Security Information

Lukman Wale

San Francisco, CA ***** 317-***-**** ************@*****.***

EXPERIENCE HIGHLIGHTS

Successfully performed technology audits for global clients in diverse industries, including financial and manufacturing companies. Projects include application controls review, IT General Controls, change management, and systems security configuration review.

Performed reviews on client’s critical financial systems to determine compliance with the company’s business objectives and assessment of the impact of risk to the business

Contributed to the development, implementation and monitoring of methods and procedures for sound access control, data confidentiality, system integrity, system reliability and recovery

Skillfully audited and tested the following:

Identity & Access Management

PCI-DSS Audit

NIST 800-53

SOX Compliance

Oracle

Risk and Vulnerability Assessment

Applications / ERP

Unix/Linux

SAP Security Audit

Windows Server

Data Center

SOC Reporting/Assessment

CAREER PROGRESSION

IT Auditor, Capital One August 2018 – Present

Assessed security of businesses access and change controls in EPR applications (SAP & JDE), and evaluated effectiveness of IT general control environment, application controls and other IT-related controls.

Helped clients ensure soundness and adequacy of controls for achieving business objectives, in compliance with both company and client policies, standards and procedures and all applicable regulations through system auditing

Assessed security and business process controls in SAP including segregation of duties, transport management system, access restrictions as well as role and profile assignments to ensure system security by making sure correct procedures are being followed.

Reviewed, documented, evaluated, and tested systems-wide manual and automated computer controls.

Identified risks and determined if appropriate IT and user controls are in place and effective. Documented audit work reported on findings and provided recommendations for resolving noted issues.

IT Compliance / Auditor, Allison Transmission April 2016 – July 2018

Determined if system security procedures for the applications utilized by management are effective and in compliance with the company’s policies; helped to identify and benchmark key systems controls utilizing NIST 800-53 and COBIT Frameworks.

Liaised with IT groups and business users on system development and upgrade projects to ensure that standard system development methodology is followed, controls are developed and documented during the initial design phase to achieve objectives stated in business requirements, including regulatory compliance.

Consulted on the impact of the business process and system changes to a controlled environment to determine if the changes cause noncompliance with established policies, standards, and procedures

Familiar with Committee of Sponsoring Organizations (COSO) and Control Objectives for Information and related Technology (COBIT)

Compliance Analyst, First Bank December 2013 - April 2016

Conducts risk-based audit to evaluate the design adequacy and operating effectiveness of controls supporting business processes and information systems.

Performs testing of IT general controls (ITGCs) and IT application controls involving planning, fieldwork, reporting and follow-up phases, as well as IT infrastructure testing (Database, Network Devices and Operating systems (Windows, Unix, Linux))

Effectively communicating with management throughout the audit lifecycle while translating complex concepts and potential issues clearly with root cause analysis.

Performing system security compliance audit for design appropriateness and operating effectiveness of internal controls.

Communicating weaknesses and recommendations via written reports and oral presentations.

Works with business stakeholders to develop specific, measurable, achievable, realistic and timely corrective action plans (CAP) to remediate control gaps.

Performed Data Centre and Disaster Recovery review.

Systems Analyst, First Bank April 2011 – December 2013

Monitored notifications / alerts on improper user access level, unsecured services on information assets, and segregation of duties conflicts

Install and configured computer hardware, software, systems, networks, printers and scanners including monitoring and maintaining computer systems and networks

Supervised assigned personnel which included assigning and following up on work performed and preparing work plans. Involved in updating change management

Documented information on unusual incidents. Updated and maintained manual and automated filing system and controlled access to confidential information. Helped to identify any unsecured services

Prepared and submitted daily and periodic reports and documentation as required as well as reviewing and making changes or suggestions as needed ensuring segregation of duties (SOD) was being used.

Reviewed access creation process to be sure it meets standard.

EDUCATION

Bachelor’s OCT 2012 OSUN STATE POLYTECHNIC

Major: Accounting

Contact this candidate