Seasoned Information Technology Compliance and Audit specialist, with over 10 years of experience in control analysis, policy/procedure development and audit/risk mitigation. Demonstrated expertise in managing staff workloads, task delegation and cross-department collaboration. Diligently maintain knowledge of current regulations, best practices and industry frameworks to ensure continuous compliance.
Developed and implemented service metrics reporting for Financial Systems department; resulting in significant improved request turnaround time by 45% by identifying process gaps.
Lead the analysis and oversight of financial systems and interfacing systems to determine risk and evaluate financial and operational control environment.
Planed, organized, and conducted control assessments to ensure processes where within industry standards and aligned with organizational goals.
Identified and documented business processes, system interfaces, security access and data inputs/outputs.
Evaluated existing policies, processes and procedures to identify needs and optimization to streamline documentation to ensure compliance with enterprise, regulatory and legal requirements.
Investigated and documented Financial System business processes for system integration, data flows, business process, and user security.
Improvement of information governance management through engagement with business and data owners, security and IT leadership to define and formalize established policy and process around the confidentiality, integrity and availability of information.
Managed the creation and annual review of Operational Support Plans of supported Financial Systems for disaster recovery and business continuity.
Maintained repository of multiple department policy, processes, procedures, project information, and in SharePoint sites created for the department.
Identified server security concern regarding a high risk of fraud and embezzlement and configured appropriate access controls to eliminate the risk.
Oversight of HIPAA regulations for privacy, security, and safeguard and protection of PHI and PII contained in any documentation and regulations of controls.
Lead Medicare Advantage 2019 project to capture requirements, design, development, implementation, business process mapping and analysis.
Oversight of cross functional teams, coordinate collaborations and status updates.
Responsible for documentation and creation of repository for department and project documentation.
Evaluated data analysis to provide feedback to business areas on forecasting, planning and management of inventories, resources, and other operational activities.
Managed onsite contractors for workloads, assigned projects, projected hour allocation, and business relationships.
Onboard new hires regarding best practices on the related business entities, ITIL, HIPAA, and IT General Controls.
Developed service metrics derived from raw company data to track improvements in organizational efficiency.
Evaluated diverse organizational systems to identify workflow, communication and resource utilization issues.
Managed internal audits, audit control and risk assessments in accordance with ITIL, COBIT, NIST and SOC frameworks.
Prepared working papers, reports and supporting documentation for audit findings.
IT Governance and Compliance Analyst, 06/2011 - 11/2012 Arthur J Gallagher & Co. – Ponte Vedra Beach, FL,
Spearheaded control self-assessments for areas of IT enterprise, gathered data, analyzed trends as well as business requirements related to current practices, designed to determine if requirements were met.
Provided support to end-users with new or modified practices and served as consultant on writing and documenting policy, processes and procedures for IT Enterprise systems.
Authored policies, procedures and implementation plan for IT Change Management program; authored Security Incident Response Management policies and standard operating procedures.
Conducted Security Incident Response Reviews and responsible for escalations, and root cause analysis of incidents.
Assessed the impact of changing practices to existing controls and developed appropriate change management plans for efficiency and effectiveness and established Compliance Self-Assessment program for IT department.
Managed compliance through Control Self Assessments and tracked results to provide the necessary support for objective decision-making.
Collaborated with IT departments to strengthen methodologies, practices and processes through risk and design sessions.
Designed and documented best practices, businesses processes, and process workflows.
Assessed audit and test program and security controls using organization IT Security Policy Handbook and NIST Special Publications to provide information necessary to determine their overall effectiveness.
Helped create training programs to handle system-wide issues and maintain compliance.
IT Compliance Analyst, 02/2007 - 05/2011 Amedisys, Inc – City, STATE,
Charged with examining and assuring the compliance for over 600 software and infrastructure changes per year while executing auditing tools and overseeing processes for the production environment.
Ensured compliance of development processes for $30M worth of Home Health & Hospice investments in proprietary software and infrastructure changes yearly.
Established change detection procedures for unauthorized changes to the production environment as an internal control methodology.
Tracked changes using source code software using software to track files through lifecycle development.
Served as Change Management lead to a staff of 50 developers and administrators.
Conducted post implementation reviews of systems to determine if project objectives were met and for unauthorized changes.
Served as liaison with Internal Audit, Compliance, SOX, Information Assurance to plan, coordinate, and deliver requested audit internal and external evidence.
Proactive in the identification of security risks and vulnerabilities.
Measured and monitored progress of compliance metrics to ensure change activities are aligned with transformation objectives, and delivered on time.
Granted role-based security access in Active Directory as backup security access.
Performed audits of SOX and IT General Controls to assess compliance with standards.
Prepared documentation and records for audits and inspections.
Education
Bachelor of Science: Business Administration, Business Management, Expected in - Louisiana State University - Baton Rouge, LA GPA:
Certifications
Certified Information System Auditor (CISA) #16131879
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
How this resume score could be improved?
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
