Post Job Free
Sign in

Security Management

Location:
Houston, TX, 77084
Posted:
October 15, 2020

Contact this candidate

Resume:

Samuel S.A. Blankson CEH

Houston, TX *****

Tel:832-***-**** Email:*************@*****.***

Summary:

I am a self-motivated, result and detail-oriented IT Auditor with exceptional knowledge of Information Technology General Controls (ITGCs) and IT Application Controls testing, risk-based audit, SOX Compliance, PCCI DSS and Infrastructure testing and many more. Highly experienced in IT Risk and Security Assessments for Cloud base and Non-cloud base applications and their underlying infrastructure.

Highly proficient in managing multiple client requirements such as SOX, PCI-DSS, HIPAA and Third-Party Risk Assessment (SOC report) as well as assisting business development activities across various business areas; Expert of knowledge of Security Controls, BCP/DRP, ISO 27001, NIST and COBIT5 framework.

Core Competencies:

Expert knowledge in:

Archer GRC tool

ServiceNow

CyberArk

Business Process Improvement/Issue Management

Controls Design and Testing

Project Management & Change Management (SDLC)

ITGCs & Application Controls

Infrastructure Audit (Database, O/S, Network etc.),

ERP Systems Audit (SAP)

PCI-DSS, SOX and HIPAA compliance testing

SOC report review

Risk Management Frameworks – NIST, COBIT, COSO

Infrastructure Audit (database, O/S, Network etc.), ERP Systems Audit (SAP)

Very Proficient with MS Office suite (PowerPoint, Excel)

Education/Certification

Diploma in Marketing - International School of Aviation

CISA In-Review

CISSP In-Review

CERTIFIED ETHICAL HACKER

Professional Experiences

System Security Analysts

Risk Specialist – Control Tester January 2018- Present

HEB

Independently assess the effectiveness of controls and determined the potential impact of any control failure and the corrective actions required

Participated in the execution of SOX IT Audit in domain of Logical Access and Change Management controls

Review of the segregation of duties to determine users’ privileges are appropriately assigned in accordance to their duties and responsibilities

Perform review to ensure testing functions and development activities in Change Management/SDLC are reasonably segregated to address risks that may occur due to unauthorized changes to production

Perform testing to validate that data entries to key fields are validated for accuracy

Assessed IT General Controls; specifically, Logical Access Control, Change Management Control, Job Scheduling and Monitoring Control

Assesses management process for managing Operating System software changes and maintenance to ensure all changes to company information assets are properly authorized and documented in accordance with defined standards

Conducted review of the Network Management environment to determine compliance with the established procedures for Network monitoring

Document and track SOX testing findings, including the collection and organization of audit evidence

Provide full Guidance to businesses through remediation period from date of filing SOX issue in Archer GRC system to closing of the issue

IT Risk Consultant September 2016- January 2018

APTIVE ENVIRONMENT

Developed and maintained relationships with clients, and at times, handled specialized requests to resolve operational and processing issues

Conducted technical audits of IT infrastructure controls, including operating systems, databases, network services, IT operations and disaster recovery

Reported control deficiencies and provided recommendations to resolve deficiencies.

Performed ITGCs and application controls for internal testing

Involved during controls in Access Management, Change Management, SDLC, Business Continuity/Disaster Recovery, and Application level controls

Conducted risk assessments, implemented more efficient work procedures, created deadlines, and correct inventory errors of various complexities.

Entry Level Security Analyst February 2016- August 2016

CAPITAL ONE

Assisted with the assembling and testing compliance with SOX 404, framework analysis and reviewing report.

Assisted with the testing of Contingency plans and Updating SSP and POA&M.

Analyzed and defined security requirements for a variety of IT issues.

Performed risk analysis that also included risk assessments.

Developed, analyzed and implemented security specifications in line with NIST and FISMA.

Gathered, analyzed and organized technical information about systems, existing security products and ongoing programs.



Contact this candidate