Information Technology Auditor
Current● Conducting audits and assessments to evaluate IT controls, policies, and procedures against regulatory standards (e.g., SOX, GDPR, PCI-DSS) and industry frameworks (e.g., COBIT, ISO 27001).● Conducting IT controls risk assessments, including reviewing organizational policies, standards, and procedures and providing advice on their adequacy, accuracy, and compliance with the PCI DSS.● Conducting comprehensive audits of cyber security, Active Directory, O365, and MS Exchange, reviewing OS platforms (Windows, Unix), IT systems, and operating procedures to uphold efficiency, accuracy, security, and risk mitigation standards.● Performing Information Technology General Controls (ITGC) audits to validate compliance with SOX provisions and professional standards, achieving a minimum 95% compliance rate across key areas such as change management, logical access, backup and recovery, and problem and incident management.● Developing, documenting, and maintaining IT policies, standards, and procedures that reflect compliance requirements and aligns with ITSM best practices.● Gathering applicable information, conducting research, developing talking points, coordinating with team members, and leading audit finding meetings to find program weaknesses, outdated IT policies, and duplicity in IT efforts.