Joey Lee
PA
Summary
Experienced Compliance and Audit professional with a strong background in IT audit execution, regulatory compliance, risk assessment, and governance across multiple frameworks including NYDFS, GDPR, HIPAA, PCI-DSS, ISO 27001, and SOX. Proven ability to lead user access and privileged access reviews, manage evidence for periodic audits, and collaborate effectively with internal and external auditors to ensure alignment with organizational goals and industry requirements. Skilled in developing documentation, strengthening internal controls, identifying process gaps, and implementing corrective action plans that enhance security posture and operational efficiency. Adept at managing cross-functional communication, supporting ITGC compliance, and driving continuous improvement initiatives. Brings earlier experience in education with strengths in communication, curriculum design, and adapting complex information for diverse audiences. Recognized for analytical problem-solving, detailed reporting, and a disciplined, solutions-focused approach to compliance management.
Overview
33
33
years of professional experience
1
1
Certification
Work History
Senior Compliance Analyst
Altair Integrated Services
Easton, PA
09.2022 - Current
- Managed quarterly, monthly, and yearly user access and privileged recertications. Oversaw and executed user access and privileged recertification processes on a quarterly, monthly, and annual basis, ensuring compliance with security policies and regulatory requirements.
- Liaison with internal and external auditors. Served as the primary point of contact for both internal and external auditors, facilitating communication and collaboration to streamline audit processes and ensure timely issue resolution.
- Maintained compliance frameworks to include GDPR, HIPAA, PCI-DSS, ISO 27001, and others, ensuring integration with organizational goals and objectives.
- Managed and upheld multiple compliance frameworks (GDPR, HIPAA, PCI-DSS, ISO 27001, etc.), aligning them with organizational goals and ensuring ongoing adherence to industry standards and regulations.
- Audit risks and assessments: Perform regular internal and external audits of IT systems and infrastructures.
- Led risk assessments and conducted comprehensive internal and external audits of IT systems and infrastructure, identifying vulnerabilities and ensuring continuous improvement of security controls.
- Prepared and maintained detailed documentation and records in anticipation of audits and regulatory inspections, ensuring all materials were organized and compliant with auditing standards.
- Stayed current with latest changes to applicable regulatory standards and company procedures.
- Reviewed audit and monitoring reports related to consumer and client activities.
- Developed and managed Access Management of all SOX applications.
- Monitored and reported on SOX applications.
- Managed all ITGC owners and Internal audit communications.
- Reported on all KPIS and developed metrics to align with IT goals and objectives.
- Prepared documentation and records for upcoming audits and inspections.
- Developed improvement and corrective action plans to bring operations in line with requirements.
- Identified gaps in existing compliance processes and recommended updates.
- Maintained and reported to identify gaps and create corrective action plans.
- Conducted periodic compliance audits and reviews to identify areas of improvement.
- Assisted with development of compliance objectives and strategies.
Compliance Analyst
Access Point Consulting
Allentown, PA
03.2020 - 09.2022
- Assisted in the preparation and execution of IT audits. Facilitated the preparation and coordination of comprehensive IT audits, ensuring alignment with organizational standards.
- Gathered evidence for monthly, quarterly, and yearly reviews. Compiled and analyzed critical data for periodic reviews (monthly, quarterly, and annual), ensuring accuracy and compliance with audit requirements.
- Liaised with internal and external auditors. Collaborated with both internal and external auditors to ensure seamless communication and effective resolution of audit inquiries.
Teacher
Parkland School District
Allentown, PA
08.1993 - 06.2020
- Met with students, parents and administrators to address and resolve students' behavioral and academic issues.
- Modified lessons and curriculum to accommodate diverse learners by using strategies such as peer-assisted learning and group work.
- Designed detailed learning plans for struggling students based on test, homework and assignment records.
- Adapted teaching methods and materials to meet students' varying needs.
Education
Master of Science - Technology Education
Wilkes University
Wilkes-barre, PA10-2008
Associate of Arts - Teaching
Kutztown University of Pennsylvania
Kutztown, PA05-1991
Skills
- Legal research
- Internal controls
- Audit management
- Documentation review
- Policy analysis
- Business process documenatation
- Compliance monitoring
- Reporting skills
- Internal auditing
- Compliance
- Documentation skills
- Project management
- Jira
- Sentinel
- Confluence
- Microsoft Suite
- Azure
- SOX
- HIPAA
- Power BI
- Workiva
- EntraID
Certification
- HIPAA Security Certified
- HIPAA Awareness for Business Associates
- Sarbanes - Oxley (SOX) Information Technology Controls
- Certified GRC Professional (GRCP)
- Certified GRC Auditor (GRCA)
- Integrated Policy Management Professional (IPMP)
- Integrated Audit & Assurance Professional (IAAP)
- Integrated Compliance & Ethics Professional (ICEP)
Timeline
Senior Compliance Analyst
Altair Integrated Services
09.2022 - Current
Compliance Analyst
Access Point Consulting
03.2020 - 09.2022
Teacher
Parkland School District
08.1993 - 06.2020
Master of Science - Technology Education
Wilkes University
Associate of Arts - Teaching
Kutztown University of Pennsylvania