Information Security Business Analyst
Resume:
Martin A. Anibaba CISA, CCNA, MCSE, TCNA,
**** ********** ***** **, ********, TX, 75070
adslei@r.postjobfree.com
PROFILE
A resourceful, adaptable and well-motivated individual. Educated in the field of Finance, Healthcare, Business management and Information systems. Flexible, willing to learn, takes initiative, effective team player with good communication and interpersonal skills. Possess work experience that revolves around Auditing, Business Administration, IT management and security with relevant experience working both independently and as a team member in order to facilitate the completion of projects. Extensive knowledge in the application of COBIT, ITIL, ISO/IEC 20000, and regulatory compliance requirements such as HIPAA, GLBA, SOX, PCIDSS, etc.
EDUCATION
1. MBA/IT (Master of Business Administration / Information Technology) – University of East London, United Kingdom. – 2002. Relevant courses: Financial Accounting, Management Information Systems, Business Strategy, Strategic I.S. Planning and Development, Information Security and Cryptography, Business Process Re-engineering
2. MIS (Management Information Systems) – University of East London, United Kingdom. - 2000
3. BSC (Microbiology / minor in Computer Science) – University of Ibadan, Nigeria. – 1998.
WORK EXPERIENCE
Assistant Vice President Internal Audit – UT Southwestern Medical Centre – USA
(July 2022 – Present)
• Develop and implement strategic framework for an effective audit function at the institutional level that stratifies risk and prioritizes audit activities for core mission-critical functions.
• Collaborate with key stakeholders to understand and keep abreast of organizational objectives and changes, coordinate audit activities and provide consultation such as business insights and opportunities.
• Lead and direct internal audit activities, with accountability for the planning, alignment, execution and reporting of audit activities in accordance with approved audit plans.
• Oversee special projects, consulting and investigations to support the needs of the institution.
• Establish or update performance measures, conduct monitoring and perform continuous quality assurance of the department to ensure compliance with professional internal audit standards, internal department and UT System policies and procedures.
• Provide coaching and mentoring of department team members and encourage improved performance to become a best practice internal audit function.
• Responsible for design, execution, and effectiveness of a system of internal controls, which provides reasonable assurance that operations are effective and efficient, assets are safeguarded, and financial information is reliable.
• Oversee office administrative procedures and financial management for budget expenditures and resource scheduling.
• Work with CAE to carry out department initiatives and setting priorities designed to increase value of the Internal Audit department to the UT Southwestern community.
Deputy Chief Audit Executive and Accountability Officer- University of Kentucky Internal Audit Department. – USA (October 2021 – June 2022)
• Co-sponsored and monitored the implementation of UK Healthcare operational improvement and cost-savings program in the areas of Supply Chain Optimization, Clinical and Academic programs.
• Co-sponsored the Advanced BEST Care program targeted towards Financial benefits realization model. Realized benefits included Reduction in unnecessary variation, improved patient outcomes, Improved operational efficiency and clinical team experience improved variations and EHR implementation. Financial Benefits included but not limited to Reduce Drug Costs, Reduced Length of Stay, Reduced readmissions, Capture lost revenue (Physician documentation accuracy), Reduce unnecessary lab draws etc.
• Provided strong input to facilitate the acquisition and post implementation review and projected benefits realization from the Enterprise HER (EPIC).
• Leads a staff of 19 professional Auditors and 4 Administrative and support staff
• Works with the Chief Audit Executive, Audit Committee of the Board of Directors, and Executive management to develop a risk-based internal audit and consulting plan.
• Provide value-added analysis on Financial, Operational and Information Technology process to include, internal controls and risk management.
• Responsible for preparing and implementing a risk-based audit plan to assess, identify and evaluate emerging areas of the organization' risk
• Performs advisory, consulting, audit, and investigative services - Ensures Internal Audit’s alignment with industry best practices - Works to ensure roles, responsibilities, and results are efficiently coordinated and collectively optimizing the effectiveness of risk management, control and governance
• Prepare reports and make recommendations for improving the organization’s key operational and finance activities and internal controls to aid in the achievements its strategic objectives and promote an efficient and effective operational and financial environment.
• Promote and maintains professional ethical standards
• Presentation of Audit results and initiatives to the Audit Committee on a periodic basis
• Works with all levels of management and employees, including external auditors –
• Supports the internal audit department continue to maintain a strong risk and control advisory function
• Conduct periodic training workshops to promote awareness of governance, risk management and internal controls
• Ensures QAR readiness
• Participate in various committees or task forces geared to policy and procedure development, governance and operational improvement –
• Ensures audit work conforms to the Standards of the Professional Practice of Internal Auditing and the Code of Ethics developed by the Institute of Internal Auditors. Director of Internal Audit - University of Kentucky Internal Audit Department. – USA (July 2015 – September 2021)
• Provide independent and objective assurance and advisory services that are designed to add value and improve University of Kentucky’s (Campus, UK Healthcare, Research and Affiliates) operations, governance, risk management and internal controls environment.
• Work with the Chief Audit Executive, Audit Committee of the Board of Directors and Executive management to develop a risk-based internal audit plan.
• Presentations to the Audit Committee of effectiveness of internal control and risk management systems.
• Prepare quarterly and annual risk-based audit plan focusing on key business risks and processes with input from relevant stakeholders for subsequent Audit Committee approval.
• Manage and Conduct Financial, Operational and Information Technology Audits
• Provide management with a comprehensive risk management process to ensure that risks are identified, controls evaluated, and mitigation strategies implemented
• Appraise the adequacy of management mitigation strategies
• Develop and implement fraud and unethical behavior prevention programs driven by risk-based support models.
