Summary
Overview
Work History
Education
Skills
Professional Membership
Timeline

Biodun Erinle

Bladensburg,MD

Summary

A Certified IT Audit professional and Financial Analyst with experience in conducting Risk Assessments, Audit Engagements, Testing Information Technology Controls, Developing Security Policy Procedures & Guidelines, GDPR, SOX, SSAE18/SOC, PCI-DSS & ISO 27001/2.

Overview

7
7
years of professional experience

Work History

Senior IT Auditor

WealthyGen
Hyattsville, MD
03.2021 - Current
  • Developed and maintain system security plans (SSPs) and all other system security documentation, reviewing and updating them at least annually for all assigned system
  • Used risk-based approach to deliver contract compliance and adherence to service-level agreements (SLA).
  • Assisted in the implementation and compliance review of Industry standards COBITS, NIST Framework, ISO or ITIL and HIPAA compliance
  • Conducted general information technology processes of change management, recovery management, configuration management, operation management, risk management and testing of ITAC/ITGC controls
  • Developed staff expense and reimbursement tracker to reduce user errors and increase reporting accuracy.
  • Conducted automated audit control testing in general information technology environments such as SAP/ERP, ServiceNow, PeopleSoft, Hyperion, Oracle Financial.
  • Prepared Plan of Action and Milestones (POA&M) with identified weaknesses and suspense dates for each IS based on findings and recommendations from the SAR reports.
  • Review vendor SOC 1 and SOC II reports for appropriate ITGC and assisted applications in their review and analysis of exceptions and client’s consideration
  • Identified weaknesses of existing control systems and made suggestions for remediation.
  • Assisted in executing the annual general computer control work SOX 404 compliance effort including performing walkthrough procedures, as needed, testing automated control effectiveness, and reporting test results and interacting external auditors, and updating and maintaining documentation.
  • Facilitated successful internal and external audits through sound and thorough documentation.
  • Proficient with NIST SP 800-53 rev 4, 800-37,800-60, 800-115, FIPS 199, NIST SP 800-26

Senior IT Auditor

Rayan
District Heights, MD
05.2019 - 02.2021

Performed IT risk assessments and audits of internal initiatives and critical third party/vendor relationships against criteria descending from industry standard information security frameworks and industry regulations, such as ISO/IEC 27001:2013, NIST SP 800-53, SSAE 18, NIST CSF, FERPA, SOX,
PCI-DSS 3.2, and privacy regulations like GDPR and CCPA
• Evaluate the design and effectiveness of technology controls throughout the business cycle
• Identify and communicate IT audit findings and mitigation strategies to senior management, technology leaders and the CISO
• Monitoring and maintaining internally developed controls, researching, and developing new tools to assist in management remediation of audit findings
• Identified and determined the fair market value of Assets and liabilities of all terminated pension plan as of the date of plan termination. (DOPT)
• Assisted in the development of risk treatment plans to address areas of strategic and tactical IT and information risks in both business operations and technology paradigms
• Assisted with the development and maintenance of information security policies and standards
• Supported development of and maintenance of an information security compliance and metrics program for consistent management reporting of risks to sensitive information and technology resources across enterprise
• Managed InfoSec programs POA&Ms including advising on remediation efforts
• Leveraging the existing Governance, Risk and compliance (GRC) tool, Telos Xacta (or an alternative like CSAM or RSA Archer) to track and reconcile findings from assessments, audits, and vulnerability scans
• Monitored and verified data, investigated anomalies and intervened on various processes for report generation
• Maintained confidential participant benefit information
• Provides management planning and control information by collecting, analyzing and summarizing participant benefit data and trends.

Senior Financial Analyst

Cozi
Bladensburg, MD
01.2016 - 04.2019
  • Analyzed financial data to identify trends, patterns and strategies.
  • Verified documented and requested disbursements to facilitate payments.
  • Improved revenue stream by identifying new areas for growth and development.
  • Created financial models to assess opportunities.
  • Utilized statistical, economic and financial principles and techniques to prepare reports and other requests.
  • Supported projects and analyses to drive consistency and accuracy within financial models.
  • Established financial policies and procedures to set standards for compliance.
  • Summarized financial information to clearly relay concepts and drive understanding of non-financial leaders.
  • Prioritized and expedited assigned work to meet changing business circumstances.
  • Evaluated financial records for accuracy and conformance to regulations.

Education

Bachelor of Science - Economics

Olabisi Onabanjo University (NGR)

Adv Dip in Management Accounting - Management Accounting

Chartered Institute of Managt Accountants(CIMA), CIMA (UK)

Associate Chartered Accountants (ACA) - Accounting

Institute of Chartered Accountants of Nigeria, ICAN (NGR)

Certified Information Systems Auditor (CISA) - Auditing

ISACA, Cert No. 221733242

Project Management Professional (PMP) - Project Management

Project Management Institute, Cert NO. 3251159

Skills

  • ITGC Access Control, Identity & Access Management (IAM)
  • Payment Card Industry Data Security Standard (PCI DSS)
  • ISO 27001 Lead Auditor COSO COBIT SOC 1 SOC 2 Sarbanes-Oxley Act Segregation of Duties
  • Financial Consulting
  • Organizational Management Principles
  • Variance Analysis
  • Expense and Revenue Analysis
  • Financial Modeling
  • Test Plans and Test Methodologies

Professional Membership

  • · Institute of Chartered Accountants of Nigeria (ICAN)
  • Chartered Institute of Management Accountants
  • · Information Systems Audit and Control Association (ISACA)
  • · Project Management Institute (PMI)

Timeline

Senior IT Auditor - WealthyGen
03.2021 - Current
Senior IT Auditor - Rayan
05.2019 - 02.2021
Senior Financial Analyst - Cozi
01.2016 - 04.2019
Olabisi Onabanjo University (NGR) - Bachelor of Science, Economics
Chartered Institute of Managt Accountants(CIMA) - Adv Dip in Management Accounting, Management Accounting
Institute of Chartered Accountants of Nigeria - Associate Chartered Accountants (ACA), Accounting
ISACA - Certified Information Systems Auditor (CISA), Auditing
Project Management Institute - Project Management Professional (PMP), Project Management
Biodun Erinle