Toluwatope OLOGBENLA
Lead Senior IT Auditor/Compliance Analyst
Richmond,Texas
Summary
Energetic IT professional with expertise in Information System Security Enterprise, Risk Management, Corporate Security, Compliance, Governance, Technology Vendor Compliance Experience, and privacy for current technologies. Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) skilled in audit readiness and audit support, as well as in regulatory controls compliance including SOX, PCI, DSS, HIPAA. COSO, ISO 17790, NIST 800-53, IS0-9000 framework, COBIT. Developed and implemented a risk-based IT audit strategy in compliance with IT audit standards Roles Involved in the Full Life- Cycle Implementation, Upgrade projects with the focus being internal audit Analysis and support activities. Extensive experience in system security and IT support on both distributed and mainframe environment. Aptitude for creating problem solving and conflict resolution
Overview
10
10
years of professional experience
4
4
years of post-secondary education
4
4
Certifications
Work History
IT Auditor
JPMorgan Chase Bank
Houston, TX
11.2020 - Current
- (consultant) In the Enterprise Risk Services department providing end-to-and external audit services to large corporations
- Supported a proactive regulatory compliance program mitigating brand risk
- Ensured regulatory compliance with applicable regulations and tax and banking laws through regular compliance monitoring
- Developed, Implemented and monitored compliance systems
- Ensured all disclosures, statements, software applications, advertising, policies, procedures, and controls meet regulatory requirements
- Perform annual Sarbanes-Oxley (SOX) testing and report deficiencies to Internal Controls, Information Security Office, and other internal and external stakeholders
- Execute SOC 1, SOC 2, and SOC3 for Cybersecurity internal controls testing
- Manage audit expectations regarding deliverables and timing
- Supported requirements gathering and designed efforts of critical projects as needed and performed yearly Risk Assessment
- Manage, organize, and facilitate walkthroughs, follow up items and track support documentation
- Install new Images to machines over LAN network and complete management support of Active Directory
- Performed functions using Identity and management procedures, which includes enforcing password policies, security-policy enforcement applications, reporting and monitoring apps and identity repositories
- Quarterly review of users status in all the application in correspondence with HR list
- Provide guidance to members of the Identity and Access Management/ Security team in managing technologies such as vulnerability assessment tools, identity and access management, VPN / two factor authentication solutions
- Conducted multiple external audits simultaneously under strict deadline
- Developed audit programs and testing procedures relevant to risk and test objectives
- Identified and communicated Issues raised, offering recommended solutions relevant to business and risk Supervised junior auditors assigned to engagements providing guidance and overall review of deliverables Support the ERS practice through development of new services and analytical tools and fulfilment of practice management responsibilities Participated In special audit projects and provide advisory and consulting services to management
- Recommended appropriate staffing requirements to complete the audit
- Trained and provided guidance of auditing tasks and procedures
- Reviewed work for completeness; and submitted evaluations on assigned auditors
- Acted as liaison for Internal management, external auditors, external audit client and business associates Working with the financial audit team to perform testing of automated and the system-related portion of IT dependent manual controls
- Auditing network operating systems (i.e Windows Active Directory)
- Developing and implementing a risk-based IT Audit plan
- Preparing and maintaining an up-to-date IT audit universe reporting, ensure quality and accuracy in concise.
IT Auditor
TEKsystems
Houston, Tx
11.2018 - 11.2020
- Perform testing of IT General Controls (ITGC) and IT Application Controls, Infrastructure (databases and operating systems) using various Audit Frameworks
- Excellent knowledge of ERP systems (JD Edwards & Oracle Financials)
- Knowledge of emerging technologies such as mobile computing, cloud, and understanding of the associated
- Performed IT risk assessments, reviews of system access, segregation of duties, and documentation of controls and processes; assisted IT management and business owners to enhance internal controls as needed
- Identify threats, vulnerabilities, and risks
- Risks
- Work as part of the IT Audit Team that performs PCI DSS, HIPAA testing in regulated organizations
- Perform testing of Sarbanes-Oxley (SOX) compliance in public organizations, Service Organization Control (SOC) SAS 70/ SSAE 16 reviews, employing COBIT and COSO frameworks
- Demonstrated an understanding of the bank’s environment and assessed the adequacy of the application security, application configuration and business process control
- Extensive experience performing audit with IT General Controls (ITGC) such as Access Participate in the preparation of risk assessments; to determine objectives and scope of audits, the preparation of annual audit plan from residual risks, test procedures and carrying out the audit process from planning, fieldwork (walkthroughs), reporting of findings and follow up where required, employing applicable audit frameworks applicable
- Planning, utilize a risk-based approach to planning and performing audits
- Outstanding technical and analytical abilities, including familiarity with application and IT general controls, technical environments, and emerging IT trends
- Performing hands on projects and responding to emerging IT risks and management requests
- Assessing design effectiveness of existing controls
- Performing end to end walkthroughs on key IT and assigned finance business processes
- Updating business process narratives (as necessary) and agreeing revised business process narratives with process owners within the agreed timeline
- Develop an audit program prior to field work and receive the concurrence of audit management
- Assist with the planning and execution of IT General Controls (ITGC) and Application Control audits to support the Company's Sarbanes-Oxley (SOX) compliance review
- Occasionally serve as a liaison with external auditors and regulators to help facilitate timely and efficient external reviews, knowledge transfer, and controls and process education
