Victor from India applies for Blue Card Germany

Information and communications technology service managers

Personal data:

For personal data please contact us
with the following Applicants-ID: 3336


Name of profession: Information and communications technology service managers Name of latest business sector: Professional Services Latest occupation/title: Manager (IT Risk & Assurance) Latest main activities: IT Audit Manager


Completed education: bachelor Title or Qualification: Bachelor of Technology Specialisation: Computer Science & Engineering Additional trainings: Certified Information Systems Auditor (CISA)

Preferred countries:

1. Preferred country | region / city: Germany | 2. Preferred country | region / city: Luxembourg | 3. Preferred country | region / city: United Kingdom |

Language skills:

1. Language skills: english => excellent 2. Language skills: 3. Language skills: Hindi => excellent

Personal note /detailed application:


? More than 7.5 years of experience in IT audits for oil & gas, technology, manufacturing, telecom and healthcare industries.
? CISA, ITIL v3 Foundation certified professional.
? Managing large engagements; coaching team members in understanding and performing controls testing in accordance with appropriate guidelines and methodologies and reviewing the work prior to client delivery.
? Specialist in offshore IT Audit delivery engagements; actively involved in cost reduction analysis using offshore delivery model.
? Extensive experience in IT Infrastructure and IT Applications auditing in both offshore as well as Client site engagements.
? In-depth experience in managing IT Risk & Controls, Third Party Assurance reviews like Service Organization Controls (SOC) reporting (SAS70 / SSAE16 / ISAE 3402), Agreed upon Procedures (AUP) and IT General Controls (ITGC) reviews.
? In-depth experience in managing IT Platforms reviews (IBM Mainframes, OS/400, Windows, UNIX, DB, and Web Servers) for ITGC, SOC and SOX404 IT Controls review.
? Have excellent communication and documentation skills.
? Extensive background in all stages of audits, including planning, evaluation and testing of controls, reporting and follow-up.
? Acute understanding and knowledge of networking, operating systems, databases, software and data centers.
? Able to work independently on assignments and also as a coherent team member. Highly competent in using Office tools like MS Word, Excel, PowerPoint and other data analysis tools to perform testing and presentation.
? Specialist on IBM Mainframes auditing (Z/OS & RACF).

Present Company - Ernst & Young
Current Designation - Manager
Business Unit - Advisory - IT Risk & Assurance (ITRA)
Location - Bangalore, India
Duration - August 2012 - till date
Professional Skills - SOX IT Controls review, SOC Reporting, IT Audits, IT Platform security reviews (Windows, UNIX, IBM Mainframes, OS/400, Databases), offshore integration assessment exercise
Previous Company - PricewaterhouseCoopers (Price Waterhouse)
Designation - Manager
Business Unit - Assurance - Systems & Process Assurance (SPA)
Location - Kolkata, India
Duration - March 2006 – August 2012
Onsite exposure - New York (US) & Hong Kong
Professional Skills - SSAE16, SAS 70, AUP, ITGC reviews, IT Platform security reviews (Windows, IBM Mainframes, OS/400, Databases & IIS Web Server), IT Application control reviews.
Previous Company - Caritor India Pvt. Ltd (Now Keane, an NTT Data Company)
Designation - Software Engineer Trainee
Location - Bangalore, India
Duration - October 2005 – December 2005
Professional Skills - LINC / EAE3.3 (Unisys Mainframe Programming language), DBMS


? Hong Kong (2006) - Attended an Asia-Pac training program on SAS70 and IBM Mainframe security organized by PwC Australia.
? New York, USA (2008) – Worked as a team member of the PwC US team on a customer specific SAS70 Review for a Global Technology major. Performed testing for Logical Security areas (Platforms - IBM Mainframes, Windows 2003 and AIX) as per PwC methodology and guidelines. Involved in client communication while performing testing and finalizing exceptions.


