Senior IT Auditor Resume Example Telephone And Data Systems Inc.

SENIOR IT AUDITOR

Professional Summary

Seasoned Security, IS Audit & Compliance Leader with over 7 years of combined experience in security, IS Audit, IT Consulting, Compliance Audit, IT project management and third-Party reporting. Experience in leading and driving process efficiencies through teamwork, collaboration and open communication. Extensive experience in security, IT risk management, control frameworks, governance review and project management. Specialize in risk-based strategic and advisory for governance, technical, compliance and consultative reviews.

Skills

Expertise:

Systems networking and administration, System Engineering and Design,

Project management, SQL, ASP, .NET and Web Design. ITGC, Application controls

Review, security Control Analysis, Risk Management, IT Operation, Service

Management, Internet & Networking Security Devices (IDS/IPS, Web Proxy, VPN,

SIEM etc.) SOX, COBIT/COSO, ITIL, PCI-DSS, NIST, ISO 270999, ISO 17799/27001.

Programming Languages:

C++, C#, JAVA, JAVA Swing, .NET, Python, Ruby, Perl, ASP, VB, COBOL, MS Access, FoxPro, Oracle, HTML, JAVA Scripts, SQL, Dbase, PHP, Visual Basic, Python, Informatics, Squirrel etc

Microsoft Applications:

Microsoft office suite, Visio, Project, Excel, Word, Access, PowerPoint, Notes,

SharePoint, Lync, Outlook, Corel, Adobe, OS platforms such as Windows, Novell

NetWare and NT etc.

Tools/Utilities:

Intrusion Detection: Source Fire, McAfee HIPS, Symantec IPS, Snort Security

Monitoring & Threat Correlation: Cisco Mars, Blue Coat Reporter (Websense), Arc Sight Risk Management, Risk Analysis & Threat Modeling
IT Audit: ACL, Exchange, MKInsight, Archer (GRC), Case Track, Lotus Notes, SharePoint.
Data Security: Encryption: Ax crypt, PGP Desktop, Apani Epi-Force, PC Guardian
Database Security: Imperva SecureSphere DB Security & Auditing for Oracle & SQL.
System & Application Security:
Enterprise Antivirus / Anti-Malware / Anti spyware: McAfee E policy Orchestrator
Secure Build Configuration: Shavlik, MS Baseline, and NSA/CERT Checklist.
Enterprise Email Security: Iron Mail Enterprise, Secure Web Transmission Module
Vulnerability Management:
Penetration Testing & Vulnerability Assessment: Metaframe, Nessus, Nmap, WebInspect, WireShark, and other tools
Security Auditing:
Access Management (Active Directory), Privileged User, Key Shares & Files (Using Hyena/ Intrust Quest), Network Design review (Manual), Network device review (Using Nipper-Studio/Redseal), Production & Vulnerability Scans (Using Foundstone), Intrusion Detection- (Sourcefire), Anti-Virus Updates & Monitoring (McAfee EPO), Oracle & SQL Auditing-(Imperva Secure sphere).
SOX PCI GLBA Compliance, Assessment & Auditing.

Work History

02/2019 to Current

Senior IT AuditorTelephone And Data Systems Inc. – Denver , CO

Responsible for raising the awareness within both the general employee population as well as at the managerial/company officer levels about the ever-changing cyber-security environment.
Raise the knowledge of how the employees and client business entities should be prepared to respond to cyber-security exposures.
Regularly informs management of changes in technical, legal, and regulatory issues affecting information security and data privacy.
Primary investigator for all clients' company data breach incidents. Document all aspects of breach and the methods/circumstances by which the incident occurred, and also present recommendations to management to improve the practices, procedures, systems, and data storage methodologies to address any observed deficiencies.
Primary liaison for all company Business Continuity Planning (BCP) and IT Disaster Recovery (IT-DR) activities. Including the coordination of the annual IT systems recovery exercise.
Actively involved in external cyber-security focused professional organizations.
Provides leadership, expertise, guidance, and coaching to a team of IT Auditors/security professionals in the cyber-security and data privacy disciplines.
Provides oversight for the design and implementation of the policies, procedures, systems and safeguards necessary to ensure the integrity of information systems assets and to protect those assets from inadvertent or intentional access or destruction.
Manage multiple Sarbanes-Oxley Section 404 projects; coverage includes company level, general IT controls and application controls.
Develop and perform risk assessments as a basis for audit project task prioritization and project planning.
Develop audit scope, objectives and audit program; determine audit procedures and resources.
Identify areas of risk to the corporation, including those where efficiency and effectiveness of IT processes may be improved.
Analyze, evaluate, and recommend improvements to IT control and business processes of the company by performing reviews of processes, activities, and transactions.
Ensured high-quality client service by overseeing daily progress of fieldwork, reviewing all key work products and client deliverables, informing engagement executive of work status and issues and managing senior/staff performance.
Managed and performed detailed configuration and IT control reviews for an extensive variety of operating systems and databases to support audit engagements.

