SUMMARY:

• I am well experienced in IT audit team management, audit risk and strategy, audit budgeting, writing audit programs and reports, as well as developing findings and communicating with clients to develop action plans.
• Proven track record mentoring and training IT audit staff, identifying and assessing controls and risk, and reviewing complex business processes, IT infrastructures, people and IT systems.
• This helps my organizations to achieve and maintain compliance with regulatory requirements, improve internal controls, and reduce financial and operational risk
• 9 years of Information Technology Audit experience, 6 years IT operations and Banking experience.
• Solid understanding of processes and controls related to financial and medical applications, networking functionality, databases, operating systems, and other infrastructure.
• Strong corporate governance, internal control, regulatory, technology, and team building skill set
• Risk management skills especially IT and security risk management
• Assisted business units in identifying control gaps and developing remediation plans
• Assessed disaster recovery plans and business continuity plans using NIST
• Audited project controls including project governance / organization, and project work streams
• Designed and conducted test work for a SSAE16/SOC 2 audit.
• Participated in business process redesign, technology needs assessment, and IT governance projects.
• Experience in auditing Banking Apps: Globus, Finacle, Flexcube, Oracle and many other applications
• Support other Financial, Operational, Compliance, and Forensics audit efforts, as assigned
• Working knowledge of NIST 800 - XX, COBIT, HIPAA, COSO, SOC2 and Sarbanes-Oxley Act requirements
• Data Center Review
• Financial Engine Review (HR benefit applications)
• Cloud Computing Privacy and Security Review
• Third Party Risk Assessment
• Mobile Application Review
• Medical Devise Security Review
• Web Security Reviews
• Incident Response and Security Controls reviews
• Identity Access Management reviews

TECHNICAL AUDIT SKILLS:

• In-depth IT skills ranging from programming, networking, applications and Database administration (Oracle)
• Knowledge of Windows and UNIX (Linux and Solaris) Operating system
• Security Controls, Penetration Testing & Auditing
• E-Banking Risk Management & Operations
• Project Management Skills - ACL, Score-Bridge, MasterCard, Flexcube UBS, Oracle Direct Banking, PCI DSS, PayGate
• Automation of Branch Audit reviews and security monitoring
• Data analytics skill - ACL, Excel, SQL
• Compliance/Standards reviews - HIPAA/HITRUST, 3rd Party Risks, ISO 27001/5, PCI DSS, NIST, COSO,SOX compliance, SOC(SSAE16), COBIT 5.0
• Audit Documentation - MKInsight & Protivitis Audit Management Software

PERSONAL ATTRIBUTES:

• Strong analytical knowledge
• Flair for teaching and mentoring
• Excellent interpersonal, leadership & relationship management skills
• Excellent communication skills

KEY COMPETENCIES:

Seasoned IT Audit Manager with over 15 years’ diversified experience in IT operations, Banking, Control Advisory functions, Project Management, IT Audit in Banking, IT consultancy and Health sectors.

WORK EXPERIENCE:

IT Audit: Internal Audit

Confidential

Responsibilities:

• Responsible for conducting IS and security control reviews
• Ensuring compliance to legislation and regulatory authority standards that affect information security & processes
• Assist in the planning, execution and delivery of IT audits.
• Assisted IT professionals and auditor in preparation for engagement risk assessment, planning and audit scope development
• Working with audit project team to achieve departmental goals
• Documentation of audit activities and preparation of audit work papers

IT Audit

Confidential

Responsibilities:

• Reviewing the information security policies and procedures of the Bank
• Develop annual audit plan & Project management of audit assignments using risk-based audit approach
• Monitoring compliance with the organization's information security policies and procedures among employees, contractors, alliances, and other third parties
• Performing information security risk assessments and serving as the internal auditor for information security processes
• Conduct effective risk management of E-business products & Bank applications
• Periodic evaluation of organization security controls, intrusion & penetration testing
• Assisting in Fraud forensic investigations
• Ensuring compliance to legislation and regulatory authority standards that affect information security & processes
• Partner with IT management on Project Management control advisory functions
• Involved in security awareness training and control advisory functions

Confidential

Team Lead

Responsibilities:

• Review of IT Security policies & IT organization.
• Review and accredit newly developed e-banking systems before deployment
• Conduct effective risk identification, analysis & management of E-business products
• Review of banking applications, & databases
• Review of back-up, recovery procedure & contingency plan

IT Audit

Confidential

Responsibilities:

• Review of IT Security policies & IT organization.
• Review and accredit newly developed e-banking systems before deployment.
• Conduct effective risk identification, analysis & management of E-business products
• Review of banking applications, revenue assurance and cost controls (ACL & SQL)
• Review of back-up, recovery procedure & contingency plan
• Review of data centre
• Review of third party licenses and service agreements
• Review of system users’ administration
• Review of systems development & change control management
• Review of network administration, operating systems and databases
• Review of electronic products like ATM, Value-card, internet-banking
• Systems availability monitoring using network monitoring tools
• Network Vulnerability assessment tools like Nessus, Nmap, Wirechalk, Ethereal & Ethercap
• OS vulnerability assessment
• Periodic review of internet banking, e-cards, ATM & web application security.

Confidential

Assistance Banking Officer

Responsibilities:

• Unix (Linux & Solaris) administration of servers.
• Configuration & installation of Windows & Unix OS.
• Procurement of hardware & peripherals.
• Inventory management & documentation.
• Supervising hardware maintenance workshop activities.
• Basic network management & user support/help desk.
• GLOBUS & FINACLE Banking application support.

Confidential

Assistance Banking Officer

Responsibilities:

• Coordinating the IT & banking operation activities of off-line branches.
• Implementation of application security standards for e-banking products.
• Conduct ATM & Web application security assessment.
• Deployment & marketing of various electronic financial products like value-card.
• Periodic performance tuning of database of off-line branches database.
• Smooth running and supervision of off-line branches IT functions.
• Prompt rendition of statutory and non-statutory returns.
• Basic hardware repair and maintenance.
• Information system audit functions.
• Assisting banking operations in resolving IT-related problems.

Confidential

Graduate Management Trainee

Responsibilities:

• Ensuring proper database administration of computer servers.
• Timely performance tuning of the database.
• Error-free daily, monthly and yearly update of database.
• Implementing and deploying GLOBUS banking package.
• Writing of query reports to ensure prompt rendition of both.
• Statutory and non-statutory returns and reports.
• Software development using Universe BASIC, VBASIC.NET.
• Basic networking administration, basic trouble-shooting, hardware repair & maintenance.
• Assisting resident inspectors in system auditing.
• Deposit mobilization.
• Basic Banking operations like Tellering, Bills & Remittance