| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Phone number: PHONE NUMBER AVAILABLE Email:EMAIL AVAILABLE Krugerville TX.SKILLS/ OBJECTIVEProfessional IT Auditor with over 7 years of experience in Audit and Control, Risk Based Audit, assessment, IT Risk management, IT General, and Application Control Testing, Quality Control and Assurance testing.Work performed has included internal control testing, walkthrough, audit readiness, follow-up, and test of controls.Experience in control testing within second and third lines of defense.Proven track record of implementing various functions in IT Audit Engagements, Information Security Risk Assessments, Project Management, Project Planning, and Cross-functional Collaborations.Subject matter expertise of compliance and operational risk frameworks.Ability to communicate audit findings and discuss with client management remediation plans.Commitment to excellence in project execution and teamworkAdvanced knowledge in MS Excel; Pivot tables, V-lookups, QuickBooks, summary analysis and presentation of data.Versatile with tools like ServiceNow, Jira, Confluence, SharePoint, Tableau, CyberArk, SailPoint, Nessus etc.Risk Management Software (MetricStream, RSA Archer)Knowledge of emerging technologies such as mobile computing, cloud, and understanding of the associated risks.PROFESSIONAL EXPERIENCECAPITAL ONESENIOR IT AUDITOR02/2022 PRESENTReviewed IT General Controls (ITGC) and various applications, databases, operating systems, and network devices to determine its adequacy and effectiveness.Examined systems and procedures to identify potential adverse events, including hardware and software crashes, physical disasters, malicious intruders, malware, denial of service attacks and employee misconduct.Collaborated with Product Owners, Platform Leads, and Cyber Security teams, to understand their business operations, processes, and functions.Ensured IAM practices align with industry standards such as ISO 27001, NIST, and SOX. Conducted periodic reviews of user access rights to maintain the principle of least privilege and to ensure proper segregation of duties.Lead execution of the audit process and participate in audits (to perform control testing or provide subject matter knowledge/skills), in accordance with WFAS policy.Participate in day-to-day activities related to access and functionality of KYC/AML by writing test scripts in HP Application Lifecycle Management (ALM), conducting User Acceptance Testing in the Know Your Customer Database (IST, QA and Production) and Client Onboarding Lifecycle Tool (CDD) and documenting findings in ALM and JIRA.Assisted in conducting ITGC walkthroughs and testing the operational effectiveness of business processes.Conducted thorough quality assurance reviews of IT audit processes, ensuring compliance with industry standards and regulatory requirements.Identified and documented QA issues and findings, collaborating with auditors to develop and implement corrective actions.Performed IT general controls testing for Sarbanes-Oxley 404 compliance in public companies, and Service Organization Control (SOC) reports in compliance/SSAE18 (formerly SAS 70).Contributed to regular status meetings to state any bugs, problems, and risks.Documented physical access controls computer resources by evaluating existing environment security, conditions, and available emergency procedures.Utilized advanced archer skills to streamline compliance processes and enhance risk assessment methodologies, ensuring alignment with regulatory standards and organizational objectives.Implemented Multifactor Authentication (MFA) for AWS root accounts, including password rotation policies.Remediated existing IT control issues and assisted with the quality assurance review of various control assessment programs.COGNIZANTCOMPLIANCE RISK ANALYST01/2021 - 02/2022Identified and assessed key risks and controls and developed effective test plans for engagements as assigned with limited guidance.Performed testing of IT General Controls (ITGC) and IT Application Controls, Infrastructure (databases and operating systems) using various audit Frameworks.Exhibits appropriate judgment regarding issue notification, issue draft findings to client management, and drafts final audit reports for review by the Engagement Supervisor or IT Senior Audit Manager.Performed IT general controls and application controls reviews and monitor segregation of duties and other key management controls.Conducted IAM audits to ensure compliance with regulatory standards and internal policies. Evaluated user provisioning, de-provisioning, and access controls for effectiveness.Tracked, monitored, and reported all Internal Risk Control Self-Assessment (ACSA) in compliance with policies and standards.Proficiently utilized Archer to develop and implement comprehensive IT audit frameworks, facilitating risk assessment, control testing, and compliance monitoring.Performed and documented audit activities in accordance with professional standards such as COBIT, COSO, PCI and SOX internal control frameworks Audit Project.Managed Sarbanes-Oxley compliance implementation, testing and remediation for publicly traded clients business and information system environments in accordance with the PCAOB and AICPA guidelines.Participated in multiple concurrent risk assessment/management projects that are generally moderate to large and moderate to high in complexity.Identified and evaluated security vulnerabilities, recommended mitigation strategies, and ensured compliance with industry standards.Performed security technology solutions and processes such as: access control, user provisioning, directory, vulnerability management, anti-virus, single sign on, auditing, and encryption.QUADAX HEALTHCAREIT AUDITOR 101/2019 - 12/2020Performed IT general and application controls testing; identified deficiencies in the design and operating effectiveness of controls and provided recommendations.Demonstrated proficiency in leveraging ServiceNow to orchestrate and automate IT audit workflows, facilitating efficient data collection, analysis, and reporting processes.Expertly employed GRC (Governance, Risk, and Compliance) tools to orchestrate and optimize IT audit processes, including risk assessment, control evaluation, and compliance monitoring.Evaluated the adequacy and effectiveness of the clients internal controls using a risk-based methodology developed from professional auditing standards and frameworks, such as COBIT and COSO.Performed SOX, HIPAA, FFIEC, GLBA, NIST 800-53, Fed RAMP and PCI DSS Audit at various clients.Ensured tasks performed meet regulatory requirements issued for Sarbanes-Oxley, FDICIA, Auditing and Bank policy.Coordinated and managed onsite assessments and any follow up remediation items.Conducted various categories/classes of IT audit projects, performed report assessment of other form of attestation engagement (SAS, 70/SSAE18 SOC) and audit readiness to identify and correct internal control weakness.Evaluated IT infrastructure in terms of risks to the organization and established controls to mitigate loss.Assisted in preparing draft audit reports to communicate findings and recommendations to senior management.Prepared audit scope, report findings and present recommendations for improving data integrity, data quality and internal controls. Experience with Tableau and ACL.Conducted regular sessions to maintain awareness and adherence to HIPAA guidelines.PRICEWATERHOUSECOOPERSCOMPLIANCE RISK ANALYST05/2017 - 12/2018Identified areas of potential improvement for key processes and procedures and support the management of the related processes and proceduresPerformed audit tests, compliance tests and substantive tests and identified key controls and weak points and mapped it against COBIT framework.Implemented section 404 and 302 of SOX Acts and tested controls over Segregation of duties, change management and worked on the evidence gathered to support the SOX Acts Compliance Program.Assisted in managing the team's daily work volume and managing workflow to ensure deadlines are met in accordance with existing SLAs and maintaining up to date reporting metrics.Compliance leadership included hands-on implementation of policies, strategic plans, procedures, risk, threat, vulnerability assessments and penetration test to expert recommendations for mitigation plans.Tested and evaluated the effectiveness and adequacy of General Computer controls on the Organizations policies and procedures.EDUCATIONM.B.A in ManagementUniversity of Lagos, 01/2017B.Sc. in Computer ScienceOlabisi Onabanjo University, 05/2009CERTIFICATIONSCertified Information System Auditor (CISA)AWS Cloud PractitionerREFERENCESReferences available upon request. |
