Amanda Studer
Burlington,KY
Summary
Certified Information Systems Auditor with 15 plus years of experience in IT, Information Security, Risk Management, and internal controls. Featuring strong communication, both written and verbal, skills. Proficient in general IT control testing, SOX compliance testing, application control testing, and network control testing. Performed a variety of advisory projects in which recommendations made to senior management have been implemented.
Overview
18
18
years of professional experience
1
1
Certification
Work History
Senior IT Auditor
Great American Insurance Group
04.2019 - Current
- Identified opportunities for process improvements within the IT department by analyzing current operational structures and recommending strategic changes when necessary.
- Conducted thorough assessments of third-party vendors'' IT systems, safeguarding company data shared through business partnerships.
- Evaluated internal controls and processes, streamlining workflows for increased efficiency and risk mitigation.
- Enhanced IT security by conducting comprehensive audits and identifying potential risks within the organization.
- Coordinated with external auditors during annual reviews, ensuring seamless communication and timely resolution of any concerns raised.
- Managed audit projects from inception to conclusion, delivering high-quality outcomes aligned with organizational objectives and stakeholder expectations.
Senior IT Auditor
Convergys/Concentrix Corporation
02.2018 - Current
- Plan and develop IT audits in areas such as network infrastructure, IT general controls, wireless infrastructure and network security
- Test the efficiency and effectiveness of processes and systems of the in scope SOX applications
- Identify process improvements and best practice opportunities
- Perform IT general control reviews, application control reviews, and information security assessments as well as SOX testing for the in scope applications
- Perform report testing for key reports used for SOX testing.
Senior IT Auditor III
Fifth Third Bancorp
03.2017 - 02.2018
- Planned and managed multiple risk-based integrated audits simultaneously
- Provided supervision, direction, training, opportunities and coaching to staff throughout audits assigned
- Support the Information Technology Governance Framework and look for ways to improve the framework through audits performed
- Worked closely with the Fin/Ops auditors to test the operational effectiveness and efficiency of the information systems including ensuring regulatory requirements are met.
Senior IT Auditor
Ohio National Financial Services
02.2016 - 03.2017
- Developed and implemented an IT Audit program
- Coordinated with external Auditors to develop a test strategy for SOC reports
- Worked with IT and Information Security Departments to perform gap assessments
- Performed risk assessment to develop audit plans.
Manager, IT Audit
Macy's, Inc.
08.2011 - 02.2016
- Planned, performed, and organized multiple risk-based audits in the corporate IT centers for the following areas: Network Infrastructure, Development Life Cycle, and IT General Controls as well as Sarbanes-Oxley testing for IT controls
- Provided supervision and direction, training and coaching to members of audit team throughout the audit
- Identify opportunities for learning and knowledge sharing of best practices with the staff to increase the understanding and skills of the department.
Senior IT Auditor
Fifth Third Bancorp
06.2006 - 06.2008
- Provided detailed documentation on audit findings, facilitating swift corrective action when necessary.
- Maintained confidentiality, handling sensitive information discreetly throughout all stages of the audit process.
- Ensured compliance with regulatory requirements by performing regular audits and staying up-to-date on industry standards.
- Streamlined audit processes, improving efficiency and reducing time spent on each audit engagement.
- Planned and executed follow-up audits at appropriate intervals.
- Followed established auditing processes to meet internal and regulatory requirements.
- Developed strong relationships with clients, building trust and ensuring a high level of satisfaction during the audit process.
- Mentored junior auditors, sharing knowledge and best practices to foster their professional growth within the team.
- Conducted risk assessments to determine areas requiring increased focus during subsequent audits.
- Adapted plans and schedules to meet changing priorities of work objectives, resources and workload demands.
Senior IT Governance Analyst
Fifth Third Bancorp
06.2008 - 05.2010
- Collaborated with security subject matter experts to update and publish security policies, standards, procedures and guidelines
- Ensured Information Security policies and standards reflect industry requirements and best practices
- Built consensus with management and business partners to ensure security requirements with align with business strategies
- Supported the Information Technology Governance Framework, including designing, implementing and maintaining security processes and workflows; performing user access management; and training new users
- Promoted compliance to standards, procedures and guidelines by leading awareness program, including developing communications, facilitating information sessions, and developing guidance documents.
Data Security Analyst
Fifth Third Bancorp
06.2008 - 05.2010
- Responded swiftly to reported incidents while maintaining detailed records for analysis during post-incident reviews and improvement efforts.
- Coordinated with external partners to share threat intelligence, fostering a collaborative approach to cybersecurity defense strategies.
- Reduced potential data breaches by conducting regular vulnerability assessments and penetration testing.
- Maintained compliance with industry regulations by ensuring proper implementation of relevant data protection standards.
- Participated in cross-functional teams to address broader organizational concerns related to information security and risk management, providing subject matter expertise as needed.
- Managed software patching schedules to ensure timely updates that protected against known vulnerabilities without disrupting business operations.
Network Administrator
PECO II, INC.
11.1999 - 06.2006
- Handled ERP security groups and user authorizations
- Setup and maintain security groups and network Permissions
- Implemented and maintained Active Directory Groups Policies Objects
- Maintained Windows 2003 Active Directory Network structure from Windows NT
- Migrated server platform from Windows NT 4.0 to a Windows 2003 Active Directory with a root forest, domain and child domain.
Education
B.A. - Business Administration
Mount Vernon Nazarene University
Mount Vernon, OhioA.A. - Computer Science
North Central State College
Mansfield, OhioSkills
- Communication
- Time Management
- Critical Thinking
- Information Governance
- Leadership
- Identity and Access Management
- Physical Security Measures
- Regulatory Compliance Knowledge
- Access Control Management
- Risk Assessment
- Security policy development
- User Awareness Training
Certification
Certified Information Systems Auditor
Personal Information
Member of IIA
Member of ISACA
Member of IIAG
References
Available upon request
Timeline
Senior IT Auditor
Great American Insurance Group
04.2019 - Current
Senior IT Auditor
Convergys/Concentrix Corporation
02.2018 - Current
Senior IT Auditor III
Fifth Third Bancorp
03.2017 - 02.2018
Senior IT Auditor
Ohio National Financial Services
02.2016 - 03.2017
Manager, IT Audit
Macy's, Inc.
08.2011 - 02.2016
Senior IT Governance Analyst
Fifth Third Bancorp
06.2008 - 05.2010
Data Security Analyst
Fifth Third Bancorp
06.2008 - 05.2010
Senior IT Auditor
Fifth Third Bancorp
06.2006 - 06.2008
Network Administrator
PECO II, INC.
11.1999 - 06.2006
B.A. - Business Administration
Mount Vernon Nazarene University
A.A. - Computer Science
North Central State College
Certified Information Systems Auditor
Similar Profiles
Jessica BrickmanJessica Brickman
Underwriter at Great American Insurance GroupUnderwriter at Great American Insurance Group
Samuel BrejSamuel Brej
Accountant II, Investment Accounting at Great American Insurance GroupAccountant II, Investment Accounting at Great American Insurance Group
MATTHEW GORMANMATTHEW GORMAN
Financial Products Underwriter at Great American Insurance GroupFinancial Products Underwriter at Great American Insurance Group