SUMMARY

• 8 years’ experience in Risk Compliance & Audit, IT infrastructure, financial accounting, operational Risk, integrated audit, GRC platform, Data privacy, Business sustainability, Cloud, IT projects planning, Cybersecurity third party vendor assessment, vulnerability assessment, incident response, Business continuity, Disaster recovery, ITGC testing, application control, Gap analysis, SAP Testing, PCN, issue management, IT asset inventory, Remediation process, Application control & framework review.
• Comprehensive noledge in reviewing, developing & documentation of audit/Risk procedures/plan.Highly motivated, Dynamic, organized, systematic, problem solver, multi - talented, great sense of humor, detail oriented, thrives in a challenging, fast-paced working environment, team player, time, and people management skills.

TECHNICAL SKILLS

• FFIEC
• ISO 27000
• 27001
• 27002 OCC
• NIST SP Rev 4
• Metric stream. Rally
• UNIX
• Microsoft Dynamics
• NetSuite. Window Server
• IDEA
• SOX
• Oracle Database
• ACL
• GRC Archer and Aurora
• Prime
• Peoplesoft
• CARS
• LINUX
• Network Systems
• racle primavera P6
• MS outlook
• SharePoint 2016
• MS office (Word/Excel, power point)
• Visio security +
• Windows 98/NT/2000/XP/Vista/7/8/10/MAC OSX windows OS
• Python
• HTML
• JavaScript
• DHTML
• T-SQL
• JAVA
• C#
• .NET
• PHP
• ASP.NET
• CSS

PROFESSIONAL EXPERIENCE

Confidential

Operational Risk

Responsibilities:

• Engaged in controls risk assessments across business processes related to Payments and order Fulfillment, including risk and gap identification, Visio process mapping, risk identification, evaluation, development, control matrix and design.
• Involved in carrying out risk assessment and evaluation for teh organization and recommend possible solution to any findings.
• Performed testing for operational TEMPeffectiveness and ensure key controls are compliance to different standards/procedures.
• Executed IT operational function such as observation of back up and periodic recovery and ensuring job scheduling is TEMPeffective.
• Carried out process design assessment by reviewing key risks and controls to identify gaps and redundancies.
• Implemented reviews on IT business operation, infrastructural security, data migration process, business integration and process integrity.
• Participated in identifying gaps, audit acceptance/Exceptions and making useful recommendations for process improvement.
• Conducted risk evaluation by examining related risk, key controls and developing appropriate audit measures to test control identified.
• Documented, reviewed & updated all identified IT Business risk for different platforms/projects.

Confidential

IT Auditor

Responsibilities:

• Prepared IT Audit program to include Access control, change management control Operations Control and application controls Identified deficiencies in teh design and operating TEMPeffectiveness of controls and provided recommendations.
• Conducted ITGC walkthrough and detailed testing by reviewing document and observing procedures to gather useful evidence.
• Responsible for creating and drafting crisis management, business continuity, risk assessment, Third party & incident response procedure.
• Conducted testing of Sarbanes-Oxley (SOX), OMB Circular A-123 Audit and Service Organization Control (SOC) SSAE 16 Review, using COBIT and FISCAM frameworks.
• Managed overall Business units Audit request/Risk evaluation/Third party suppliers on related areas such as risk management, business processes, change management, SAP security, process flow design, customer engagement/ awareness, ITGC testing, SDLC assessment and operational resilience.
• Managed multiple associates over teh testing of IT General and Application controls in support of external financial audit engagements. Clients include those requiring compliance wif PCI-DSS, HIPAA, SOX, and wifin Windows, UNIX, Mainframe SAP, and Oracle Financials environments.
• Handled specific projects such as Segregation of Duties (SOD), SAP, SDLC, SOX Compliance, PCI DSS, HIPAA, theirby identifying conflicts on internal controls and provide recommendations.

Confidential

IT Auditor

Responsibilities:

• Engaged ITGC walkthrough and detailed testing by reviewing document and observing procedures to gather useful evidence.
• Prepared comprehensive work papers to document audit findings as required and prepare well-written Audit Reports summarizing teh review results.
• Conducted audit interviews and assignments, reviewed work papers and reports, documented, and analyzed audit evidence.
• Performed assessments of IT internal controls as part of financial statement audit, Internal and operational audits, Attestation engagement, and Audit readiness.
• Involved in conducting ITGCs testing, and IT application Control testing, audit readiness, attestation engagements, Infrastructure audit, compliance, and risk assessment.
• Prepared IT Audit program to include Access control, change management control Operations Control and application controls Identified deficiencies in teh design and operating TEMPeffectiveness of controls and provided recommendations.

Confidential

IT Auditor/ Risk Compliance

Responsibilities:

• Advised and assisted in development and implementation of IT compliance standards, regulations, guidelines, policies, and business tools across commercial line of business of operations.
• Conducted and supervised end to end IT audit process including engagement planning, coordination, scope determination, risk and control identification, design of audit program, procedures, test control and evaluate results.
• Conducted IT business reviews and test controls used in analyzing business processes against regulatory requirements across various lines of business for clients.
• Promote, Monitor, and enhance IT Audit assurance through validation of high-risk assets.
• Reviewed and analyzed group and entity policies, standards and procedures.
• Involved in conducting ITGCs testing, and IT application Control testing, audit readiness, attestation engagements, Infrastructure audit, compliance and risk assessment.