| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name , CPA, CIA, CISA, CGEITStreet Address PHONE NUMBER AVAILABLE EMAIL AVAILABLESUMMARY:Audit Professional with extensive experience in IT Audits, Financial/ Business Systems Audits, AML audits, and investigations. Strengths include attention to detail, drive to improve efficiencies, reduce costs, and implementation solutions. Areas of expertise include:Audits: IT & IT General Controls, Financial Operations,Financial reporting: SEC, IFRS & GAAP Reporting, Banking Compliance Audits, and Regulatory Reporting Audits:FFIEC 041, FFIEC 031, BSA, AML, Reg O, Basel III, CCAR, FRT, NYDFS Cybersecurity Regulation (23 NYCRR 500), FINRA, BaFin, SOX, J-SOX, CobiT, COSO, GCP ISO, ITIL, MAR Compliance, PCI DSS, HIPAA, EU GDPR, LPPD, PIPL, LGPD, UK DPA, CCPA, DAMA, SDCL Agile, NIST, cGMPs, GxP, GCP, FedRAMP, DFARS, CIS20, ITAR, CIS-20 Reg YYDisaster Recovery PlanningFinancial Systems Analysis, Design, and Implementation, Flowcharting & Process Mapping; Financial/ Quantitative AnalysisSupervisionBusiness Risk Analysis, Project & Enterprise Risk Management, Capital Markets Functions AnalysisEMPLOYMENT:RIT Solutions Inc, 8230 Boone Blvd Ste 403 Vienna, VA 22182 (Project) 07/15/2024 to 09/22/2024As an Audit Manager consultant, I reviewed internal and external communication controls to ensure they operated effectively and efficiently as designed.Collaborate with the Risk and Control teams to address related data quality issues.Developed and implemented a risk management framework regarding internal and external communications.Reviewed testing of internal and external communications risk assessment.Reviewed risk monitoring and reporting to ensure the quality and that it was being performed in a timely manner.Reviewed risk response to ensure that they captured the route cause.Experis, 100 Park Ave NY, NY 10017 (Project) 05/05/2023 to 12/13/2023Audit Manager Consultant with CitibankAs a consultant, my role involved reviewing and testing internal controls against Reg-y and FRT to ensure the controls were operating effectively and efficiently as designed.Ensured the firms commitment to the regulators is being followed.Collaborate with ICG Risk and Control teams to address MCA-related data quality issues.Support operations of the CCB Global Assessment Unit (AU) and MCA Governance Entity (MGE), including control performance and centralized testing of controls.Makes recommendations to automate/digitize controls, monitoring, and testing, where appropriate, using robotics, data retrievals, and other techniques.Design solutions to streamline the input of control testing results in the Citi Risk & Controls (CR&C) system, including developing automated tools and enhancements to technology platforms.Recommend improvements to MCA control and monitoring definitions to make them more efficient, effective, and globally consistent.Mine data from the CR&C system to develop insightful analytics to improve MCA content and ensure consistency of risk ratings; identify risk and control trends and common themes within CCB across all geographies, product types, and functions.Performed reviews on the ERM Strategic Plan to ensure that the plans captured all components.Build a dashboard to assist in the visualization of analytics.SSI People, 401 Smith Drive Suite 200 Cranberry Township, PA 16066 (Project) 11/07/2022 to 02/03/2023IT Audit Manager Consultant with Deloitte in their (Audit & Assurance Group)As a consultant, my role involved testing internal controls to ensure that the controls were operating effectively and efficiently as designed and that their cyber programs were operating within the requirements of the CIS-20 framework.SOX Program Governance & Administration.Participate in and document the scope and coverage process.Assist in coordinating with Internal Audit on the annual SOX testing plan.Performance of walkthroughs & identification/validation of risk and key controls.Development of test procedures.Execution and Documentation of testing.Reporting of results.Operational Audits for; Tax, Treasury Cash Management, Accounting, HR, Deposit Ops, Daily Rentals, Proof in Transit, and Legal.Design IT controls and develops security plans.Assist in mitigation efforts of open assessment items and open audit items.Leads in risk committees.Reviews and recommends security enhancements and presents them to end clients.Develop IT Standard Operating Procedures (SOPs) to ensure they meet global requirements.Audit program used Teammate Plus.The Judge Group 14 Wall Street 20th Floor New York City, NY 10005 (Project) 6/27/2022 to 10/23/2022Audit Manager ConsultantAs a PNC consultant, I performed audits on the Swap, Loan, and financial securities crimes operations to ensure they adhered to the Swap regulatory requirements.Participation in and documentation of the Scope & Coverage process.Assist in the coordination of the Internal Audit plans.Regulatory Reporting Audits/Assessments of Dodd-Franks CFR Title 17 Chapter 1 Part 23 subpart J, FRT