MJ

Open to opportunities

mohit jamwal

@mohitjamwal

SOX ITGC & GRC Program Lead delivering zero material weaknesses through end-to-end IT risk, TPRM, and executive reporting.

What I'm looking for

I’m seeking remote or senior in-market GRC, SOX Lead, or IT Risk roles globally (and in Southeast Asia), where I can own end-to-end ITGC delivery, TPRM, logical access governance, and executive risk reporting with auditable, zero-surprise outcomes.

I’m a SOX ITGC & GRC Program Lead with 9.5 years at Tata Consultancy Services, embedded as the sole senior compliance lead at Fortune 500 US clients across manufacturing, transportation, and banking. I drive end-to-end ITGC programs—walkthrough, interim, rollforward, and year-end—while owning deficiency identification, remediation, and auditor retesting.

In concurrent Big 4 audit engagements, I’ve delivered zero material weaknesses, including Hasbro where 16 ITGC deficiencies were identified and all 16 were remediated with zero findings on the final SOX report. I operate as the single liaison across EY and KPMG phases and provide structured, CISO-level executive risk reporting tied to delivery performance, workload, and risk posture.

I also strengthen control environments through Third-Party Risk Management (TPRM) for 89+ vendors, logical access governance (UER, privileged access, termination controls, segregation of duties), and continuous controls monitoring across SOX in-scope applications. Using tools like AuditBoard, ServiceNow GRC, and OneTrust—and leveraging cloud security controls for AWS/Azure—I help teams close gaps fast, with auditable evidence and clear control narratives aligned to SOX, ISO 27001, NIST, PCI-DSS, HIPAA, and GDPR.

Experience

Work history, roles, and key accomplishments

TS

Current

SOX & GRC Program Lead

Current

Tata Consultancy Services

Mar 2022 - Present (4 years)

Led end-to-end SOX ITGC and GRC programs as the sole senior compliance lead for Fortune 500 US clients, delivering zero material weaknesses across concurrent Big 4 audit engagements. Managed 254 PBC requests (583 sub-requests) and 1,534 evidence files, identified 16 ITGC deficiencies and remediated all within an average 2-day turnaround.

Deficiency Remediation Audit Liaison (Big 4)

IN

IT Risk Analyst & Developer

Aug 2016 - Mar 2022 (5 years 7 months)

Performed dual-role IT risk and compliance and cloud application development for US banking, healthcare, and enterprise clients, completing 150+ vendor risk assessments. Identified and escalated a critical third-party access review failure (not conducted for 12 months) and termination control gaps, ensuring proper risk tracking through to remediation closure.

IT Risk Management GRC Vendor Assessment Logical Access Controls Python AWS EC2 S3

Education

Degrees, certifications, and relevant coursework

CU

Chitkara University

Bachelor of Engineering, Computer Science

Bachelor of Engineering in Computer Science from Chitkara University (graduated in 2016).

Tech stack

Software and tools used professionally

OneTrust

DB

Gmail

Root Cause

SQL

ServiceNow

ADP

Evidence

Remote

Proofpoint

AuditBoard

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!