| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name , CISAWASHINGTON DC Street Address
Tel: - PHONE NUMBER AVAILABLE; Email: EMAIL AVAILABLEIT AUDITOR/ IT COMPLIANCE ANALYSTPROFILE An experienced IT Auditor and Compliance Analyst entrusted with managing complex and multi-system application control, SOX, SSAE 18 (SOC 1, SOC 2 & SOC 3), ISO 27001, ITGC and PCI DSS projects and carry out assessment of the effectiveness of company internal controls concerning IT processes and systems to help ensure companys IT compliance programs are achieved alwaysSKILLS HIGHLIGHTSExtensive background in all stages of audits, including planning; study, evaluation, and testing of controls; reporting; and follow-up.Good understanding of control frameworks such as COBIT, COSO, PCI DSS, NIST 800-53 and ISO 27001.In-depth knowledge of Sarbanes-Oxley Act (SOX) and business processes.Ability to use MS Office (Word, Access, Outlook, Excel, PowerPoint).Excellent project management, teamwork, and leadership skills. Ability to deliver excellent value to clients and maintain effective client relationships.Good analytical thinking, excellent communication and report writing skills.WORK EXPERIENCE:RSM US LLP AUG 2022- TILL DATEITGC INTERNAL AUDIT & CONTROLSCoordinate IT related SOX compliance processes, assessing IT general controls in connection with program development, change management, computer operations, security, and configurations as well as vendor service providersPerform and documents SOX walkthroughs and testing in accordance with the applicable frameworks.Execute work programs to test operational effectiveness of key controls using a variety of approaches, including sampling, corroboration, observation and performance.Summarize test results at the conclusion of testing and communicate to the process owners any control deficiencies and provide recommendations for remediationReview control deficiency and compliance letters, with an eye on quality, thoroughness and accuracy for SSAE 18 (SOC 1 & SOC 2).Examine internal IT controls, evaluate the design and operational effectiveness, determine exposure to risk, and develop remediation strategies.Perform compliance reviews of management testing of internal controls to ensure compliance with the required SOX test plans and documentation requirementsMonitor the testing progress of process owners to ensure: timely completion, research the risk and impact of control findings, recommend remediation plans to management, develop timelines for re-testing, and ensure SOX documentation requirements are met.BERKELEY LIGHTS FEB 2022 JULY 2022IT COMPLIANCE ANALYSTAssisted in the review and improvement of SOX Program methodology and practices, including innovation initiatives and maintenance of policies and proceduresConducted security focused IT risk assessment, identify potential weaknesses and create value added, relevant solutions that address internal control needs and business requirements without sacrificing efficiencyConducted testing of Sarbanes-Oxley (SOX) and Service Organization Control (SOC1 & SOC 2) SSAE 18 reviews using COBIT framework.Tracked, monitored, and reported all Internal Risk Control Self Assessments (RCSA) in compliance with policies and standardsPerformed IT general controls and application controls reviews and monitor segregation of duties and other key management controls.Tracked and monitored audit findings and works with control owners / monitors to ensure remediation action plans are put in place and addressed in a timely mannerEvaluated all control deficiencies, identify root causes, develop strong remediation plans and monitor implementation for timely remediation of control weaknessesActed as the liaison between external / internal audit and control ownersEvaluated internal operational and procedural compliance.Analyzed and update existing compliance policies and related documentation.Communicated compliance policies and guidelines to Management and designated departments.DELOITTE LLP (AUDIT, CONSULTING, ADVISORY SERVICES) MARCH 2019 JAN 2022IT AUDITOR & COMPLIANCE ANALYSTPrepared IT audit program to include access control, change management controls and application controls; and identify deficiencies in the design and operating effectiveness of control and provide recommendation.Identified and communication IT audit findings to senior management and clients.Maintained good working relationship with the clients to enhance customers satisfaction and work with client management and staff at all levels to perform audit service.Performed all stages of audit planning, fieldwork, executive, reporting and follow up.Prepare IT audit program to include access control, change management controls and application controls; and identify deficiencies in the design and operating effectiveness of control and provide recommendation.Identified and communication IT audit findings to senior management and clients.Maintained good working relationship with the clients to enhance customers satisfaction and work with client management and staff at all levels to perform audit service.Performed tests to validate the Integrity and effectiveness of controls that are in place.Reviewed and analyzed audit evidence, documented processes, and proceduresUNICORN CONSULTING LLCS SEPT 2015 JANUARY 2019IT AUDITORReviewed of IT General Controls (ITGC) and various applications, databases, operating systems, and network devicesPerformed and document audit activities in accordance with professional standards such as COBIT, COSO and SOX internal control frameworks Audit Project.Handled of special projects such as Segregation of Duties (SOD) and SOX Compliance business challenge projects HIPAA and identify conflicts or inadequate internal controls and provide recommendationsPerformed audit with IT general controls such as, access control, change management, IT operations, disaster recovery and platform reviews (Windows and UNIX OS) using, COBIT, ISO and NIST 800-53 frameworks.Prepared audit scopes, reported findings, and presented recommendations for improving data integrity and operations.Audited, tested and implemented Enterprise Resource Planning Software: SAP, Oracle Financial and People soft.Assisted IT management in identifying gaps between policy and process, developing recommendations to remediate control weaknesses and be responsible for developing and maintaining IT control metrics related to compliance activities.Provided IT risk assessments and SAS 70 /SSAE18 and has conducted review of data centers, extranets, telecommunications, and intranets to access controls and ensure availability, accuracy, and security under all conditions.SCANS GLOBAL LOGISTICS FEBRUARY 2013 TO AUGUST 2015INTERNAL AUDITORDocumented physical access controls to computer resources by evaluating existing environmental security, conditions, and available emergency procedures.Reviewed and analyzed audit evidence, documented processes, and procedures.Helped establish annual audit using risk assessment methodology.Coordinated with various departments to create remediation plan for deficiencies found during audit.Examined the audit trail to review access, user activities, and failed login/logout.Established the control points for every phase of system implementation as defined by the SDLC methodology end user buy-off, testing in development and not production environment, adequacy of testing etc.Provided audit and compliance/consulting support for the Project Management team by ensuring compliance with defined standard and methodology Project Initiation through go-live.Ensured that all information systems, products, processes, and services meet the policies and standards of the organizationRecommended appropriate compensatory controls to mitigate any potential risk to system and application.EDUCATIONLadoke Akintola University of Technology: - MSc in Transport ManagementKwara State Polytechnic Ilorin; BSc in Mechanical EngineeringCertified Information System Auditor (CISA) CertifiedCOMPUTER SKILLS:Microsoft word, Excel, Share Point, Windows, and Visio |
