PETER BOAMPONG

Worcester, MA 774-***-****

ad3u3y@r.postjobfree.com

www.linkedin.com/in/peter-boampong-36b732139

IT AUDITOR AND COMPLIANCE OFFICER

Results-oriented, dedicated IT Auditor with demonstrated proficiency in leadership, and cross-functional teamwork, driving the successful completion of projects with tight budgets and timelines.

Effective Leadership and Project Management: Demonstrated leadership abilities, steering the implementation of security controls and patch management initiatives to enhance operational resilience.

Collaborative Multifunctional Teamwork: Leveraged a positive learning attitude to foster productive collaboration and ensure the collective success of projects such as audits on entity-level controls, applications, and projects.

Proficiency under Pressure: Exhibited exceptional capacity to perform in stressful situations, leading time-sensitive control testing across intricate business cycles and supporting end-to-end internal IT audits.

KEY SKILLS

IT Auditing

Cybersecurity Framework (CSF)

COSO/COBIT Frameworks

Linux, Windows

Tableau

Sarbanes-Oxley (SOX) Testing

Business Processes Auditing

SAP S/4 HANA

IT General Controls

NIST Risk Management Framework

ORACLE SQL

Cloud Security/Architecture

PROFESSIONAL EXPERIENCE

IT AUDITOR: TechFocus LLC. – Marlborough, MA (Partial Remote) June 2017 to Present

Complete end-to-end internal IT audits, supporting daily audit activities for clients including service and organization controls (SOC) audits and real-time readiness assessments across multiple industries. Complete business process walkthroughs, prepare risk and control matrices (RCM) and design effectiveness assessments (DEA) and conduct operating effectiveness testing (OET). Support cyber readiness audits, identify and report on material deficiencies or weaknesses in disaster recovery, business continuity, operational risk, incident management, and vendor risk. Prepare Security Assessment Plans (SAP) during Security Assessments, leveraging the applicable NIST SPs to guide the Security Assessment Team. Leverage the applicable NIST SPs including the NIST SP 800-18 Rev1 and NIST SP 80053A Rev5 to develop test procedures. Review available documentation (PBC) to validate the adequacy of implemented controls and their operating effectiveness.

Key Contributions

Enabled team's recovery from turnover-induced setbacks by leading timely preparation and testing of controls across complex business cycles, fostering a more equitable workload distribution in the process.

Drove the successful completion of a second audit within budget and established deadlines by skillfully leading a team of novice control testers, ensuring timely achievement of collective goals.

INFORMATION SECURITY OFFICER: FAI Systems & Technologies – Accra, Ghana April 2013 to June 2017

Identified security risks, determined the causes of security violations, and worked with appropriate partners to provide prompt responses to the identified risks.

Served as the primary contact person for issue solving by finding the root cause, suggesting resolution options, coordinating until final resolution, and preparing draft post-mortem following resolution.

Successfully configured, maintained, and optimized the Wazuh deployment to ensure real-time threat detection and response. Conducted in-depth analysis of security alerts, leveraging log analysis and visualization techniques that relied on the ELK Stack integration of Wazuh to identify potential security incidents. Effectively investigated and documented security incidents. Conducted comprehensive vulnerability assessments using Wazuh, leveraging its vulnerability detection capabilities to identify and prioritize potential weaknesses in the organization's IT environment. Assisted in incident response activities by employing automated response actions, ensuring swift containment and mitigation of security threats. Monitored and ensured compliance with industry standards and regulations by providing pre-packaged rule sets and reports for specific industry standards and regulations, such as ISO 27001 benchmarks, thus maintaining the organization's adherence to security and compliance requirements.

Key Contributions

Achieved a significant reduction in attacks following a series of security breaches by utilizing the approved SIEM tool to collect, aggregate, and analyze data from company applications, devices, servers, and users.

Addressed identified vulnerabilities that posed a threat to the business by leading the establishment of a patch management program, transitioning the company from a reactive to a proactive approach.

EDUCATION

EXECUTIVE M.B.A., MARKETING: Kwame Nkrumah University of Science &Technology (KNUST), Ghana

Work Authorization Status – Green Card Holder

Certifications:

Certified Information Systems Auditor (CISA) - Certified

Certified Information Security Manager (CISM) - Certified

Recent Professional Development:

The Future of Cloud Threat Detection, Investigation & Response, ISACA

Strong IT Controls: Your IT Risk Program's Strategic Advantage, AuditBoard

The Evolution of SOX: Building a Mature Program, AuditBoard

Building an Effective Risk Management Program, AuditBoard

Compliance as a Catalyst for Reducing Risk, ISACA

Professional Affiliations:

Member, ISACA-Rhode Island Chapter

Contact this candidate