- 27002, Confidential SP800-53, 800-60 Vol1 and 800-60 Vol 2, OWASP, FFIEC IT Audit, COBIT, COSO, ITIL/ITSM)
- Entitlement Management and Infrastructure Admin Privileged Access
- Change Segregation of Duties and Security Logging
- Authentication Log Monitoring and Third-Party Risk
- Technical Contingency and Disaster Recovery Plans
- Risk Assessment Methodologies: COBIT, PCI DSS Model Audit, SOX, ITIL v3, CA
- Compliance: (SOX 404, PCI-DSS, HIPPA/HITRUST, PII, GDPR, Confidential, GLBA, etc.)
- Vendor Management Report: SSAE-16/SAS 70, SOC2, SOC 1, Bits Shared Assessment
- Information Security Risk Management
- Physical and Logical Security, Security Architecture
- Network, Server, and Database Security
- On-site and remote third-party Vendor Security Risk assessor experience
- ITGC, Secure System Development Life Cycle (SSDLC)
- Enterprise Change Management, Patch Management
- Business Continuity and Disaster Recovery
- Information Security Program Management and Strategic Plan
- Nessus, Qualys, Nexpose Rapid 7, Veracode, NMAP
- RSA Archer, ACL, IDEA, Risk Navigator
- Risk and Control Self-Assessment RCSA
- Data Analytics: SQL, ACL, Perl, UNIX
- Multiple-platform technology expertise MVS, Unix Series, Linux, Windows, Cisco, VoIP
| - Multiple Interfacing systems HL7, eGate, EMPI
- Internal & External IT Audit
- SOX regulations, Access Management and Access Provisioning Process
- Accounting, MVS, PCI, Six sigma
- Change Management, Information Security, Perl, SQL
- Cisco, Internal Audit, Policies, Strategic
- Oral, Inventory, Design process, Tax
- CA, IT management, Processes, Telecommunications
- Hardware, ITIL, Improve processes, UNIX
- Consultation, ITIL v, Program Management, Vendor Management
- Controller, LAN, Reconciling, Visio
- CRM, Ledger, Reporting, Vision
- Client, Linux, Requirement, VoIP
- Data management, Logging, Risk Assessment, WAN
- Database, Access, Risk Management, Written communications
- Disaster Recovery, Windows, Safety
- Documentation, Enterprise, SOX compliance
- Financial statements, Navigator, SAS
- Functional, Network, SDLC
- Auditory attention
- IAuditor proficiency
|