Oil & Gas major – Management Testing of IT Controls [2012, 2013]
Project Description - Management testing of SOX and Non SOX IT Controls across multiple business units in an offshore model.
Role played - As an Offshore Delivery Manager, managed the overall project delivery, economics & resource scheduling. Managed a team of 20 team members. Engaged in review of work product, issue discussion, process improvement, helping client in efficiently and effectively operate IT controls. Managing multiple stakeholders like client compliance team, client business team and internal teams.
Multiple clients – Financial Audit IT (Technical work paper review) [2012, 2013]
Project Description - Technical work paper reviews (Windows, UNIX, IBM Mainframes, OS/400, and SQL Server DBs) for multiple clients of EY in USA & Europe in an offshore model.
Role played - As an Offshore Delivery Manager, managed the overall project delivery, deadlines, economics, resource scheduling. Managed multiple team members across multiple engagements. Engaged in review of work product, issue discussion, process improvement and periodic status update with the EY onsite teams.

Global Technology major – Client specific SSAE16 Readiness Review [2012]
Project Description - SSAE16 Readiness Review of a client specific (leading Indian automobile company) SSAE16 Readiness review (Application and Infrastructure level) at client site (Pune, India).
Role played - Lead the delivery of the review. Engaged in issue discussion and assisted in remediation measures to make the client’s processes in line with the Controls. Coached 2 junior team members on the job and reviewed the work of all team members. Prepared the final results / executive summary along with details of observations and recommendation as part of the delivery.

Global Technology major - Managed Services Delivery (MSD) SSAE16 (SAS70) [2010, 2011]
Project Description - SSAE16 (IT Infrastructure) review for client’s MSD [Offshore model]
Role played - Lead the delivery of the review. Managed offshore project delivery of areas like Computer Operations, Change Management, Program Change Management, Problem Management and Logical Security. Provided periodic status report to the PwC US team (owner). Engaged in issue discussion with IBM US team (client).

Global Technology major SOX 404 – IT Infrastructure Security Review / IT Platform Reviews ( 2009 - 2011)
Project Description - Technical Review of Mainframe security systems, AIX and Windows servers (for SOX 404 compliance) located in USA and UK.
Role played - Managed the Logical security review of IBM Mainframe / OS400 / Unix / Windows server operations as well as testing of IBM Mainframe Health check script configuration in-line with IT Security policy. Guided junior team members for testing related to Access Management, Health Check, and Vulnerability Scan per PwC methodologies and SOX404 compliant IBM guidelines. Reviewed all areas of work (Logical security testing of Windows and AIX servers) done by the team members. Provided periodic status of the work to the PwC US team. Discussed critical technical issues regarding Mainframes testing with client’s technical team.

Global Technology major SOX 404 - Pervasive Application Controls Review [2009 – 2011]
Project Description - SOX 404 based Pervasive Application Controls review (Access Management, Segregation of duties, Developer access to production, Change Management)
Role played - Guided junior team members for testing related to Access Management, Change Management and Developer Access to Production per PwC global methodologies and SOX404 compliant company guidelines. Clarified all technical difficulties the team was facing related to critical infrastructure (Windows, Unix, Mainframes) and application architecture using my technical knowledge and also via discussion with the client. Reviewed the testing and documentation of the junior team members. Engaged in co-ordination between PwC US and the Indian offshore team regarding daily project status updates.

Global Technology major – Leading Indian Automotive company : Agreed Upon Procedures (AUP) review [2009 – 2012]
Project Description - AUP review (Application and Infrastructure level) at client site (Pune, India).
Role played - Helped client in finalizing the procedures. Managed the review performed as per AUP between IBM and TML. Involved in direct client communication related to observations and finalizing exceptions, periodic status calls with the client and prepared the AUP report for the signoff by the Engagement Partner.

Global Technology major – Client specific Application Management Services (AMS) SAS70
Project Description - Client specific SAS70 review (Application Management Services).
Role played - Managed testing of areas like Application Change Management, Incident Management, Logical Security for Non SAP and SAP Applications. Review was performed on both client site (Pune and Bangalore, India) and offshore mode. Provided periodic status update of the work to the Manager. Engaged in issue discussion with the client and assisted the manager in preparation of the report. Played an active part as a technical expert in Non SAP application testing.

