LiveCareer-Resume

snr it auditor sox specialist resume example with 9+ years of experience

Jessica Claire
, , 609 Johnson Ave., 49204, Tulsa, OK 100 Montgomery St. 10th Floor
Home: (555) 432-1000 - Cell: - resumesample@example.com - : - -
Professional Summary

Result Driven Information Technology professional with specialties in Internal IT Auditing, Information Security Compliance, Risk Management, Fraud Prevention, and with proven experience in reducing operational risks by identifying vulnerabilities within information technology business realms. Professional work experience includes client in financial services, media and entertainment, energy, manufacturing, technology, and IT service provider industries

Skills

    IT general controls

    SOX 404

    PCI-DSS Compliance

    Third party Risk Management

    Incident Management

    Anti Money laundry Audit

    PCP & Disaster Recovery

    GLBA

    ITIL

    NIST 800-53

    ISO 27001 Compliance

    Writing audits reports and Training on IT industry’s best practices|

Work History
06/2022 to Current
Snr IT Auditor -SOX Specialist Argo Ai Washington, DC,
  • Solely responsible for IT side of annual SOX project from planning, field work, testing, report findings, remediation process.
  • Conduct control self assessment, reviewing operation risk, business risk and IT risk with my team.
  • Perform risk assessment for ICOFR, generate PBC list, build Sox tracker, perform testing of controls, report findings, support to develop mitigating action plan, recommend areas of improvements including policy inputs for gaps discovered in walkthrough.
  • Coordinated quarterly penetration testing with various vendors to hardening servers with stakeholders.
  • Analyzed incident response, foreign threats, firewall attempts, DoS attack,
  • Responsible for identifying and escalating vulnerability assessment and Penetration testing results.
  • Perform peer reviews of Security Assessment Reports.
  • Perform threat modeling of applications to identify threats.
  • Performed risk assessment; audit planning, developing scope, schedule audit and reporting of findings noted during assessment.
  • Perform risk assessment of new system on-boarding both pre-implementation, post-implementation and control design.
  • Presents identified risks to Risk & Compliance team.
  • Support review of IT tools, control designs, and control remediation planning efforts.
  • Reviewed entity’s access control policy (software and physical) to determine its adequacy and effectiveness.
  • Documented application security controls (Review and analyze audit evidence) processes and procedures.
  • Reviewed and recommended industry best practice in areas of user access and password security.
  • Assisted in documenting physical access controls to computer resources by evaluating existing environmental security, conditions, and available emergency procedures.
  • Determined which regulatory and/or compliance requirements apply to specific system.
  • Performed tests to validate Integrity and effectiveness of IT controls that are in place.
  • Evaluated and reviewed business continuity planning of organization to determine adequacy and effectiveness.
  • GRC automated audit tool risk assessment.
  • Perform supervisory role,training and mentorship for associates.
07/2019 to 06/2022
Snr Compliance Analyst Camping World Grand Rapids, MI,
  • Conduct IT Compliance testing for SOX, PCI, SSAE18 projects, and IT Infrastructures.
  • Coordinated quarterly penetration testing with various vendors to hardening servers with stakeholders.
  • Analyzed incident response, foreign threats, firewall attempts, DoS attack,
  • Responsible for identifying and escalating vulnerability assessment and Penetration testing results.
  • Perform peer reviews of Security Assessment Reports.
  • Performed risk assessment; audit planning, developing scope, schedule audit and reporting of findings noted during assessment.
  • Perform risk assessment of new system on-boarding both pre-implementation, post-implementation and control design.
  • Presents identified risks to the Risk & Compliance team.
  • Perform third party risk lifecycle assessment: onboarding, classification. contracting, monitoring, reporting and disengaging.
  • Support review of IT tools, control designs, and control remediation planning efforts.
  • Reviewed entity’s access control policy (software and physical) to determine its adequacy and effectiveness.
  • Documented application security controls (Review and analyze audit evidence) processes and procedures.
