Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

Akshit Reddy

Douglas

Summary

Highly driven, Pragmatic and Detail-Oriented Information security professional with more than 7 years of experience in the field of Information Security management, IT Audits, GRC, Cyber Risk Management, Security Governance & Cloud Security. Currently, Akshit is working for Grant Thornton as a Manager within the IT Risk team. He leads and facilitates various security assessments, internal controls, IT risk management, IT general and application control testing for leading companies in the Insurance and Banking sector (Financial Services), Technology, Manufacturing and Automobile industries. Akshit has strong Cyber Security skillset with solid business process knowledge andacumen. Firmly believes in being Secure by Design & Security as a lifestyle.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Manager

Grant Thornton
Isle of Man
04.2022 - Current
  • Conducted information risk assessments and prepared a risk mitigation strategy for various clients.
  • Facilitated internal and external IT audits.
  • Assisted in the implementation of information security controls for various clients.
  • Performed IT process gap assessments to come up with the observations.
  • I mapped such observations with the IT risks and communicated their impact to the management.
  • Ensured compliance with PCAOB standards by performing IT General Controls (ITGC) testing, and design effectiveness assessments for financial reporting processes.
  • Led IT risk assessments and audits, focusing on Internal Control over Financial Reporting (ICFR), to identify deficiencies and provide actionable remediation recommendations to clients.
  • Performed IT general controls (ITGC) and business process IT application controls (ITAC) testing of IT environments across the platforms for financial service clients.
  • Performed tests of design and implementation (D&I) and tests of operating effectiveness (TOE) for SOC 1 and SOC 2 reports based on SSAE 18 / ISAE 3402 and trust service criteria, respectively.
  • Carried out application walkthroughs, prepared audit scopes, reported findings to clients, and provided recommendations for remediating the exceptions noted during the testing.
  • Performed DORA readiness assessments.
  • Documented audit testing procedures and generated reports for senior management of clients, showing observations having financial impacts.
  • Performed IT SOX 404 risk assessments and audits (testing the design and operating effectiveness of the client's IT controls).
  • Performed Level 1 CSA STAR (Cloud Security Alliance - Security, Trust, & Assurance, Registry) self-assessments for various clients.

IT Audit Analyst

Electronic Arts
Hyderabad
08.2020 - 03.2022
  • Conducted IT SOX 404 testing to evaluate Internal Control over Financial Reporting (ICFR) compliance, ensuring adherence to PCAOB guidelines
  • Performed IT SOX testing covering areas such as change management, manage access, and IT infrastructure
  • Reviewed the baseline security configurations for the platforms such as Windows, Oracle, SAP
  • Drafted risk and controls matrices (RCM) for access management and change Management processes
  • Performed IT process gap assessments to come up with the observations
  • Did mapping of such observations with the IT risks and communicated its impact to the management

Analyst 2

Ernst and Young
Bengaluru
02.2019 - 08.2020
  • Performed IT general control and IT application control testing for leading companies in the technology, manufacturing, automobile, media and entertainment, insurance and banking sector
  • Performed financial audit IT integration engagements (FAIT) and SOX 404 Management testing of IT controls, covering areas such as change management, access management, computer operations, tools and utilities, interface, and IT infrastructure
  • Performed SAP application control testing for processes such as procure to pay and order to cash as the part of financial audit for clients in the information technology industry
  • Executed and reviewed baseline security configurations for the following platforms Windows, Unix/Linux, Oracle and SAP
  • Conducted SSAE 16/18 and ISAE 3402 audits to assess the design and operational effectiveness of controls for a leading social media client and cloud computing client

IT Analyst

KPMG
Hyderabad
07.2017 - 02.2019
  • My experience in KPMG was focused on the testing of IT general controls, IT application Controls, IT security controls for IT internal audit clients
  • I have process knowledge on following areas: access management - new hires, terminations, change management, password policy, network security - firewall, encryption management, logging and monitoring, incident management, back up management, patch management, computer operations
  • I have assisted the clients in understanding process improvement areas and remediation through internal testing
  • I have supported onshore teams in assessing, testing, and documenting the design and operating effectiveness of organization's internal control relating to physical access, logical access, change management to provide reasonable assurance over the reliability of controls

Education

Bachelors of Engineering - Information Technology

Kavikulguru Institute of Technology and Science
Nagpur, India
07.2017

Skills

  • Familiar IT regulations: SOX, PCI-DSS, SOC-1, SOC-2, GDPR, and HIPAA
  • Familiar Frameworks and Standards: ISO 27001, DORA, COSO, COBIT, and NIST-CSF
  • GRC Tools: AuditBoard
  • Programming: C, C, Java, and SQL

Certification

  • Certified Information Systems Auditor (CISA), ISACA
  • Certificate of Cloud Security Knowledge (CCSK), CSA
  • Certified in Risk and Information Systems Control (CRISC), ISACA, [Currently Preparing]

Languages

  • English, Highly proficient
  • Hindi, Highly proficient
  • Telugu, Highly proficient

Timeline

Manager

Grant Thornton
04.2022 - Current

IT Audit Analyst

Electronic Arts
08.2020 - 03.2022

Analyst 2

Ernst and Young
02.2019 - 08.2020

IT Analyst

KPMG
07.2017 - 02.2019

Bachelors of Engineering - Information Technology

Kavikulguru Institute of Technology and Science

Similar Profiles

  • Brad Weisman

    Brad WeismanBrad Weisman

    Tax Associate / Tax Senior Associate at Grant Thornton LLP / Grant Thornton Advisors LLCTax Associate / Tax Senior Associate at Grant Thornton LLP / Grant Thornton Advisors LLC

  • Raffy Dave Uy

    Raffy Dave UyRaffy Dave Uy

    Audit Manager at Grant Thornton New Zealand, a member firm of Grant Thornton InternationalAudit Manager at Grant Thornton New Zealand, a member firm of Grant Thornton International

  • NORAH AL MAJED

    NORAH AL MAJEDNORAH AL MAJED

    Internal Audit Associate II-Business Risk Services at Grant Thornton - Aldar Audit Bureau, Abdullah Al Basri & Co.Internal Audit Associate II-Business Risk Services at Grant Thornton - Aldar Audit Bureau, Abdullah Al Basri & Co.

  • Keri Bostic

    Keri BosticKeri Bostic

    Senior Associate Consultant at Grant Thornton Advisors LLCSenior Associate Consultant at Grant Thornton Advisors LLC

  • Danixa Guadalupe Sandoval

    Danixa Guadalupe SandovalDanixa Guadalupe Sandoval

    Spencer Contruction,LLC at LaborSpencer Contruction,LLC at Labor

CREATE PROFILE
Akshit Reddy