Australia Offshore - IT Platform Reviews
Project Description - Technical security review of OS, Database and Web servers for several PwC Australian clients.
Role played - Managed technical security review projects for Windows Servers (2003 / 2008), Oracle 10G database and IIS Web Server reviews as per PwC methodology. Managed multiple teams performing technical platform reviews for multiple clients of PwC Australia offices.

Global Technology major (Australia unit) – Client specific AUS810 review (2008 - 2010)
Project Description - Client specific AUS810 (Third Party Assurance review) review. Scope included Logical Security review (Windows, UNIX, OS/400 and Tandem servers).
Role played - Carried out technical security reviews & health check reviews of Windows 2000 / 2003, AIX, OS/400 and Tandem servers as per PwC methodology and IBM security policy guidelines.

Global Technology major SAS70 – Americas (PwC US issues the SAS70 report)
Project Description - Generic SAS70 review for the Global Technology major (Americas region). Scope included change and problem management testing and documentation for business units like Strategic outsourcing (SO), E-Business Hosting Services (E-BHS) and On Demand Consultancy Services (ODCS).
Role played - Carried out testing for Change and Problem Management for SO and ODCS units and also documentation of the test results in the centralized PwC MyClient database adhering to PwC methodologies. Engaged in daily interaction with PwC US regarding project status updates and also looked after the technical connectivity issues related to the project.

IT General Controls review
Project Description - IT General Controls review as part of domestic audit support at several audit clients of PwC.
Major Clients - Flaktwoods (India) Ltd., Assam Company Ltd., Stewarts and Lloyds of India Ltd, Reliance Telecom Ltd., Quaker Chemical India Ltd., Assam Carbon Products Ltd., Emcure Pharmaceuticals Ltd, Lionbridge Technologies Ltd., Aircel Ltd.
Role played - Independently carried out review of overall IT General Controls and also performing database & operating system reviews at client site as per PwC global methodology.


? SAS70 / SOC reporting
? IBM Mainframe security (Z/OS, RACF, CA-ACF2, CA- Top Secret).
? IT General Controls & Business Process Controls.
? SAP IT General Controls
? Integrated Audit (Sarbanes Oxley 404, PCAOB Standards, and COSO Framework)
? Business Process Fundamentals.

? Awarded ‘Extra miler’ award in 2013 for successfully managing a critical engagement in crisis situation and for significant contribution to key business driven initiatives at EY.
? Awarded ‘Going that Extra Mile’ (GEM) award in PwC in 2010 for my contribution to one of the prestigious global technology major client of PwC (carrying out review in 4 critical engagements with stringent deadlines parallel during peak season).
? Rated 1 (Performed beyond Expectation) in PwC for 4 consecutive years from 2008 till 2011.
? Have been a vital member of a global account managing team which is a global technology giant.
? Regarded as a specialist in IBM Mainframes auditing and also in other technology related assignments.
? Won accolades from multiple teams from US, Netherlands, UK, Singapore, Japan, Australia and India for the quality and timely delivery of the final work product.


? Bachelor of Technology (B. Tech) in Computer Science & Engineering discipline from Bengal Institute of Technology under the affiliation of West Bengal University of Technology (WBUT) and All India Council for Technical Education (AICTE)
? Certified Information Systems Auditor (CISA) professional [June 2010].
? ITIL v3 Foundation certified [April 2012].


Date of Birth - 23rd January, 1983
Sex - Male
Marital Status - Married
Nationality - Indian
Passport Details - Passport No – F0864270, Date of Expiry – 20/03/2015
Languages Known - English, Bengali, Hindi and elementary knowledge of German


I hereby declare that all the statements are accurate and true to the best of my knowledge and belief.

Dated: January 1, 2014


Google Plus