Information Security Technology

Michelle Hayes

Houston, TX 832-***-**** ****************@*****.*** LinkedIn

EDUCATION & CERTIFICATION

Master of Business Administration – MBA University of Houston–Clear Lake 2016 – 2018

Bachelor of Science in Information Science Texas Southern University 2011 – 2014

Certified Information Systems Auditor (CISA) ISACA 2024 PROFESSIONAL EXPERIENCE

IT Auditor 03/2020 – Present

Cadence Bank Houston, TX

Conduct comprehensive IT audits, including system assessments, risk evaluations, and compliance checks, ensuring adherence to regulatory standards and internal policies.

Perform Information Security control testing to determine preventive, detective, corrective, and compensating control design adequacy, and operating effectiveness.

Execute ISO/IEC 27001, SOX, and PCI DSS compliance audits in response to the annual regulatory requirements using COSO and COBIT frameworks.

Conduct Information Technology (ITGCs) and IT Application controls (ITACs) testing to establish the design appropriateness and operating effectiveness.

Perform SOC 1, 2, 3, and SOC 1 Type I control testing and review SOC 1 Type II and SSAE18 reports.

Manage SailPoint control testing of new users, transfer/promoted users, terminated users, and attestation.

Utilize advanced data analytics tools (e.g., ACL, SQL, Tableau) to perform continuous monitoring and identify anomalies in services, leading to early detection and resolution of critical issues.

Spearheads regular internal audits and risk assessments to identify and mitigate compliance risks, resulting in a 24% reduction in non-compliance incidents.

Apply robust audit methodologies and procedures for evaluating the effectiveness of internal controls, enhancing risk management frameworks, and improving overall security posture.

Implement compliance monitoring tools including Compliance360, RSA Archer, and ServiceNow GRC, reducing manual effort and enhancing accuracy in tracking regulatory changes and ensuring timely response to compliance requirements. Business Administrative Assistant 11/2014 – 03/2020 Cadence Bank Houston, TX

Provided comprehensive administrative support to senior executives, including managing projects, coordinating meetings, and handling budgets to ensure seamless operations.

Coordinated numerous business data analysis functions including budgeting, accounting, procurement, travel, payroll, recruitment, inventory, and general office support.

Ensured meticulous adherence to Generally Accepted Accounting Principles (GAAP) standards, fostering transparent financial reporting and regulatory compliance.

Managed Bank's ERP systems using SAP and Oracle to streamline business processes and enhance operational efficiency.

Facilitated sessions involving all parties involved to clarify and analyze issues, focus discussions, and offer possible resolution alternatives.

Analyzed financial statements and transactions to detect irregularities, potential fraud, and opportunities for cost reduction and efficiency improvements.

Provided confidential consultation to university students who expressed concerns relating to personal grievances regarding university policies and procedures.

SKILLS

SOX, GDPR & PCI DSS Compliance ISO 27001, SOC1 & SOC2 Security Audit COBIT & COSO Framework Risk Assessment NIST Standards 800-53, 800-18, 800-34, 800-37, 800- 60 Information Security Policies Security Audit Procedures Internal Audit Data Analysis Compliance Analysis Internal Control IT Governance Vulnerability Assessment IT General Control and Application Controls Testing IT Infrastructure Library (ITIL) Security Framework Tools: ServiceNow GRC, Workiva, TeamMate, SailPoint, CrowdStrike, Splunk, RSA Archer, Qualys, ArcSight, Compliance 360 SQL, Tableau, ACL, Alteryx, JIRA, Oracle, Nexpose, Nessus, Microsoft Office (Word, Excel, Outlook, and PowerPoint)

Contact this candidate