Emmanuel KHAN

Portfolio · CV

Emmanuel
KHAN

Senior Manager at EY Luxembourg, specialised in IT Risk, Governance & Audit — helping organisations assess, strengthen and align their IT environments with financial and regulatory standards.

IT Risk SOX / PCAOB SAP Internal Audit Governance Information Security
Career

Work Experience

EY (Ernst & Young)

Current
Senior Manager — IT Risk, Governance & Audit
Luxembourg September 2025 – Present

Assurance practice. Continuing to operate across the full IT risk spectrum, delivering IT audit, advisory and governance services to clients in Luxembourg and across the region. Similar responsibilities as at Deloitte, with a focus in the banking sector and financial instituions.

Deloitte.

Senior Manager — IT Risk, Governance & Audit
Gateway Building, Brussels Airport, Zaventem, Belgium September 2015 – September 2025

Audit & Assurance. Working across the full IT risk spectrum with multiple responsibilities in project management, technical expertise, and client advisory.

  • Audit & Project Management
    • IT audit scope definition — risk assessment from business activities and IT landscape
    • Budget definition and follow-up; audit approach and materiality assessment
    • Remediation & mitigation action plan (SOX / non-SOX clients)
    • Reporting to management and audit committees
    • Team management (consultant to manager level)
  • Technology Expert
    • Member of Deloitte's SAP Centre of Excellence
    • Subject Matter Expert for technical audits (infrastructure, database, configuration, code review)
    • CTO role for Audit & Assurance department, Deloitte Belgium
    • SAP & infrastructure training delivery
  • IT Processes & Controls Audit
    • Change management, Patch management
    • Information Security (IAM, SoD, Privileged Access, Security configurations)
    • Backup & recovery, Batch job management, Physical access & datacenter security
    • Business Segregation of Duties (SOD)
  • Internal Audit Missions
    • IT risk assessment, risk & control matrix, internal audit plan
    • Audit execution, documentation and reporting with remediation recommendations
  • Business Development
    • RFP assessment, scope & budget definition, proposal writing and defense

Selected clients

Solvay

  • External auditor
  • IT systems & financial statements
  • ERP implementation review

GSK Vaccines

  • SOX / PCAOB environment
  • Automated controls & SoD audit

Galapagos

  • SOX / PCAOB environment
  • ERP implementation review

Daikin

  • JSOX / PCAOB environment
  • IT systems audit

Orange

  • SOX / PCAOB environment
  • IT systems & SoD audit

Worldline

  • External auditor
  • Interfaces & automated processing

Tractebel

  • External auditor
  • ERP implementation review

Banque CPH

  • Internal auditor
  • Multi-year audit plan

BNP Paribas IP

  • External auditor
  • IT systems audit

Marsh Assurance

  • Interface & reconciliation review

OPW

  • Advisory
  • Automated controls & risk assessment

Aliaxis & Agomab

  • Advisory
  • IT risk & control matrix

CODiLOG / ERDF

Assistant SAP Project Manager (End-of-studies internship)
Nanterre, Île-de-France, France February 2015 – August 2015

Functional program validation team — supporting the COSY project (customer information system covering C1–C4 clients, ~5B€ of ERDF's revenue).

  • Industrialisation of workload planning and activity monitoring tools
  • Activity monitoring KPIs and reporting
  • Daily activity and deliveries monitoring
  • Process documentation for tool usage and external loads
  • Creation of a SharePoint "Fil info" for real-time activity monitoring

Johnson & Johnson

Assistant SalesForce Application Technical Manager (Internship)
Issy-les-Moulineaux, Île-de-France, France August 2012 – January 2013

6-month internship in the European Centre of Excellence team. Monitoring of the FDV EasyTrade SalesForce application (developed by Coheris) following ITIL processes — ensuring SOX compliance.

