Manager Management

Olusegun Olabanji

Email: *********@********.***

Address: **** ***** ****** ** ***. 13

City: Bellevue

State: WA

Zip: 98004

Country: USA

Phone: 469-***-****

Skill Level: Experienced

Salary Range: $98,000

Primary Skills/Experience:

See Resume

Educational Background:

See Resume

Job History / Details:

OBJECTIVE

A consulting, management or lead position in your Organization

SUMMARY

Tactful and committed performer with more than seven years of experience as an internal IT auditor with good understanding of information security, application development, database administration, project management and fraud examination practices.

Certified auditor with strong understanding of IT governance and security; communicates effectively and writes clearly and concisely for technical and nontechnical audience.

Good knowledge of Information Security and risks across a range of business. Understands business privacy, security standards and control frameworks such as ISO/IEC 27001 and 27002, NIST 800-53 (FISMA), SAS70/SSAE-16, HIPAA / HiTech, PCI DSS, and SOX.

Skilled at understanding business processes, analyzing and assessing business process controls, identifying and evaluating complex business and technology risks and linking business risks to relevant IT or business control objective.

Results-oriented, providing deliverable before or on due dates, complying with established deadlines; excellent problem solving skills. Possess preferred balance of technical, business, and data analytic background. Good at quickly learning new concepts and working well under pressure. Able to work independently and excellent team interaction.

PROFESSIONAL EXPERIENCE

3/1/2012 - Date: Senior Consultant IT Audit and Compliance, Microsoft Redmond, WA

Coordinates with Windows Intune Teams to identify requirements, perform risks assessment and compliance gap analysis.

Reviews and document Windows Intune Teams related policies, procedures, processes & other required documentation in compliance with certification standard.

Documents narratives of current processes, and then work with teams to identify and analyze gaps between current processes and the desired state.

Assists Windows Intune Online Services process owners with compliance efforts focusing on getting ISO certified, creates common security framework using ISO, NIST and CSA standards and established IT SSAE 16 controls mapping.

Develops and execute new readiness testing plans as necessary, analyze testing results and related exceptions to identify control weaknesses and compliance gaps.

Reviews and update relevant documentation in collaboration with Teams Management to ensure remediation actions are addressed and audit issues appropriately closed.

Assists requirement owners in evaluating both routine and challenging risks issue and identifies multiple solutions considering cost / benefit and how the solution may change or impact the organization.

Creates tracking tools and reports for compliance measures and monitoring remediation status.

Creates monitoring procedures used by process owners for continuous self assessment of controls in scope re-certification.

09/2010 - 2/15/2012: Management Trainee - IT Auditor, PACCAR INC. Bellevue, WA

Supervised engagement team members to ensure objectives are achieved, quality is assured and team members were developed. Developed audit programs and performed audit engagement in accordance with IIA and approved company standards.

Used data mining and analysis tools such as Excel, Access, and Audit Command Language (ACL); evaluates information and systems and drawing logical conclusions.

Improved IT control environment through the creation of new security policies and revision of outdated ones as result of security audit findings.

Initiated the implementation of SAP governance, risk and compliance (GRC) access control tool to improve SAP access controls as a result of Segregation of Duties weakness audit findings.

Assisted in the development and mentoring of auditors and others throughout the organization by sharing information. Conducted ACL training for operational and financial auditors.

Improved company's record retention practices through revision of corporate record retention policy as response to audit findings of unauthorized destruction of records that were meant to be retained permanently.

Participated in developing and preparing yearly corporate risk assessments and audit plans.

Developed risk-based audit plan to ensure that high risk scope areas are addressed.

Reviewed findings provided by team members and provided constructive feedback accordingly during fieldwork.

Discussed audit findings with appropriate management and consulted with process owners to identify practical, cost-effective and value added recommendations; collaborated with the business on action plans.

Prepared concise draft reports of findings for post audit meeting, effectively communicated complex technological issues in a clear, accurate, concise and constructive manner to technical and non-technical audience.

Performed follow-up work as necessary after the audit closing and reporting. Performed first level review of auditee responses.

Performed business and IT process control assessments; conducted system security, operating systems, databases, change management, interface, application development and physical security reviews.

Performed information technology enterprise network security review - firewalls, routers, other networks devices / infrastructure.

