Escolar Documentos
Profissional Documentos
Cultura Documentos
(I am a US Citizen)
(a_tsaturyan@yahoo.com) / 917-751-5377
Solutions-oriented Audit / Risk / Security Professional with expertise in IT, Security Architecture, SOX,
PCI compliance, IT Risk – Metrics-Reporting, Operating Models, data analytics as well
as extensive experience in system/network security, analysis and integration.
TECHNICAL PROFICIENCIES
Hardware: Windows Server/Client, UNIX - AIX/HP/ Solaris, LINUX, IBM System OS/390, Z/OS
Software: SQL, Core Security (Impact Pro), Remedy, CIS benchmarks, Client / Web
Server, UNIX Scripts, Share Point, PWC Team Mate, Microsoft Office Suite, Microsoft Project, ACL,
Visio, Lotus Notes, RACF, ACF2, Top Secret, IBM WebSphere, JCL, TSO, COBOL, MVS, CICS, SDLC
EXPERIENCE HIGHLIGHTS:
Confidential Sr. Technology Risk Audit/Analyst (04/2015 -)
• SSAE16 reviews. - policies, procedures, and standards
• Validation of asset and control risk remediation actions for completeness and sustainability
• SOX Action Plans – tests, remediation, follow-up and coordination
• Application/Control owners – coordination and
• Key Risk Indicators (KRI) – analysis, evaluation and action plans
Price Water House Coopers LLP, Sr. Auditor - Assurance Senior/Lead Associate. New York City, NY (10/2014 – 02/2015)
• Lead PCAOB Remediation - Inspection Comments corrective actions implementation
• Risk Assessment Program Operating Model (RAPOM) - Evaluation and Streamlining
• Verification of customer nominated target suitability, accuracy, and completion
• Vendor Management Audit and Service Provider Oversight
• Firm’s Remedial Actions – evaluations and assessments
• Engagements with Core teams – Broker-Dealer and valuation applications reviews
• Cybersecurity Practice & NIST 800 – reconciliation of CERT and NIST practice advisories with established clients’ practices
STATE STREET BANK & TRUST, MA SOX (ITRCA) Infrastructure Audit / Risk Consultant (11/2011 - 08/2012)
• Methodologies: ISO 17799 / 27001, COBIT, NIST SP 800
• Planned and supervised various audit and special engagements with an emphasis on infrastructure, SSAE16 reporting and risk.
• Supervised a group of staff auditors on several engagements.
• Strategic audit planning and execution across business lines, a key player in both maintaining and developing new audit programs.
• Executed special projects, gap analysis for the assets at risk processes.
• Performed review of internal controls effectiveness and operational/ risk management.
• Conducted investigations of allegations related to fraudulent activities.
• Obtained extensive exposure to traditional engagements, including various operational and compliance assignments.
• Prepared and monitored audit programs, assisted management in design and monitoring of SOX compliance programs.
• Conducted SOX ITGC walkthroughs, testing, report preparation and special audit engagements.
• Performed mapping/alignment of SOX (ITGC) with SSAE16 (SAS 70) external audit programs, leading to enhanced program
effectiveness in SOX compliance plan.
• Conducted testing for various flavors of UNIX, Windows, IBM z/OS, Oracle, DB2 and AS/400 platforms.
GRANT THORNTON, NJ Audit, Tax and Advisory IT Infrastructure / Audit / Risk Consultant (08/2009 - 11/2011)
• Conducted comprehensive IT infrastructure, system, network, databases and application control reviews in support of audit and risk
assessment initiatives.
• Worked closely with client risk and support groups in performing penetration, intrusion and vulnerability assessments.
• Designed, implemented, documented and conducted Sarbanes Oxley / Section 404-related control testing.
• Liaised with operational and financial groups to perform integrated audits, including divestiture/restructuring projects.
• Developed and implemented continuous (data analyzing) audits providing management with independent anomalies/comparative
status analysis.
• Mitigation control initiatives - follow-up projects. Streamlined audit preparation and execution aligning complex multi-group
requirements into straight-forward framework.
• Developed GRC project requirements.
AMERICAN INTERNATIONAL GROUP, NY Insurance and Financial Services IT Auditor (01/2007 – 07/2009)
• Audited multi-platform IT infrastructure with input throughout entire lifecycle.
• Prepared audit risk matrices, in addition to handling change management, disaster recovery, IT security and asset management.
• Developed and administered risk assessments and reviews for audits, IT projects and applications utilizing COBIT, CI Security, in-
house and external risk matrices.
• Produced and tested SOX-related controls, and coordinated federal agency reviews with external auditing groups.
• Established QAR (Quality Assurance Review) program implementation; achieved uniform adherence to standards, and streamlined
audit activities resulting in reduced redundancy and wider audit coverage.
• Developed and conducted (ASA - CAAT) Audit Survey Analysis; enabled customized and streamlined audits, resulting in wider
coverage and shorter/targeted execution.