Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Brandi Smithey

Plano

Summary

Experienced senior IT auditor with a strong background in information technology auditing and over 4 years of combined experience in IT auditing and risk management. Skilled in assessing IT controls and ensuring compliance with industry standards. Demonstrated expertise in identifying system vulnerabilities and implementing effective remediation strategies. Recognized for proficiency in audit planning and testing, as well as strong analytical skills and effective communication.

Overview

4
4
years of professional experience
1
1
Certification

Work History

Senior ERM IT Analyst

Western Alliance Bank
12.2024 - Current
  • Develop and execute comprehensive control testing procedures for the technical environment to ensure compliance with IT risk management frameworks
  • Evaluate the effectiveness of IT security controls, identifying deficiencies and recommending improvements
  • Conduct and lead walk-through meetings with clients to understand their business processes and identify key audit risks
  • Communicate control testing results and risk assessments to senior leadership, providing actionable recommendations for improvement

Information Risk Management, Sr Analyst

Texas Capital
06.2024 - 11.2024


  • Performed targeted risk assessments across various information risk domains to identify key vulnerabilities and mitigation strategies
  • Led a cross-functional team to review and reconcile the Identity Access Management's annual user access reviews for 305 applications across the company, addressing MRBA and regulatory audit issues
  • Collaborated on the RCSA process, assessing risk units lacking information risk controls to determine the need for additional safeguards and controls
  • Executed multiple cyber risk assessments, including cyber maturity assessment, SWIFT and GLBA assessments

IT Auditor

Texas Capital
03.2023 - 06.2024
  • Conducted comprehensive IT audits, including assessing systems, controls, and processes, to ensure compliance with regulatory requirements and industry standards
  • Led audit engagements as Auditor-in-Charge, from planning to reporting phase, including scoping, risk assessment, testing, and issue identification
  • Conducted walk-through meetings with clients to understand their business processes and identify key audit risks
  • Coordinated with audit team members to assign tasks, set deadlines, and ensure timely completion of audit procedures
  • Collaborated with cross-functional teams to communicate audit findings and recommendations to key stakeholders, including senior management
  • Prepared detailed audit reports documenting findings, recommendations, and action plans for senior management review, facilitating informed decision-making and risk mitigation
  • Leveraged NIST and FFIEC frameworks to evaluate IT controls’ effectiveness and compliance

Technology Risk Consultant

RSM US, LLP
06.2022 - 03.2023
  • Executed SOC 1 and SOC 2 audit engagements for clients across various industries, assessing controls related to logical access, change management, backup and recovery, and segregation of duties
  • Conducted comprehensive testing of IT General Controls (ITGCs) and Application Controls (ITACs), evaluating their effectiveness in mitigating risks associated with data integrity, system security, and regulatory compliance
  • Prepared detailed audit work papers and documentation in accordance with SOC 1 and SOC 2 standards, documenting control deficiencies, recommendations, and remediation plans to address identified risk and enhance control effectiveness

Education

M.S. - ITM/Cybersecurity

The University of Texas at Dallas
12.2022

M.S. - Accounting/Audit

The University of Texas at Dallas
05.2020

B.S. - Accounting

The University of Texas at Dallas
12.2017

Skills

  • Advanced Excel Analysis
  • Comprehensive Audit Planning
  • Detail-Oriented Analysis
  • Critical Analysis
  • Collaborative Teamwork
  • Audit Reporting
  • Strategic Decision-Making
  • Effective Communication

Certification

Internal Auditing Education Partnership

Timeline

Senior ERM IT Analyst

Western Alliance Bank
12.2024 - Current

Information Risk Management, Sr Analyst

Texas Capital
06.2024 - 11.2024

IT Auditor

Texas Capital
03.2023 - 06.2024

Technology Risk Consultant

RSM US, LLP
06.2022 - 03.2023

M.S. - Accounting/Audit

The University of Texas at Dallas

B.S. - Accounting

The University of Texas at Dallas

M.S. - ITM/Cybersecurity

The University of Texas at Dallas

Similar Profiles

CREATE PROFILE
Brandi Smithey