• Serving as a senior IT auditor. Help clients identify IT risks and ensure controls implemented are well designed and working as intended. This include the evaluation of the efficiency and effectiveness of IT General Controls, application controls, Security controls, and data analytics while leveraging on ISO 27001, COSO and COBIT frameworks.
• Enforce compliance with company's policies, procedures and other frameworks / guidelines like ITIL, NIST, PCI-DSS, SOX and FISCAM to ensure CIA is adequately protected.
• Coordinate awareness and training program for staffs and interns on audit process and assessed their performance for audit engagement.
• Identified internal control weaknesses and make recommendations to improve the performance and efficiency of internal controls in financial and IT processes.
• Obtained hands on experience in leading small teams; lead a team of 5 auditors while reporting to the audit manager.
- IT Auditor at Chevron
- Internal Audit Associate at IKEA
- Information Security Analyst at E-Panzer
- IT Auditor at KPMG
2 years, 6 months at this Job
Experienced IT Auditor with General Controls, Information Security, COBIT, SOX Audit readiness, and PCIDSS, COSO audit experience.
- IT AUDITOR at CITIBANK
- STAFF IT AUDITOR at NEIMAN MARCUS
- LOSS PREVENTION INVESTIGATOR at NEIMAN MARCUS
3 years, 4 months at this Job
- BS - CRIMINAL JUSTICE & CRIMINOLOGY
- - Information Systems
• Performed Sarbanes-Oxley Section 404 testing of critical systems and applications that financially impact the company.
• Communicated with the Company's external auditors on general computer control related matters and SOX test procedures
• Have in depth experience performing audit with IT general controls (ITGC) such as; access control, change management, IT operations, disaster recovery and platform reviews (Windows and UNIX OS).
• Performed audits using COBIT, COSO, PCI DSS, SSAE 18 and SOX Frameworks
• Testing and documentation of key SOX and IT General controls leveraging a defined process compliance monitoring process.
• Documented key processes, risks, controls, IT systems, reports and spreadsheets using templates provided by the System
• Assisted in conducting analysis on existing and emerging threats and providing appropriate recommendations for remediation.
• Worked with the IT management team to evaluate controls. Perform assessments, monitor regulations, and work with auditors to ensure company compliance.
• Assisted with walkthroughs and held meetings with client to discuss areas to be tested: Risk Management, Configuration Management, Access Control, Disaster Recovery.
• Assisted in developing new controls to be tested in SSAE 16/18 & SOX Audits, and built a good foundation of client operations and what controls are necessary to evaluate based on size and type of business client.
• Worked with Engagement Team to identify and resolve client issues discovered during Audit and Review Process.
• Worked with the Security, Engineering, IT, and Web Operations teams to create and maintain sustainable policies and procedures
- IT Auditor at Longview Technology Solutions
3 years at this Job
- BSc. - Computer Science
Participate in all phases of IT Audit - Planning, Fieldwork, Reporting and Follow up using applicable framework. COBIT, FISCAM and prepare appropriate testing Matrix Reassess controls and deficiencies and retest all identified key controls within SOX guidelines. Assess IT Control elements to mitigate IT Risks regarding the confidentiality, integrity and availability of business information Engage in ongoing communication with cross-functional partners to ensure companywide understanding of IT goals, solicit feedback and foster cooperation. Identify and evaluate risks during review and analysis of System Development Life Cycle (SDLC), including design, testing/QA, and implementation of systems and upgrades Perform O/S and Network Security review: Windows, AS 400 and Active Directory, Firewalls, IPS/IDS, Routers, Switches, VPN and Citrix servers Assist in preparing audit scopes, report findings, and present recommendations for improving data integrity and operations Perform testing of IS controls for validating design and operating effectiveness, and ensure availability, accuracy, and security Apply current knowledge of applicable regulatory/legislative guidance including but not limited to SOX, SSAE 16, COSO, COBIT 5.0, Risk IT, ITAF Performed walkthroughs and testing relating to Information Technology General Controls (ITGCs) for financially related ERP systems (SAP, Oracle Financial, PeopleSoft) for various leading clients in the public and private sectors Prepared IT Audit program to include Access control, Change management control, Operations Control and application controls. Identify deficiencies in the design and operating effectiveness of controls and provided recommendations Perform Audit of IT Infrastructure and applicable Database- Windows, UNIX, Mainframe, SQL, and Oracle Develop Audit plans and programs to evaluate control areas on projects such as financial statement audit, SOX testing, SAS 70/SSAE 16. Work with the IT management team to evaluate controls.
