Jessica Claire
  • Montgomery Street, San Francisco, CA 94105
  • H: (555) 432-1000
  • C:
  • Date of Birth:
  • India:
  • :
  • single:
Professional Summary

IT Audit Manager seeks position offering opportunities for new professional challenges. Highly skilled in IT risk assessment, security audit, and project management. Over 10 years of extensive IT and operational audit and compliance readiness advisory experiences. Familiar with SOX 404, SOC1 report, ISO27001, system development life cycle, implementation review, impact assessment and control remediation. Accomplished ability to work independently and as a team member to successful achieve project goals.

  • CISSP & CISA Certificates
  • Review of policies and procedures
  • IT controls testing and design
  • Control deficiency remediation and impact analysis
  • Provide internal control awareness training for user groups
  • Business process control assessment
  • Intensive SOX 404 Compliance experiences
  • SODs and restricted access design and assessment
  • COSO & COBIT, SSAE16, ISO27001
  • Excellent IT audit and integrated audit project management skills
Manager, Risk Assurance , 03/2014 - Current
Austal Washington, DC,
  • Demonstrated capability to manage large global integrated SOX404 compliance audit engagement with 20 in scope applications. Performed design assessment and effectiveness testing on application controls, ITGCs, interface, and key reports.
  • Led IT audit engagement from developing overall audit plan, budgeting, resource allocation through performing process walkthrough, identifying IT automated controls and key reports, testing controls and conducting impact assessment in various business processes and ERP platforms.
  • Led SOX404 compliance readiness programs for semiconductor and internet clients. Performed scoping and control gap analysis, designed and implemented new controls, drafted risk control matrix and provided remediation recommendation and impact assessment. Maintained excellent relationship with external auditor and clients' executives.
  • Supervised IT risk assessment and IT control testing for SSAE16 SOC1 reporting.
  • Conducted system implementation review to determine adherence to SDLC methodology. Presented results and impact assessment to client's internal audit and financial audit team for next step consideration.
  • Performed journal entry data analysis in complicated ERP application environment by using CAATs.

2009/7-2014/3 Career break to raise family.

Senior Manager, Technology & Security Risk Services, 08/2008 - 05/2009
ERNST & YOUNG City, , China
  • Managed IT audit projects for large state owned enterprises. Present audit results to clients' c level executives and audit committees.
  • Led ERP audit and advisory services for Asia Pacific region as subject matter expert of SAP ERP. Coordinated regional marketing efforts. Published thought leadership material.
  • Managed post implementation review project to ensure appropriate controls exist based on implementation methodology and provide recommendation for improvement.
  • Conducted quarterly training to C-level executives of a Fortune 500 Pharmaceutical client. Topics includes IT risk management, business continuity and disaster recovery, and local compliance updates to improve awareness.
  • Instructor of CISA exam review courses of ISACA HK and China Chapter in 2008 and 2009.
Manager, Technology & Security Risk Services, 06/2007 - 07/2008
, ,
  • Led financial process improvement project for the 3rd largest Oil & Gas company in China to optimize report generation process, reduce overhead for month end closing, analyze reporting process in 12 regional offices, and identify process and control gaps. Created value-add improvement plan for operational effectiveness and efficiency.
  • Led segregation of duties (SODs) control implementation project and IT effectiveness audit project for the largest sporting goods brand in China to improve internal control.
  • Built ERP risk advisory service team from scratch. Specialized in application controls and security review for SAP ERP. Standardized functional testing templates.
  • Performed SOX404 compliance audits by using COSO and COBIT framework.
Manager, System and Process Assurance, 08/2005 - 05/2007
  • Toured in Beijing Office in 2006 to provide guidance to the 1st year overseas SOX404 compliance.
  • Managed a project to establish IT audit methodology for a major banking client from setting up risk assessment standard/guidance, drafting audit work programs to training IT auditors as well as presenting results to the executives.
  • Planned and managed a SOX IT audit project with PwC international offices for a Fortune 500 electronic manufacturing client. Supervised up to 5 local members and 2 international teams in Singapore and Ireland.
  • Part of the internal project team to update SAP BASIS and ITGC training material and instructor for Auditing SAP ITGCs.
Senior Associate, System Process Assurance, 02/2003 - 07/2005
, ,
  • Applied COSO and COBIT framework to establish IT audit scope, and create control matrix.
  • Evaluated design and operation effectiveness of internal controls of clients, including business process walkthrough, entity level control assessment, IT automated control testing, and IT general computer control testing.
  • Performed detailed security reviews in various platforms and environment, including Windows Active Directory, Oracle database, Unix/Linux, Cisco firewall, EDI, AS/400 and Mainframe.
  • Participated in constructing practice aids for ERP IT general computer controls audit.The practice aids were deployed and used in all US offices as standard guidance.
Senior Consultant, Technology Risk Consulting., 06/2000 - 06/2001
PWC City, STATE, Taiwan
  • Performed reviews of IT general computer controls and risk assessment.
  • Performed security review in various platforms.
  • Provided revenue assurance service for a telecom company by using ACL to analyze rate plans and billing data to prevent revenue leaking.
Financial Auditor, 06/1998 - 06/2000
, ,
  • Provided financial audit, internal control assessment, and IPO audit services, focusing on hi tech clients.
M.S: Information System Mgmt, Expected in Dec 2002
University of Maryland - College Park, MD

Reserach assistance with full scholarship

B.A: Accounting, Expected in Jun 1998
National Clairechi University - Taipei,

Certified Information Systems Auditor (CISA) #151867

Certified Information Systems Security Professional (CISSP) #315145

Candidate for Certificate of Cloud Security Knowledge (CCSK), Expected 12/2015

English, Mandarin, Taiwanese

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy


Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

How this resume score
could be improved?

Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:


resume Strength

  • Length
  • Personalization
  • Strong Summary
  • Target Job

Resume Overview

School Attended

  • University of Maryland
  • National Clairechi University

Job Titles Held:

  • Manager, Risk Assurance
  • Senior Manager, Technology & Security Risk Services
  • Manager, Technology & Security Risk Services
  • Manager, System and Process Assurance
  • Senior Associate, System Process Assurance
  • Senior Consultant, Technology Risk Consulting.
  • Financial Auditor


  • M.S
  • B.A

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in: