| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name , (CISA)Dallas Texas, Street Address .EMAIL AVAILABLEPROFESSIONAL PROFILE :IT Professional with over 5 years of experience in IT Auditing, Controls, and Implementation. Experienced in Risk Assessment, IT General Controls - Access Controls, Change Management Control, and IT Operations Control.Expertise in IT Application controls, assessment, documentation of audit findings, and communicating such findings to the team and management. Skilled in risk-based audits like information security management systems, development lifecycle, and change management strategy, compliance audit SOC report review, SOX 404 readiness, and assessment- HIPPA using frameworks (COSO, COBIT, NIST, ISO PHONE NUMBER AVAILABLE, ISO27005, NIST 800 SP53 NIST 800 37 and others according to their applicability to the environment.EDUCATION & CERTIFICATIONS:Bachelor of Science in information Technology.Certified Information Systems Auditor (CISA).CompTIA A+SKILLS HIGHLIGHTS:Proficient in auditing IT systems and processes for compliance with industry standards and regulations.Experienced in identifying and assessing risks to IT systems and data.Skilled in developing and implementing remediation plans to mitigate risks.Strong analytical and problem-solving skills.Excellent written and verbal communication skills.Proficient in identifying IT-related risks, evaluating their potential impact, and developing effective risk mitigation strategies and controls.Experience with IT audit frameworks such as COBIT, ISO 27001, and PCI DSS.Experience with compliance regulations such as HIPAA, GLBA, and SOX.Audit Planning and ReportingStrong skills in data analytics and using data visualization tools to extract insights, identify trends, and communicate audit findings effectively.PROFESSIONAL EXPERIENCE:Compliance ConsultantRoyalbell support Jan 2022 CurrentIdentified and assessed risks to IT systems and data and developed and implemented remediation plans to mitigate risks.Perform ITGC testing to verify compliance with sox provision and professional standard areas of change management, and logical access including backup and recovery, job scheduling, problems, and incident management.Audited IT systems and processes for compliance with industry standards and regulations, including SOX, HIPAA, and PCI-DSSPresented audit findings to management and stakeholders.Developed and implemented new audit procedures and methodologies.Conducted root cause analysis of IT incidents and breaches.Developed and implemented security controls to protect IT systems and data.Conducted ITGC and application control testing, ensuring the integrity and security of critical systems and data.Assisted in the development of audit programs and testing procedures, adhering to industry standards and internal guidelines.Participated in IT risk assessments, identifying potential vulnerabilities and proposing effective risk management strategies.IT COMPLIANCE ANALYSTThe Verge Consulting March 2019 Dec 2022Conduct comprehensive IT audits to evaluate the effectiveness of IT controls, security measures, and compliance with industry standards and regulations.Perform audit procedures, including risk-based controls, through various means -inspection, observation, and re-performance.Perform risk assessments of IT systems, applications, and processes to identify vulnerabilities, potential threats, and areas for improvement.Develop and implement risk-based audit plans, focusing on critical IT areas and aligning audit activities with organizational objectives.Evaluate the design and operating effectiveness of IT controls, including general controls (ITGC) and application controls.Analyze data using data analytics tools to identify patterns, anomalies, and trends for risk assessment and audit testing purposes.Prepare detailed audit workpapers, findings, and recommendations to address control weaknesses and improve risk management practices.Collaborate with cross-functional teams to ensure timely implementation of audit recommendations and track remediation progress.Conduct reviews of IT policies, procedures, and standards, recommending updates to align with best practices and regulatory requirements.Evaluate third-party vendor risk assessments and contracts to ensure adherence to security and risk management standards.Participate in the development and maintenance of the organization's IT risk management framework and risk appetite statement.Assist in the establishment and maintenance of business continuity and disaster recovery plans for IT systems and applications.. IT AUDITORBank of AmericaApril 2018 March 2019Perform ITGC testing to verify compliance with sox provision and professional standard areas of change management, and logical access including backup and recovery, job scheduling, problems and incident managementResponsible for developing accurate and complete audit work papers that adequately support audit findings and document work.Reviewed SSAE 16/18 SOC 1,2 type 11 report for reliance, and trust service purposesIdentified control gaps in process, procedures and systems through in-depth research and assessment and suggested method for improvementDemonstrated and proven experience with using COSO framework to map in-scope key controls, control objectives, and control activities in alignment with SOX compliance.Responsible for developing accurate and complete audit work papers that adequately support audit findings and document work.Responsible for conducting walkthrough interviews, updating and documenting process flow charts. Identified and tested IT controls and reported issues to the IT Management of the company in a precise and concise manner.Collaborate with IT and business units to remediate compliance issues and implement sustainable solutions.Evaluate IT systems and applications to ensure that they meet compliance and security standards during the development lifecycle.Participate in incident response and investigations related to IT compliance issues, ensuring timely resolution and reporting. |
