| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name PHONE NUMBER AVAILABLE, NJ EMAIL AVAILABLEDear Hiring Manager/Director,I am extremely interested in the IT Audit/IT General Controls/SOX position, I have years of Banking and Telecoms experience which includes IT Audit, IT Operations Audit, Security Controls, System Adm., GRC, Risk Assessment, SOX 404 - Sarbanes-Oxley, SOC 1 & 2, Project Manager, ITGC and Compliance Testing.Accomplishments10 years of experience in IT Audit-Revenue Integrity Audit, Database Audit, Computer Operations Audit, Security Controls, Sox & Compliance Testing, and Information Technology General Controls (ITGC).Diverse experience in IT General Controls, Access Controls, Change Management, Compliance, Risk Assessment, Business Continuity, IT Governance, Data Privacy, Network Security, Fraud Detection, Incident Management, Physical Security, Application Control, SOX IT General Controls, & Identifying Vulnerabilities.Hands-on experience in IT General Controls (ITCG), IT Application Controls (ITAC), Software Development Life Cycle (SDLC), review Applications/databases, access controls, change management, and segregation of duties (SOD). Conduct effectiveness testing of SOX controls, attend walkthroughs and meetings with process and control owners, and experience with frameworks such as ISO 27001, ISO 27701, NIST & SOC.Perform Risk Assessments - Evaluate the organization's IT environment to identify potential security risks and threats, this involves reviewing security policies, procedures, and controls. Identify control gaps/weaknesses, and implement control to address weaknesses or mediation/recommendation.Perform Audit on Access Controls (physical & logical access), Change Management, Backup & Recovery, Incident Management, Data Privacy, Segregation of Duties, Computer Operations, and disaster recovery.Strong understanding of IT internal controls over financial reporting, IT SOX testing & IT Application Testing.Perform IT Audit including planning, fieldwork, reporting, and follow-up based on audit findings, risk assessment, mitigation, recommendation, Data Center, Business Continuity, and Disaster Recovery Audit.Excellent hands-on experience in Application Security, Logical Access, Segregation of duties, Backups and Recovery, and Computer Operations. Experience with ISO 27001/2, 22301, and 27701(Privacy).Develop test plans and execution of ITGCs, and ITACs, perform Test of Design (ToD), and MDM testing.Testing controls related to user creation, user access modification, user termination, privilege granting, authentication, password controls, and proper segregation of duties (SOD). Financial (ICFR) testing.Summary of SkillsExamine internal IT controls, evaluate the design/operational effectiveness, determine risk exposure, and implement controls/develop remediation strategies to address deficiencies/weaknesses.Conduct assessments of IT risk and controls IT General Controls and IT Application Controls (ITACs)systems. Assist in the design and implementation of effective controls. Governance, Risk & Compliance-GRC.Design and develop controls to mitigate risk, and document internal control weaknesses or inefficiencies.Knowledge of ISO, SOX, COSO, COBIT, PCI, HIPAA, Audit Board, NIST, SOC 1 & 2, MS Office, SQL, etcInternational experience in 10 countries including the US, Canada, Germany, Ireland, Brazil, and Mexico.Education & Professional CertificationsMaster of Business Administration (MBA) ISO 27701 Privacy Information Mgt. Systems (PIMS)ISO 27001 ISMS Certified Internal Auditor (CIA) Certified Information Security Professional (CISP)ISO 27002 ISMS Certified Lead Implementer (CLA) Certified Professional Project Management (PPM) Certified Software Test Engineer (CSTE) Certified Info Systems Security Manager (CISSM)ISO 22301 Certified Business Continuity Professional Certified Risk and Crisis Manager (CRCM)Fellowship of the Institute of Canadian Bankers(FICB) Certified Cloud Computing Professional - CCCPThank you, and I sincerely appreciate your time. Respectfully yours, Candidate's Name
Professional ExperienceIT Auditor-Consultant CP CAN Consulting 5/2019 PresentJC Jones Advisory Services (Community Bank, NA, Buffalo), I performed SOX audits on IT dependency reporting, interfacing with PwC I served as a liaison between external auditors (PwC) and conducted SOX 404 internal control risk assessments, planning, walkthroughs, and testing.Robert Half/Protiviti-Data Governance Audit - Commercial Real Estate, Perform SOX Audit againstthe report logic, Change Control Process, and ITGC, and validate the output against the source data.Tevora (Asset Mark) - SOX Compliance Support - Provide project management services for SOX remediation activities for 404a and 404b and Governance, Risk, and Compliance (GRC).Consultant 2018 10/2018Rockland County Health Dept-Government & Crick ZoneFunctionality includes Process Flow, Documentation, Procedures, Report Generation, Training, etc.Project Manager/System Specialist-IT, Fraud and Revenue Assurance, Verizon 12/20072017I was the Project Manager for implementing the Verizon Fraud Alarming Application (ENFORCE),whereby I held several chartering sessions with IT and the Business contributing to the overall success of the application launch, resulting in millions of dollars in cost-saving. Reduce the risk of revenue loss by ensuring that all necessary controls are in place As a team member, responsible for identifying hundreds of defects resulting in a cost saving of over a million dollars during 2014-2016. Mobile Data Management testing.Integrity Auditor-Consultant, CAPE Technologies, Digicel, ASK4Solutions 2002 - 2007Perform analysis, technical survey, scoping, and project deployment of Revenue Assurance - Fraud Applications, Revenue Integrity Audit. Perform Operational-IT Audit within the Switch, Gateway, and Billing Systems and was responsible for implementing the Minutes Reconciliation between the Switch & Billing.IT Consultant, GT&T/ATN 1992 - 2001IT Consultant for ATN/GT&T, I was responsible for Information Technology (IBM-AS400) whichsupports the enterprise goals, including Billing, Fraud Management, Operations, Networks, and IT Audit.Design and implement effective controls (ISO 27001 Implementation & Audit), performed SOX 404 Audit.Performed Telecoms Operational - IT Audit within the Switch, Data Mediation, Billing Systems, Rating, Bill Cycles, Invoices/Bills, Rates, Usage, Control Testing, ITCG testing/IT Operations Audit.Information Technology General Controls (ITGC) Logical & Physical Access, SDLC Controls, Change Management, IT Operations/Computer Operation Controls, evaluate and test IT controls.Bank of Montreal, Toronto, Canada 1985 1990 internal and external Banking Applications, compliance testing, encryption testing & Computer Operations.Corporate Security/Security Administrator/Application Support/OperationsSupport Banking Applications, Database Audits, and Rate Change Audits and provide access controls forSecurity and Control Evaluation, Bank of Nova Scotia, Canada 1990 1991 Evaluation of new applications under development and functional control systems to ensure compliancewith the Bank's security policies and standards. Perform Testing Controls, Compliance Testing, etc. Validation Testing - Ensures data integrity and compliance with defined standards.Education and Professional CertificationsGlobal Association for Quality Mgt -Certified CISP, CIA, CFA, CLA, PPM, CRCM, CISSM 2014 - 2022QAI Global Institute, Software Certification, Certified Software Test EngineerMaster of Business Administration (MBA), Hawthrone University 1996York University, University of Toronto, and Queens UniversityFellowship of the Institute of Canadian Bankers (FICB)Ryerson University, Toronto, Canada, Business Systems and Programming |