02/2016 to 02/2019

Senior IT Auditor. Halliburton Energy Services – City , STATE

Lead auditors in completing integrated audits involving IT, Financial & Operational auditors. Reviewed work-papers and audit reports for IT audit projects and Sarbanes-Oxley (Interim and Roll forward tests).
Provide management with accurate, independent and timely assessments and recommendations in the following areas: Risk, Internal control weaknesses, Information systems security, Banking Applications, Database technologies (Oracle), Networking (IPS/IDS, VPN – Remote Access, Firewalls, LAN, and WAN), Disaster recovery and Business continuity planning.
Assist Information Technology Audit Manager in the development of the Strategic Plan and in the completion of the Audit Program.
Assign work to auditors, set priorities and monitors activity. Provide training in the use of audit tools such as ACL to IT auditors and Financial & Operational Auditors.
Reviews IT Auditors and Staff auditor's audit workpapers, findings, recommendations and final reports.
Follow up on open issues with management and track issues that are ACPV (Action Completed Pending Verification) to resolution.
Resolve conflicts between auditors and the business units to smooth the relationship between the auditors and the business units (auditees).
Assists the IT Audit Manager in identifying those business areas subject to audit coverage and evaluates their significance by risk rankings

01/2012 to 02/2016

Senior Consultant, (IT Audit & Security Services)NTT Data Inc. – City , STATE

Successfully served as engagement onsite leader of up to six engagement teams simultaneously through fostered teamwork and creating a successful working environment.
Planned, budgeted, and scheduled financial audit, SOX, internal audit and third-party reporting engagements for successful quality and financial outcomes.
Managed procedures of IT audit engagements related to financial audit, Sarbanes Oxley (SOX), internal audit, IT effectiveness projects and third-party reporting projects for healthcare, financial services, telecommunication and manufacturing industry clients to achieve engagement continuity, operational success, and compliance with all internal and external regulatory requirements.
Evaluated the design and tested the operating effectiveness of internal controls by identifying and analyzing operational procedures, security and application change management controls.
Provided recommendations to clients on activities to improve internal procedures and controls and identified high risk areas that could result in misstating financial information and proposed risk mitigation strategies to fill these gaps.
Led and performed SAP, Oracle, PeopleSoft configuration reviews related to IT general controls.
Led a PeopleSoft controls and risk-related engagement for a Fortune 500 client. Developed Controls Strategy and Controls Framework which led to the evaluation of security and controls throughout the implementation of PeopleSoft Asset Management for process optimization. Activities include evaluate Process and Interface Design, review Process, Interface and Conversion Controls, and assess Application Security.
Displayed leadership skills through mentoring Staff Associates to contribute to their growth and future development while also improving engagement team performance.
Consistently achieved high ratings for performance reviews on engagements for people, quality, growth, and operational excellence components.

Education

04/2017

Master of Science: Cyber Security
University of Maryland - University College - City

06/2015

Bachelor of Science: Information Technology
Colorado State University - City

Certifications

Microsoft Certified Azure Solution Architect Expert

Microsoft Certified Professional(MCP)

Microsoft Specialist-Dynamic CRM Application

Resume Overview

School Attended

University of Maryland - University College
Colorado State University

Job Titles Held:

Senior IT Auditor
Senior IT Auditor.
Senior Consultant, (IT Audit & Security Services)

Degrees

Master of Science : Cyber Security
Bachelor of Science : Information Technology

Senior IT Auditor Resume Example

DISCLAIMER

How this resume score could be improved?

Resume Overview

Create a job alert for [job role title] at [location].

Similar Resumes