Seasoned Security, IS Audit & Compliance Leader with over 7 years of combined experience in security, IS Audit, IT Consulting, Compliance Audit, IT project management and third-Party reporting. Experience in leading and driving process efficiencies through teamwork, collaboration and open communication. Extensive experience in security, IT risk management, control frameworks, governance review and project management. Specialize in risk-based strategic and advisory for governance, technical, compliance and consultative reviews.
Skills
Expertise:
Systems networking and administration, System Engineering and Design,
Project management, SQL, ASP, .NET and Web Design. ITGC, Application controls
Review, security Control Analysis, Risk Management, IT Operation, Service
Management, Internet & Networking Security Devices (IDS/IPS, Web Proxy, VPN,
SIEM etc.) SOX, COBIT/COSO, ITIL, PCI-DSS, NIST, ISO 270999, ISO 17799/27001.
University of Maryland - University CollegeAdelphi, MD, Expected in 04/2017 ā āMaster of Science:Cyber Security - GPA:
Colorado State UniversityGreenwood Village, CO, Expected in 06/2015 ā āBachelor of Science:Information Technology - GPA:
Certifications
Microsoft Certified Azure Solution Architect Expert
Microsoft Certified Professional(MCP)
Microsoft Specialist-Dynamic CRM Application
Work History
Telephone And Data Systems Inc. - Senior IT Auditor Denver, CO, 02/2019 - Current
Responsible for raising the awareness within both the general employee population as well as at the managerial/company officer levels about the ever-changing cyber-security environment.
Raise the knowledge of how the employees and client business entities should be prepared to respond to cyber-security exposures.
Regularly informs management of changes in technical, legal, and regulatory issues affecting information security and data privacy.
Primary investigator for all clientsā company data breach incidents. Document all aspects of breach and the methods/circumstances by which the incident occurred, and also present recommendations to management to improve the practices, procedures, systems, and data storage methodologies to address any observed deficiencies.
Primary liaison for all company Business Continuity Planning (BCP) and IT Disaster Recovery (IT-DR) activities. Including the coordination of the annual IT systems recovery exercise.
Actively involved in external cyber-security focused professional organizations.
Provides leadership, expertise, guidance, and coaching to a team of IT Auditors/security professionals in the cyber-security and data privacy disciplines.
Provides oversight for the design and implementation of the policies, procedures, systems and safeguards necessary to ensure the integrity of information systems assets and to protect those assets from inadvertent or intentional access or destruction.
Manage multiple Sarbanes-Oxley Section 404 projects; coverage includes company level, general IT controls and application controls.
Develop and perform risk assessments as a basis for audit project task prioritization and project planning.
Develop audit scope, objectives and audit program; determine audit procedures and resources.
Identify areas of risk to the corporation, including those where efficiency and effectiveness of IT processes may be improved.
Analyze, evaluate, and recommend improvements to IT control and business processes of the company by performing reviews of processes, activities, and transactions.
Ensured high-quality client service by overseeing daily progress of fieldwork, reviewing all key work products and client deliverables, informing engagement executive of work status and issues and managing senior/staff performance.
Managed and performed detailed configuration and IT control reviews for an extensive variety of operating systems and databases to support audit engagements.
Halliburton Energy Services - Senior IT Auditor. City, STATE, 02/2016 - 02/2019
Lead auditors in completing integrated audits involving IT, Financial & Operational auditors. Reviewed work-papers and audit reports for IT audit projects and Sarbanes-Oxley (Interim and Roll forward tests).
Provide management with accurate, independent and timely assessments and recommendations in the following areas: Risk, Internal control weaknesses, Information systems security, Banking Applications, Database technologies (Oracle), Networking (IPS/IDS, VPN ā Remote Access, Firewalls, LAN, and WAN), Disaster recovery and Business continuity planning.
Assist Information Technology Audit Manager in the development of the Strategic Plan and in the completion of the Audit Program.
Assign work to auditors, set priorities and monitors activity. Provide training in the use of audit tools such as ACL to IT auditors and Financial & Operational Auditors.
Reviews IT Auditors and Staff auditorās audit workpapers, findings, recommendations and final reports.
Follow up on open issues with management and track issues that are ACPV (Action Completed Pending Verification) to resolution.
Resolve conflicts between auditors and the business units to smooth the relationship between the auditors and the business units (auditees).
Assists the IT Audit Manager in identifying those business areas subject to audit coverage and evaluates their significance by risk rankings
NTT Data Inc. - Senior Consultant, (IT Audit & Security Services) City, STATE, 01/2012 - 02/2016
Successfully served as engagement onsite leader of up to six engagement teams simultaneously through fostered teamwork and creating a successful working environment.
Planned, budgeted, and scheduled financial audit, SOX, internal audit and third-party reporting engagements for successful quality and financial outcomes.
Managed procedures of IT audit engagements related to financial audit, Sarbanes Oxley (SOX), internal audit, IT effectiveness projects and third-party reporting projects for healthcare, financial services, telecommunication and manufacturing industry clients to achieve engagement continuity, operational success, and compliance with all internal and external regulatory requirements.
Evaluated the design and tested the operating effectiveness of internal controls by identifying and analyzing operational procedures, security and application change management controls.
Provided recommendations to clients on activities to improve internal procedures and controls and identified high risk areas that could result in misstating financial information and proposed risk mitigation strategies to fill these gaps.
Led and performed SAP, Oracle, PeopleSoft configuration reviews related to IT general controls.
Led a PeopleSoft controls and risk-related engagement for a Fortune 500 client. Developed Controls Strategy and Controls Framework which led to the evaluation of security and controls throughout the implementation of PeopleSoft Asset Management for process optimization. Activities include evaluate Process and Interface Design, review Process, Interface and Conversion Controls, and assess Application Security.
Displayed leadership skills through mentoring Staff Associates to contribute to their growth and future development while also improving engagement team performance.
Consistently achieved high ratings for performance reviews on engagements for people, quality, growth, and operational excellence components.
Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.