LiveCareer-Resume

it security auditor resume example with 12 years of experience

Jessica
Claire
resumesample@example.com
(555) 432-1000,
, , 100 Montgomery St. 10th Floor
:
Professional Summary

PROFILE
A professional risk base IT Compliance analyst with years of experience in conducting audit, risk assessment, ITGC controls, Internal and operational control assessment, Attestation engagement, and Audit readiness. Have undertaken IT projects such as compliance testing of Sarbanes-Oxley (SOX), Application Controls, IT Infrastructure, Vulnerability scanning, Service organization Control (SOC) SAS 70 /SSAE 18 testing and reviews, for various clients across several industries.

SKILLS HIGHLIGHT
IT security and Sarbanes Oxley Compliance (SOX 404), SSAE 18, (SOC) SAS 70 /SSAE, PCI (DSS), ISO 27001, NIST 800-37, HIPAA, NIST 800-53 frameworks and standards, Assessment of Internal Controls, Cloud audit, BCP and DR, Fraud Investigation and IT Incident Analysis, Risk Assessment & Management, Change Management, Security Maintenance, Policies and Procedures.

Skills
  • Risk Assessment and Compliance Audit.
  • ITGCs
  • Application and Infrastructure Audit
  • SOX
Education
Bradley University (In View) Peoria, IL, USA, Expected in MBA : Finance - GPA :
Hellenic International University Europe, Expected in Master of Science : Banking And Finance - GPA :
Cardiff Metropolitan University UK, Expected in Bachelor of Science : International Business Management - GPA :
The Polytechnic Ibadan Nigeria, Expected in Bachelor of Science : Accounting - GPA :
Certifications
  • CISA by ISACA - Feb 2021-No Expiration date
  • CASP by Comptia-May 2021- Expires May 2024
  • PSM by psm.org-Oct 2020-No Expiration date.
  • ACA by ICAN (Nigeria) -No Expiration date.
Work History
Viasat Inc. - IT Security Auditor.
Cleveland, OH, 07/2019 - Current

-Performed audit with IT general controls such as, access control, change management, IT operations, disaster recovery and platform reviews (Windows and UNIX OS).
-Test over 250 in scope applications and tools in SOX audit.

- Performs internal and external IT risk assessments; conducted gap analysis against industry standards, and provided recommendations on mitigation options.
- Lead integrated audits for evaluating network related issues; identifies IT related risks assessments and updated various risk and controls files to ensure firm wide identified risks were adequately addressed by control activities.

-Perform root cause analysis with process owners to identify source of deficiencies

-Track audit ,review audit evidence documentation of 5 associates in team,

-Coordinate and lead remediation efforts for respective business units; develop action plans and monitor efforts for remediation.
-Evaluate segregation of duties over application security involving the company 's ERP systems (SAP, PeopleSoft, and Oracle Financials) and execute audit strategy-Knowledge of Control Objectives for information and related Technology (COBIT) framework developed by the information Systems Audit Control Association (ISACA).

-Provides IT risk assessments and SAS 70 /SSAE18 and has conducted review of data centers, extranet, telecommunications and intranets to access controls and ensure availability, accuracy and security under all conditions.
- Communicates with the company's external auditors on general computer control related matters and SOX test procedures.
-Information gathered is reviewed and analyzed extensively, and then compiled into a written summary report.

-Maintain,review, improve existing policy and procedure , standards compliance to ensure it address company risk.

-Proactively identify risk, perform risk analysis-impact analysis,likelihood assessment.

-Categorize risk in terms of threat and treat accordingly base on tolerable, transfer or terminate,

-Provide and recommend agreed risk treatment with timeline for implementation.

-Interpreting and implementing framework controls, security policies and training associates.

Sumitomo Mitsui Banking Corporation - IT Auditor
New York, NY, 04/2016 - 06/2019

-Prepared IT audit program to include access control, change management controls and application controls; and identify deficiencies in design and operating effectiveness of control and provide recommendation.
- Performed all stages of audit planning, fieldwork, executive, reporting and follow up.
- Conducted testing of Sarbanes-Oxley (SOX) and HIPAA Audit.
- Participated in team kick-off meetings and drew up audit plans
- Reviewed of IT General Controls (ITGC), and various applications, databases, operating systems and network devices
- Performed and document audit activities in accordance with professional standards such as COBIT, COSO and internal control frameworks. Knowledge of Control Objectives for information and related Technology (COBIT) framework developed by information Systems Audit Control Association (ISACA)
- Provided IT risk assessments and SAS 70 /SSAE18 and has conducted review of data centers, extranet, telecommunications and intranets to access controls and ensure
availability, accuracy and security under all conditions
- Communicated with company's external auditors on general computer control related matters and SOX test procedures
- Information gathered is reviewed and analyzed extensively and then compiled into a written summary report.
- Assisted in IT management in identifying gaps between policy and process, developing recommendations to remediate control weaknesses and be responsible for developing and
maintaining IT control metrics related to compliance activities.
- Conducted IT audit fieldwork and walkthrough of controls; perform detailed testing, analysis of controls, validations, and creation of clear and accurate documentation of workflows in IT process and report of test results and exceptions.
- Performed IT general controls and application controls reviews and monitor segregation of duties and other key management controls.

-Provide technical support to computer system, trouble shoot, check cable connection, anti malware, rebooting.

Insight Resourcing - IT Auditor Associate
City, STATE, 02/2014 - 03/2016

-Have in-depth experience performing audit with IT general controls (ITGC) such as access control, change management, IT operations, disaster recovery and platform
reviews (Windows and UNIX OS).
- Completed Sarbanes-Oxley Section 404 testing of critical systems and applications that financially impact company and communicate with Company’s external auditors on general computer control related matters and SOX test procedures.
- Conducted risk assessments over areas of global information technology environment to highlight major technical risks and gaps over such environments.
- Performed Audits over application security involving Company’s ERP systems and execute audit strategy.
- Performed SAS 70 (SSAE18) reviews for large clients in Manufacturing. Energy, Healthcare and Financial industry including conducted a root cause analysis of vulnerabilities and coordinates with appropriate stakeholders to remediate findings on IT audit engagements within schedule and budget
constraints.
- Prepared audit scopes, reported findings and presented recommendations for improving data integrity and operations.

Fan Milk Plc - International Control Manager
City, STATE, 08/2010 - 01/2014

Evaluate Internal control system
- Recommend appropriate action to mitigate weaknesses
- Review Application of accounting standard, legislation compliance for five office branches financial reporting.
- Ensure compliance with internal control policies
- Advising on guidelines and proactively make recommendation to improve internal check and balance in transaction authorization.
- Performed periodic audit and spot checks
- Follow up on external auditors’ recommendations.
- Investigate fraud cases.
- Support in generating liquidity risk evaluation report.
- Assessment and classification of branch loan stocks.
- Generate report to evaluate bank capital risk.
- Evaluates customer credit worthiness evaluation report.

Company Name - Snr IT Compliance Analyst
City, State, 06/2022 - Current

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • Bradley University (In View)
  • Hellenic International University
  • Cardiff Metropolitan University
  • The Polytechnic Ibadan

Job Titles Held:

  • IT Security Auditor.
  • IT Auditor
  • IT Auditor Associate
  • International Control Manager
  • Snr IT Compliance Analyst

Degrees

  • MBA
  • Master of Science
  • Bachelor of Science
  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: