MABEL OMODELE
Richmond,TX
Summary
An analytical and experienced IT Auditor skilled in enhancing business compliance, workflows, and processes through meticulous testing. Proven expertise in security, control risk frameworks, and a dedicated focus on data privacy and risk management. Specialized in control design, SDLC, Cybersecurity, SOX, and PCI Compliance. Proficient in industry standards such as COSO, COBIT, GDPR, NIST CSF, ISO/IEC 27000 Series, FFIEC and HIPAA. A proactive and organized professional seeking growth opportunities to apply knowledge and skills for impactful contributions.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Senior Information Technology Auditor
KPMG
Houston, TX
03.2021 - Current
- Performing IT audits, including ITGC, Application Control Audit, and IT Infrastructure Audit, utilizing frameworks such as COBIT, COSO, PCI-DSS, FISCAM, HIPAA, SOC, HITRUST, NIST, SOX, ITIL,ISO27001, and other best practices for thorough testing and evaluation.
- Collaborate in the ITGC audit process, including planning, risk assessment, reporting and follow up
- Executing Information Technology reviews/audits and supporting ongoing SOX Compliance Initiatives
- Developing and executing domestic and international audit assignments in compliance with internal audit programs
- Generating reports for compliance purposes and demonstrating adherence to security policies and regulations
- Performing system administration for Governance, Risk, and Compliance (GRC) tools
- Performing thorough control testing within the Information Technology with a focus on Project/Program Management, SDLC (Agile and Waterfall approaches), and Computer Operations.
- Performing thorough audits of SDLC processes, which involve examining project initiation, gathering requirements, designing, testing, deploying, and maintaining phases.
- Collecting and analyzing data to identify potential security incidents or patterns indicating a security breach
- Coordinating User Access Review (UAR) processes to ensure users have appropriate access
- Creating continuous controls monitoring programs utilizing GRC solutions, dashboards, analytics, automation, and other supporting tools
- Evaluating the effectiveness of controls and security measures in software applications
- Testing IT applications to ensure complete and accurate data processing
- Conducting assessments on diverse IT processes and controls, including reviews of IT general controls, application controls, cybersecurity, and data privacy
- Performing user access reviews and supporting cyber due diligence and vendor cyber risk processes
- Evaluating the effectiveness of change management procedures and version control systems to ensure software integrity
- Executing thorough audits of SDLC, Project, and Program Management procedures, working collaboratively with the first line of defense to pinpoint control vulnerabilities and guarantee adherence to industry benchmarks.
- Supporting general IT Risk Management, Security Policies, Procedures, and/or Standards
- Performing walk-throughs with different Lines of Business (LOB) or subject matter experts
- Evaluating the company's network and security, offering guidance on IT controls
- Performing audits on program management to verify alignment with business objectives and efficient risk management, offering improvement suggestions.
- Contributing to the creation and implementation of the yearly audit plan, prioritizing projects associated with SDLC, project management, and program management.
- Supporting and managing compliance metric reporting and dashboard development
- Assessing existing and new systems, identifying critical IT processes, and generating detailed reports outlining necessary changes
- Drafting audit reports, presenting findings to management, and communicating with and educating process owners on the significance of controls, creating efficient control environments, and the role of Internal Audit
- Performing risk assessments and compliance checks to ensure adherence to industry standards and regulatory requirements
- Reassessed and retested key controls in alignment with SOX guidelines, addressing identified deficiencies.
- Performing risk analysis and documenting risks associated with controls
- Participating in all stages of the audit process from planning and fieldwork to reporting and follow-up
- Performing and delivering presentations of audit reports, including findings, recommendations, as well as remediation plans
- Assessing IT internal controls, identifying and documenting control weaknesses and related testing exceptions.
Staff Information Technology Auditor
Keystone Bank Limited
Washington, DC
11.2018 - 03.2021
- Performed all stages of the audit, including planning, research, risk assessment, fieldwork, reporting of results, and other necessary procedures
- Developed and executed audit tests of automated business controls to support day-to-day integrated internal audits for Bank, Trust, and AML audit teams, based on scope and relevant risks
- Worked with Bank audit team members to properly scope and execute testing on significant and relevant risks
- Reviewed adherence to PCI DSS standards for end-to-end processing, transmission, and storage of credit card/debit card information
- Examined relevant Federal and State policies and regulations linked with each audit type
- Composed working papers to record extent and outcomes of audit in compliance with all government program guidelines
- Performed ITGC and application controls audits, information security, systems development, change management, business continuity, disaster recovery, and computer operations
- Performed thorough control assessments within the Information Technology framework, focusing on Project/Program Management, SDLC (both Agile and Waterfall methodologies), and Computer Operations.