• Participate in various committees or task forces geared to policy and procedure development, governance and operational improvement.
• Coordinate coverage with the external auditors, state and federal agencies, and external consultants.
• Keep abreast of legislative issues, audit regulations/trends, emerging technologies, tools, and methodology
• Perform special analyses and reviews, including compliance, fraud and unethical misconduct.
• Review and report on the accuracy, timeliness and relevance of the financial and other information that is provided for management.
• Supervise the audit staff, and ensure staff compliance with regulations, policies, deadlines, and auditing standards.
• Conduct periodic training workshops to promote awareness of governance, risk management and
internal controls.
Audit Manager - University of Kentucky Internal Audit Department. – USA (April 2011 – June 2015)
• Plans, coordinates and manages all aspects of Information Technology (IT) internal audit projects throughout the company including all IT control testing. W
• Works with audit management, IT management, the CISO (Chief Information Security Office) and business units to establish a risk-based audit plan annually.
• Assigns and manages staff across multiple, simultaneous IT audits.
• Ensures the accuracy and clarity of audit results and validates work performed meets or exceeds audit standards and objectives (as defined by the Institute of Internal Auditors [IIA] and the Information Systems Audit and Control Association
[ISACA]).
• Leads the staff in communicating audit results in an objective and accurate manner to the all levels of financial and operational management.
• Maintains direct contact with external auditors to coordinate internal and external IT audit activities and to foster a free exchange of information.
• Experience in performing internal or external IT audits to measure and analyze IT controls, systems and data security designs, and management information systems.
• Good working knowledge of : UNIX, Windows, Oracle, SAP, and other security hardware/software.
• Experienced in performing IT Audits in the following areas: financial, operational and manufacturing systems, e-business and security vulnerability and penetrations.
• Have developed guidelines and/or recommendations for security frameworks and controls.
Principal IT Auditor - University of Kentucky Internal Audit Department. – USA
(February 2006 – March 2011)
• Financial, operational and compliance audits of UK and UK Healthcare
• IT security audits of UK departments and UK Healthcare
• IT Audits of UK affiliate organizations to include KMSF, CKMS, etc.
• IT “General and Application control” audits of UK departments and UK Healthcare
• IT regulatory compliance audits of UK departments and UK Healthcare
• Business and compliance audits of UK and UK Healthcare
• Business Continuity Audit of UK departments and UK Healthcare
• Liaising with External IT auditors on UK and UK Healthcare audits
• Work on projects with UK Corporate compliance department
• Work on several committees in UK and UK Healthcare (PCIDSS, HIPPA, UKHITS/UKIT/IA, MAG, UK police etc)
• Enterprise Application (SAP) audits
• Consults with UK departments and UK College of Medicine in an advisory capacity on developing IT security policies and regulatory compliance procedures
• Applying Internal Auditing and accounting principles and practices, management principles, and preferred business practices
IT / Business Analyst - Esstech. London UK. (Jul 2002 – April 2005)
• Providing remote application and consulting support. Coordinating problem fixes and upgrades, participating in new system developments or existing system enhancements, perform testing, preparing reports and acting as a liaison between the business area and IS.
• Documents security policies and procedures created by the Information Security Committee
• Design Implement and support of proxy/firewall Applications and appliances for controlled internet access in an enterprise scenario.
• Design implement and support of Internet/Intranet Network Security systems and policies.
• Assists in direct training and oversight to all employees, affiliate marketing partners, alliances, or other third parties, ensuring proper information security clearance in accordance with established organizational information security policies and procedures
• Initiates, facilitates, and promotes activities to create information security awareness within the organization
• Perform information security risk assessments and serves as an internal auditor for security issues
• Implements information security policies and procedures for the organization
• Reviews all system-related security plans throughout the organization's network, acting as a liaison to Information Systems
• Monitors compliance with information security policies and procedures, referring problems to the appropriate department manager
• Coordinates the activities of the Information Security Committee
• Advises the organization with current information about information security technologies and related regulatory issues
• Monitors the internal control systems to ensure that appropriate access levels are maintained
• Prepares the disaster recovery plan
Business Analyst Trainee - HP Hewlett Packard, Reading, UK. (March 2001 – May 2002)
• Business process Re-engineering
• Data Mining
• CRM database management
• LAN administration
• Resource Planning
• Microsoft server administration
KELT TECHNOLOGIES, London, UK– (Jan 99 – Feb 2001) Management Trainee.
• Managing invoice automation software
• Preparing CARs (Centre Assessment Reports)
• Review of financial batch controls, reporting variances and adjusting accordingly.
• Dealing with customer concerns and enquiries, etc. CERTIFICATIONS
• CISA (Certified Information Systems Auditor) – Certified since Jan 2010
• CCNA (Cisco Certified Network Associate) - Certified since September 2003
• MCP (Microsoft Certified Professional) – Certified Since 2002
• JAVA II PROGRAMMER (J2EE)
(Note: Currently working on CIA, and CISSP Certifications) STRENGTHS
• Self-motivated.
• Ability to work under pressure.
• Ability to learn at quick pace.
• Good team player and leader.
• Good communication and interpersonal skills.
PROFESSIONAL AND ACADEMIC MEMBERSHIPS / ACTIVITIES
• IIA member
• ISACA member
• Cisco certified network associate
• VUE certified administrator
• MBA Course representative for 2001/2002 Cohort - University of East London. PUBLICATIONS
1. Information Technology (IS/IT) and Supply Chain Management – July 2002 (MBA Thesis/Dissertation), London.
2. Reengineering the grocery supply chain to achieve customer satisfaction – November 2001 (Operations management mini-dissertation), London. References available on request
Contact this candidate