PROFESSIONAL SUMMARY
I am a motivated IT Auditor with over six years of experience with global companies in performing internal control audit projects, such as compliance, advisory and assurance audits. Experience include Information technology general controls, risk assessment, vulnerability assessment, system implementation assessment, and Cybersecurity compliance audit. Apply critical thinking and creative skills to identify threats, system vulnerability and improvement opportunities.
CORE COMPETENCIES
• Risk Assessment and management
• PCI DSS, HIPAA, SOC, NIST.
• Audit program design, testing, and reporting
• Risk Management
• COBIT, COSO
• IT Control Testing - SOX
• Audit Tools – ACL, IDEA, Randomizer
• MS Office (Word, Excel, PowerPoint)
• Audit Readiness
• Reporting/ Documentation
• Technology Evaluation
• ServiceNow
EDUCATION & CERTIFICATION
Certified Information Systems Auditor (CISA)
MBA Finance- American Intercontinental University Houston Tx
Certificate in Project management -Houston Community College Tx
BSC – Banking &Finance Lagos Nigeria
PROFESSIONAL EXPERIENCE
IT Internal Auditor Preserve Technical Services, League City TX 12/20 – date
perform ITGC walkthroughs as part of the IT financial audit support team, including Change management, logical Access, Computer Operations, and application controls testing for numerous applications
Evaluate the design and operational effectiveness of the company’s internal controls using a risk-based methodology developed from professional auditing standards and frameworks such as COBIT. COSO, Support with audit readiness efforts, such as managing IT risks, dealing with security, control and compliance, plan scope of audit, flag exceptions, review, investigate and remediate.
Review the quality of work papers of audit team members to ensure documentation meets professional standards
Assist in project management activities, prepared audit reports, conducted kick-off and closing meetings, and communicated control exceptions to clients.
Perform risk assessments, including identification, evaluation and documentation of IT business risks and controls.
Knowledge of audit methodologies and developing key internal audit deliverables including process flows, work programs, audit reports, and control summaries.
IT Internal Auditor Total Safety Inc., Houston TX 10/18-11/20
Prepared IT Audit program to include SOC1/ SSAE 16, And SOC2 (Non-financial control reporting),
Security, Availability, Processing, Integrity, Confidentiality and Privacy.
Performed ad hoc projects and responding to emerging IT risk and management requests
Performed end to end walkthroughs on key IT assigned business processes
Supervised teams including mentoring / coaching, oversight and review of work, coordination across teams, and understanding how to motivate
Evaluated access control, change management control, IT Operations Control, and application controls. Identified deficiencies in the design and operating effectiveness of controls and provided recommendations.
Evaluated the design and effectiveness of technology controls throughout the business cycle.
Verified and validated systems engineering or IT project management practices; and self-assessing the organization against standards or criteria that will be used in anticipated external audits.
Risk Analyst/ IT Auditor Schlumberger Technology, Midland TX 1/17-9/18
Escalated risk plans to management in time for appropriate resolution
Documented risk issues in the designated risk register
Evaluated management responses to ensure that remediation plans and tasks adequately address identified control gaps
Worked with audit assurance team and business owners to plan engagement strategy, define objectives, and address technology-related control risks and issues.
Focused on information technology and information security controls in executing integrated, risk-based audits to evaluate the design appropriateness and operating effectiveness of internal controls.
Performed process documentation, audit analysis, control testing and evaluation of applications, databases, infrastructure, servers, operating system security, networking, and IT Governance.
Developed infrastructure and IT Process assessment for use across the organization’s computing environment
Managed multiple projects and programs at the same time to complete work
Identified weaknesses and deficiencies as part of initial or ongoing risk management