WORK EXPERIENCE
IT and Specialized Assurance| Risk Advisory May 2022 – Current
Information System Auditor April 2018 – Sept 2021
Key Qualification & Responsibilities

 Assisted in preparing the audit scopes, report findings, and presented recommendations for improving security operations.
 Performed testing of IS controls for validating the design and operating effectiveness, and ensured availability, accuracy, and security of Access Management, Change Management.
 Assessing IT control elements to mitigate IT risks regarding the confidentiality, integrity, and the availability of business information.
 Implementing Cybersecurity knowledge to Evaluate risk, Vulnerability assessment and penetration testing, document processes and systems in flowchart and narrative form and design audit programs.
 Implemented Regulated access system to safeguard information in file by monitoring the use of data files
 Review written work to ensure high quality deliverable and minimal review iterations.
 Draft written reports, SOC1 and SOC2 audit reports and audit findings deliverable and present them to management.
 Reviewing the systems for IT general controls, risk and compliance with policies and regulations and suggest enhancements in controls, policies, and procedures.
 Follow-up on client execution of management actions.
 Demonstrate project management skills, manage audits to meet target dates within budgeted hours.
 Manage multiple projects and communicate obstacles and status to Audit Services management.
 Manage technology governance methodologies and frameworks.
 Audit to measure control requirements compliance.
 Oversee and report status of audit remediation activities.
 Guide on emerging operational, legal and regulatory compliance matters.
 Participate in appropriate and relevant conferences and courses to maintain technical proficiency.
 Assist in developing and implementing an annual personal education plan to develop and maintain currency of security-related skills, technologies, methodologies, and standard methodologies.
 Coordinated IT areas of external and regulatory audits