Want your profile here?

Becoming a member is easy! works with you to help you advance your career by putting you directly in front of tens of thousands of recruiters in your field. Sign up today on

RssIT Security Audit Manager

FRANC NJOKU-EBERE: CISA 6803 Gairlock Place Lanham, MD 20706 301-996-3401 Citizenship: USA CORE COMPETENCIES Security Control, IT Risk Management, IT Auditing, SOX Projects, Internal Controls Testing, Internal Control Design/Documenting, System Analysis, Quality Assurance, System Architecture, Project Management, Project Scheduling, Budget Management, Requirements Analysis, Requirements Design, Test Scrip Design, Data Modeling, Database Design, Software Development, System/Integration Testing, Performance Monitoring, Project Status Reporting, Personnel Supervision, Performance Reviews, Entry/Exit Interviews, Business Impact Analysis, Leadership, Communication, Technical Documentation, Client Communication, Troubleshooting, Relationship Management. PROFESSIONAL EXPERIENCE 6/2007-12/31/2010 IT Security Audit Manager Children’s National Medical Center Washington, DC Hours per Week: 40 Supervisor: Delores Mckoy Phone: (202) 492 – 6121 May Contact: Yes Hand-selected to perform a detailed audit of all terminated of application users using Access Auditor. Skillfully identify and develop risk profiles, evaluate, test, and assess a wide variety of controls on the confidentiality, integrity and availability of data. Proficiently reviewed all daily reports of Active Directory IT Users, identifying AD users with Administrative rights and any new entries made without submission of Change Control. Responsible for maintaining Application Audit Schedules, ensuring all audits take place within scheduled timeframe. Actively utilize Best Practice methods in the auditing of CISCO pix firewall and review infrastructure configuration. Effectively document and present gap/findings to departmental management, while also recommending remediation actions to management. Audit technical environments, ensuring the segregation of development, testing/QA, and production. Successfully conduct business impact analysis and process decomposition with process owners and business users in support of overall operations. 9/2005-12/2006 Senior SOX Consultant System Engineering Services Corp., Reston, VA. Hours per Week: 40 Supervisor: Matt Green Phone: (703) 262-5663 May Contact: Yes Actively served as Senior SOX Consultant for Fannie Mae’s Restatement, from creating SOX project plan and producing weekly status updates to reviewing business risks and associated controls. Strategically interviewed process owners and business in the development of Business Process Flows and Narratives for FAS 91 Amortization. Successfully produced Application Risk Control and Database Risk Control Metrics addressing IT risks, including access security control, change management, development methods, and computer operations. Proficiently developed detailed IT process flows and use cases depicting internal controls and touch points. Skillfully validated amortized securities and loans data using Crystal reports. Consistently reviewed Architecture/SDLC documents, Java codes, Ab Initio graphs, and Run books in the verification of compliance with COBIT and COSO frameworks. Effectively designed and executed test scripts for IT General Controls, including application maintenance, change management, access security, system software, and computer operation. 10/2002-8/2005 IT Risk/Audit Manager Daily Accounting & Tax Services Washington, DC Hour per Week: 40 Supervisor: Eugene Anuforo Phone: (202) 291 – 5647 May Contact: Yes Served as Senior SOX Consultant, effectively spearheading IT Assurance, Audit and SOX functions on behalf of Freddie Mac, Xo Communications and various other clients. Successfully designed, tested and documented IT application controls for top 20 financial applications for Freddie Mac’s SOX 404 compliance project. Actively conducted detailed business impact analysis and process decomposition with process owners and business users. Responsible for conducting detailed interviews of process owners, business users and IT support staff to review infrastructure configuration in an audit of documented controls. Effectively documented and presented test results, gaps and findings to departmental management regarding remedial action. Drove the coordination of in-process quality review sessions and conducted change control board meetings to approve/track changes. Oversee implementation, system test, user acceptance test, integration test, and production migration. Consistently published CCB minutes for signoffs by stakeholders, including IT/business managers and company representatives. Proficiently conducted risk and control self-assessment methodology with the firm's existing SOX processes. Designed, tested and documented User Provisioning controls for financial applications, including FIN45, FIN46, FAS91, FAS115, and FAS133. Developed and executed IT audits programs in support of integrated audit plans and teams. Reviewed and analyzed codes, tables and design objects to produce application controls documentation in compliance with SOX requirements. 6/1999-7/2 IT Allied systems Nigeria Limited Lagos, Nigeria Hours per Week: 40 Supervisor: John Ogu **** The Office Closed **** Successfully authored the technical section of the winning audit proposal in response to the RFP from the Petroleum Ministry for the audit of 3 refineries’ Computerized Accounting System and corporate headquarters system development infrastructure. Actively served as IT Assurance Advisor to Army’s Signal Corps’ Engineering Management Board, skillfully assisted chairman in the development of technology engineering plans, policy analysis procedures, hardware/system software evaluation. Efficiently translated EMB issues/resolutions into the Signal Corps’ requirements and standards in procurement, implementation, and operation of the networks. Directed audit programs, from assigning auditors and reviewing work papers to producing interim and final reports. Recommended SDLC emphasizing user involvement, prototyping, spiral model design, version control, and structured testing. Reviewed system development life cycle and infrastructure, effectively uncovered material weakness in the refineries credit management and petroleum products distribution. Skillfully produced a detailed audit plan for the Army’s Signal Corps networks, skillfully collaborated with two auditors executed audit plan. Responsible for evaluating effectiveness controls in a 700-user multi-LANs, information access policy/ standards, physical security of information assets, and backup procedures/practices. Developed the detailed recommendation of classification of information objects to remediate a weakness in access control policy, network zoning, and role-based access rights delineation. Conducted detailed entry/exit interviews with executive managers and periodic performance reviews. 