| 20,000+ Fresh Resumes Monthly | |
|
|
| Related Resumes Accountant, Auditor, Financial Manager Washington, DC Compliance Auditor Business Analyst Cheverly, MD Accountant/Auditor, open to leadership and management roles. Potomac, MD Auditor Hagerstown, MD Front Desk Night Auditor Washington, DC Information Technology It Auditor Washington, DC Compliance Analyst It Auditor Washington, DC |
| Click here or scroll down to respond to this candidateCandidate's Name
United State, Washington DC
Email: EMAIL AVAILABLE
Tel: PHONE NUMBER AVAILABLE
PROFESSIONAL SUMMARY:
Highly skilled Senior IT Auditor with over 6years extensive experience in performing IT audits, developing
robust compliance, evaluating systems control and providing strategic recommendations to improve IT
operations. I am proficient in using various auditing tools and methodologies to enhance organizational
security and operative effectiveness, with a proven track record of delivering thorough and actionable
audit reports. In addition, I have a comprehensive background in cloud engineering.
PROFESSIONAL EXPERIENCE:
Quest Diagnostics 2/2022 present
Senior IT Auditor
Develop audit programs, work paper documentation, and coordinate audit engagement activities
such as entrance, interim, and exit conferences.
Assist IT management in identifying gaps between policy and process, developing
recommendations to remediate control weaknesses and be responsible for developing and
maintaining IT control metrics related to compliance activities.
Advise business units, senior management regarding security system development and perform
testing of the business and technology controls in accordance with appropriate audit standards,
corporate policies and procedures and other regulatory requirements, focusing on high risk and
new areas
Conduct the review of key information technology general controls (ITGC) such as change
management, computer operations, backup, data integrity testing, segregation of duties, access
control, audit log, enabled services, remote access control, application-level security and
environmental control around the data centers.
Conducted cloud vulnerability management with Qualys and managed GRC workflows with
ServiceNow GRC managing risks, compliance, and audit workflows effectively
Executed vulnerability assessments with Nessus, identifying and reporting on systems
vulnerabilities, and validating the effectiveness of security defenses
Audited IT changes and access using Netwrix Auditor to ensure regulatory compliance
Evaluate IT entity control, application controls, SAS 70 reports, operating systems, and database
systems: with recommendations for improvement where necessary.
Supervise and monitor the SOX IT assessment in the use of the COBIT frameworks; SOC audit, PCI
DSS, GDPR and HIPPA compliance audits
Manage multiple associates over the testing of IT General and Application controls in support of
external financial audit engagements. Clients include those requiring compliance with PCI-DSS,
HIPAA, SOX, and within Windows, UNIX, Mainframe SAP, and Oracle Financials environments.
Conduct risk assessment; examine related risks and key controls; develop appropriate audit
programs to test the control of risks identified and subsequently evaluate operational compliance.
Perform assessments, monitor regulations, and work with auditors to ensure policy compliance
over legacy and ERP systems such as SAP and Oracle Financials.
Conduct a periodic review of developer access to UAT and production environment. Ensure proper
segregation of duties exists between the testing function and development function.
Communicate Audit findings to management and recommended corrective actions, monitor the
implementation of agreed-upon actions to ensure timely and affective resolution
Performed and reviewed IT security configurations review of UNIX AIX, Solaris operating
systems, Oracle DB, Windows 2000-2003, MS SQL2000-2005.
Served as the team lead in the testing of SAP and Oracle ERP financially related configurable
application controls for a leading US government contractor and Telecommunications company.
PWC 07/2020 2/2022
IT Auditor/Advisor
Review of IT controls in systems and business application controls, SAS 70 reports, operating
systems, and database such as Oracle, In-house and third-party applications, UNIX, LAN, Oracle
Database, and Remote Access Dialup/VPN devices and Citrix
Use of risk base audit approach for determining audit scope & objective, audit universe,
materiality and compensatory controls.
Utilized HighBond for risk assessment, audit planning, and execution. Managed workflow
automation and reporting to enhance efficiency and accuracy in compliance and internal control
audits
Conduct walkthroughs, develop test plans, testing procedures and documents test results, and
exceptions; Prepare work papers and written summaries of findings and recommendations.
Test controls over segregation of duties, change management and worked on the evidence
gathered to support the SOX compliance program using COSO, COBIT frameworks
Document and test key SOX and IT General Controls leveraging a defined process compliance
monitoring process
Coordinate IT related SOX compliance assessment in connection with program development,
change management, computer operations, security and configurations as well as the vendor
service providers
Enhanced the design and operating effectiveness of IT controls for key financial applications,
safeguarding sensitive data
Developed automated audit workflow and data visualization using Microsoft Excel and Power BI,
enhancing efficiency in audit processes and providing insightful dashboards for Real-time
monitoring of audit metrics and compliance status
Streamline the software development lifecycle process with cross-functional teams, increasing
productivity by 15%
Conducted Network Scans with Nmap and Real-time traffic analysis with Wireshark to enhance
security and performance.
Utilizes SAP to generate and extract comprehensive data lists for sampling purposes, enabling
detailed analysis of and review of financial transactions, operational activities, and compliance
with regulatory requirements.
Performed comprehensive audits of Microsoft Dynamics financial applications, assessing internal
controls, verifying data accuracy, and ensuring compliance with regulatory standards, while
identifying opportunities for process improvement and risk management
Perform post audit follow up to determine if corrective actions have been taken and determine
the adequacy of corrective actions taken by units to improve deficiencies
Vector Solutions March 2018 06/2020
Cloud Engineer/IT Auditor
Perform IT Audit, which includes testing ITGC, Application Controls and IT Infrastructure
Perform process design assessment by reviewing key risks and controls against CAVR assertions
to identify gaps and redundancies
Review the organization s Disaster Recovery and Business Continuity plan (DRBC) and their
controls for effective recovery
Utilizes Microsoft Office Suite (Excel, Word, PowerPoint) to create detailed audit reports, data
analyses, and presentations, ensuring clear communication of findings and recommendations o
stakeholders and executives management
Consulted with project teams to provide risk and control expertise over processes being
implemented with automated controls present
Conducted security assessments and compliance audits on AWS cloud infrastructure, leveraging
tools like AWS inspector and AWS CloudTrail to identify vulnerabilities, monitor user activities,
and ensure adherence to security best practices and regulatory requirements.
Perform assessment of IT internal controls as part of financial statement audit, Internal and
operational audits, Attestation engagement, and Audit readiness
Executed operational effectiveness testing for automated controls using risk-based testing
approach
Prepare comprehensive work papers to document audit findings as required and prepare well-
written Audit Reports summarizing the review results and present testing results to control and
process owners. Ensured agreement of facts and record findings in GRC
Managed and improve internal control processes for cloud-based systems, reducing potential
vulnerabilities to 20%
Perform vulnerability assessments with Nessus and penetration testing with Metasploit
identifying and mitigating system vulnerabilities
Conducts and assists in post audits to determine if corrective action has been taken
CERTIFCATIONS:
CIA, CISA
AWS SOLUTION ARCHITECT ASSOCIATE
EDUCATIONAL DETAILS:
Diploma in Information Technology, Institute of Industrial Reformation, December 2013
Masters Degree in Business Law, University of Yaound II, June 2013
Bachelors in law, University of Yaound II, June 2011
|