- Identifying and testing the operating effectiveness of key controls within significant IT systems based on agreed scoping and test plan
IT Risk/Compliance Analyst
Unity Bank
New York
12.2016 - 11.2018
- Coordinate and liaison for IT with external auditors and internal control owners to support various internal and external audits by gathering of artefacts and upload them in the SharePoint
- Documentation review including policies , standard operating procedures and updated as necessary,
- Support Third Party risk management program by ensuring that third parties comply with applicable security control requirements as well as company's policy
- Identify gaps in control implementation by doing gap analyst/ control mapping and work with all the control owners to develop remediation plan within a specific deadline
- Performed Risk Assessments on new bank Products
- Performed Annual Ach Risk Assessments
- Performed Daily Cash Reports and currency transactions report as necessary
- Compiled information and delivered information pertaining to grand jury subpoena and summons served on the bank
Compliance Analyst
Southcoast Health
Toronto, ON
01.2014 - 07.2016
- Assisted in the development and implementation of a continuous monitoring program for IT compliance Evaluated the likelihood that vulnerabilities could be exploited and assessed the impact associated with the threat and vulnerabilities
- Experienced creating Standard Operational Policies (SOP) as well as system-based policies and procedures
- Experienced researching, and reviewed vulnerabilities reports, working with developers, system admins and engineers to remediate vulnerabilities on scan report and create POA&M
- Conducted self-control assessment to determine the adequacy of management, operational, privacy and technical security controls implemented Assisted System Owners and ISSO in preparing certification and Accreditation packages for IT System, making sure that management, operational and technical security controls adhere to a federal and well-established security requirement authorized by NIST 800- 53R4 to obtain and maintain ATO Maintained up-to-date knowledge of cyber threats by reviewing regulatory bulletins and other sources of information by conducting research on regulations in the security, healthcare, not-for-profit, finance, technology, and sport industry
- Developed System Security Plans (SSP) and oversaw the assessment of projects, processes, operations, and recommended solutions to mitigate risk
- Partnered with clients to ensure that third-party vendors are properly screened, assessed, and continuously monitored to mitigate risk
- Collaborated with business units to deliver enterprise risk assessment results; and identified solutions to minimize risk exposure
- Facilitated and lead remediation activities for assessment, audit, and control findings as they relate to risk Developed compliance training program materials and training of personnel as needed to ensure compliance
IT Auditor
MTN Nigeria, Lagos Nigeria
09.2011 - 10.2013
- Responsible for performing analysis and monitoring on internal Technology controls and vulnerabilities, IT equipment, IT system risk management and the effectiveness of internal audit
- Reported risks in the manner appropriate for each target audience, highlighting the relevant likelihood and severity of each risk
- Provide analysis on technology systems and processes internal audit data, identifying weaknesses in IT systems and internal policies, IT system vulnerabilities, and trends on IT systems failures, vulnerabilities, inconsistencies, weaknesses in the control areas, and reporting these to management, with recommendations on possible mitigations and enhancements
- Carry out regular, comprehensive, and holistic information security and IT systems control assessments, to identify risks and areas that need focus
- Recommend changes to IT systems and processes, based on internal policies, best practices, and continuous change in available technologies
- Keep up to date with new technology solutions to mitigate/change IT systems security vulnerabilities and provides reporting on these solutions
- Follow-up and perform validation of remediation activities to ensure control issues are effectively resolved
- Report audit findings and make recommendations for correcting unsatisfactory conditions, improving operations, and reducing costs
- Work closely with other audit team members to complete each audit exercise and draft audit reports to be reviewed by Manager Technology, Security and Networks
- Continuously seek self-professional development to sharpen skills and capabilities in a versatile and evolving digital landscape
- Foster active collaboration and relationships with employees across all levels and divisions in line with MTN’s policies and values.
Education
Bachelor’s degree - Estate Management
JOSEPH AYO BABALOLA UNIVERSITY
10.2008 - 06.2012
Skills
It Auditor, SOC Compliance, PCI Compliance, COBIT,MS Word, Excel, Power Point, Access, Outlook, Windows XP, Window server 2012 PC Hardware; Visio, SQL, Linux, XML, REST, CRM Software, PHP, SAP, JSON, MS Word, Excel, Power Point, Access, Outlook, Windows XP, Window server 2012 PC Hardware; Troubleshoot, Mathematical Skills
undefinedCertification
Certified Information Systems Auditor (CISA)
Timeline
IT Auditor
JPMorgan Chase Bank
11.2020 - Current
IT Auditor
TEKsystems
11.2018 - 11.2020
IT Risk/Compliance Analyst
Unity Bank
12.2016 - 11.2018
Compliance Analyst
Southcoast Health
01.2014 - 07.2016
IT Auditor
MTN Nigeria, Lagos Nigeria
09.2011 - 10.2013
Bachelor’s degree - Estate Management
JOSEPH AYO BABALOLA UNIVERSITY
10.2008 - 06.2012
Similar Profiles
CHARLES P. CHUCK GARCIACHARLES P. CHUCK GARCIA
Senior Vice President / Southwest Middle Market Sales Manager at JPMorgan Chase Bank, JPMorgan ChaseSenior Vice President / Southwest Middle Market Sales Manager at JPMorgan Chase Bank, JPMorgan Chase
Chad KellmanChad Kellman
Business Relationship Manager at JPMorgan Chase BankBusiness Relationship Manager at JPMorgan Chase Bank
Teppla VishwatejTeppla Vishwatej
Trade Settlement Specialist IV (Consultant) at JPMorgan Chase BankTrade Settlement Specialist IV (Consultant) at JPMorgan Chase Bank
Dee' WilliamsDee' Williams
Quality Specialist Lll at JPMorgan Chase Bank N.AQuality Specialist Lll at JPMorgan Chase Bank N.A
Anisha BadarpuraAnisha Badarpura
Tier 2 Technical Support Specialist at FiservTier 2 Technical Support Specialist at Fiserv