Noaman Uddin

I have total 7 years and 2 months experience, started my career in HSBC worked as analyst for 3 years in Identify Access Management, worked 2 years 1 month in Accenture as Risk and Compliance Associate in Internal Audit and SOX audit department and current working as Assistant Manager in Genpact.

Professional Experience:

Organization  :  Genpact 
Designation  :  Assistant Manager
Duration  :  17-08-2020 – till date

Job Responsibilities:..

Assistant Manager

• Manage performance of on-site audit work and review MSA, MBSA, Custom Work Orders, Framework Contract and SOW with risk owner and Business owner.
• Ensure effective scheduling of QA/QC team on a timely manner.
• Evaluating the internal control measures and procedures and report areas of non-compliance.
• Provide audit support for external auditors.
• Work with various functional leaders to ensure that internal controls are adequately to compliance with procedures, policies, law and regulations.
• Organize/prepare weekly meetings to develop/implement new ideas, approaches & technology improvements to enhance production, communication & client satisfaction/accuracy.
• Manage a team of professional resources, actively develop, train, coach and provide feedback for performance. 
• Evaluates performance data on key metrics and provides continuous performance feedback to team.
• Makes process improvements to improve quality and drive efficiency
• Identify and drive process improvement initiatives working to improve accuracy, timeliness and productivity within the team.
• Preparing and Publishing WBR’s & MBR’s to Management. Updating Operational Excellent Documents consist of Metrics, HLPM, DLPM, RACI, Control Charts etc.
• Strong project management and organizational skills, with the capability to work on multiple projects with minimal direction.
• Validating and analyzing the controls to be tested during the course of audit.
• Identify document and distribute audit observations and issue audit reports to the Management for smooth functioning of the process
• Preforming ITGC control testing for access provisioning, Access de- provisioning, access recertification and Change management.
• Perform testing and review of controls and provides business justification to Engagement Team by verifying and validating the supporting documents and tickets.

Professional Experience:

Organization  :  Accenture
Designation  :  Risk & Compliance Associate
Duration  :  19-02-2018 – 20-03-2020.

Job Responsibilities:

Access Management Controls

• Providing support in user maintenance like creating/modifying profiles for different web-based applications.
• Ensuring all processes/Procedures comply with audit requirements. 
• Managing pre-audit documents, collect tool information. 
• Collaborate SOP and user list for each tool. 
• Conducts the review in partnership with development team and handover revocation list to Tool owners. 
• Collect the audit evidence and upload the evidence to share-point for management review.
• Prepared documentation for all the steps performed.

SOX Auditing & Internal Auditing

• Validating and analyzing the contracts signed between two parties.
• Validate completeness of population of fully executed contracts between Compass One and Change point. 
• On a weekly basis, statistical samples of fully executed contracts are validated to determine initial contract set-up was performed accurately and completely in relevant system of records.
• These auditing are to be done according to SOX Compliance requirements policy. This policy defines key requirements under the Sarbanes-Oxley Act of 2002(‘SOX’), as it relates to financial reporting and fraud prevention, and describes key roles and responsibilities for each participant in the SOX Compliance Program. 
• Audits the MCS and Premier contract from the offshore population file.
• Review pending and failure contracts for exceptions and provides business justification to GESO (Global Enterprise Service Operations).
• Validates the testing results and provides feedback.
• Auditing the NWS (New Work Sold) Contract and Engagements adhere to NWS Policy and Business rules with a goal to reduce risk in the business.
• The process is to ensure that there is no missing information in the initial stage of the contract to ensure the NWS recognized is the correct amount according to Policy. 
• Audits the NWS engagements and send information on missing documents or audit failure to Field teams through NWS Help team. This can be done by checking financial details required documents like SOW (Statement of Work), WO (Work Order), PO (PO, Purchase Order only if available). Validate the documents in Compass One and Change Point.
• On a weekly basis, statistical samples of existing contracts are validated to determine initial contract ESAP (Enterprise Services Authorization Policy) approvals were performed accurately and completely in relevant system of record.
•  The purpose of doing this audit is to minimize risk to Microsoft and customers by ensuring that contract decisions are made responsibly, with appropriate authority and proper oversight.
• A statement of work, work order, master agreement, amendment or other legally binding documents between Microsoft and a customer or Subcontractor documenting an agreement to provide services, Whether the Contracts are Approved by designated authority are to be audited.
• ESAP Auditing is to be done according to the ESAP Policy documents.

• As a part of Quality Audit Team,  
o Plan and conduct quality audit, which contains whether ticket was escalated to the correct team, User was informed as per the standard process, correct Configuration Item was used while creating the ticket in SNOW (Service Now), Follow-up process was followed as per the procedures.
o Identify, document and distribute audit observations and issue audit reports to the Management for smooth functioning of the process.
o Conduct meetings with Team members, managers to discuss audits and potential changes to prevent future errors.
o Prepares multiple reports monthly/quarterly by analyzing operating data & inventory to ensure accuracy to meet departmental goals.
• Handling Escalation mailbox
o Taking ownership of the mailbox in the shift, responding all the mails comes to the mailbox.
o Analyze the mails that comes in, check with the respective Team and find the root cause of escalation mail.
o Educating the Team if there is any miss from our end.

• As a part of Work Force Management, I was responsible to audit Time and Attendance (TNA) of Microsoft Employee. 
o The purpose of this team is to check if the employees are following the MS Labor Recording and Approval Policy.
o Informing them about the violations and making them aware about the MS Policy.

Professional Experience:

Organization  :  HSBC
Designation  :  Information Security - Analyst
Duration  :   23-12-2014 – 8-12-2017.

Job Responsibilities:

Access Management

• User access review for about 1000 applications using tools to manage user details.
• Identification and Assessment of the Risk of the current and emerging operational Risks.
• Monitoring Key Controls and ensuring controls are in place to mitigate Risks as they should be appropriate to Organization’s standard policies and procedures.
• Ensuring the effectiveness of Key Controls are assessed on a regular basis and actions identified to address any control gaps or inadequacies.
• Risk and Control Assessment, I undertake the following activities as a part of Risk control.
• Providing support in user maintenance like creating/modifying profiles for different web based High value Payment application.
• Processing the requests received within agreed time scales and abides by the policies and procedures surrounding them in accordance with priorities and agreed SLA targets.

ü Completed Bachelor of Technology (B.Tech) in Computer Science & Information technology engineering from Greenfort Engineering College.