BALA Balakrishnan. CISA, CISSP, AWS CCP

IT/IS Auditor, Cybersecurity Professional, Safeguarding customer and company information.

Detroit Metropolitan Area

About

Experienced Information System Auditor who has successfully led risk based global information system audits assessing controls aimed at protecting customer and company business critical information asset. Expertise includes: • Identity and Access Management, Data Protection/security Audits. • Auditing end to end IT processes - Governance, Management, Monitoring and Change Control. • Control gap mitigation guidance and evidence verification including cyber-security vulnerability mitigation. • Vulnerability and patch management audits • Agile Framework, Scrum, Kanban. • Assessing/validating SOX , ITGC, DRBC & Cyber Security Controls for applications, • Auditing Data centers, databases, Servers, assembly, and manufacturing plant floor control machines • IT/Business Integrated Audits • Leading IT Audit and Report Generation. • Business Analysis, and Project Management. Technical Skills: • Fundamentals of Azure Cloud, Kubernetes/Open Shift, • Microsoft Excel - Macros and Pivot Tables. • RDBMS DBs, SQL, Access, PL-SQL and Hierarchical databases, • Power BI data visualization, • Value Stream Mapping Industry Knowledge: PCI-DSS || GDPR || SOC 1&2 || NIST-CSF || ISO-27002-203 || ISO-27001:2013 SSAE-18 || NIST-CSF || ITIL || SOX || HITRUST || GRC

Experience

  • Technology Audit Lead at Stellantis
    Aug 2025 - Present · 1 yr

  • IT Auditor/Cybersecurity Professional/Independent Consultant at Independent Consultant
    Jan 2025 - Jul 2025 · 7 mos

    - 02/05/25 - Passed CISSP Exam. - 03/27/25 - Passed AWS Certified Cloud Practitioner Exam. - AWS Solution Architect Associate - WIP - AWS Security Specialist - WIP - Security+ Exam - Work in Progress. - ISACA CRISC - Work in Progress.

  • Sr. IT Auditor at ADIENT SEATING
    Oct 2022 - Dec 2024 · 2 yrs 3 mos

  • Ford Motor Company (18 yrs 10 mos)
    • Process Analyst/Coach - Transformation Office
      Jan 2022 - Aug 2022 · 8 mos

      • Implemented development controls in enterprise agile and iterative SDLC/change Control process for SAP ERP suite of applications resulting in earlier and easier and cost-effective implementation of access and data security controls into applications. • Successfully implemented KanBan and the practices Backlog Generation, Sizing, Grooming, Release Planning, Daily Standing Up, Release Demo and Retrospect.

    • IS Auditor - Internal Security and Controls Auditors
      Oct 2015 - Dec 2021 · 6 yrs 3 mos

      Performed audit on information systems and infrastructure resulting in reduced number of control weakness and reduced number of security breach incidents. The following are some of the type of audits I led and executed. • Information System General Control Audits - Access control, Data Security, SoD, Change Control, Information protection, application data and network architecture, IT SoX compliance etc. • Mobile application audits for cyber security, cyber-attack vulnerability • Outside Service Provider audits resulting in improved security for Ford’s information assets. • IT processes end to end audit resulting in improved Governance, Management, Monitoring, and change control. • Manufacturing and Assembly Plant IT infrastructure (DXDs and control processors) resulting in reduced plant down time due to IT system and infrastructure failures. • Audited the usage of emerging technology, helping in identifying new and evolving control weaknesses and threats.

    • Agile Workstream - Process Methodologist
      Jul 2011 - Oct 2015 · 4 yrs 4 mos

      • Developed/implemented SDLC processes resulting in streamlined systematic delivery of IT Solutions. • Implemented Agile Methodology/practices and scaled agile methods resulting in more frequent solution deployment and earlier identification of problems. • Developed/Deployed Web Based and classroom training, and Single-Point-Lessons for learning Agile and Agile practices/ceremonies resulting in improved agility of the IT Solution Delivery business unit.