Performed SharePoint review to ensure effectiveness of SharePoint governance, policies and oversight; adequacy of data classification policies and management. Also reviewed content definition and access controls over web servers, application servers and database servers.

Performed SAP Segregation of Duties and change management reviews and application control testing on several legacy systems.

Performed Information Technology General Controls (ITGC) review and integrated audits, worked alongside the business process audit team on financial, operational or systems control reviews.

Performed enterprise Oracle database security, SQL database server security, personal computers (PCs) and local area networks (LANs), remote IT operations reviews.

04/2007 - 09/2010: Lead IT Auditor, KBR INC., Houston, TX

Executed all phases of IT audit projects - planning, fieldwork, reporting, follow-up of open audit issues and other project communication.

Participated in the assessment of Internal Audit specific processes and, provided process improvement recommendations.

Coordinated participation of external auditors to complete audits timely according to professional standards.

Prepared audit programs, planned audit engagements and established audit objectives.

Reviewed electronic work-papers (Teammate), including the results of tests performed to ensure engagement work-papers adequately supported noted observations, conclusions and recommendations.

Communicated findings to clients timely, obtained client agreement on root cause of issues and commitment to implement agreed-on corrective actions.

Developed reports and presentations on project findings and recommendations to management.

Coordinated and followed up with process owners on remediation actions of deficiencies noted during fieldwork. Appraised implemented corrective actions.

Managed multiple audits engagements simultaneously (in several countries) with ability and willingness to travel extensively (about 30-40% domestic and international) on a regular basis to fulfill successfully the requirements of the role.

Coordinated and performed reviews of data center general controls, client-server security, operating systems, systems development life cycles (SDLC), databases (SQL & Oracle) security, Local Area Networks (LANs), telecommunications, pre and post implementations of application systems, corporate business continuity processes, and disaster recovery plans.

Performed Segregation of Duties (SOD) review and continuous auditing, using ACL for data mining; participated in the special investigations of some fraud cases - on management request.

Performed SAP interface and change management controls reviews, SAP application control, SAP payroll pre & post implementation reviews. Planned and executed Sarbanes-Oxley (SOX) testing work programs.

02/2005 - 03/2007: Sr. IT Auditor, Halliburton, Houston, TX

Participated in planning and executing risk-based audits, assisted in developing remediation documents with process owners. Prepared draft reports for IT Audit Senior Manager.

Performed security access controls, change management controls, interface controls and application development controls assessments; documented findings and collaborated with process owners in defining action plans for correcting identified gaps.

Performed assessments of IT operating policies and procedures, backup and recovery plans and related business process documentation identifying control deficiencies.

Performed General and Logical IT controls reviews; validated SOX key controls to ensure compliance with SOX section 404.

Performed application controls testing across a wide variety of in-scope applications - SAP, Hyperion and other legacy applications.

Promoted Senior IT Auditor after Eight Months with the company as IT Auditor.

06/2000 - 05/2004: Manager Information Technology, African Petroleum Plc. (Nigeria)

Realigned IT objectives with business strategic objectives, enabling business units to achieve set goals and consequently improved operational effectiveness and efficiency.

Managed Oracle 11i financial package (ERP) implementation project. Delivered project on time with adequate quality assurance and user acceptance testing; rolled over to production environment after parallel run of six months with Legacy System.

Managed IT department's budget and daily activities of eight staff.

02/1996 - 05/2000: Applications Support Manager, Oando Nigeria Plc.

Provided management oversight and review for supported systems; coordinated work activities across information technology departments, business functional areas, and project teams.

Performed project management responsibilities relating to information technology implementations, upgrades, and conversions. Managed multiple, diverse work efforts simultaneously.

Maintained service level metrics with clients, managed vendor and contractor relationships based on service support agreements.

CERTIFICATIONS

CISA (Certified Information System Auditor)

CIA (Certified Internal Auditor)

CFE (Certified Fraud Examiner)

CISM (Certified Information System Manager)

CISSP (Certified Information System Security Professional)

CRMA (Certification in Risk Management Assurance)

MCSD (Microsoft Certified Solution Developer)

EDUCATION

BS, Computer Science, University Of Ibadan, Ibadan, Nigeria

MBA, Management & Accounting, 2000, Obafemi Awolowo University, Ile-Ife, Nigeria

Contact this candidate