Aug 2025 – Feb 2026 · 6 mos · Hoboken, New Jersey, United States

• Executed IT integrated audits to provide independent assurance over effectiveness of IT General Controls (change management, access control, IT operations, disaster recovery), IT Application Controls and business process controls over financial reporting and financial statement audits.
• Led risk assessments and design ITGC test procedures across business processes (e.g., revenue, payroll, inventory, cycle counting) to address the risk of material misstatements through control optimization.
• Performed SOC 2 walkthroughs for a global workforce and HR management services client focusing on IDS/IPS configurations, vulnerability management, secure data storage, digital certificate management and data privacy.
• Mentored 4+ junior auditors and reviewed 48+ workpapers per quarter for compliance with EY and PCAOB standards, enhancing audit quality and team collaboration.
• Tracked engagement budgets greater than 8000 hours via B2A analysis, identified cost variances, and implemented corrective actions to improve resource utilization by 22%.
• Coordinated audit sprint planning and scoping, identified key controls and optimize task prioritization, resulting in 16.8% faster audit completion cycles.
• Communicated complex control findings to clients in clear and concise terms, effectively helping them understand the underlying risks and their potential impact, enabling informed decision-making.

Aug 2024 – Aug 2025 · 1 yr · Hoboken, New Jersey, United States

• Performing SOX 404 IT application control assessments for clients based in Boston as part of Ernst and Young's technology risk practice.
• Executing IT audit procedures for Financial Integrated IT Audit, ensuring the integrity and compliance of various financial processes critical to the client.
• Documenting IT general controls assessments, including design and operating effectiveness for change management, logical access, and IT Operations.

Jul 2023 – Aug 2024 · 1 yr 1 mo · Hoboken, New Jersey, United States

• Performing SOX 404 IT application control assessments for a major life sciences client based in Boston as part of Ernst and Young's technology risk practice.
• Executing IT audit procedures to support the financial audit team, ensuring the integrity and compliance of various financial processes critical to the client.
• Overseeing IT general controls assessments, including design and operating effectiveness for change management, logical access, and IT Operations.

Jan 2023 – May 2023 · 4 mos · Boston, Massachusetts, United States

• Mentoring a class of 39 graduate students in the CY5200 Security Risk Management and Assessment course through one-on-one sessions and weekly office hours to resolve questions about assignments, lectures, and tests.
• Assisting students in understanding ITGCs, risk assessments along with drafting security policies and compliance controls.
• Grading questions for exams and weekly assignments to enhance understanding of various of risk analysis processes.

Jul 2022 – Dec 2022 · 5 mos · Boston, Massachusetts, United States

• Involved in supporting Fidelity’s Asset Management (AM) Business Unit to audit 3 platforms across access control, change management, business continuity, disaster recovery and resiliency operations.
• Performed compliance testing of internal IT general controls (ITGCs), evaluating their design and operational efficiency, determining risk exposure, and establishing risk-mitigation strategies.
• Participated in standup meetings, sprint reviews, backlog refinement, and scrum ceremonies with the squad leader and the scrum team to generate user stories, sprint evaluations, risk assessments, and other audit documents.

Jan 2022 – May 2022 · 4 mos · Boston, Massachusetts, United States