Senior IT Auditor Resume
Headline : Master of Finance/Business Administration(MBA), Bachelor of IT/Telecom communications Engineering; USA Certificate of special training on IT Security/EDACS system and Project Management; More than 10 years' information system risk assessment and SOX audit experience; More than 12 years' IT and Telecommunications technical working experience, Including 5 years' Director /IT leader experience in an ISP company (Internet Service Provider); 7 years' senior IT auditor (Director) experience in an public audit/consulting firm; United State banking industry working experience, specialized in Bank Information Security risk assessment and audit, including planning, audit program (audit steps) designing, testing and audit reporting; Strong IT technical background, particularly in network vulnerability assessment (Cyber Security, ITRAC, LOB, ITGC) and IT audit project management; Global working experience, particularly in USA, China, Australia and New Zealand; Fluent in spoken and written English and Chinese Mandarin; and Fast learner, self-starter, goal-oriented and a good team player.
Skills : ITGC, SOX 404, AS No.5, US GAAP,COSO,COBIT, SANS And NIST Framework Microsoft Excel, Word, Outlook, PowerPoint, MS-Project, TeamMate, SQL, ERP, ITIL, ITSM, ACL, EDACS, ITRAC, LOB And Cyber Security Audit.
- Planned, determined scope and objectives of the audit, wrote audit programs, and discussed audit recommendations with auditee management.
- Supervised and mentored juniors auditors assigned to the audit.
- Participated as an auditor or auditor-in-charge in approximately 30 I.T. or operational audits, or system development life cycle reviews, within the banking industry.
- Audits centered on the review of business/IT managerial controls.
- Functioned as an internal auditor and information security professional on the global Information Technology Technical Team of General Motors Audit .
- Performed information technology audits of state agencies. Lead audit teams in the audit, analysis, and testing of information technology security controls across all layers of computing environments such as physical, operating system, network, and application layers as well as end-user processes and security.
- Planned audits, developed audit plans and programs, supervised and reviewed audit team work, documented the results of audits in applicable reports, and presented audit results as needed to interested parties.
MBA In Finance & Management
Senior IT Auditor III Resume
Headline : IT audit leader with Experis Manpower Group with over 6 years of professional experience in Information Technology, Network Security, Auditing, and Consulting. Maria possesses high-level technical abilities and training, with expert skills in disaster recovery, and database/system/network administration.
Skills : PKI, C&A, DoD, Nessus.
- Conducted annual Federal Information Security Management Act (FISMA) reviews on the Department's information systems.
- Developed Audit plans and assessed the IT control environment using FISCAM.
- Worked with senior management, audit teams, and other internal and external teams to accomplish audit work.
- Identified vulnerabilities to protect the integrity and improve the Department's programs and operations.
- Performed database vulnerability scans of the Department's database servers.
- Performed IT general and security control audits under GAGAS standards.
- Conducted interviews with Department officials and system contractors to gather information needed to complete an assessment of the Department's network/systems.
B.S.B.A. In Finance/Marketing
Senior IT Auditor II Resume
Summary : Risk and Finance professional with extensive IT experience and a progressive approach towards risk management practices to more efficiently evaluate and design cost-effective control structures that align with the business' risk appetite. A highly-motivated, self-starter with a demonstrated command of decision making and problem solving techniques, skills that are consistently sought out by superiors, peers, and business partners for guidance and insight on critical and sensitive project issues.
Skills : Microsoft Office, SAP, CMS.
- Evaluated the effectiveness of internal controls to ensure clients' compliance with Sarbanes-Oxley requirements.
- Assisted clients with the development of strategies to mitigate security risk from an IT perspective.
- Planed, Lead and Executed audits to ascertain that client's applications are in compliance with the corporate security policy.
- Prepared finalized reports per evidence obtained, audit results, and finalizing client responses to observations noted.
- Included providing remediation and mitigating controls to address issues noted during the audit procedures.
- Built and developed strong relationships with Client management contacts across multiple industries and service lines.
- Lead client engagements as well as the responsibility for on-time creation of project deliverables.
MSc In Accounting
Senior IT Auditor I Resume
Objective : Over 12 years of professional Information Technology (IT) security and audit experience. Core competencies include Federal Information Security Management Act (FISMA), Federal Information System Controls Audit Manual (FISCAM) and IBM Data Security & Privacy (DS&P) compliance.
Skills : CISA exam passed, CSX Cybersecurity Certificate track.
- Performed the IT portion of federal financial statement audits using applicable OMB, GAO, NIST, COBIT & AICPA guidance.
