Rahul Godara

S&P 500 electrical & manufacturing company. Reporting into VP of Enterprise Risk Manager

• • Collaborate with CIO, CISO, CTO and senior management to develop 3-year technology compliance strategy aligned with business objectives and IT strategy.
  • Evaluate company’s IT risk landscape and prepare IT audit conclusions to report to the CEO, CFO, CCO.
  • Develop and optimize Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs), and
    automate technology and business controls to reduce inefficiencies and implement a continuous audit
    approach.
  • Assess emerging tech including multi-cloud IT environments (SaaS, PaaS, IaaS), automation, and cybersecurity.
  • Review vendors and cloud service providers to mitigate risks arising from third parties.
  • Coordinate with external auditors, co-source partners, and manage projects and team-members to audit cybersecurity and IT systems.
  • Enhance the cyber assurance program by leveraging NIST and ISO frameworks.
  • Collaborate with M&A and Strategy teams to provide advisory services for compliance of recent
    acquisitions.
  • Assess key software developments, ERP security reviews, Agile methodologies, and
    cloud transitions.
  • Keep senior management informed on evolving regulatory and framework changes for SOX and NIST.
  • Hire, onboard and manage IT audit team-members.

Global technology company in internet gaming, sports betting, and digital & traditional lottery. Reported to Director of IT Audit and VP of Audit. Managed a team of 8 individuals with a mix of full time and SOX consultants.

• • Developed, implemented, and socialized SOX IT compliance program from ground up for the newly public company.
  • Achieved cost savings exceeding one million dollars by insourcing, automating, and negotiating the
    consolidation of audit scopes for SOX and SOC audits.
  • Conducted in-depth analysis of global cyber operations in Europe and Latin America.
  • Assessed current and future states, mapping IT risks to facilitate the transition from COBIT to NIST framework.
  • Led audits for ERP systems (SAP, Oracle, Workday), Cloud environments, data privacy (GDPR, CCPA), information security, and vulnerability management.
  • Recognized as subject matter expert and trusted advisor for IT risks in infrastructure, Cloud, third parties, and SAP.

Big Four accounting and advisory firm. Reported to regional firm Partners

• • Managed IT advisory scope, budget, and staff for financial, insurance clients across Dallas, Austin,
    and San Antonio.
  • Led and reported on cybersecurity reviews to client senior management, mitigating cyber risks and vulnerabilities.
  • Collaborated with regional Partners to develop and present client proposals.

Developed a boutique cybersecurity risk management firm with partnerships with CPA firms.

• • Delivered high-quality cybersecurity, IT security, and risk advisory services to multiple clients concurrently.
  • Established first and second layer of defense and instituted offshore resource office to execute outsourced projects.
  • Assessed risks and controls, equipping clients’ first and second lines of defense with comprehensive
    cyber risk programs from the ground up.
  • Conducted cybersecurity training and implemented control frameworks, assessing controls using MITRE and OWASP methodologies.

Regional – Northeast bank focused on retail and commercial operations.

• • Promoted from Risk Manager to Senior Risk Manager (Risk Specialist) in 2012
  • Managed the IT Infrastructure Risk Universe database, ensuring timely remediation of identified issues.
  • Led IT audits for SOX, SOC, GLBA, and AML compliance reviews for banking information and payment systems.
  • Conducted comprehensive assessments of IT infrastructure (Windows, UNIX, Linux), vendor
    management, physical security, disaster recovery and business continuity planning (BCP), software
    development and change management, online banking platforms, and wire operations.
  • Provided timely advice to senior management on risk assessment scope, status, final reports, issues,
    and remediations.

Big Four accounting and advisory firm. Reported to Mangers and Senior Managers.

• • Promoted from IT Audit Associate to Senior IT Auditor in 2008
  • Led audits for 14 clients in Finance, Insurance, Education, Healthcare, Manufacturing, IT, and Government sectors.
  • Executed comprehensive external and internal – IT and operations/business audits and advisory services.
  • Conducted SOC 1 and SOC 2 Type II technology and operations process assessments.
  • Performed HIPAA compliance assessments for Massachusetts-based healthcare providers on behalf of the MA State.
  • Conducted cybersecurity, vulnerability, and IT security assessments for Linux, Unix, Windows, Mainframe systems.
  • Led security audits for ERPs (Oracle, SAP) and assessed MITRE and OWASP for key development systems.
  • Assessed pen-testing and network security, including reviews of firewalls, VPNs, routers, and wireless
    networks.

Part-time with a full-time Job.

  Research Analyst in Cyber Security. Coded encrypted Steganography application in C and used SQL for database

Developed freelance commercial websites using HTML, JavaScript, CSS programming.