  • Performed test for data migration: unit test, interface test, system test, UAT, hypercare, 'go live' and sign offs.
  • Worked with audit teams for planning and scope assessments for SOX testing.
04/2016 to 06/2019
IT Auditor Flexon Technologies City, STATE,
  • -Performed audit scheduling, audit planning, write audit papers and report with minimal supervision by audit manage
  • -Reviewed and tested for Segregation of Duties (SoD) and access control in System components in compliance with SOX.
  • -Tested Application Controls, including both Logical and Physical Access controls to ensure effectiveness of functionality, good reporting and interfaces.
  • -Review and Test back up, Disaster Recovery and scheduling procedure for appropriateness.
  • -Review change management procedure in logical IT environment and validate appropriateness of changes.
  • -Review Network security arrangement and ensure compliance to CIA standard.
  • -Assisted various departments in risk management, process of tracking customer interaction, and identifications of existing SLAs and their status.
  • Facilitate and perform anti money laundry audit
  • Provided advisory support to Implementation and assessment of security and business process controls.
  • Review adequacy and effectiveness of independent Auditors Attestation report (SSAE 18) in satisfying client control requirement on it
  • Perform Audit Log reviews to test controls around user activity and/or login/logout attempts.
  • Prepare summary of findings and exceptions and reference all relevant documents.
  • Review and update procedure for adding and deleting users to determine username and password security.
  • Review change management documentation, policies, SOX controls and implemented necessary changes to review processes.
  • Communicate weekly with IT on status of outstanding audit recommendations, both internal and external; and facilitates timely remediation.
  • Communicate effectively with all levels of management to ensure full understanding of IT objectives, risks and controls.
  • Participate in new system development and implementation by reviewing projects documentation, conducting interviews and assessing works completed; ensured development efforts were following organization policies, standards, procedures and controls are adequately incorporated into system.
  • Review and test users’ access control – physical access relating to server room or data center, and logical access control relating various applications, operating systems, database, networks and Active Directory.
  • Determine root cause of identified issue during assessment of ITGCs to evaluate risks impact.
02/2014 to 03/2016
IT Compliance Analyst Insight Resourcing City, STATE,
  • Perform IT Compliance testing for SOX, SSAE18, ITGCs projects, and IT Infrastructures.
  • Analyzed incident response, foreign threats, firewall attempts, DoS attack,
  • Responsible for identifying and escalating vulnerability assessment and Penetration testing results.
  • Presented identified risks to the Risk & Compliance team manager.
  • Participate in writing and reviewed of policies to reflect industry best practice in areas of user access and password security.
  • Performed tests to validate Integrity and effectiveness of IT controls that are in place.
  • Evaluated and reviewed business continuity planning of organization to determine adequacy and effectiveness.
  • Reviewed adequacy and effectiveness of independent Auditors Attestation report (SSAE 18) in satisfying client control requirement at client engagements.
  • Reviewed adequacies of key systems and application controls – Access control, Data Integrity, Segregation of duties, disaster recovery, and change management among others.
  • Reviewed systems and application strength and weakness as well as recommend appropriate compensatory controls to mitigate against any potential risk.
Education
Expected in to to
Master of Arts: International Banking & Finance
International Hellenic University - EU,
GPA:
Expected in to to
Bachelor of Science: International Business Management
Cardiff Metropolitan University - UK,
GPA:
Expected in to to
Bachelor of Science: Accounting And Finance
The Ibadan Polytechnic - Nigeria,
GPA:
Certifications

CISA

CISM

CASP

PSM

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • International Hellenic University
  • Cardiff Metropolitan University
  • The Ibadan Polytechnic

Job Titles Held:

  • Snr IT Auditor -SOX Specialist
  • Snr Compliance Analyst
  • IT Auditor
  • IT Compliance Analyst

Degrees

  • Master of Arts
  • Bachelor of Science
  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: