David Igonor

adt3sx@r.postjobfree.com +1-631-***-****

** ******* **, ****** **, 11784.

OBJECTIVE: I am a skilled technology expert with vast experience in Program Management & It Audit currently seeking employment

PROFESSIONAL SUMMARY: Information Systems Auditor with 5 years of experience in managing complex IT auditing operations. Outstanding problem-solving and teamwork abilities. Adept at working with private, public and state government clients. Skilled at inspecting organizations' operations, analyzing potential risks and providing recommendations to improve operations

SKILLS

●Strong knowledge of, or capability to learn, the technical, tactical, and strategic aspects of Southern Company’s IT business

●Strong proficiency in basic PC applications (Excel, Word, PowerPoint) with a general understanding of data analysis techniques

●Ability to quickly learn new areas of the business by applying solid foundation and understanding of internal controls and general business practices

●Show a great ability to listen, a critical mind, a good analytical sense as well as capacity for synthesis

●Strong risk and control knowledge and business acumen

●Ability to anticipate risks and to take initiatives. Can handle unforeseen changes Be open-minded and dynamic, ability to work within a multicultural team

●Have good communication skills orally and in writing, ability to convince and to write clear, precise and accurate reports

●Ability to build good working relationships with auditees and key stakeholders

●Excellent supervisory and people development skills, including ability to manage ambiguity and provide structure and guidance to staff members

●Strong knowledge of Banking and IT Audit with subject matter expertise in Information Security

●Database Management

●Microsoft Office Suites (Sharepoint)

●Control Tests

●Smartsheet

●Unix

●Policy Analysis

●Public Speaking

●Project Management

EXPERIENCES

Manager - Internal Audit, 01/2020 to 08//2022

Maximus INC - VA

Utilized knowledge of IT risk and internal controls as well as project management skills to design, evaluate, and monitor the Company’s internal controls over systems used for financial reporting.

Assisted in determining the scoping approach, performing control optimization, testing control design and effectiveness and analyzing and summarizing management testing results.

Lead and managed evidence gathering, review evidence based on risk and control perspective and respond to auditors’ questions as needed.

Evaluated the design and effectiveness of ITGCs, application controls and key reports throughout the business cycle on behalf of IT management

Provided the risk remediation solutions with execution plan and action

Strong analytical skills, with the ability to support teams and leaders with visible data-driven decision making.

Ability to communicate highly technical issues to non-technical audiences succinctly and clearly articulate concerns to IT and Business partners alike.

Responsible for planning and executing basic to complex portions of the Risk & Control Services plan including audit activities and SOX/MAR/FDICIA compliance activities. Completes risk assessments in conformance with department standards, generally in moderately complex areas. Presents work objectives and results focusing on impact of control deficiencies

Proficiency with ETL tools such as Oracle Warehouse Builder (OWB), Data Services, IBM Information Server (Datastage), SAS Data Integration Studio, PowerCenter Informatica, SQL Server Integration Services (SSIS), Oracle Data Integrator (ODI), DB2 Warehouse Edition

Manage and execute audits of Bankrate system's internal control design and effectiveness which includes, but is not limited to, efficiency and security protocols, development processes and IT governance

Develop expertise regarding the Bank's IT infrastructure environment, including knowledge of IT control frameworks, key IT processes, relevant technologies, and design of risk-based IT audit control assurance tests. Focus areas include systems/security architecture, incident response processes, access controls, data leakage prevention (DLP) mechanisms, e-commerce security practices and related fraud detection techniques, mobile applications, cloud computing security and the cyberthreat intelligence framework

Reviews audit project plans, work papers and audit reports, including discussing issues with management, and ensuring adequate quality control is in operation. Follows up on replies to reports, reviews replies and posts audit reviews. Operations including time management, performance reporting, scheduling staff resources and weekly reporting to Internal Audit Manager

Compliance Analyst, 01/2019 to 01/2020

Laureate Education INC– VA

Lead and coordinated teams of 6 IT SOX Compliance professionals and global departments.

Consolidated, tracked and reported results of audits and reviews to management.

Managed Access Management efforts including quarterly reviews and process improvements for 22 in SOX scope applications (AWS, Hyperion, Salesforce, Banner, PeopleSoft, and some in-house developed applications) over all IT Components.

Manages relationship with Big 4 consultant team transitioning responsibilities by leading the planning, fieldwork and reporting of audit projects including findings and recommendations to management.

Contributed to the IT internal controls financial reporting life cycle, which included methodology establishment and reporting to senior stakeholders.

Applications in scope included cloud (AWS), ERP (PeopleSoft), and other in-house applications.

Audited, implemented and operated general computing controls including Logical Access to Programs and Change Management, Computer Operations, and System Implementations.

Prepared assessment reports which documented audit issues to ensure remediation provided to clients were in accordance with SOX to express conclusions on control adequacy ensuring that the test of design is appropriate, consistent and remained effective throughout the testing period.

Analyzed and reviewed SOX procedures, processes, operations, legal compliance, and security according to industry procedures, best practices, and international standards.

IT Auditor, 11/2018 to 12/2019

Latimore, Black, Morgan& Cain, LMBC – TN

Performed audits with IT General Controls (ITGC) such as Access Control, Change Management, IT Operations, Disaster Recovery and Platform Reviews after creating an Audit Report which summarized key findings and impacts on the business operations by providing recommendations to address control objectives and security risk.

Performed audit testing for SOC 2 type 2 engagements.

Prepared agendas and request lists for SOC 2 Audits.

Lead client meetings and maintain client relationships.

Communicated engagement status to management, including any potential issues which were escalated.

Demonstrated commitment to ownership of task succession, including specific knowledge of project timeline expectations, and client expectations.

Facilitated testing phases by creating and monitoring a shared Smartsheet document for a team of 4 IT auditors during engagement.

Performed Vendor Risk Assessments as representative of our client which our goals included minimizing the level of its risk presented by third party vendors by recommending controls measures being added, ensuring the safety of our client’s sensitive customer information.

#

IT Auditor, 06/2017 to 10/2018

Octo Consulting – VA

Performed Federal Information System Controls Audit Manual (FISCAM) Audit for the Millennial Challenge Corporation using NIST 800 53 to ensure that systems were in place and following the correct guidelines.

Performed walkthroughs and detailed testing of controls to evaluate the design and operating effectiveness of controls for Millennial Challenge Corporation (MCC).

Communicated IT audit findings to both senior management and clients by assisting management to implement recommendations to the clients which addresses the risk of the findings.

Assisted in developing recommendations for compliance and security improvements by proposing that a client implemented that data being accessed must be authenticated and authorized by the recommended administrators.

Facilitated testing phases by creating and monitoring a shared Smartsheet document for a team of 3 IT auditors during engagement.

Tracked assessment statuses, monitored completion against critical milestones using the risk reports to mitigate impediments.

Performed application access reviews, validating user access and HR hiring and termination processes providing coverage for all in scope applications.

EDUCATION:

1.Sikkim Manipal University- India

Master of Science in Information Technology Oct 2022

2.Sikkim Manipal University, Sikkim - India

Bachelor of Arts in Mass Communication May 2017

3.Institut Supérieur de Communication et de Gestion (ISCG UNIVERSITY)

B.Sc in Public Administration July 2019

CERTIFICATION

CISA

PMP

HIPAA Certification

Contact this candidate