JULIET OKONTI
************@*****.*** 612-***-**** EDINA MN. 55436
SUMMARY
Juliet is an IT Auditor/HIPAA Compliance consultant with 4 years of hands-on experience in ITGC detailed/Walkthrough control testing, SOC, SOX, SAP, SDLC, applications, SOD, SSAE 18 report, IT infrastructure, PCI DSS, SQL server, Window server, GDPR control assessment using NIST, ISO 27001, COSO, COBIT, FISMA & FISCAM. Through the years, I have garnered experiences in independent testing, Audit review, People management, policy management, creating procedures, compliance testing, Business analysis, process improvement, sustainability, Business continuity, strategic planning, time management, client relationship, system integration, agile methodology, data management, business collaboration, vendor management, fieldwork mapping, operational design, and implementation. I have built in my profession a strong Audit program, test narratives, detailed internal and external risk compliance, and control testing. Highly motivated, Dynamic, organized, systematic, problem solver, multi-talented, great sense of humor, detail-oriented, thrives in a challenging, fast-paced working environment, team player, time, and people management skills.
PROFESSIONAL EXPERIENCE
XYZ Company
IT Internal Auditor/HIPAA Compliance
06/2020- Till Date
-Developed and created an IT Audit program including access control, change management, IT operations, and application controls Identified deficiencies in the design and operating effectiveness of controls and provided recommendations for all clients.
-Implemented appropriate security controls for an information system based on NIST 800-53 rev 4.
-Participated in SAP transaction testing to perform included testing of segregation of duties to assist the client in improving their user management, authentication management, authorization management, access management, and provisioning capabilities.
-Conducted ITGC walkthrough and detailed testing by reviewing the document and observing procedures to gather useful evidence.
-Involved in conducting SOX ITGCs testing and IT application Control testing, audit readiness, attestation engagements, Infrastructure audit, and compliance.
-SOX walkthrough meetings with control owners, and internal/external auditors, and perform follow-up discussions as needed. -Performs walkthrough and executes testing procedures to determine control design/operating effectiveness against industry standards (SOX, COBIT, COSO, FISMA, FISCAM, A-123, ITIL, NIST, FFIEC).
-Conducted and supervised end-to-end SOX IT audit process including engagement planning, coordination, scope determination, risk and control identification, design of audit program, procedures, test control, and evaluation results.
Ceem Financial services
IT Internal Auditor/HIPAA compliance
-Documented, assessed, and evaluated automated systems controls including interface completeness and validity, authentication and authorization, and input/ output controls to support the sensitivity of data and privacy.
-Conducted ITGC walkthrough and detailed testing by reviewing the document and observing procedures to gather useful evidence.
-Performed risk assessments, identify IT controls for significant processes, and develop test procedures for SOX readiness. Assist with the development of IT policies and procedures necessary to mitigate risk assessment and risk report exposures.
-Evaluated/interpreted SOX IT Audit, PCI DSS, and Privacy requirements and provide guidance to process and control owners on the objective/intent of the requirements.
-Maintained knowledge of legislation and regulation changes related to the financial industry; understanding of applicable financial industry security and privacy regulations, procedures, and issues, and assist in ensuring the organization remains compliant with such laws and regulations.
XYZ Company
IT Audit/IT Operations
06/2015 – 01/2019
-Managed the review of changes in company processes, standards, and technology to ensure the effectiveness of security controls to meet compliance requirements.
-Identified and reported on new and emerging security risk and risk trends, including participating in risk remediation solution discussions and updates to compliance policy and standards.
-Conducted risk evaluation by examining related risks, and key controls and developing appropriate audit measures to test the control identified.
- Managed and managed different applications using the Archer GRC system to perform activities such as Remediation, Risk calculator, Gaps & finding, etc for multiple clients.
EDUCATION AND CERTIFICATIONS
•Bachelor of Science in Business Education- Lagos State University, 2012
SUMMARY:
SAP, SQL Database, FFIEC, ISO 27000,27001,27002 OCC, NIST SP 800-53 Rev 4,, UNIX, Microsoft Dynamics, NetSuite. Window Server, IDEA, SOX, GRC Archer and Aurora, Peoplesoft,, LINUX, Network Systems, security +, windows OS, troubleshooting, operating devices and networks, ERP, active directory, Azure, Aws, Microsoft office suite (Word, PowerPoint, Excel, Access), SQL database, data analytics, Unix, Microsoft Dynamics, NetSuite. Window server, Salesforce, SIEM, intrusion detection systems, firewall, SOC 2, SOC 123, HIPPA, PCI DSS, PeopleSoft, ACL, Archer and Aurora, ATS, Agile methodology, COBIT, share point-based system, Teammate, Audit command language (ACL).