- Tested areas include entity-wide security program controls, access controls, change controls, segregation of duties controls, service continuity controls, and system software controls.
- Agencies included the House of Representatives, Small Business Administration (SBA), Government Accountability Office (GAO), Federal Reserve Board (FRB), and Millennium Challenge Corporation (MCC).
- Managed up to two individuals as a Senior IT Auditor.
- Performed information security reviews for federal agencies using Federal Information Security Management Act (FISMA) and NIST SP 800-53 Recommended Security Controls for Federal Information Systems guidance.
- Responsible for assisting management in the completion of the FISMA template required for annual submission to OMB.
- Assisted the General Services Administration (GSA) in implementing requirements of OMB Circular A-123, Appendix A, Internal Control over Financial Reporting, through evaluating general controls over the information systems using NIST's Special Publication (SP) 800-53A, Guide for Assessing the Security Controls in Federal Information Systems.
BS In Decision Information Sciences
Assistant Senior IT Auditor Resume
Objective : 10 plus years of Corporate Information Technology experience, 6 plus years of experience in Enterprise Risk Management, Corporate Security, Compliance, Governance and Technology Vendor Compliance Experience working with the big 4 on multiple internal and external Audit engagements Utilized SOX, COSO, COBIT, ISO 17790, NIST 800-53, ISO-9000 framework and standards for the development/testing of audit engagements Developed and implemented a risk-based IT audit strategy in compliance with IT audit standards Roles Involved in the Full Life-Cycle Implementation & Upgrade projects with the focus being internal audit Analysis and support activities.
Skills : SAP, Microsoft Office, Oracle, Hyperion, JDE, ERP.
- Worked as a senior Auditor (consultant) in the Enterprise Risk Services department providing end-to-end external audit services to large corporations.
- Conducted multiple external audits simultaneously under strict deadline Developed audit programs and testing procedures relevant to risk and test objectives.
- Identified and communicated issues raised, offering recommended solutions relevant to business and risk Supervised junior auditors assigned to engagements providing guidance and overall review of deliverables Support the ERS practice through development of new services and analytical tools and fulfilment of practice management responsibilities Participated in special audit projects and provide advisory and consulting services to management.
- Recommended appropriate staffing requirements to complete the audit.
- Trained and provided guidance of auditing tasks and procedures.
- Reviewed work for completeness; and submited evaluations on assigned auditors.
- Acted as liaison for internal management, external auditors, external audit clients and business associates.
Certificate In Computer Programming
Associate Senior IT Auditor Resume
Summary : IT security auditing professional combining experience in application security and infrastructure assessments, high level auditing, risk/threat assessment and remediation recommendation in mission critical, US and international corporate and government environments. Strong technical, client management and project leadership success contributing to innovative audit, design, security, configuration, support, project management, administration, quality and client services initiatives.
Skills : SQL, MySQL, Excel, Word, Outlook, Project, PowerPoint, Visio, RapidMiner, Access, Supply Chains, Operations Management, Critical Path, SWOT, Agile, Scrum.
- Lead and/or support comprehensive security, risk and vulnerability assessment engagements and recommend remediation implementation for government clients.
- Directed application security evaluations, penetration testing, network vulnerability assessments and security/assurance audits of networks, systems, applications, platforms, databases and operating procedures to ensure security of infrastructure and information assets; oversee audits for FISCAM, FISMA and SSAE16 compliance.
- Partnered with client senior business and IT leaders to provide security guidance, identify and prioritize security-related requirements and facilitate delivery of information security services.
- Reviewed audit findings and reports of junior associates; interface with clients to deliver audit results.
- Managed client engagements, including gathering client data, project planning, internal control reviews (forensic analyses), testing, reporting and results delivery/closeout.
- Directly audited various areas of configuration management, access control, security management, segregation of duties, business continuity, contingency planning, business processes, plans of actions & milestones, continuous monitoring and physical security.
- Consistently exceeded goals in client engagements; built a strong referral and repeat client base through developing scalable security and risk management processes and meeting deadlines.
Bachelor Of Science In Information Systems
Assistant Senior IT Auditor I Resume
Summary : Expertise includes 25+ years in enterprise settings with financial, technical operations, manufacturing, logistics and distribution. Providing strategic leadership and direction for robust IT Infrastructures and teams. A focused, multi-tasking IT leader, delivering projects from conception to completion on time and within budget. ITGC Audit Program Internal controls - SOX COBIT Security Compliance Risk Assessment PCI - DSS Project Management Disaster Recovery Data Center Acquisitions / Mergers System Design & Implementation Core Qualifications.
Skills : Java, Python, Programming, Business Analysis, Data Analysis.
