Hardik Sachaniya
Muscat
Summary
Experienced IT Auditor with over 8 years of proven expertise in evaluating and strengthening IT controls, ensuring compliance with industry standards such as SOX, ISO 27001, COSO, and COBIT. Skilled in identifying risks, assessing internal controls, and recommending process improvements across various IT environments. Demonstrated ability to collaborate with cross-functional teams, and lead audits. Strong background in cybersecurity, risk management, and regulatory compliance.
Overview
9
9
years of professional experience
3
3
Certification
Work History
Sr. Control Self-assessment & Governance
Bank Muscat
Muscat
10.2024 - Current
- Implement an IT governance framework to align technology initiatives with the bank's goals, ensuring that all IT projects support business objectives.
- Collaborated with cross-functional teams to drive governance initiatives, ensuring transparent communication and adherence to information security standards.
- Develop and implement an IT governance framework, ensuring alignment with business objectives and industry best practices (ISO, COBIT, COSO).
- Conduct a risk assessment to identify potential IT vulnerabilities, and design strategies to mitigate risks.
- Establish and enforce enterprise-wide IT standards to ensure compliance with the Central Bank of Oman (CBO).
- Lead IT audit processes, working closely with internal and external auditors to address findings and improve controls.
Information Security Consultant (IT Audit)
Paramount Computer systems FZ-LLC
Bangalore
09.2022 - 10.2024
- Review and evaluate the adequacy of internal controls (IT general controls), and compliance with IT security policies and procedures.
- Conduct risk assessments and vulnerability analyses to identify and mitigate security threats.
- Develop, review, and enforce security policies, procedures, and standards to ensure compliance with regulatory requirements, as per ISR.
- Review of information security controls and practices relating to ISO 27001.
- Design, improvement, and implementation of ISMS in compliance with ISO 27001.
- Conducts process reviews across first-line departments to ensure efficient and effective controls are implemented to mitigate inherent risk.
- Assesses business line processes by conducting a risk assessment to evaluate risks (operational, compliance, etc.). And control environments.
- Performed testing of IS controls on Archer to validate the design and operating effectiveness, and to ensure availability, accuracy, and security.
- Conduct workshops, walkthroughs, and evidence reviews with identified stakeholders.
- Calculate residual risk as per the bank's TRM/Group Operational Risk Management policy.
- Performed a final review of ITGC controls and sign-offs.
IT SOX Auditor
VFI SLK Global Services Private Limited
Bangalore
02.2021 - 07.2022
- Perform testing over ITGC and Business Process for the management on the appropriateness of the security controls in place.
- Performing risk-based audits on ITGC (access control, change management, IT operations), and application control.
- Perform ITGC to verify compliance with SOX provisions and professional standards around the area of change management, logical access, including backup and recovery, job scheduling, and incident management.
- Performed application-level controls testing on the ERP system (ServiceNow).
- Testing of IT infrastructure (databases and operating systems).
- Performed a process and control walkthrough to validate the design effectiveness of IT internal controls.
- Ensuring assurance by reviewing third-party attestation reports (SOC 1 and SOC 2) for controls relevant to internal organizational controls related to financial statements.
IT Infrastructure Engineer
BDI plus Lab Pvt ltd.
Bangalore
03.2017 - 01.2021
- Planned all IT audits, from general controls to IT SOX compliance.
- Conduct reviews to identify risk areas, and establish protocols to control or eliminate problems.
- Conducted regular audits, and analyzed reports.
- Advised on current efficiency standards and control framework.
- Worked with legal departments to assess vulnerability areas.
- Worked alongside the security risk assessment program to identify and document any risks that are discovered.
- Plan and develop audit scopes for key technology across the group.
Field Engineer - Executive Support Engineer
TVS Electronics Ltd.
Ahmedabad
09.2014 - 03.2016
- Provided technical support to customers by troubleshooting and resolving hardware and software issues.
- Assist in providing technical support to the engineering group at the site.
- Installed and tested operating systems, applications, updates, patches, and service packs.
- Maintain current knowledge of relevant technology, as assigned.
- Diagnosed computer systems to identify root cause of customer issues.
- Assisted customers with troubleshooting software and hardware issues.
- Managed ticketing system to track, prioritize, and resolve customer support requests.
Education
B. Tech - Electronics & Communication
Gujarat Technological University
India05-2014
Skills
- IT general controls (ITGC)
- ISO 27001 - 2022 (ISMS lead auditor)
- SOC 1 and SOC 2
- COBIT framework
- COSO framework
- Sarbanes-Oxley (SOX) compliance
- Risk Control Self-Assessment (RCSA)
- Networking
- Business continuity and disaster recovery
- Risk Management
- Client leadership
- Cloud and infrastructure security
Certification
- CISA
- ISO 27001: 2022 Lead Auditor
- CCNA
Activities
Actively Participate in Events of ISACA such as cybersecurity, Governance and Risk.
Timeline
Sr. Control Self-assessment & Governance
Bank Muscat
10.2024 - Current
Information Security Consultant (IT Audit)
Paramount Computer systems FZ-LLC
09.2022 - 10.2024
IT SOX Auditor
VFI SLK Global Services Private Limited
02.2021 - 07.2022
IT Infrastructure Engineer
BDI plus Lab Pvt ltd.
03.2017 - 01.2021
Field Engineer - Executive Support Engineer
TVS Electronics Ltd.
09.2014 - 03.2016
B. Tech - Electronics & Communication
Gujarat Technological University
Similar Profiles
Marwan Ali Al KharusiMarwan Ali Al Kharusi
Unit Head - Digital Banking at Bank MuscatUnit Head - Digital Banking at Bank Muscat
RANAD AHMED AL BALUSHIRANAD AHMED AL BALUSHI
Acquisition officer at Bank MuscatAcquisition officer at Bank Muscat
Nasar ThansilNasar Thansil
Application Support Engineer (ATM) at Bank MuscatApplication Support Engineer (ATM) at Bank Muscat
Salim Al DhawiSalim Al Dhawi
Field Accommodation Inspector at Superiority of Modern ServicesField Accommodation Inspector at Superiority of Modern Services
Mahmood Al LawatiMahmood Al Lawati
Group General Manager at Realty Gate LLC, Swan Interiors, Creative Design House, Qabas UnitedGroup General Manager at Realty Gate LLC, Swan Interiors, Creative Design House, Qabas United