and audits on treasury cash management processes, and, Counterparty credit risk.Performance of walkthroughs & identification/validation of key controls.Development of test procedures.Perform due diligence sanctions reviews on trade finance activities to ensure the process is effective.Escalation of all significant sanctions-related matters to the audit and compliance committees.Reporting results to audit committees, compliance committees, OFAC, and FinCEN.Design IT controls and develops security plans SOX Readiness.Assist in mitigation efforts of open assessment items and open audit items.Reviewed risk management program to ensure that it captures all associated risks against internal controls.Perform case review/investigation findings and prepare case files for review.Perform Database searches to aid in the resolution of investigations.Examine financial statements/transaction data and other documents to identify unusual transaction patterns.Perform Data protection impact assessments against EU GDPR, LPPD, PIPL, LGPD, UK DPA.Report Suspicious Activity.Investigate, analyze, and report cases of fraud and transactional abuses.Utilized (SQL) to identify unusual activities.Maintaining financial and sanction policies.Work with internal Trade Surveillance and external Law Enforcement based on findings.Audit program used Teammate Plus.MBO Partners, 20405 Exchange Street, Suite 301 Ashburn VA 20147 (Project) 4/26/2022 to 6/03/2022Audit Manager Consultant with KPMG in their (Audit & Assurance Group)As an Audit Manager Consultant, my primary responsibility involved testing of internal controls to ensure that the controls were operating effectively and efficiently as designed.SOX Program Governance & Administration.Participate in and document the scope and coverage process.Assist in coordinating with Internal Audit on the annual SOX testing plan.Performance of walkthroughs & identification/validation of key controls.Development of test procedures and risk programs.Execution and Documentation of testing.Reporting of results.Perform Data protection impact assessments against EU GDPR, LPPD, PIPL, LGPD, and UK DPA.Design IT controls and develops security plans SOX Readiness.Assist in mitigation efforts of open assessment items and open audit items.Audit program used Teammate PlusSSI People, 401 Smith Drive Suite 200 Cranberry Township, PA 16066 (Project) 11/01/2021 to 3/27/2022Sr. IT Auditor Manager Consultant with Deloitte in their (Audit & Assurance Group)As a Sr. IT Audit Manager Consultant, my role involved testing of internal controls to ensure that the controls were operating effectively and efficiently as designed and that their cyber programs were operating within the requirements of the CIS-20 framework.SOX Program Governance & Administration.Participate in and document the scope and coverage process.Assist in coordinating with Internal Audit on the annual SOX testing plan.Performance of walkthroughs & identification/validation of key controls.Performed audits on treasury cash management processes.Development of test procedures and risk programs.Execution and Documentation of testing.Operational audits for tax, treasury cash management, accounting, HR, deposit operations, daily rentals, proof in transit, and legal.Reporting of results.Designed IT controls and developed security plans.Report Suspicious Activity.Investigate, analyze, and report cases of fraud and transactional abuses.Utilized (SQL) to identify unusual activities.Assist in mitigation efforts of open assessment items and open audit items.Leads in risk committees.Reviews and recommends security enhancements and presents them to end clients.Develop IT Standard Operating Procedures (SOPs) to ensure they meet global requirements.Audit program used Teammate.HCL America, 200 Lucent Ln, Cary, NC 27518 (Permanent) 04/17/2017 to 10/14/2021Sr. Manager Audit and Compliance Sr. Manager: Supports the IT Enterprise Group during the pre-implementation and post-implementation phases to ensure that HCL clients comply with all relevant regulatory matters.Perform assessments on companies implementing Cyber frameworks and on Personal Privacy data compliance requirements, including CCPA EU GDPR, LPPD, PIPL, LGPD, GCP, 800-53, and UK DPA.Work on value-adding activities such as knowledgebase update and management, Training, coaching analysts, and conducting interviews/participating in hiring drives.Conduct periodic internal reviews or assessments to ensure compliance with procedures.Conduct or direct the internal investigation of compliance issues.Assess product, compliance, or operational risks and develop risk management strategies.Identify compliance issues that require follow-up or investigation.Disseminate written policies and procedures related to compliance activities.Verify that software technology is in place to adequately provide oversight and monitoring in all required areas.Serve as a confidential point of contact for employees to communicate with management, seek clarification on issues or