5 star - Security Analysts DeltaahTech Consulting Employee Review

● Performed audit engagements covering IT general controls (e.g., access controls, change management and system operations) ● Tested the effectiveness of application-level controls (e.g., Input validation, output completeness and accuracy and processing accuracy) ● Evaluated IT Security controls. ● Identified and communicated potential issues or risks to management. ● Implemented knowledge of common IT Framework and Standards (COBIT and NIST) ● Liaised with external auditors as part of IT Compliance Controls to ensure information systems risks are sufficiently identified and evaluated. ● Assisted in the execution of the annual internal audit plan as directed and prepare reports to communicate audit results to management and make recommendations as appropriate. ● Facilitated planning, process understanding meetings and control validation meetings with line of business on several engagements like SOX Audit., Security Incident and Management, Change Management, Disaster Recovery, User Access Audit and SOC Audit. ● Performed role-based Access review for Users on several Applications while ensuring that the Least Privilege Principle is followed during User Access Approval. ● Reviewed systems for adequate management controls, efficiency, and compliance with policies and regulations. Made recommendations when necessary. ● Performed audit readiness to identify and correct internal control weakness to comply for the annual SOX Compliance audit. ● Raised issues of control weaknesses with management and proposed recommendations and reach agreement in a timely manner as to remediation actions. ● Responsible for planning and managing the Global ITGC SOX audit, reviewing audit work papers, and providing testing directions to team. ● Assisted IT Audit Security Manager in executing the framework for compliance with PCI-DSS, NIST 800-53, HIPAA, etc. and in executing a comprehensive, risk-based internal audit plan for the company's IT security compliance requirements. ● Performed continuous monitoring on PCIDSS Assessment in preparation for annual audit, while evaluating and summarizing IT control deficiencies to provide senior management with regular updates on IT control environment. ● Managed IT audit projects from planning to reporting phase, summarizing audit results and recommendations. ● Performed IT general controls and IT application controls SOX testing using COSO and COBIT frameworks. ● Performed SOX audit, IT infrastructure audit and business applications audit from planning phase to reporting phase while documenting the audit report and procedures. ● Conducted review of attestation engagement (SSAE16 SOC 1 Type 2 review) for Unqualified Opinion, Management assertion and User consideration.

Nothing at the moment on this company

they understand your requirements, and they have the experience to consult with you on strategies to attract and retain the possible talent.

work overload to meet up with customers needs