Silver Spring MD, 20904
Experience in Information Technology auditing with emphasis on commercial public companies and federal government departments using ITGC and Application Controls. I have over 4 years of professional experience in performing audit readiness, project reviews, data analysis and continuous risk assessment in all stages of audits including: planning, study, evaluation and testing of controls, reporting and follow-up. Experience in performing Application Controls assessment in retail banking and Insurance industry by checking authorization control, interface control, computation control and data validity check. I have knowledge of ERP systems (SAP and Oracle Financials), Microsoft Dynamics, and PeopleSoft.
CISA In Progress
Internal IT Auditor- KEYW Inc. (Contractor) McLean VA March 2015 - Present
●Perform and Test General Computer Controls and Business Process Application controls using SOX framework.
●Perform walkthroughs and detailed testing of controls to evaluate the design and operating effectiveness of controls in federal government agencies.
●Extensive experience performing audit with Information Technology general controls (ITGC) such as, access control, change management, Information Technology operations, Application Controls.
●Communicated Information Technology audit findings to both senior management and clients
●Help identify performance improvement opportunities for assigned clients
●Assist in Information Technology management in identifying gaps between policy and process, developing recommendations to remediate control weaknesses and be responsible for developing and maintaining Information Technology control metrics related to compliance activities.
●Evaluate compliance with corporate security policies from planning phase to completion using COBIT, COSO, SOX, OMB Circular A-123, SOC, FISCAM Frameworks in performing audit. Identify and communicate Information Technology audit findings to senior management and clients.
●Execute the day-to-day activities of Information Technology controls assessment for a client's Legacy systems including assess general and application controls using the Federal Information Systems Controls Audit Manual (FISCAM) or COBIT methodology.
●Handle of special projects such as Segregation of Duties (SOD) and SOX Compliance business challenge projects, PCI DSS, HIPAA and identify conflicts or inadequate internal controls and provide recommendations.
●Assist Operational Audit team with integrated audits, including the identification and testing of IT controls supporting the business processes under review.
Internal IT Auditor- Resolution Consulting Group (Contractor) MD January 2013 - March 2015.
●Worked with management consulting teams to implement controls in new systems deployment.
●Performed operational and compliance audits of enterprise activities.
●Prepared IT Audit program to include Access control, Change management control Operations, Control and application controls Identified deficiencies in the design and operating effectiveness of controls and provided recommendations.
●Performed walk-through and detail testing of controls to determine if controls are properly designed and operating effectively; with an In-depth knowledge of Sarbanes-Oxley Act, HIPAA, FISMA, Compliance, COSO, SOC and COBIT framework methodologies for designing and validating business process controls.
●Supported IT Audit Readiness for Defense Finance and Accounting Service by assessing FISCAM controls
●Performed review of SOX documentation to provide feedback from external auditor standpoint to the IT SOX PMO managing the SOX efforts on largest postal services provider in the United States.
●Documented control weaknesses and related testing exceptions.
●Identified and communicated IT audit findings to senior management and client.
●Documented work completed by preparing work papers.
●Maintained a good working relationship with clients to enhanced customer satisfaction and work with client management and staff at all levels to perform audit services.
●Performed all stages of audit, including planning; fieldwork/execution; reporting; and follow-up.
●Handled special projects such as Segregation of Duties (SOD) and SOX Compliance business challenge projects, PCI DSS, HIPAA and identify conflicts or inadequate internal controls and provide recommendations
IT Audit training course 2012-2013 ( M-Tech Solutions Brussels)
Masters in International relations 2012 (CERIS Brussels)
Bsc in Management Economics 2008 ( Van Hall larenstein Wageningen Netherlands)
ACL, IDEA, RAMDOMIZER.COM