dilemmas, or report irregularities.Maintain documentation of compliance activities, such as complaints received or investigation outcomes.Consult with corporate attorneys as necessary to address complex legal compliance issues.Discuss emerging compliance issues with management or employees.Advise internal management or business partners on implementing or operating compliance programs.Provide employee training on compliance-related topics, policies, or procedures.Assist internal or external auditors in compliance reviews.Prepare management reports regarding compliance operations and progress.Monitor compliance systems to ensure their effectiveness.Report compliance or regulatory standards violations to duly authorized enforcement agencies as appropriate or required.Oversee internal reporting systems such as corporate compliance hotlines and inform employees about these systems.Perform due diligence sanctions reviews on trade finance activities to ensure the process is effective.Escalation of all significant sanctions-related matters to the audit and compliance committees.Reporting results to audit committees, compliance committees, OFAC, and FinCEN.Design IT controls and develops security plans SOX Readiness.Assist in mitigation efforts of open assessment items and open audit items.Perform case review/investigation findings and prepare case files for review.Perform Database searches to aid in the resolution of investigations.Examine financial statements/transaction data and other documents to identify unusual transaction patterns.Develop and implement ERM governance structures and frameworks to ensure organizational risks are being maintained throughout the company.Keep informed regarding pending industry changes, trends, and best practices and assess the potential impact of these changes on organizational processes.Design or implement improvements in communication, monitoring, or enforcement of compliance standards.Verify that all firm and regulatory policies and procedures have been documented, implemented, and communicated.Direct the development or implementation of compliance-related policies and procedures throughout an organization.Report Suspicious Activity.Investigate, analyze, and report cases of fraud and transactional abuses.Utilized (SQL) to identify unusual activities.Review or modify policies or operating guidelines to comply with environmental standards or regulations changes.Drafts IT Internal Control Language and EU GDPR Language for clients 3rd party Suppliers and negotiation terms.Experis, 100 Park Ave NY, NY 10017 (Permanent) 10/2014 to 04/2017Sr. Audit & Risk Professional: Reviewed auditors' work product and the delivery of clients engagements for the following type of audits assessments and implementations of internal control programs:Operational Audits for; Tax, Treasury Cash Management, Accounting, HR, Deposit Ops, Daily Rentals, Proof in Transit, and Legal.Financial GAAP reporting audits.Conducted audits on third-party vendors to assess security programs and determine whether data safeguards are in place and their internal controls are operating efficiently.Conducted audits and assessments on the credit risk modeling and regulated reporting processes for the following portfolios: SBA, Wholesale Nonrecourse, Consumer Credit, and Retail Credit.Reviewed and commented on third-party Service Providers SSAE16 reports, whether to determine if an audit is required due to reported internal control insufficiencies.Conducts Anti-Money Laundering Audits and Risk Assessments concerning CIP, KYC, Training, Reliance on Third Parties, Foreign Correspondent Certifications, 314a Procedures, Surveillance, Economic Sanctions, Compliance, Monitoring & Investigation (SAR, CTR, and OFAC), and Testifying at Legal Proceedings.Performed application control audits on banking and trading systems.Perform general IT and application controls testing against the security frameworks: Cobi, ISO, ITIL, PCI DSS, DAMA, SDCL Agile, NIST, FedRAMP, DFARS, GCP, and CIS-20.Regulatory Reporting Audits/Assessments; Supervisory Capital Assessment, Dodd-Frank; stress testing, Basel III, CCAR FRY 9C, FRY 14M/Q/A, FFIEC 041, FFIEC 031, FINA; NYSE Rule108 (Limitation on Members' Bids and Offers, NYSE Rule 342 Offices-Approval Supervision and Control, NYSE Rule 440 Books and Records, BSA, AML, Reg O, Reg W, FCRA, Reg B, 1099 and TCPA.Conducts IT Transactions Testing on AML Applications (Application controls, Change Management & Security).Implemented a Comprehensive Capital Analysis and Reviews (CCAR) program.Performed audits/assessments on the regulatory reporting for Supervisory Capital Assessments under Dodd-Frank involving; Stress testing, Basel III, and CCAR.Collaborates with Application Managers and Businesses to support the implementation of Quality Plans and institutes Corrective Actions and Preventative Actions.Report Suspicious Activity.Investigate, analyze, and report cases of fraud and transactional abuses.Utilized (SQL) to identify unusual activities.Performs