Sign in

Information Security Manager

Mississauga, ON, Canada
March 12, 2020

Contact this candidate



Tel: +1-437-***-****


I have over 9 years extensive experience across the technology advisory and risk assurance landscape specifically project management (Agile), software testing, IT control general (ITGC) and application controls (ITAC) testing, IT risks and control assessment, IT audit, quality assurance on enterprise application implementations, data analytics (FAIT), information security assessments, IT strategy and governance, process review and SOC (1&2) reporting amongst others. TECHNICAL SKILLS

IT Risk Assurance experience supported by a Bachelor’s degree in Computer Science and relevant certifications i.e. CISA, CRISC, ITIL and ISO/IEC 27001 Lead Implemental, Microsoft Certified Professional - (MCP), Oracle Certified Associate - (OCA), Advanced Auditing Skills (BSI) and Stratus 99.999 Certified Professional.

Extensive experience in performing IT Audit, governance (COBIT) and strategy development, IT risk assessments, policy development and implementing information security program.

Advance knowledge of Information Technology risks demonstrated by years of experience in the diverse sectors.

Software design, testing and quality assurance/troubleshooting competencies.

Expert in application, network (infrastructure) and database reviews.

Proficient in the use of several security tools e.g. Nessus, Qualys Guard, Acunetix, and Nipper.

Extensive data analytics skills to perform revenue assurance using tools like ACL, SQL and Excel. EXPERIENCE

IT Risk Advisory Consultant BDO Jan 2020 – Till Date

IT Audit review (Access, Change and Data Processing).

SOC reporting.

Maintaining strong relationships with client’s senior management teams while keeping them informed of the progress in relation to the service being provided. Manager IT Risk Advisory Ernst & Young Dec 2017 – Dec 2019

Led and managed the IT Infrastructure risk assessment for a top commercial Bank and got a follow-up engagement to project manage the technology refresh of the IT landscape.

Built and maintained strong relationships with client’s senior management teams while keeping them informed of the progress in relation to the service being provided.

Managed the cybersecurity strategy refresh, security remediation and enterprise integration standardization for a leading financial service provider.

Coordinated and managed IT infrastructure, governance and security assessment for clients in collaboration with other EY offices (EY Ireland, EY London)

Ensured assignments are adequately staffed with the appropriate mix of knowledge and skills required while ensuring employees are motivated and undergoing career development.

Identified and recognised business opportunities with new clients and informed senior management as appropriate while supporting the team with business proposals and strategy through high level sales and marketing activity.

Managed various cybersecurity engagements; Cybersecurity maturity assessment and strategy development, Cybersecurity strategy implementation and remediation across different sectors.

Conducted third party control and risk assessment for cloud service providers (CSP), FinTech’s in collaboration with EY Ireland office.

Delivered the “International Standard on Assurance Engagements 3402” (ISAE) and the 17f5 compliance audit for a leading International Bank. Also, managed several international standards assessments - ISO, PCI, COBIT, NIST Cybersecurity framework, GDPR.

Led projects such as system implementation and compliance with focus on System and Organisation Control - SOC audit (1&2).

Performed a Financial Position and Prospects Procedure (FPPP) for an IPO from an IT standpoint.

Performed and supervised the revenue assurance engagements for several sectors, reviewed controls over supporting applications and conducted IT general control (ITGC), and application control reviews for various players in the financial industry. Access Bank PLC Information System Auditor Nov 2011 – Nov 2017 Job Overview: To provide support in ensuring the overall security and controls of the bank’s enterprise infrastructure, applications, databases and electronic channels.

Planning, managing and execution of IT internal audit procedures and rendering of audit reports on network, application, database security and control, user access rights management, change management, incident and problem management, log management, business continuity and disaster recovery planning etc.

Led the review of applications to ensure data integrity, confidentiality and availability by preventing unauthorized access and report on the adequacy of internal controls and risks to the company’s technology landscape based on the approved audit plan.

IT Audit review for all the West Africa subsidiaries. Identifying control weaknesses over IT process and evaluating vulnerabilities in key IT infrastructures covering operating systems, database, network and banking applications.

Investigated electronic fraud and cyber security incidents and made recommendations to remediate identified gaps.

Key technical resource in the Implementation of several projects such as the Centralized Data Storage Facility, upgrade of the Front-End Processor (FEP) and the Omni channel solution.

Implemented the COBIT framework to ensure IT alignment with business goals and objectives

Developed the bank’s application certification framework and information security policy also carried out User Acceptance Testing (UAT) on applications to ensure stakeholder and security requirements were met.

Key technical resource person in the banks PCI DSS and ISO 270001 implementation process. Resort Savings and Loans PLC Information Security Analyst Dec 2009 – Nov 2010

Conducted logical security and profile management on sensitive applications.

Performed vulnerability assessments on Databases, Applications and Systems, which led to identification and remediation of critical vulnerabilities

Managed policy configurations on Database Activity Monitoring solution. EDUCATION

Bachelor’s in Computer Science 2008

Contact this candidate