Address: ***** ******** **** ****** ** 75254
IT Auditor with experience in performing risk assessment, reviews of the effectiveness and efficiency of financial, operational, and information technology procedures and internal controls to determine compliance with policies, procedures and regulatory requirements and documenting audits of IT and special projects.
University Of Calabar
Bachelor of Science, Computer Science (2009)
Risk Management Techniques
Third Party Vendor Audit
Internal Control Process & Compliance
Internal Control Assessment
Auditing Internal Control Review Operational Risk Testing & Validation Technology Security Archer Documentation & Report Excel Reporting GRC Tools
GRUBHUB August 2017 – Till Date
IT SOX AUDITOR
•Performed annual SOX IT Control scoping and risk assessment to determine applications, systems and processes that are in scope for annual control testing.
•Performed walkthroughs and test of controls to assess design effectiveness of SOX ITGC controls, document design gap and provide recommendations on remediation to audit clients.
•Performed IPE testing for various evidence relied on for executing SOX ITGC Controls to provide independent assurance on the completeness and accuracy of the evidence or population used in performing a control.
•Performed SOX ITGC testing (Computer Operations, Logical Security and Change management) across various applications in scope within the organization and document any identified deficiencies.
•Determine the impact of service organization control gaps on the companies SOX compliance and mapping of user consideration controls (UCC) to the test of controls performed by the front line.
•Develop and execute comprehensive risk based global internal audit &compliance program
•Design internal control activities, maintain and update controls
•Oversees internal audits of multiple locations globally
•Use Archer to spool control reports and assign adequate risk.
•Assisted in the development of risk analyses, business impact analyses, business continuity plans, and disaster recovery plans for financial institutions
•Tested, reviewed, and documented internal controls related to the IT environment to ensure compliance with Sarbanes-Oxley
•Led teams responsible for the General Computer Control (security, operations, change management, and IT-entity level) framework design, analysis, testing, and remediation for numerous Fortune 500 clients to achieve Sarbanes Oxley compliance
•Identified segregation of duties issues and internal control weaknesses for numerous clients in various industries including but not limited to: manufacturing, financial institutions, on-line brokerage, and retail
•Assisted with the administration of project setups, billing, reconciling job summaries, and recruiting
•Worked closely with clients to develop, maintain, and document a control framework utilizing COSO, COBIT, and ITIL frameworks and methodologies.
•Collection and quality assaurance of evidence, penetration testing and observations associated with the annual PCI assessment for reporting.
•Partially worked with the PCI teams that evealuated systems and environments to assess security exposures.
•Attended PCI DSS meetings.
HCI June 2014 – July 2017
•Prepared clear and accurate narratives and workflows of business and informational technology-related processes in accordance with the internal audit methodology and standards.
•Conducted IT General Controls (ITGC) and IT Application Controls testing, Infrastructure using various audit Frameworks COSO and COBIT.
•Performed audit planning, conducted walkthroughs, and assessed the internal control environment through control testing.
•Ensured that policies and procedures are implemented and processes are well documented and also performed internal reviews which identified compliance problems that called for formal attention.
•Liaised with internal and external auditors during annual audits and ensured deficiencies are remediated in a timely manner before follow up.
•Participated in the day-to-day execution of audit engagements, such as SOX, compliance audit, and operational audit.
•Analyzed and make professional opinion on the design appropriateness and the operating effectiveness of the overall control environment.
•Assessing control risk using Archer GRC tools
•Monitoring network changes with Imperva and requesting for approval documentations.
•Perform testing of IT General Controls (ITGC) and IT Application Controls, Infrastructure (databases and operating systems) using various audit Frameworks.
•Excellent knowledge of ERP systems (SAP, PeopleSoft, JD Edwards & Oracle Financials) and other systems (sage, Microsoft Dynamics, Deltek, Paychex, and Cost point testing).
•Knowledge of emerging technologies such as mobile computing, cloud, and understanding of the associated risks
•Work as part of the IT Audit Team that performs PCI DSS, HIPAA testing in regulated organizations.
ACCESS BANK June 2010 – July 2014
IT SUPPORT STAFF
•Document actions and resolutions within helpdesk ticket
•Maintain effective communication with company leaders, resort leaders, resort cast members, technical support teams, vendors, manufacturers and service providers
•Identifies, investigates and researches user questions and problems as well as recognizing, researching, isolating and resolving problems
•Detail orientation, technical details, following established processes and assisting with the development of new or changes to support processes
•Respond to incoming tickets using the helpdesk dashboard, email or phone. In many cases, phone support and verbal communication will be necessary
•Provide ongoing support and communication to other staff members, promoting an empowered, multi-disciplinary team environment.
•Assist with the build, delivery and support of the desktop, mobile, infrastructure and application management that underpins the group technology estate
•Develop, test and maintain documented systems procedures/work instructions – train end users
•Identity and access management for all existing and new practitioners
•Participates in maintaining licensing information for all corporate desktop applications and operating systems using established process
•To be proactive in the avoidance of repetitive incidents through publishing “how to’s” and “tips” to users on a regular basis and ensuring that the knowledge base in ServiceNow is kept up to date at all times
•Resolves guest complaints within scope of authority; otherwise refers the matter to management. Notifies supervisor and/or Security of all unusual events, circumstances, missing items, or alleged theft.
COSO COBIT ITIL GRC