Post Job Free
Sign in

Information Technology Security

Location:
Spring, TX, 77380
Posted:
September 11, 2017

Contact this candidate

Resume:

Noppakit Itthiteerakriat - CISA, CISM

**** ******** ***** ****, *** 323 832-***-****

The Woodlands, TX 77380 ********.***************@*******.***

SENIOR INFORMATION TECHNOLOGY AUDITOR

Higher Education Industry with expanded experience in performing Information Technology reviews and compliance audit projects to determine effectiveness of IT security and internal controls in Higher Education Industry. Ensuring that audit frameworks and internal controls are in line with the state agency standard and best practices for community colleges (i.e., Texas Administrative Code (TAC 202), NIST).

Banking Industry Specialist in Credit card and ATM Systems with extensive experience performing audit projects to determine effectiveness of IT security and internal controls. Performed audit assessment in compliance with organization’s standard and regulatory requirements (i.e., VISA PIN requirements, PCI DSS, ISO 27001). Strong understanding of business processes. Proven skill identifying issues and providing recommendations that enhance the control environment and mitigate associated inherent risks. Solid project management skills, achieving audit plans within timeframe and resources. A quick learner known for loyalty, honesty and enthusiasm.

Key Areas of Expertise:

Information Security Management (ISO 27001, ISO 22301).

Information Technology Service Management (ISO 20000, ITIL, CoBIT).

IT Security Compliance Standards (VISA PIN Security, PCI DSS).

Texas Administrative Code (TAC 202).

System, Network, and Operational Security and Best Practice implementation.

Business process audits (mainly focused on IT Application control).

Business Continuity Management (BCM).

Disaster Recovery Planning (DRP) and IT Contingency Planning.

PROFESSIONAL EXPERIENCE

Lone Star College – Texas, United States 2015-2016

The largest and fastest growing community college districts in Texas, which consists of 6 campuses, 7 satellite centers, and 2 university centers.

Senior Information Technology Auditor

Performed annual IT risk assessment and audit year plan by prioritizing audit work according to the risk assessment scoring. Planned and executed Information Technology, operational, and compliance audits to determine effectiveness of IT security and internal controls. Developed audit scope and objectives, risk and control metrics, and selected the audit approach to verify and test the controls. Produced audit reports reporting issues and recommendations to senior managements.

Audited compliance standards for Texas Administrative Code (TAC 202), to ensure that policies, procedures, and processes to manage information security are aligned with the state agency standard.

Initiated and conducted annual IT risk assessment, developed audit plan, executed audit projects, and conducted internal quality control procedures to ensure compliance with the International Standards for the Professional Practice of Internal Auditing and standard best practices.

Met project deadlines and delivered all audit project results within a reasonable timeframe and resources by prioritizing audit works based on risk assessment methods.

Assisted in internal control advisory projects relating to financial and compliance audits.

Bank of Ayudhya PLC – Bangkok, Thailand 2004-2013

5th largest bank in Thailand, providing a full range of banking services to commercial and individual customers.

Senior Information Technology Auditor (2011-2013)

Planned and organized internal audit process and control review in banking environments. Led and performed information system audit on IT applications, operating systems, networks, and database management systems. Developed audit programs and selected the audit approach to verify and test the controls. Produced audit reports reporting issues and recommendations to senior managements.

Audited IT general controls and application controls on the Banking systems, identified weak internal controls, and suggested improvements for system security.

Performed business continuity audits to determine the effectiveness of Business Continuity Management (BCM) and Disaster Recovery Plan (DRP) programs, so that all business functions will continue to operate under major incidents, disasters or disruptions.

Ensured IT service management was in compliance with regulations and standard best practices (ISO27001, ITIL, and COBIT) by performing IT service management audits of project management and IT outsourced service.

Audited compliance standards for VISA PIN Security Standard and Payment Card Industry Data Security Standard (PCI DSS), to ensure that VISA, MasterCard, and ATM acquirers implemented a high level of security and minimized possibility of Cardholder data and PIN compromise.

Met project deadlines and delivered all audit project results within a reasonable timeframe and resources by prioritizing audit works based on risk assessment methods.

Interviewed IT application architect to understand process, verifying critical controls were in place and being followed with banking laws and regulations.

Information Technology Auditor (2004-2011)

Reviewed and audited IT controls and configurations on IT applications, operating systems, networks, and database management systems. Tested and verified effectiveness of computer systems controls and information security components. Identified issues of IT controls, processes and configurations. Provided recommendations on workarounds and best practices to improve system security levels.

Chosen by professionals in the Fraud department to be a consultant on Fraud Detection and Monitoring System to reduce fraud transactions on ATM and Internet Banking systems, including being responsible for installation, configuration, and customization of system rules.

Enhanced executive report to be more efficient by improving the report preparation process to support management decisions and requirements of time management.

Because of well-prepared audit working papers and documents, received the highest score for two consecutive years from corporate Quality Assurance Review assessment.

PROFESSIONAL CERTIFICATION

Certified Information Systems Auditor (CISA) certified by ISACA.

Certified Information Security Manager (CISM) certified by ISACA.

ISMS ISO 27001 Lead Auditor certified by IRCA.

CompTIA Security+ certified by CompTIA.

ITIL Foundation V.3

EDUCATION

Master of Science, Computer Science, Faculty of Engineering – Chulalongkorn University – Thailand

Bachelor of Business Administration in Business Computer – Bangkok University – Thailand



Contact this candidate