Lead walkthroughs and audit status meetings to evaluate the design and operating effectiveness of controls.Performs SOX and CCPA compliance audit, verifying control design adequacy and operating effectiveness.Conducts IT infrastructure Conduct testing for Information Technology General Controls (ITGC) and Application Controls utilizing FISCAM and NIST 800-53 Revision 4 frameworks.control testing of Servers, Active Directory.Use audit tools such as People soft, IBM open pages and oracle EBS for each audit engagement.Prepare work papers and supporting documentation for weaknesses and vulnerabilities found throughout the audit process.Review and assess the Business Continuity Plan (BCP) along with the Disaster Recovery Plan (DRP).Act as a key liaison with auditees and management, as well as external auditors.Examine extensive datasets using analytic tools such as Excel and SQL queries.Test internal controls and assisted in developing Corrective Action Plan (CAP) and remediation.Evaluate compliance with corporate security policies from planning phase to completion using COBIT, COSO, PCI DSS, SOX, FISMA Frameworks in performing audit.SOX testing in the areas of Access Control, Change Management, IT and Network Operations.Coordinate with IT department and external auditors during SOX IT testing.Manage the request list for the audit team.Evaluate the design and effectiveness of technology controls throughout the business cycle

Executed all stages of audit planning, fieldwork, executive, reporting and follow up.Served as the contact person for the co-source and external auditor during SOX and HIPPA engagements.Perform control testing to assess the effectiveness of controls in place. This involves testing the design and operating effectiveness of controls and identifying any weaknesses or non-compliance with the SOC 2 criteria.Reviewed risks of key control deficiencies and effectiveness of overall control framework, and ensured management has effective and timely control remediation plans.Conducted audit to identify weaknesses in the existing control environment, and business processes, provide value adding recommendations to fix identified gaps to maintain IT control metrics per the compliance activities.Identified and communicated IT audit findings to senior management and client. Conduct internal assessments to determine our current compliance status with SOC 2 requirements and identify gaps and areas that need improvement.Worked with the IT Audit Manager in preparing audit status reports for presentation to executive management and the company's Audit CommitteeConducted walkthroughs and detailed testing, document work done inform of work papers that detailed, the control tested, the outcomes and determined management’s compliance with SOX and HIPPA regulatory requirements.Communicated results of IT audit projects to appropriate stakeholders in a business terminology understandable to them for effective remediation.Involved in the identifying, evaluation and documentation of key IT risks and controls throughout the organization, across multiple information technology platforms.Updated and maintained the recommendation remediation tracker to keep management abreast of the outstanding internal audit findings.Facilitated the identification of operational risks and control gaps.