NIKHIL THAKUR
IT Audit
Mumbai
Summary
Proactive and meticulous IT Auditor with over 11+ years of experience in Information security and audits. Control Specialist in IT General Controls (ITGC) & Cybersecurity control testing. Proven track record of assessing systems to ensure general compliance.
Customer-oriented team player with expertise in generating value add insights to attain optimal satisfaction levels while building robust and secured control environment.
Overview
15
15
years of professional experience
8
8
years of post-secondary education
2
2
Certifications
Work History
Assistant Vice President
Trafigura
01.2024 - Current
- Device audit reports for audit committees and presenting key exceptions/insights to business and IT stakeholders.
- Lead and execute end-to-end Internal IT Audits for various business critical applications.
- Managed external IT Audit engagement, ensuring effective communication and coordination between internal stakeholders and external auditors to meet established quality standards and delivered expected results on time.
- Provide consultation to senior management on various gaps identified during external audits.
- Assessment of open observations from previous audits.
Manager - DAT
PWC SDC Kolkata
10.2022 - 12.2023
- Led IT and Cybersecurity audit portfolio for one of the largest financial services firm in the world
- Ensured effective end to end execution and management of SOX audit (PCAOB) and various SOC (AICPA) reports
- Led the team of 16 members who were responsible for various ITGC and Cyber-security audits
- Devised audit reports for various committees and presenting key exceptions/insights to the partners
- Supervised activities such as walk-through, deep dives, debriefs, time and expense management etc.
Manager, Control Resiliency Team
Willis Towers Watson
05.2018 - 10.2022
- Governed end to end quarterly leavers exposure analysis control for SOX
- Evaluated end to end testing of MS Azure Cloud controls ensuring robust and regulatory compliant control posture for SOC2 Type1 attestation (Test of Design)
- Driven the SOC 2 pre-assurance PIO remediation project to its successful conclusion. (TOD and Test of Effectiveness)
- Governed end to end yearly third party vendor management controls for SOX and demonstrated the controls in external audits
- Ensured all ad-hoc CRT projects (UAR / PAM / Oversight controls) are tracked and successfully delivered within stipulated timelines to the stakeholders
- Assisted control owners in building resilient controls around Privilege Access Management domain using CyberArk tool by testing existing controls and providing advisory services
- Led Control's Resiliency Function, which included a team of four or more people
- Provided insights around leavers trending, to internal stakeholders
- Managed multiple assignments effectively adaptable to new responsibilities with great focus and attention to detail
- Ensured client control remediation efforts are channeled in the right direction to avoid cost and time overruns
- Devised regular management reports for key steering committees and publish BAU dashboards
- Identified scope of automation in control testing (Leavers Exposure Analysis) and allocated sufficient bandwidth to see the material results
- Coached peer practitioners to enhance team agility and performance
- Maintained optimal staffing levels in the team by conducting interviews to screen qualified potential employees, onboarded new hires and curated documentation to facilitate training.
Risk Consultant
Deloitte India
06.2016 - 05.2018
- Performed ICFR audits for various external audit engagements as an integral member of Deloitte's External IT Audit team
- Audited various Enterprise IT systems to provide reasonable assurance to statutory audit team over the client's IT environments
- Tested ITGC controls at application level (SAP/ Oracle HCM) and also at OS/DB level (AD/SQL)
- Carried out automated business process controls testing to ensure the compliance with the accounting and regulatory requirements as per Internal Financial Control Guidelines (Order to cash/Procure to pay)
- Performed completeness and accuracy of reports (IPE & IUC)
- Involved in scoping of applications further resources and budget estimations
- Introduced data requirement templates, created testing documentations: Preliminary management letter points (MLP)
- As a senior member, Increased workforce sustainability by mentoring and conducting cross-training sessions for colleagues during resource crunch
- Contributed to firm initiatives by embracing teamwork and collaboration.
Senior Software Engineer
IGate
06.2010 - 05.2013
- Conducted front-end and back-end testing of in-scope applications around functional and information security testing domains
- Performed automated control testing aspects of the application(SOD/ Passwords/ Automated Interest calculation)
- Conducted several verification and validation activities during entire SDLC starting from use-case creation, test-case creation, test case execution, defect finding, defect retesting, regression testing etc
- Client interaction & on-site stakeholder management
- Regular participation in status meetings, domain knowledge understanding meetings with business analysts, defect fixing meetings, resource estimation meetings.
Education
MBA: IT Business Management -
RGIT, Mumbai University
01.2014 - 01.2016
BE: Electronics & Telecommunication Engineering - undefined
Symbiosis Centre For Information Technology
01.2006 - 01.2010
Senior School XII: Science - undefined
University of Mumbai
01.2004 - 01.2006
Skills
IT Audit
CyberSecurity controls
Cloud Controls Testing
Staff Management
Certification
ISACA Certified Information Security Auditor
Accomplishments
- Leadership award for high impact on clients, internal stakeholders and to bring innovation in delivery
- Multiple promotions in 3 years of WTW. Proud member of High Performers Club
- Achieved SOX compliant status by completing time bound testing of CyberArk Privilege Access Management related controls with accuracy and efficiency
- Elected as Head of Sports and Cultural Committee for SCIT in 2014
Personal Information
- Relocation: Open to Global Relocation
- Date of Birth: 10/08/88
Awards
- Recognized with a prestigious PwC Knowledge Accelerator Award
- Earned WTW Star Award for exemplary contribution in Global Leaver's process analysis
- Honored with Prestigious Extra-Mile Award by client METLIFE
- Bagged iGATE excellence award for reaching 'Pinnacle of the Capability Matrix'
- Awarded Best intern for the year 2015
Timeline
Assistant Vice President
Trafigura
01.2024 - Current
Manager - DAT
PWC SDC Kolkata
10.2022 - 12.2023
ISACA Certified Information Security Auditor
08-2020
Manager, Control Resiliency Team
Willis Towers Watson
05.2018 - 10.2022
Certified in Automated Control Testing Tool (ACTT)
07-2016
Risk Consultant
Deloitte India
06.2016 - 05.2018
MBA: IT Business Management -
RGIT, Mumbai University
01.2014 - 01.2016
Senior Software Engineer
IGate
06.2010 - 05.2013
BE: Electronics & Telecommunication Engineering - undefined
Symbiosis Centre For Information Technology
01.2006 - 01.2010
Senior School XII: Science - undefined
University of Mumbai
01.2004 - 01.2006
Similar Profiles
Aanchal ChakrawartiAanchal Chakrawarti
Workday and HR Analytics Senior Analyst at TrafiguraWorkday and HR Analytics Senior Analyst at Trafigura
Aditi ChoudharyAditi Choudhary
Refined Metals Operator at TrafiguraRefined Metals Operator at Trafigura
Sejal C. SurveSejal C. Surve
Analyst - Freight Operator at TrafiguraAnalyst - Freight Operator at Trafigura