I am a proactive and skilled Information Technology Audit professional, who over the years have led, as well been part of a successful and productive team in IT Audit, Risk Management, Cyber Security, and IT General Control Implementation, Testing and Documentation. My principal concentration is management and carrying out Information Systems Security Control Assessment and Testing, Cyber Security and Risk Assessment. I have also been involved in other projects ensuring proper security documentation, compliance and regulations are met according to best practices and industry standards. I also possess skills in Network Administration and infrastructure Management.
SKILLS/TOOLS
IT Risk Assessment, IT Control Auditing, Change and Configuration. Management (Testing/Assessment/ Compliance) IT Infrastructure Auditing (OS, Database, Network and Active Directory) IT Operations (Logging and monitoring, Job Scheduling and Backup Recovery) Asset Management, Due Diligence, Security Documentation/Frameworks (ISO 27001, COBIT, PCI-DSS, NIST, ITAF) Vulnerability management (Testing/Assessment) Patch Management, Business Continuity/Disaster Recovery Plan, Incident Prevention and Response documentation; SOX404. SOC, Report writing and Recommendation.
Knowledge of tools like Nessus Vulnerability Scanner, Wireshark, Netstat, Traceroute, Ping, IPS/IDS, MDM Software, DLP Software, SIEM, Archer GRC, Open pages GRC, Risk vision.
PERSONAL SKILLS
Ability to work well with little or no supervision as well in a team. Good Communication, self-motivating and willingness to learn, and strong sense of leadership.