PROFESSIONAL PROFILE

Dedicated IT Auditor with a proven track record of delivering comprehensive assessments and strategic insights to optimize IT processes and mitigate risks. Leveraging a strong command of audit methodologies and frameworks, coupled with in-depth knowledge of diverse IT platforms and systems. Known for leadership in executing audits, collaborating with cross-functional teams, and ensuring compliance with industry standards. Adept at communicating findings to all organizational levels and implementing effective solutions. Certified Information Systems Auditor (CISA) and Certified Fraud Examiner (CFE) with an ongoing pursuit of professional development.

EXPERIENCE

Genpact LLC May 2018 – Present

IT Auditor II

Executed internal audits in alignment with accepted auditing standards, with expertise in information systems processes and industry-best IT frameworks.

Perform collection and validation of requirements.

Identification of risks, threats, vulnerabilities, potential anomalous flows, and interactions.

Reviews of the definition of security subsystems, and the design of integration and deployment architectures for security in networks, infrastructure, middleware, application, and systems services.

Led audit engagements from planning to completion, adhering to schedules and deadlines, ensuring thorough testing and identification of control weaknesses and risks.

Collaborated with business relationship managers and vendors to collect due diligence documentation, assess risks, and ensure quality control.

Coordinated with IT Security for IT Security Questionnaire reviews and approvals.

Developed and executed audit programs with minimal supervision, showcasing self-motivation and strong organizational skills.

Perform evaluation and selection of the components, and design of the solution's hardware, software, process, and service components while ensuring secure engineering practices in development.

Provided value-added consulting services to management for process improvement and enhanced operations.

Maintained accurate vendor documentation and processed materials in compliance with policy.

Employed excellent communication and analytical skills and proficiency in Microsoft Office and audit software.

WEX Inc. Oct 2015 – March 2018

IT Auditor/Third-Party Risk Management Assessor

Established comprehensive IT compliance frameworks, ensuring adherence to industry standards and regulatory requirements.

Conducted thorough reviews of users' access control, IT controls, and disaster recovery readiness.

Assessed organizational IT policies and standards for accuracy and compliance with guidelines.

Coordinated and executed projects to identify, communicate, and mitigate security risks and vulnerabilities.

Led initial risk assessments on new vendor relationships and performed quality assurance assessments.

Collaborated with IT departments to facilitate timely remediation of audit recommendations.

Performed SOC 1, SOC 2, and SOC 3 report testing in line with applicable standards.

Developed audit programs based on recognized frameworks for industry best practices.

Perform Sarbanes-Oxley (SOX) and PCI DSS compliance audits using COBIT and COSO frameworks.

Applied current knowledge of IT trends, techniques, and risk to map out security and risk management improvement opportunities to enhance value.

Staples Inc., Boston, MA March 2013 – September 2015

IT Auditor

Conducted comprehensive audits of IT platforms, OS platforms, and operating procedures, focusing on efficiency, accuracy, and security.

Evaluated IT infrastructure to identify risks and implemented controls to minimize potential loss.

Supervised engagements, including planning, work paper review, and preparation of audit reports.

Led process improvements for SOX testing, enhancing review efficiency and year-end financial reporting.

Managed project status meetings to effectively communicate findings and improvement opportunities.

Prepared detailed audit reports, oversaw corrective action plan implementation, and maintained open communication with management.

Conducted in-depth security assessments of critical financial reporting systems, including SAP.

Document and assess the design and operating effectiveness of controls and processes to meet established business objectives across the business.

Evaluated IT and business processes for effectiveness and efficiency, through obtaining an understanding of and documenting key business processes and internal controls.

Participate in and execute audit project tasks such as walkthroughs and detail testing.

Performed IT general controls such as access control, change management, IT operations, disaster recovery, and platform reviews (Windows and UNIX OS).

EDUCATION

Bachelor of Science.

Root Cause Analysis (Certificate of Completion)

CERTIFICATIONS & PROFESSIONAL AFFILIATIONS

Certified CompTIA Security +

ADDITIONAL SKILLS

IT General Controls Testing

Sarbanes Oxley Financial Review

Data Center Operations

Business continuity

Storage Management

Disaster Recovery

Third Party Risk Assessment

UNIX/LINUX & SAP experience

Corporate Risk Mitigation

IT Control Design

Extensive Report Writing,

Fact Finding, and Root Cause Analysis

Database Audit

PCI DSS Compliance

HIPPA and PPI assessment.

Contact this candidate