- Senior IT Auditor at 4 Square IT consulting
- Senior IT Auditor at Crest Consulting Group LLC
- IT Auditor at Reveille System INC
8 months at this Job
- Bachelor degree in Accounting - Accounting
- Associate in Computer Science - Computer Science
• Develop and coordinate effective audit approaches that meet USPS OIG standards and milestones
• Review, compile and document audit details and results for final reports
• Identify inefficiencies then create, coordinate and implement plans to address them
• Conduct and analyze post-audit surveys to improve the running of future audits Accomplishments
• Worked as lead auditor/project manager for peer review of the Health and Human Services (HHS) Office of the Inspector General (OIG), an interagency audit that occurs every three years to confirm government colleagues are meeting requirements: Managed a diverse 6-person team that consistently met or exceeded all milestones and deadlines, led all audit-related conferences and meetings with HHS OIG management and completed major sections of the audit deliverables, including writing the audit report and finalizing the project
• Developed a new and more efficient protocol for project management related to audits, earning a Certificate of Appreciation for an Innovative Idea and placing in the top six of 32 other candidates who shared ideas to improve USPS audit effectiveness
• Led internal audit of USPS Insider Threat Program and identified several security deficiencies at two of four USPS secured spaces, then informed management who promptly took corrective actions to remove unauthorized personnel and make necessary repairs to secure spaces
• Created documents to track and manage projects, including: a comprehensive matrix to compare the Postal Service’s policies with Privacy Act criteria, National Institute of Standards benchmarks and Government Accountability Office guidelines; a diagram of the Engineering Change Management process; and chart that illustrated systems the team observed during audit site visits
• Developed audit follow up surveys in order to modify processes that would improve efficiency and accuracy of future audits
- IT Auditor at U.S. Postal Service Office of Inspector General
- Performance Auditor at U.S. Department of Housing and Urban Development Office of Inspector General
- Auditor at Naval Audit Service
4 years, 2 months at this Job
- Master's - Business Administration
- Bachelor's - Accounting
- Performed testing in all areas of IT General Controls portions of audit (Access to Programs and Data, Change Management, Program Development, and Computer Operations), for FSA and Integrated Audit clients - Assessed clients' general IT controls in the areas of access to programs and data, program development, change management, and computer operations. - Evaluated the operating effectiveness of financial application controls for procurements, financials, HR and logistics management systems - Logical access, configurations, interfaces, and system generated reports by performing current state analyses and testing of operating controls. - Conducted walkthroughs to assess and understand the design and control environment surrounding key controls. - Performed test work for SSAE 16/18 SOC reports. Responsibilities included client communication, report updates, and documentation of control design and operating effectiveness.
- IT Auditor at Primose Inc
- IT Audit Associate at Tripz Enterprise Solution LLC
2 years, 4 months at this Job
- Master's - Health Information Managment Systems
•Analyzed financial statements, ensuring both accuracy and compliance with regulations.
•Assessed an organization's financial records to search for fiscal mismanagement, incomplete reporting, or regulatory noncompliance.
•Examined digital standards and controls to make sure that financial records are secure and sourced from reliable outlets.
•Communicated finding with Executive sponsor and provided status update on CDL & CAP
•Developed approach how to correct deficiency include deploys and implements new control activities and update progress Milestones.
•Analyzed OIG and GAO finding report to identify high-risk areas through agency that can lead to potential greater risk vulnerabilities to fraud, waste, abuse, and mismanagement.