Health Checks on all U.S. IT applications to ensure that all daily and quarterly Monitoring and Housekeeping items are being completed timely and that they are ready to be audited during this process, ensures compliance with Standard Operating Procedures (SOPs) and that Current Good Manufacturing Practices (cGMPs) are followed.Facilitates the preparation and follow-up on internal and external audits.Conducted awareness and education training sessions to promote best practices, security, and Social Engineering events.Provides guidance regarding IT risk, recommendations, and courses of action to be taken regarding the remediation and mitigation of the risk.Develop Policies, Procedures, Standards, Governance Risk practices, and Compliance frameworks.Advised Management on regulatory compliance issues practices for federal and state regulations.Monitors and manages internal audits and external audits.Conducts PCI audits and reports finds to the management and audit committee.Adecco Finance, Parsippany, NJ (Project) 8/2013 to 1/2014 and 8/2014 to 10/2014Sr. IT Auditor Consultant with Prudential in the (Enterprise Risk and Control Evaluation (ER&CE) GroupAs a Consultant, my Primary responsibility includes independent control testing services to ensure that the Company's Sarbanes Oxley Section 404 Compliance Program is carried out effectively and efficiently. The Analyst, Operational Risk Management, is responsible for assisting the team in carrying out the following program components in coordination with Internal Audit, Corporate Controller, Business Unit Risk, and External Auditors:SOX & MAR Program Governance & Administration.Participation in and documentation of the Scope & Coverage process.Assist in coordinating with Internal Audit on the annual SOX testing plan.Performance of walkthroughs & identification/validation of key controls.Development of test procedures.Execution and Documentation of testing.Reporting of results.Design IT controls and develops security plans.Assist in mitigation efforts of open assessment items and open audit items.Leads in risk committees.Reviews and recommends security enhancements and presents them to upper management.Implemented audit and assessment process efficiencies that produced reductions in operating costs.Develops IT Standard Operating Procedures (SOPs) to ensure they meet global requirements.Performs 3rd partly vendor assessments to determine if 3r party vendors meet IT company global standards.Considers the risks versus potential business benefits of innovation and new technologies applied in the control while enabling the business to take maximum benefit.Participation in initiatives associated with the implementation of the new Operational Risk Management framework, which may include:Assisting with implementing operational risk management techniques such as Risk and Control Self-Assessment, Key Risk Indicators, Scenario Analysis, Loss Event Reporting, Model Risk Management, etc.Helping to promote and build effective Risk Management culture and awareness throughout the organization.Collebera, Morristown, NJ (Project) 3/2013 to 8/2014Sr. IT Auditor Consultant with Bank of America Merrill Lynch (Fixed Income Currencies & Commodities and Broker-Dealer TradingAs a consultant, I was responsible for performing IT internal risk assessments and which included the following:Assisting in the development and execution of a quality assurance testing program focused on identifyingand reporting the adequacy of Information Technology Controls for Broker-Dealer Systems on front and back-office operations.Identification of key risks and corresponding controls.Review system artifacts and meet with technology management to conclude on the effectiveness of IT controls.Identify root causes of potential control deficiencies.Partner with management in the development of remediation activities.Generate scorecard reporting to communicate QA results.Assist Technology Management in the execution of risk assessments.Provide guidance to ensure assessments are executed consistently.Review and validate the appropriateness of supporting documentation and accuracy of assessment results.Generate scorecard reporting to communicate assessment results.Regulatory Reporting Assessments; Supervisory Capital Assessment, Dodd-Frank; stress testing Basel III.Support the execution of a PMO quality assurance program.Review project management office-required artifacts to ensure adherence to firm standards.Provide recommendations to improve SDLC / PMO control routines.Generate scorecard reporting to communicate the level of adherence to PMO standards.Provide structured solutions for retirement products, such as risk transfers, structured settlements, 401K, and Investments.Intralinks Inc., NYC, NY (Permanent) 6/2012 to 3/2013Audit ManagerManaged the audit function and performed IT internal/operational audits on the following: data database audits, IT security audits, financial book close audits, and SOX testing for both IT and operational