It Auditor Compliance
Resume:
SUMMARY
An experienced IT Auditor with years of experience managing complex and multi-system application control, COSO, COBIT SOX, SAS70/ SSAE 18, PCI DSS, NIST 800-53, NIST SP 800-37, FISCAM, FISMA, and GCC audit projects affecting large number of users nationwide, with reputation for adept leadership of business to IT workflow analyzes and Walkthroughs and testing relating to Information Technology General Controls (ITGCs).
TECHNICAL SKILLS
-Excellent communication and reporting skills
-Ability to self-educate, as well as learn from others
-Experienced in internal audit and security testing
-Strong ability to assess risks
-Knowledgeable in IT security and infrastructure
-Educated in General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI DSS)
-Proficient with internal auditing standards including SOX, MAR, COSO and COBIT
-Experienced in Microsoft Office
EXPERIENCE
FIRST CITIZENS BANK – IT AUDITOR, REMOTE 04/2020 - CURRENT
-Perform assessment of IT General Controls (ITGC) such as Access Control, Change Management, IT operations, Disaster recovery, and Job Scheduling.
-Assist IT management in identifying gaps between policy and process, developing recommendations to remediate control weaknesses and responsible for developing and maintaining IT control metrics related to compliance activities.
-Strong background in all stages of the auditing process, including planning, fieldwork/execution /risk assessment, reporting and follow up
-Develop audit plans and programs to evaluate control areas on projects such as financial statement audit, SOX testing, SAS 70/SSAE 16.
-Conduct Sarbanes Oxley (SOX) testing in all the IT General Controls within the audit scope, to test their strength, effectiveness, and also weaknesses in their control environment
-Perform walk-through and detailed testing of controls to determine if controls are properly designed and operating effectively.
-Conduct testing of Sarbanes-Oxley (SOX) and Service Organization Control (SOC) SSAE 18 Review, using COBIT and COSO frameworks
-Participate in all phases of audit engagements, including planning, writing process narratives, identifying financial and operational controls, evaluating controls, completing test work, and identifying deficiencies.
-Obtain, analyze, and assess information from multiple data sources.
-Document information gathered and methods used.
-Develop, track, and maintain IT Audit projects.
-Assist in developing effective communication of findings and control concepts both verbally and in reports to bank management.
-Offer solutions to improve or change processes and systems to ensure security and compliance
-Performed assessment of IT internal controls as part of financial statement audit, Internal and Operational audits, Attestation engagement, and Audit readiness.
-Reviewed IT General Controls (ITGC) and various applications, databases and operating systems.
SYNERGY GROUP – IT COMPLIANCE AUDITOR, REMOTE 02/2018 – 03/2020
-Performed engagements of information systems, applications, and related business processes to identify control weaknesses
-Evaluated IT and business processes for effectiveness and efficiency, through obtaining an understanding of and documenting key business processes and internal controls
-Reviewed internal policies and procedures and existing laws, rules and regulations to determine applicable compliance and the adequacy of underlying internal controls
-Performed IT general controls such as access control, change management, IT operations, disaster recovery and platform reviews (Window and UNIX OS)
-Participated in all phases of IT Audit – Planning, Fieldwork and Follow up using applicable framework.
-Performed Audit of IT Infrastructure and applicable Database- Operating System, UNIX, Mainframe, SQL, Oracle and DB2.
-Documented control weaknesses related to testing exceptions and assisted in preparing draft audit reports to communicate findings and recommendations to senior management.
-Executed the day-to-day activities of IT controls assessment for systems including Access controls, Change Management controls and application controls
-Determined compliance with policies and procedures; reporting on deviations uncovered; identifying control weaknesses and areas of cost savings, and prescribing remedial action
-Ensured that policies and procedures are implemented and processes are well documented and also performed internal reviews which identified compliance problems that called for formal
-Have experience in performing System Audit by testing controls relevant to Audit/SSAE-18 readiness efforts.
-Work with Engagement Team to identify and resolve client issues discovered during Audit and Review Process.
-Ensured the company complied with both state and federal regulations
-Inspected the operations of each department, adjusting internal guidelines as needed
-Mitigated risks by analyzing the operational processes and conducting a risk assessment study to prevent compliance issues that may pose a negative effect on the company's performance
-Expanded job knowledge through various company sponsored educational and professional development opportunities
EDUCATION
Bachelor Degree in Computer Science – Ambrose Alli University CISA – Certified
Contact this candidate