Ashish Maheshwari
@ashishmaheshwari
IT Risk and Compliance Manager specializing in IT audits, ITGCs/ITACs, and J-SOX/ICFR delivery.
What I'm looking for
I’m an IT Risk and Compliance Manager with over 9 years of experience in IT Audits, IT Risk management, and IT Compliance. My work centers on IT General Controls (ITGCs) and IT Application Controls (ITACs), including SOX/J-SOX reporting, SOC (Type 1 & 2), ISAE 3402 engagements, and Internal Control over Financial Reporting (ICFR).
In my current role at Eneco, I own the end-to-end J-SOX compliance program, oversee design and operational effectiveness testing of ITGCs across Change Management, Access Management, and HR lifecycle processes, and act as the primary point of contact for the external auditor during annual J-SOX cycles. I continuously identify control gaps, lead remediation through risk/control frameworks like Risk Control Matrices (RCMs) and process narratives, and build stakeholder alignment across IT, Finance, and Operations to embed a risk-aware culture.
Experience
Work history, roles, and key accomplishments
IT Risk and Compliance Manager
Eneco
Apr 2024 - Present (2 years 2 months)
Own the J-SOX compliance program, overseeing design and operational effectiveness testing of ITGCs across change, access, and HR lifecycle processes for critical ERP and financial systems. Coordinate with the external auditor and lead control gap remediation while maintaining the IT risk and control framework.
Risk and Internal Control Officer
Worldline Global
Oct 2022 - Mar 2024 (1 year 5 months)
Serve as a second-line-of-defence risk function, conducting design and operational testing of internal controls across key business cycles including procure-to-pay, order-to-cash, and HR processes. Manage ISAE 3402 and ICFR engagements and maintain risk documentation such as process flowcharts and RCMs.
Risk Advisory Junior Manager
Deloitte Risk Advisory BV
Jun 2021 - Sep 2022 (1 year 3 months)
Lead IT risk advisory engagements for multinational clients, including SOX external audit support and ITGC assessments across technology and media industries. Execute ITGCs across access, change, job scheduling, and network operations and perform application control reviews, segregation of duties analysis, and interface testing.
Assistant Manager, Risk Advisory
Deloitte Touche Tohmatsu India LLP
Jan 2021 - May 2021 (4 months)
Execute SOX and management testing engagements, including walkthroughs, risk identification, and operating effectiveness testing documented in risk and control matrices. Manage engagement delivery from planning through reporting and ensure adherence to regulatory compliance and internal policies.
IT Risk Consultant
EY India LLP
Aug 2017 - Jan 2021 (3 years 5 months)
Lead and deliver IT risk engagements including SOX audit support, ISAE 3402 reviews, computer system validations, and SAP consulting across multiple client sectors. Evaluate business processes, assess risks, test IT and business process controls, and deliver an end-to-end SAP S/4HANA Plant Maintenance (PM) implementation.
Education
Degrees, certifications, and relevant coursework
Vrije University Amsterdam
Post Graduate Course, IT Audit, Compliance and Advisory
Completed a Post Graduate course in IT Audit, Compliance and Advisory at Vrije University, Amsterdam.
SRM University
Bachelor of Technology, Technology
2013 - 2017
Earned a Bachelor of Technology from SRM University between July 2013 and May 2017.
Availability
Location
Authorized to work in
Job categories
Skills
Interested in hiring Ashish?
You can contact Ashish and 90k+ other talented remote workers on Himalayas.
Message AshishGet matched with your dream remote job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