•Completed Audit process include Planning, walkthrough, reporting and follow up.
•Identify and communicate IT audit findings to senior management and client.
•Documented work completed by preparing work papers.
- IT Auditor at CNI
2 years, 11 months at this Job
- Computer Networking - IT
- BSN - HealthCare
Independently develop and design audit procedures to assess compliance with numerous
standards, such as ISO 27001, AICPA SOC 1, 2, and 3, ISO 27017/18, PCI DSS, etc.
• Work in collaboration with Security Operation Center, SOC Team, to ensure compliance with various cyber security testing.
• Review Monthly/Quarterly penetration testing and various vulnerability scanning to ensure timely remediation of any identified vulnerabilities as well as to follow up on CAP Issues.
• Performs reviews of internal control policies and procedures.
• Prepares audit findings and work papers to ensure that adequate documentation exists to support the completed audit and conclusions.
• Identify and communicate IT audit findings to senior management and business owners.
• Maintain good working relationship with the business process owners, management, and staff at all levels to perform audit service.
• Perform all stages of audit planning, fieldwork, execution, reporting and follow up.
• Perform walkthrough of controls and evaluating operating effectiveness of controls.
• Assist internal teams with root cause analysis of identified exceptions and recommend control improvements.
• Follow up on audit findings to ensure corrective actions have been taken through revalidation testing of controls.
• Conduct operational, security, compliance, and investigative audits as assigned.
• Perform periodic audits to test the operation and effectiveness of internal security controls.
- IT Auditor at Wells Fargo Bank
- IT Auditor/ Quality Assurance at USA Mobility/Arch Wireless
- DFW CPA Services at
- at Williams Residential Design
2 years, 1 month at this Job
- - Cyber Security Training
- Associate Degree in Architectural Drafting - Computer-Aided Design
• Test IT general controls, performs walkthrough and detailed testing of controls to evaluate the design and operating effectiveness of controls.
• Prepares audit scopes, reported findings and presents recommendations for improving data intergrity and operations to management.
• Participates in all phases of IT Audit-Planning, Fieldwork execution, reporting and Follow up using applicable framework
• Performs assessment of IT internal controls as part of Financial Statement Audit, Internal and Operational audits, Attestation engagement and Audit readiness
• Conduct and assist in post audits to determine if corrective action has been taken
• Document control weaknesses and related testing exceptions including relevant controls
- IT Auditor at Altex- NY
- at IT Internal control Audit
- SOX 404 Compliance Testing Analyst at NCI -NJ
- IT Security Analyst- PCI DSS Compliance at Toys"R"US, Inc- NY
1 year at this Job
- Bachelor of Science - Banking and Finance
• Execute Information Technology General Controls (ITGCs) and IT application Controls (ITAC) testing using COSO and COBIT frameworks.
• Perform IT infrastructure audit - Servers, Virtual Machine, Network, databases and operating systems.
• Conduct ERP systems testing - Oracle Financials, JD Edwards, PeopleSoft and SAP, and other IT Applications such as Paychex, NetSuite others.
• Perform Sarbanes-Oxley (SOX) compliance Audit testing controls for design appropriateness and operating effectiveness.
• Review SailPoint system for Provisioning, Deprovisioning and Certification.
• Evaluate backup and restoration plans.
• Review (SOC 1 Type 2). Knowledge of SSAE 18 Report and GDPR regulations.
• Communicate identified IT audit findings to senior management and auditees.
• Prepare work papers per walkthrough and testing performed, document control weaknesses and related testing exceptions.
• Create and sustain professional working relationships with the business, management and staff at all levels to deliver first in class audit experiences.
• Engage in all phases of audit - planning, fieldwork, reporting and follow-up- if required.
• Perform PCI DSS and Cyber Security audits to identify inadequate internal controls and provide meaningful recommendations.
- IT Auditor at Citizens National Bank
2 years, 1 month at this Job
- Bachelor of Arts in Health Care Administration - Health Care Administration