2/1993-4/1999 Information System Manager Nigeria National Petroleum Corporation Nigeria Hours per Week: 45 Supervisor: Chief Dr. Best Emmanuel Phone: 011.234.806.858.9619 May Contact: Yes Effectively supervised the successful installation of a 100-user Netware 3.2 LAN at six subsidiary companies. Drove the production of IT Insertion Plan, while also serving as liaison with IT managers during implementation. Responsible for requesting contract bids proposals for IT projects, analyzing proposals and recommended contract awards. Proficiently Chaired JAD sessions for requirements definition between user communities and contractors, while also serving as co-chair for baseline, allocation, acceptance, and post-deployment review sessions. Responsible for leading monthly project status meetings, reviewing/approving project deliverables, coordinating application deployments, and conducting user training sessions. Skillfully produced a detailed user interface specification plan, prescribing standards for writing user manuals, training materials, cue cards, context-sensitive online help, screens, and menus. Successfully trained 8 executive directors, 10 general managers and numerous branch managers, as well as conducting performance reviews and career mentoring for 15 professional staff. Responsible for producing software development and database engineering plans describing industry best practices techniques using ER and Erwin modeling. Proficiently supervised the installation of Oracle 8i and Oracle 8i Client on Windows NT. Capably reviewed SQL codes to ensure optimal performance. Tasked with the preparation of departmental budgets and corporate strategic planning. Successfully introduced a requirements-based structured acquisition methodology to augment the government’s tendering policy, effectively reducing procurement costs by over 40%. 5/1990-12/1992 System Architect Computer Science . College Park, MD Corp Hours per Week: 40 Supervisor: Michael Walter **** The Office Closed **** Quickly promoted to system architect for exceptional technical performance, responsible for producing system engineering management and quality assurance plan development. Serving as Quality Assurance Manager for the Social Security Administration’s PACER project, skillfully implemented in-process quality control and review procedures, effectively reducing rework and review cycle of project deliverables. Efficiently led design teams in the production of software modules and ORACLE SQL*Plus codes. Chaired life cycle reviews leading to establishment of system baselines and acceptance tests. Co-chaired JAD sessions, effectively provided technical direction regarding requirements gathering and refinement. Effectively interviewed, hired and trained staff and actively collaborated in training 35 client personnel and 65 CSC’s project staff in object-oriented analysis, extended relational analysis, object oriented design, and user manual development. 1/1987-3/1990 Pentagon Site Manager TRW, Inc. Manassas, VA Hours per Week: 40 Supervisor: Matt Holgren **** The Office Closed **** Functioning as Team Leader, drove the development of QA & CM software using Oracle 7 and Pro*COBOL for the Air Force System Command, ensuring all system documentation was DoD 2167 & MIL-STD-498 compliant. Promoted to Pentagon Site Manager for exceptional on-the-job performance. Effectively conducted system demos to one-star Generals and Colonels at the Pentagon. Strategically coordinated the development of detailed user manuals and conducted hands-on training sessions for Air Force Systems Command’s personnel. Proficiently developed an in-depth system engineering management plan for the Army Wide Information System. Utilized object-oriented analysis and data modeling methodology in the identification of common objects and production of logical data models for O-Plan, Call-up, and Mobilization. Successfully developed a detailed re-usable objects library of common objects in military Operation Planning, Call-up, Mobilization, and Employment subsystems. Proficiently authored several sections of TRW’s winning proposal for the Air Force Systems Command’s EIS II project, including requirements engineering, software development and database engineering. 6/1983–12/1986 System Analyst Automated S stciences Inc. Silver Spring, MD Hours per Week: 40 **** The Office Closed **** Skillfully served as Team Leader for Air Force System Command’s IRDS Project, effectively producing a functional baseline, conducting design reviews and performing acceptance testing reviews. Responsible for handling acceptance testing, from developing software requirement specifications and conducting structured reviews to developing requirements matrix and testing system against functional baseline. Applied WBS to identify and describe the analysis and design tasks portion of the Concept of Operations Document on behalf of the US Marine’s M3S project. EDUCATION Certification: CISA 2006 Operations Research, 1985, University of Baltimore University of Baltimore Baltimore, Maryland Masters of Science Major in Information Systems Graduated, June 1983 University of Minnesota Twin Cities, MN Bachelors of Science Major in Accounting Graduated, March 1982 TECHNICAL PROFICIENCIES Languages & Tools: Access Auditor, P/LSQL*Plus, Visio, PowerPoint, Project, ClearQuest, Crystal Report, and Quest4. DBMS: ORACLE 9i, SQL Server 2000, and MS Access LAN/OS: Windows NT, Windows 2003 Server, UNIX/LINUX, and MVS Security: LDAP, AD, NDS, NIS, Remedy, and Top Secret Held Top Secrete Clearance


Lanham, MD

About Me


Accounting & Finance



Education level:


Will Relocate:



Lanham, MD