Anne Malinthi Perera
IT Audit Analyst
Singapore
Summary
An IT Audit Analyst with two years of hands-on experience in enhancing security protocols, optimizing risk management processes & contributing significantly to General IT controls (GITCs) & IT Application controls (ITACs) across various platforms. Further an innovative team member in multi-functional groups while also having a strong work ethic & motivation for independent work.
Overview
4
4
years of professional experience
8
8
years of post-secondary education
2
2
Languages
Work History
Security Consultant
Lexagle
12.2023 - 02.2024
- Internal auditing for cloud-based systems of a Singapore-based startup
- Lead the audit for CSA-STAR Level 1 & 2, SOC 1 & 2 Type I & II certifications (System and Organization Controls)
- Collaborated with 3rd party security testing entities for security testing & vulnerability scanning and identifying strategies to keep organization healthy.
- Implemented robust incident response plans, minimizing the impact of security breaches on client operations.
IT Audit Analyst
KPMG SL
03.2022 - 05.2023
- Auditing mid to large-scale multinational and local entities in various domains with respect to security frameworks and providing recommendations by analyzing their operations involved with IT based systems
- Lead Client engagement reviews to initiate the audit process with upper management of a premier private sector bank, a well-known manufacturing & exporting conglomerate, and a couple of leading hotel chains affiliated to large corporations in India & Maldives
- Engaged in identifying the key ITACs & GITCs based on the client processes and agreed audit scope
- Experienced with analyzing IT Application Controls and General IT Controls with CaseWare IDEA
- Strengthened the Data warehouse security controls
- Transparent IT audit documentation experience with KPMG Clara
- Held the responsibility of identifying issues and compiling Summary of Finding document.
Junior Information Security Analyst
MKT Services Pvt. Ltd
04.2021 - 03.2022
- Supported client security policies and activities for networks, systems, and applications including vulnerability management, incident reporting, mitigation, and continuous monitoring
- Worked on all assessment and authorization (AA) phases and processes
- Proven ability to support the full life-cycle of the assessment and authorization (AA) process.
Trainee System and Network Infrastructure Engineer
Flintec Transducers Pvt. Ltd
08.2020 - 04.2021
- Hands on experiences with organizational network infrastructure and prepare network documentation and labeling the network nodes as per the industry standards
- Work with IT policy documentation in terms of external audit requirements
- Successful troubleshooting experience in company network infrastructure when implementing a new software in production line.
Education
Bachelor of Science - Computer Systems And Network Engineering (Hons)
Sri Lanka Institute of Information Technology
04.2016 - 04.2020
Bachelor of Science - Management And Information Technology
University of Kelaniya
04.2017 - 04.2021
Skills
Confident with Technology Risk & Vulnerability Assessment
Effective engagement with IT and Cyber Security Principles
Secure monitoring of threats
Engaged in IT Audit Standards and Frameworks
Perform Data Analysis methodologies to cater complex business challenges
ISO/IEC 27001 Audits
Cloud Security Audits
SOC 1 Type I&II, SOC 2 Type I&II Audits
Project management
Problem solver with smart decisions
Teamwork with right communications
Creativity, Integrity, and adoptability
Service-focused
Confident with Technology Risk Assessment
Effective engagement with IT and Cyber Security Principles
Secure monitoring of threats
Engaged in IT Audit Standards and Frameworks
Perform Data Analysis methodologies to cater complex business challenges
ISO/IEC 27001 Audits
Cloud Security Audits
SOC 1 Type I&II, SOC 2 Type I&II Audits
Nessuss
IDEA
Nmap
Metasploit
Kali linux
WireShark
Communities
- Microsoft Club - University of Kelaniya
- ISACA - SLIIT, Singapore
- VulnHub - Open source
Personal Information
Nationality: Sri Lankan
References
- Prof. Dilani Wickramaarachchi, Senior Lecturer, University of Kelaniya, +94718032753, dilani@kln.ac.lk
- Amanda Foo, Project Manager, ObvioHealth Pte Ltd., +65 8323 2038, amanda.foo@obviohealth.com
- Jimmy Tan, COO/Co-Founder, Lexagle, +65 9783 1942, jimmy@lexagle.com
Projects
Launched a Penetration Testing for University Web site, SLIIT CourseWeb
The developed simulation was launched and discovered the points of exploitation and test IT security breach.
Accomplishments
‘E-Waste – A Growing Concern’ – An Innovative Idea Contest - 2021
Rotaract Club of Trincomalee, Sri Lanka
The product won the first place.
Edify Article Competition - 2021
Exposition Magazine Launch – University of Kelaniya
‘Your privacy is not private anymore’ article won second runner – up
Cloud Skill Challenge 2.0 – 2021
Microsoft Club of University of Kelaniya
Got Selected for top three winners.
Mini Hackathon 3.0 - 2019
Microsoft Club of SLIIT
Team std.io- Our idea got selected for top five teams in pre hackathon.
Timeline
Security Consultant
Lexagle
12.2023 - 02.2024
IT Audit Analyst
KPMG SL
03.2022 - 05.2023
Junior Information Security Analyst
MKT Services Pvt. Ltd
04.2021 - 03.2022
Trainee System and Network Infrastructure Engineer
Flintec Transducers Pvt. Ltd
08.2020 - 04.2021
Bachelor of Science - Management And Information Technology
University of Kelaniya
04.2017 - 04.2021
Bachelor of Science - Computer Systems And Network Engineering (Hons)
Sri Lanka Institute of Information Technology
04.2016 - 04.2020