  • Preparation and monitoring of SFA releases; liaison with internal technical teams and European salesforce representatives
  • European-level SFA activity monitoring and decision reporting
  • Client and change management SharePoint improvements
Credentials

Certifications

PRINCE2® Foundation

PeopleCert
April 2019

ITIL® (2011) Foundation

APMG-International
January 2016

TOEIC®

EPITA School
2012 · 860 points
Academic

Education

EPITA — Graduate School of Computer Science & Advanced Technologies

Le Kremlin-Bicêtre, Île-de-France, France 2009 – 2015

Major: Computing Engineering for Real-time and Embedded Systems
Minor: Business Intelligence (Analyse / Dimension / Influence)

Engineering school delivering a degree in Computer Science and the title of Engineer.

  • Low-level programming (Kernel and System)
  • Embedded programming
  • Robotics – Automation
  • Project Management

Stellenbosch University

Stellenbosch, South Africa January 2011 – June 2011

EPITA international exchange program. Courses: Electronics, System Architecture, Mathematics, Algorithms.

Jacques Monod High-School

Clamart, Île-de-France, France 2008

Baccalauréat in Science (French high-school degree).

Expertise

Skills

Audit

Applications
SAP R3/S4HANA SAP BI/BW SAP GRC Oracle Fusion / R12 Baan ERP J.D. Edwards MS Dynamics SAGE 100 BPCS
Databases
Microsoft SQL Oracle DB2 HANA
Operating Systems
Windows Server OS400 HP-UX SUSE Linux RedHat Active Directory
Methodology
PCAOB / SOX ISA ITIL Agile

IT & Coding

Programming
C C++ Python Java
Web
HTML CSS
Databases
PostgreSQL Microsoft SQL Oracle
OS
Unix / Linux Windows
Software & Tools
MS Office / VBA Visual Studio Photoshop Matlab / Simulink Git LaTeX Shell scripting OpenCV DO-178 B/C
About

Miscellaneous

Languages

French — Native

English — Advanced · TOEIC 860

Hobbies

🎾 Tennis 🏃 Running 🎸 Guitar ✈️ Travel 🚗 Automotive
Academic work

School Projects

AlgoDream

C# · XNA

First-year EPITA project. A 2D platformer game developed with a four-person team using the Microsoft XNA framework, where the hero seeks the "light".

VirgoTerris

OCaml

Second-year project. Software generating a 3D map from a given 2D topographic input.

First Year Engineering Projects

C · C++ · Java

C Projects

  • Libc — rewrite of core libc functions (libstring, libstream, myprintf, fnmatch, malloc)
  • MyReadIso — ISO file reader
  • Find — rewrite of the Unix find command
  • myHTTPd — multi-threaded HTTP server
  • "Rush" — R-type horizontal scrolling shooter in 36h with a team of 3
  • 42sh — POSIX shell implementation in C (one month, team of 4)

C++ Projects

  • Conway's Game of Life (UML-driven conception)
  • Tiger — full compiler (lexer, parser, AST, machine code generation)
  • Chess — board + piece movement + simple AI with move lookahead

Java Projects

  • Survivor & Gladiator — RMI server/client implementation
  • MyPhotoshop — image editor with filters and drawing
  • Yakaérien — airport management platform (Struts + Hibernate) with functional specs and test suite

Kaneton

C

Flexible and secure microkernel implementation in C. kaneton.opaak.org

Linux USB Driver

C

Linux driver for a USB Webmail Notifier device — brightness control and blink via ioctl.

BSP — Raspberry Pi & Armadeus

Buildroot

Linux BSP built with Buildroot for a Raspberry Pi and an Armadeus card.

FPGA + LCD Screen (I²C)

VHDL

FPGA configuration to drive a 2-line LCD screen via the I²C protocol.

Final Project — Augmented Reality Glasses

C++ · OpenCV

School-funded project: augmented reality glasses using Vuzix 920AR, a Raspberry Pi and OpenCV. Focused on optimising image processing pipelines for minimal latency on constrained hardware. Presented to monthly steering committees.