areas. Conducted governance assessments and risk impact assessments based on CobIT and ITIL frameworks.Created audit programs, SOX testing programs, and risk assessment programs.Prepared findings and recommendations, presented them to the audit committee for operational and IT audits, and maintained the department budget.Implemented internal control efficiencies by integrating functional-level lifecycles into one audit program for operational and IT audits.Successively managed the prior years significant deficiency mitigation and minor deficiencies findings from our years old cycle.Implemented corporate governance and IT governance initiatives standards.Performed operational control testing throughout the entire organization.Performed IT general controls testing on change management, problem and incidents reporting management, software development life cycle, Disaster Recovery Planning, physical access and environmental controls, third-party services, Application Security Controls for FRS and NIST, and Security Network Infrastructure, Developer, System Architect, End-User Computing (Spreadsheets).Mentored and managed internal audit staff.Rothstein Kass Company PC. 4 Becker Farm Rd Ste 202, Roseland, NJ 07068 (Permanent) 5/2009 to 4/2012Sr. Advisory ManagerManaged and planned audit engagements and external engagements with a team of 4 auditors.Reviewed auditors' work product and the delivery of clients engagements for the following types of audits and assessments: IT general controls testing, business risk, IT audits for CobIT, ITIL, J-SOX, HIPAA, PCI DSS, and MAR, application control, data database, governance, security audits, business operational audits for SOX, COSO and MAR, BSA, AML, Reg O, Reg W, FCRA, Reg B, 1099, TCPA and financial reporting audits for GAAP, and SSAE16 standards, Asset Management and/or Hedge Funds, Credit Risk and Fraud Investigation/Detection.Performed business and IT risk services engagements and industry regulation for Security and Privacy, including such requirements as Gramm-Leach-Bliley Act, FFIEC Information, Security and Bank Secrecy Act, KYC, and AML.Conducts Anti-Money Laundering Audits and Risk Assessments concerning CIP, KYC, Training, Reliance on Third Parties, Foreign Correspondent Certifications, 314a Procedures, Surveillance, Economic Sanctions, Compliance, Monitoring & Investigation (SAR, CTR, and OFAC), and Testifying at Legal Proceedings.Performed application control audits on banking and trading systems.Performed audits/assessments on the regulatory reporting for Supervisory Capital Assessments under Dodd-Frank involving; Stress testing, Basel III, and CCAR FRY 9C, FRY 14M, FINA; NYSE Rule108 (Limitation on Members' Bids and Offers, NYSE Rule 342 Offices-Approval Supervision and Control, NYSE Rule 440 Books and Records.Performed project management responsibilities such as tracking project status, monitoring of critical paths and key dependencies, and coordinating staff.Analyzing and evaluating IT security risks and controls, network vulnerability assessments, firewall, remote access, DMZ, web filtering, Developer, System Architect, and security patch management responsibilities.Performed infrastructure assessments on firewalls, VPNs, and network devise configurations to determine whether data Privacy is met.Implemented audit and assessment process efficiencies that produced reductions in operating costs.Implemented the following control environment initiatives for the following areas: SOX, J-SOX, and MAR.Implemented a Data Quality and Data Management program for the Capital Analysis and Reviews (CCAR) process.Implemented IT security standards under ISS Security, DAMA, FRS, NIST, and FFIEC initiatives.Implemented IT framework under CobIT, ITIL, FFIEC DAMA, and ISO. Implemented internal control processes to meet the Custody Rule for Hedge Funds and Fund Administrators.Setting control around investment products.Additional Experience: US Customs Service, Lead Investigator, Tax Manager Vivendi Universal, Director of Tax Strategy at Lucent Technologies, Inc., and Director of Business Tax Systems at AT&T, Interactive Solutions LLC Audit Manager, Greater Community Bank chief auditor, Chief Auditor, and, G R Group Business Resource Solutions, Senior Auditor.EDUCATION:Graduate Certificate, Information Systems Design, and Development - New Jersey Institute of Technology, Newark, NJBachelor of Science, Political Science Business Finance, concentration in Accounting - Rutgers University, New Brunswick, NJTechnical Technology. Skills:Crystal Reports, TeammateIDEA, Monarch, Tableau, CAAT, ACL Scripts, ACL Data Analytical Tools, SQL Scripts Risk Navigator, Analytical tools, RSA-Archer Microsoft Access & Excel, ServiceNow, Cyberark, Oracle Identify Manager (OIM), ServiceNow IRM, TeamMate Plus, and Audit Board.Certifications:Certified in the Governance of Enterprise IT (CGEIT) InactiveCertified Information Systems Auditor (CISA)Certified Public Accountant (CPA) InactiveCertified Internal Auditor (CIA) Inactive |
