Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

Bobby Mgbameh

Dallas

Summary

Experienced IT risk Auditor with 7+years of comprehensive experience identifying and analyzing areas of potential risk threatening success of investment. Adept auditing professional polished in ITGC/ITAC audit, risk mitigation and cost reduction strategies. Completes audits for clients in diverse industries and executes planning strategies to enhance financial positions. Focuses on delivering high-quality results and producing exceptional work. Advanced verbal and written communication skills, including documentation of findings and recommendations, highly motivated, critical thinking skills, versatile, self- starter, independent, organized, systematic and detail oriented.

Overview

19
19
years of professional experience
1
1
Certification

Work History

IT RISK ANALYST / COMPLIANCE

SUNTRUST BANK
01.2021 - Current
  • Perform risk analyses to identify appropriate security countermeasures.
  • Encrypt data and erected firewalls to protect confidential information.
  • Evaluate/interpret SOX IT Audit, PCI DSS and Privacy requirements and provide guidance to process and control owners on the objective / intent of the requirements.
  • Design, implement, and oversee execution of the IT controls program including periodic control testing of design and operation effectiveness sufficient to meet regulatory requirements and to satisfaction of internal/external auditors.
  • Perform QA reviews of IT controls related work products such as user attestations packages and client assistance documentation prior to delivering to internal and external auditors, clients, and business partners.
  • Document and maintain risk-based compliance policies and procedures; Develop and maintain IT controls related content for the Information Security & Compliance intranet site.
  • Maintain knowledge of legislation and regulation changes related to the financial industry; understanding of applicable finance industry security and privacy regulations, procedures and issues, and assist in ensuring the organization remains compliant with such laws and regulations.
  • Perform walkthrough and executes testing procedures to determine control design/operating effectiveness against industry standards (COBIT, COSO, ITIL, ISO, SANs).

IT OPERATIONAL RISK ANALYST

CITY BANK
05.2018 - 12.2020
  • reviewed and challenged significant front line operational risk program execution, including, but not limited to, external fraud, information risk management, safety and physical security, transaction processing and execution, third-party risk management and various risk assessment policies and programs.
  • Evaluated cross-program and cross-group analytics to identify opportunities and best practices to influence stronger risk management practices by the business.
  • Reported findings and developed business cases to influence executive management or management committee member/head of business on the need for controls to mitigate risk.
  • Developed detailed understanding of business strategy, the customer base, products and services and other relevant industry issues, frameworks and emerging risks.
  • Demonstrated a strong understanding of various compliance and regulatory areas (SOX, SOC, ) and the risk register, risk exposure, risk reporting and
    handling of risk events, and supported evidence collection.
  • Performed engagement in key front line governance routines inclusive of strategic planning sessions, governance committees and business reviews.
  • Performed in-depth review of contracts and other legal documents based on knowledge and identifies potential risks, and makes recommendations to management to approve and further evaluate risk level based on program requirement.

IT AUDIT/ RISK

OCEANIC BANK
04.2004 - 08.2018
  • Identified and assess key risks and controls and develop effective test plans for engagements as assigned with limited guidance. Review of IT General Controls (ITGC) and various applications, databases and operating systems.
  • Developed audit work program and detailed understanding audit activities, including IT risks and controls, internal control strengths and weaknesses.
  • Performed IT general controls and application controls reviews and monitor segregation of duties and other key management controls.
  • Exhibited appropriate judgment regarding issue notification, issue draft findings to client management, and drafts final audit reports for review by the Engagement Supervisor or IT Senior Audit Manager.
  • Participated in multiple concurrent risk assessment/management projects that are generally moderate to large in size and moderate to high in complexity.
  • Evaluated/interpreted SOX IT Audit, PCI DSS and Privacy requirements and provide guidance to process and control owners on the objective / intent of the requirements.

Education

Bachelor of Science - Mathematics And Economics

University of Benin
02.2003

Skills

    SAP, FFIEC, ISO 27000, 27001, 27002 OCC, NIST SP 800-53 Rev 4, Rally, UNIX, Microsoft Dynamics, Windows Server, IDEA, Oracle Database, GRC Archer, PeopleSoft, CARS,Network Systems, Security , Microsoft Windows, ERP,Based System, Audit Command Language (ACL), Linux

    Active Directory, Azure, AWS, Microsoft Office Suite (Word, PowerPoint, Excel, Access), SQL Database, Salesforce, SIEM, Intrusion Detection Systems, Firewall, SOX, SOC 2, SOC 123, HIPAA, PCI DSS, PeopleSoft, ACL, ATS, Agile Methodology, COBIT, Share Point

Certification

Certified Information System Auditor (CISA)

Languages

English
Proficient
C2

Timeline

IT RISK ANALYST / COMPLIANCE

SUNTRUST BANK
01.2021 - Current

IT OPERATIONAL RISK ANALYST

CITY BANK
05.2018 - 12.2020

IT AUDIT/ RISK

OCEANIC BANK
04.2004 - 08.2018

Bachelor of Science - Mathematics And Economics

University of Benin
Bobby Mgbameh