-Perform IT and critical application risk assessments while balancing business requirements against necessary security and process controls, including timely completion of risk mitigation action plans-Meet with senior level management within the business units to develop recommendations to improve the security posture of assessed systems-Perform vendor security risk assessments to ensure proper security controls when providing company data to third party service organizations or cloud providers-Work closely with IT personnel in the documentation and performance of key processes and controls to meet SOX compliance requirements-Assist in performing a gap assessment against a cyber-security framework (NIST) and addressing control gaps-Perform assigned tasks of the security awareness program, including security awareness training, communication, and coordination of phishing campaigns-Perform review of administrator logs to ensure access and activity to critical servers (e.g. Linux, Oracle, SQL Server) is appropriate

-Performed financial, operational, technology, and SOX 404 compliance audits for the Internal Audit department to assess the effectiveness of the internal controls-Accountable for performing comprehensive General Controls Reviews, evaluating corporate IT policies and procedures, logical security, physical security, change management procedures, disaster recovery, and back-up procedures and operations-Prepared inherent risk assessments during the audit planning phase to determine the level of control testing required-Developed audit reports and facilitated closing meetings with Auditees, while maintaining good relationships to facilitate future audit needs-Verified closure of business action plans resulting from internal and regulatory audits-Coached and trained associate auditors on the company's internal audit methodology, audit workpapers and audit system applications for audit engagement execution-Partnered with external auditors to raise awareness of concerns within the business unit and to increase reliance placed on audits performed by the Internal Audit department-Evaluated risks during review and analysis of the System Development Life Cycle (SDLC), including design, testing/QA, and implementation of system updates-Processed analytics and automated testing initiatives for segregation of duties analysis, data conversion, and data quality assessments

-Designed audit procedures in the capacity of change management, logical security, and IT operations for numerous technical environments – UNIX, Windows, Oracle database, and SQL Server-Served as a subject matter expert in testing IT general controls and IT related business controls for the following applications: SAP, Investran, Bloomberg, and Great Plains-Developed and revised process narratives, flow charts, request lists, exception logs and risk-control matrices-Executed audit procedures related to business process controls supporting key business systems, particularly application controls and IT-dependent manual controls

-Led projects by assisting clients in employing proper information systems, resources, and controls to maximize efficiencies and minimize risk-Managed audits by preparing audit testing programs, delegating and reviewing the work of 2-4 staff auditors on the engagement, ensuring audits are completed within budgeted hours, providing performance feedback to staff, communicating audit findings to clients and preparing audit reports documenting findings-Worked closely with client personnel to analyze, evaluate, and enhance information systems facilitating the business internal control process, and assist clients and other Advisory professionals in performing information technology control and security engagements-Processed analytics and automated testing initiatives for Segregation of Duty Analysis, Data Conversion, and Data Quality Assessments-Conducted ERP and legacy system pre/post-implementation reviews to support products and ensure business objectives are met

-Assist with the implementation of the SAP HRIS system and developed organizational charts-Maintained integrity of data housed in the SAP HRIS system and benefits database