- Worked with Engagement Team to identify, discuss and resolve findings discovered during Audit/Review Process
- Collected, documented and reviewed evidence during control testing process
- Supported development, implementation, and monitoring of data confidentiality, system integrity, system reliability, recovery methods and procedures for reviewing business and IT management plans
- Proficient in assessing controls relevant to ERP systems such as Oracle EBS and SAP, with a solid understanding of associated business processes.
- Summarized and analyzed data obtained for evidence of deficiencies in controls, duplication of effort, fraud, or lack of compliance with laws, government regulations and management policies or procedures.
Information Technology Auditor
CareFirst BlueCross BlueShield
Austin, TX
12.2017 - 11.2018
- Provided support for integrated audits, regulatory compliance utilizing FISCAM, and risk mitigation initiatives
- Assisted supervisor throughout all IT-related audit project phases and liaised with Internal Audit and Information Technology
- Possessed a comprehensive understanding of auditing policies, practices and systems
- Conducted detailed review of wired and wireless Networks covering all PCI DSS control elements
- Reviewed critical controls including Access Control, Audit logs, Data Integrity and Security, Segregation of duties, Change management, Quality Assurance testing, Incident and Release management.
Education
Master of Science in Industrial and Personnel Management -
University of Ibadan
09.2015
Bachelor of Arts in History and Diplomatic Studies -
Olabisi Onabanjo University
03.2007
Skills
- SOX
- ITGC
- User Access Review
- Segregation of Duties SOD
- Analytical skills
- Planning & Implementation skills
- Multi-tasking
- Application Security
- Control Testing
- Information Security Management
- Compliance
- Cyber Security
- Control Integration
- Risk Assessment (RCM)
- Application Control (ITAC)
- Business Process Controls
- HITRUST Assessor
- Pre & Post Implementation Review
- SOC 1 & 2
- Disaster Recovery
- Security Analysis
- Continuous Monitoring
- Data Privacy
- Business Continuity
- Data Loss Prevention
- Identity Access Management
- Strong Organizational & Interpersonal skills
- Exceptional Analytical Thinking and Decision-Making
- Excellent Communication and Collaboration
- Strong Leadership and Team player
- Proactive Problem-Solving &Active listening
- Excellent Time Management and Multitasking
Certification
- Certified System Administrator (CSA)
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Security Manager (CISM) In Progress
Frameworks
- NIST CSF
- COBIT
- COSO
- ITIL
- NIST 800-53
- ISO/ IEC 27001
- FISCAM
Compliance
- SOX
- CIS
- GDPR
- CCPA
- HIPAA
- SHIELD
- PCI-DSS
Projects
- BCP
- SDLC
- QAR
- UAR
- SOX Testing
- CIS Controls
- Control Integration
- Vulnerability Assessment
- Project Management
Tools& Applications
- Nucleus
- Salesforce
- workday
- EPIC
- CERNER
- ServiceNow
- Metric Stream
- Archer GRC
- SAP
- Jira/Confluence
- IAM (SailPoint)
- AWS
- Excel
- PowerPoint
- Power BI
- Outlook Express
- TeamMate+
- SharePoint
- AuditBoard
- ServiceNow
- JIRA
- Unix/Linux
- Oracle DB
- Azure
- CyberArk
- Archer GRC
- Splunk
Timeline
Senior Information Technology Auditor
KPMG
03.2021 - Current
Staff Information Technology Auditor
Keystone Bank Limited
11.2018 - 03.2021
Information Technology Auditor
CareFirst BlueCross BlueShield
12.2017 - 11.2018
Master of Science in Industrial and Personnel Management -
University of Ibadan
Bachelor of Arts in History and Diplomatic Studies -
Olabisi Onabanjo University
Similar Profiles
IQBAL MOHAMMEDIQBAL MOHAMMED
Manager, Cybersecurity Advisory at KPMGManager, Cybersecurity Advisory at KPMG
Lorenzo ScardalaLorenzo Scardala
Cyber Security Consultant at KPMGCyber Security Consultant at KPMG
Kimberly KoutrisKimberly Koutris
Director, HR Business Advisor – AI & Digital at KPMGDirector, HR Business Advisor – AI & Digital at KPMG
Madeleine MaloneMadeleine Malone
Intern at KPMGIntern at KPMG
Olufunke EluyeraOlufunke Eluyera
RN, Medical-Surgical at HCA HealthcareRN, Medical-Surgical at HCA Healthcare