IT RISK CONSULTANT
Ernst & Young
Total years of experience :10 years, 4 Months
• Evaluated the design and operating effectiveness of IT controls, identifying and documenting control deficiencies
and developing corrective action plans to address them.
• review and assess control through established framework
• Participate in elaboration and implementation of a local IT service management and governance framework.
• Complied with SOX guidelines and developed policies to maintain compliance with other regulatory status.
• Performing internal and external IT risk assessments, conducted Performing and testing IT general (ITGC) and
operational controls for various OS and Database technologies compliance.
• Reviewing SOC1 and SOC2 report.
• Prepared audit reports to highlight issues, liaising with managerial staff and presenting findings to resolve.
• Evaluated work of audit juniors for quality and compliance. • Reviewed and updated existing audit tests
programmes and testing procedures
• Performing IT risk assessments, conducted GAP analysis against the industry standards and providing
recommendations on.
• Monitor and analyse security events and audit the AWS cloud log trail files.
• Auditing AWS cloud backup and disaster recovery strategies.
• Reviewing SOC1 and SOC2 report.
• Quarterly review of compliance level check for cloud database and servers.
• Checking on restricting of direct access to database or servers on cloud.
• Use of AWS IAM to ensure the user permission.
• Conducting reviews to identify risk areas and establish a protocol.
• Working with Internal Audit to maintain compliance of Database.
• Review and refine the patching process and Standard Operating Procedures (SOPs) to identify and address any
gaps, and maintain updated documentation.
• Quarterly publishing Dashboard to higher management and governance Team.
• Facilitate timely regulatory submissions, engage with both internal and external auditors, and ensure the closure
of any observations or findings.
• Conducted audits of System, verifying activities complied with procedures and policies.
• Prepared audit reports to highlight issues, liaising with managerial staff and presenting findings to resolve.
• Evaluated work of audit juniors for quality and compliance.
• Reviewed and updated existing audit tests programmes and testing procedures.
Internal Auditor:
• Conducted audits of System, verifying activities complied with procedures and policies.
• Prepared audit reports to highlight issues, liaising with managerial staff and presenting findings to resolve.
• Evaluated work of audit juniors for quality and compliance.
• Reviewed and updated existing audit tests programmes and testing procedures.
Database Administrator:
• Installation of Oracle 11g databases in production, development and test environments depending on project
requirements.
• Setting and managing user management, space management granting required privileges to users.
• Applying upgrade patch, maintenance and interim (opatch) patches on all the databases.
• Creating and assigning appropriate roles and privileges to users depending on the user activity.
• Involved in the database audit process, working with an audit team, running different scripts and explaining them
the roles of users.
• Involved in user management, creating new user ids, assigning them roles and privileges, monitoring their activity.
• Monitoring and responding to system alerts
• Troubleshooting and resolving system issues
URL removed due to policy violation. Please contact support for further information.