Cyber Security It Auditor

Valerie Okobah-dike

226-***-**** *************@*****.*** Oshawa, Ontario

PROFILE SUMMARY

Accomplished IT Auditor with extensive expertise in IT auditing, risk assessments, and information security. Proven track record in Technology Infrastructure, Cyber Security Audits, SOX Compliance, SOC 2 Type 2, SOC 1 Type 2, PCI DSS Framework, HIPAA Framework, utilizing COSO, COBIT, NIST 800-53, FFIEC, and other related frameworks. Adept at performing IT Audit Control testing to support integrated audits, focusing on applications, IT infrastructure, databases, and cyber security compliance across various domains.

Key Accomplishments

• Identified and remediated 95% of control weaknesses, enhancing overall security posture.

• Maintained an enterprise-wide security program, protecting organizational assets with appropriate security controls, processes, and procedures.

• Collaborated with physical security, risk management, business continuity, and SOC teams during incident response, disaster recovery, and business continuity activities.

• Subject matter expert for SOC 2 audits, performed enterprise-wide gap analysis for all five trust services criteria, and ensured audit readiness. Key Skills & Signature Strengths

Policy & Procedure Enhancement Program Implementation Relationship Management Enterprise Risk Management SOX Compliance & Internal Controls IT Compliance & Control Teamwork & Collaboration

PROFESSIONAL EXPERIENCE

Deltaah Tech Consulting, Maryland, USA (Remote)

IT Auditor July 2023 – July 2024

Led planning, process understanding, and control validation meetings with business units, covering SOX Audit, Security Incident Management, Change Management, Disaster Recovery, User Access Audit, and SOC Audit.

Executed audit engagements covering IT general controls, such as access controls, change management, and system operations, achieving a 98% compliance rate.

Tested the effectiveness of application-level controls, improving output completeness and processing accuracy by 90%.

Evaluated IT security controls and communicated potential risks to management, resulting in a 30% reduction in identified vulnerabilities.

Implemented knowledge of COBIT and NIST frameworks, enhancing the audit process's efficiency by 20%.

Liaised with external auditors to ensure information systems risks were adequately identified and evaluated, facilitating a seamless audit process.

Assisted in executing the annual internal audit plan, preparing comprehensive reports and actionable recommendations for management.

Supported the IT Audit Security Manager in executing compliance frameworks, including HIPAA, and executed a comprehensive risk-based internal audit plan Audit Masters Consult USA(Remote)

IT Auditor March 2022 – May 2023

Identified IT related risks throughout development phases, which include networks, operating systems, ERP, databases, security, backup and restoration and disaster recovery audits.

Conducted control testing for Identity and Access Management, covering provisioning, deprovisioning, authentication, authorization, session lockouts, and user access reviews.

Executed IT General Controls and IT Application Controls SOX testing using COSO and COBIT frameworks, achieving a 97% compliance rate.

Performed SDLC and incident management audits, identifying and mitigating risks throughout the development phases.

Conducted SOX, IT infrastructure, and business applications audits from planning to reporting phases, documenting procedures and findings.

Reviewed SSAE16 SOC 1 Type 2 engagements, ensuring an unqualified opinion, management assertion, and user consideration.

Identified IT-related risks during network, operating systems, ERP, databases, security, backup, and disaster recovery audits, reducing overall risk exposure by 25%.

Assisted in executing the annual internal audit plan, preparing detailed reports and actionable recommendations for management

United Bank for Africa

IT Auditor Aug 2019 – Dec 2021

Executed controls testing in Technology Infrastructure Audits, IT General Controls, and Application Controls, achieving a 96% compliance rate

Conducted walkthroughs and documented results to determine the design adequacy and operating effectiveness of controls

Performed IT Infrastructure controls testing, including servers, Active Directory, databases, and operating systems

Executed SOC 1 Type 1, II, III audits and reviewed SOC 1 Type 2 and SSAE reports, ensuring compliance with industry standards

Conducted cloud computing audit testing, focusing on encryption, security access control, compatibility, integrity, confidentiality, and availability, reducing cloudrelated risks by 20%

Performed information security audits, evaluating control design and effectiveness, and providing actionable recommendations to management EDUCATION & CERTIFICATIONS

M.Sc. Cyber Security Eastern Illinois University, 2023 B.Sc. Management Information System Covenant University, 2016 CompTIA Security + 2023

CISSP 2024

CISA in view

Contact this candidate