- Pulled service tickets for change control and operations testing to support IT SOX compliance.
- Pulled service tickets for employee samples that were new hire and terminations for logical access to SAP, Mainframe, AS400 and Windows applications to support IT SOX compliance testing.
- Reviewed super users against job descriptions that were assigned to Windows, DB2, SQL and UNIX platforms to support IT SOX compliance testing.
- Reviewed UNIX /etc files for security setting on sampled Unix Platforms to support IT SOX compliance testing.
- Created work papers to capture findings for the IT SOX audit.
- Up loaded work papers into GRC database for review and sign off.
- Pulled service tickets for change control and operations testing to support IT SOX compliance.
Senior IT Auditor/Manager Resume
Objective : Developed and implemented complete audit programs: scheduling, document requests, testing, finding analysis, sign-off, and remediation, Analyzed IT processes with IT Directors and IT Managers to develop and refine detailed process narratives.
Skills : Oracle Financials, PeopleSoft, Active Directory, UNIX,.
- Performed and lead various information system audits that support the firm's core business functions including: electronic brokerage, execution, and clearing services on approximately 70 financial and commodities exchanges around the globe.
- Defined appropriate audit scopes, preparing complete and accurate work paper documentation, assessing results, and preparing recommendations for improvements.
- Interacted with firm personnel to provide/receive necessary information so as to ensure the timely completion of system audits.
- Followed up on all outstanding audit findings to ensure they are appropriately resolved.
- Developed risk assessment/analysis, internal control evaluations, and other processes necessary to determine areas of technology risk or weakness that will lead to the development of audit programs.
- Produced the audit report (within agreed time scales), agree with clients on factual accuracy of the report findings and recommendations and obtain initial management responses and recommendation implementation dates.
- Acted as a center of expertise (maintain knowledge of and develop an approach) for own area of attention (account management) and contribute to the contents of knowledge databases Act as a point of contact and sparring partner for the assigned areas.
Masters In Computer Science
Senior IT Auditor/Finance Resume
Summary : Over 16 year of experience in Information Technology Compliance, Security and Risk Management in diverse industry segments including Financial, Pharmaceuticals, Telecommunications and Media & Entertainment. Strong background in internal audit and public accounting (Big 4) with a proven track record of successfully managing multiple engagements and team members.
Skills : General Securities License - Series 7 - Expired, Programming in SQL, Vusual Basic, MS Access, SAS in a DB2/VSAM environment, Microsoft Office Applications.
- Identifies over $32M in potential cost savings over a 4yr period as a result of 2012 license management audit.
- Leads portions of the overall IT audit risk assessment and short-term/long-term internal audit plan.
- Facilitates planning the IT and Integrated audits to determine audit scope and audit approach based on risk assessments.
- Identifies/assesses business processes and internal control and IT risks and design appropriate audit procedures, plans, execute and wrap-up projects.
- Manages audit teams - assign IT processes/systems to team members, ensure audit procedures address the objectives of the audit program and review required documentation for adherence to the department standards and guidelines.
- Reviews all testing results and related conclusions.
- Creates and reviews draft audit reports, work with management to finalize issues, report content and remediation plans.
- Leads advisory projects to improve business systems/processes, identification of emerging risks and make recommendations to improve the control design and operating effectiveness/efficiency or comply with company policies and legal/regulatory requirements.
- Demonstrates in-depth understanding of complex information systems.
Bachelor Of Arts In Accounting
Senior IT Auditor Resume
Objective : Energetic bilingual IT Professional with expertise in Information Systems security and privacy for current technologies. Certified Information Systems Auditor (CISA) skilled in audit readiness and audit support, as well as in regulatory controls compliance including SOX, PCI DSS, HIPAA. Extensive experience in system security and IT support on both distributed and mainframe environments. Aptitude for creative problem solving and conflict resolution. Verbal and written fluency in English and Spanish.
Skills : IT Auditor, SOX Compliance, PCI Compliance, COBIT, Tourism, Hospitality, Direct Sales, Distribution.
- Lead the update and administration of all Sarbanes-Oxley requests.
- Implemented and managed quarterly user access review to achieve compliance with Sox/PCI standards.
- Implemented and managed SQL/Oracle database access review.
- Determined and communicated enterprise information security direction and standards based on company goals and external compliance requirements.
- Coordinated business units and IT Staff to test and report on the adequacy and effectiveness of IT Sox controls.
- Implemented controls needed to protect both company information as well as information that is entrusted to the company by third parties and customers.
- Developed, implemented, and maintained policies and procedures to meet information security and compliance standards.
BS In Computer Science