.
Senior Consultant- IT Technology Risk
EY
Saudi Arabia
03.2019 - 03.2020
- EY Secondment for IT Audit engagements.
Consultant IT Risk Assurance & Advisory
Deloitte
Karachi, Pakistan
- 11.2017
- Analysis of IT Policies and Procedures
- Auditing/ Security Review of Operating Systems, Applications, and data bases
- Creating value in business processes and adding effectiveness in internal controls
- Understanding and evaluating IT General Controls and making Combined Risk Assessments.
Assistant Manager IT Audit
Mazar KSA
Riyadh, Saudi Arabia
01.2021
- Auditing/ Security Review of in scope Operating Systems, Applications, and data bases as per Mazar's Global Audit Methodology
- Overall planning of IT Audit engagement, conducting initial planning meetings
- Understanding client's business and IT environment complexity
- Completing all fieldwork at client sites under strict deadlines
- Designing methods and procedures to test the effectiveness of Application Controls
- Drafting IT management letter after completion of audit engagement.
Education
BS in Computer Science and information technology -
NED University of Engineering & Technology
Karachi, Pakistan05.2015
Higher education School certificate -
Pre-Engineering
Karachi, Pakistan12.2011
Skills
- Time Management
- Risk mitigation strategies
- Teamwork and Collaboration
- Analytical Skills
- Problem-Solving
Certification
2020, Certified Information Systems Auditor (CISA)
2024, ISO/IEC 27001:2022 Lead Auditor- EY Certify point
Personal Information
Visa Status: NZ Resident visa
Awards
2014, 2nd Prize winner in project idea & competition at IEEE
Volunteer Experience
2015, Director of Events (ITEC IT Exhibition), NED, Karachi, Pakistan
Industryclients
FSO client:
- Bank of New Zealand
- JBWere ISAE3402
- NZX
- American Express Bank
- SABB Bank
- Riyadh Bank
- National Bank of Pakistan
- Silk Bank
- Meezan Bank Limited
- Pak Qatar General Takaful
- EFU General Insurance
- First Habib Modaraba
- Saudi Real Estate Refinancing Company
- Wataniya Insurance Company
- AXA Insurance
- MEDGULF Insurance
- Gulf Union Insurance
- Al Etihad Insurance
- Faysal Asset Management
- Habib Asset Management
- UBL Fund Managers
- CGS-CIMB Singapore
Aviation:
- Pakistan International Airline (PIACL)
- Tibah Airport Medina
Energy and Utilities:
- Contact Energy
- Sui Southern Gas Company Limited
- HUBCO
- Byco Petroleum
- Acwa Power Group
- Pakistan State Oil Company
Telecommunications:
- SPARK /CCL (SOC I Type II)
- PTCL
- Saudi Telecommunication Company STC
Manufacturing and Industrial:
- Al Fanar Group
- Al Faisaliah Group
- Obeikan Group
- Al Safi Dairy and Danone
- NAQUA
- Nomac Group
- Nama Chemicals
- Saudi Fisheries
- Yamama Cement Company
- National Regional Cement Company
Timeline
Manager IT-Technology Risk services
EY
05.2023 - Current
Assistant Manager IT Audit
Mazar KSA
01.2021
Senior Consultant- IT technology Risk
EY
10.2020 - 12.2020
Senior Consultant- IT Technology Risk
EY
03.2019 - 03.2020
Senior IT-Technology Risk services
EY
11.2017 - 12.2020
Consultant IT Risk Assurance & Advisory
Deloitte
- 11.2017
BS in Computer Science and information technology -
NED University of Engineering & Technology
Higher education School certificate -
Pre-Engineering
Similar Profiles
Jaimin ShahJaimin Shah
Senior Manager at EYSenior Manager at EY
Praharsha ReddyPraharsha Reddy
Complex Investigator at EYComplex Investigator at EY
Hirannaiah (hiran)Hirannaiah (hiran)
Senior Manager at EYSenior Manager at EY
Deepak SehgalDeepak Sehgal
Assistant Director (Manager) at EYAssistant Director (Manager) at EY
Jonty RoubosJonty Roubos
Teacher Aide at Brooklyn Primary SchoolTeacher Aide at Brooklyn Primary School