Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Languages
Timeline
Generic

Lilian Holmes

Houston,TX

Summary

Diligent IT Auditor with solid background in Information Technology Auditing. Demonstrated expertise in assessing IT controls and ensuring compliance with industry standards. Proven ability to identify system vulnerabilities and implement effective remediation strategies. Proficient in risk assessment and audit planning.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Senior IT Auditor

Maximus Federal
02.2021 - Current

Perform audit procedures, including collecting, reviewing and analyzing relevant information, documenting business processes, and completing audit documentation

  • Led a team of 5 auditors, overseeing all the aspects of IT audit lifecycle
  • Devised and implemented an automated system for tracking audit findings, improving productivity by 90/%
  • Conduct IT infrastructure control testing, including applications, databases, servers, and operating systems, to assess control design and identify gaps
  • Execute detailed testing of IT General Controls and IT Application Controls, ensuring compliance with COSO framework and regulatory standards
  • Collaborated cross-functionally with IT, security, and compliance teams to implement audit recommendations
  • Translated complex technical issues into business terms for non-technical stakeholders
  • Facilitate 80% of Kick-off meetings between external auditors, internal audit department and stakeholders
  • Conduct application, process, and system walk-throughs with application owners to identify the end-to-end process of a transaction, identify control gaps and assess if controls are designed appropriately
  • Perform detailed testing of IT General controls (ITGC) and IT Application controls (ITAC) to determine if the internal controls are operating effectively
  • Test internal controls relating to Access Management, Change Management, and Backup & Recovery
  • Perform detail testing on security controls related to vulnerability management, incident management, business continuity, and network infrastructure
  • Test both commercial-off-the-shelf (COTS) applications & in-house applications
  • Identify deficiencies in the design and operating effectiveness of internal controls
  • Support in the testing of business controls related to operations and enterprise projects
  • Collaborate with external auditors by testing reliance controls and liaising with system or process owners
  • Conduct IT risk assessments of newly scoped in applications and control deficiencies
  • Facilitate coordination among external auditors, internal audit teams, and stakeholders during the kick-off and throughout the IT audit process
  • Presented audit findings and recommendations to senior management and the Board of Directors
  • Conducts follow-up to monitor disposition of audit results communicated to management

IT Auditor

Maximum Federal
11.2019 - 01.2021
  • Actively participated in IT SOX planning activities and conduct risk assessments
  • Conducted and supported in the completion of SOX ITGC testing
  • Tested the design and effectiveness of internal control over financial reporting (ICFR) in support of the Sarbanes-Oxley audit
  • Reviewed SOC 1 & SOC 2 reports by identifying User Entity Controls and exceptions noted in the report
  • Updated risk and control matrices and test plans accordingly for key controls
  • Collaborated with issue owners towards a timely remediation of deficiencies
  • Worked closely with IT and business teams to identify risk areas, provide valuable recommendations on process and control standardization
  • Collaborated with management to establish timely, appropriate action plans for management's actions
  • Performed follow-up activities on prior audit issues reported, validated adequate remediation and reviewed artifacts for sustainability
  • Timely prepared all audit work-papers, including draft findings and management reporting

Senior IT Controls Assessor

DeltaaTech Consulting
04.2017 - 09.2019
  • Conducted security assessments and vulnerability assessments of systems, applications, networks, and processes, and provided recommendations for mitigating security risks
  • Verified adherence to regulatory standards and security protocols, including NIST SP 800-53, ISO 27001, and FISMA, by performing gap analysis and control reviews
  • Assessed compliance with regulatory requirements and security frameworks and provided guidance on remediation efforts
  • Scheduled and ran kickoff meeting with the client to go over the Assessment plan and scheduled
  • Prepared assessment reports and security documentation to meet regulatory and compliance requirements

Education

Bachelor of Science - Political Science

University of Lagos
Nigeria
09-2000

Skills

  • Vulnerability assessment
  • Security awareness training
  • Security policies
  • Access control
  • Compliance reporting
  • IT governance
  • Application security
  • Identity management
  • Audit planning
  • Internal controls
  • Information security
  • Cybersecurity
  • Cloud security
  • Problem-solving
  • Attention to detail
  • Analytical thinking
  • Risk assessment
  • Security protocols
  • Compliance monitoring
  • Risk management
  • Security monitoring
  • Security analysis
  • Cybersecurity frameworks
  • Teamwork
  • Teamwork and collaboration
  • Time management
  • Problem-solving abilities
  • Multitasking
  • Multitasking Abilities
  • Reliability
  • Excellent communication
  • Organizational skills
  • Team collaboration
  • Active listening
  • Effective communication
  • Adaptability and flexibility
  • Relationship building
  • Team building
  • Task prioritization
  • Decision-making
  • Self motivation
  • Interpersonal skills
  • Goal setting
  • Professionalism
  • Security needs assessment
  • Information protection
  • Security testing
  • Security planning

Accomplishments

  • Conducted IT audits on financial systems processing $500M in transactions, ensuring SOX compliance and preventing material misstatements.
  • Supervised team of 5 staff members to execute a global IT audit program
  • Used Microsoft Excel to develop inventory tracking spreadsheets.
  • Identified process inefficiencies during IT audits, recommending improvements that saved $100k annually.
  • Conducted IT audits using ACL and ServiceNow identifying and mitigating risks in key systems, resulting in a 20% reduction in security incidents.

Certification

  • Certified Information Systems Security Professional (CISSP)

Languages

English
Native or Bilingual

Timeline

Senior IT Auditor

Maximus Federal
02.2021 - Current

IT Auditor

Maximum Federal
11.2019 - 01.2021

Senior IT Controls Assessor

DeltaaTech Consulting
04.2017 - 09.2019
  • Certified Information Systems Security Professional (CISSP)

Bachelor of Science - Political Science

University of Lagos
Lilian Holmes