Alex Johnson

Information System Auditor | Compliance Analyst | GRC Specialist

New York, US.

About

Highly accomplished Information System Auditor and Compliance Analyst with 7+ years of experience steering robust IT audit engagements, fortifying regulatory compliance frameworks, and mitigating critical risks across complex enterprise environments. Proven expertise in SOX, GDPR, HIPAA, and ISO 27001, consistently delivering actionable insights that enhance control effectiveness, optimize operational efficiency by 15%, and safeguard sensitive data assets for multinational corporations.

Work

GlobalTech Solutions

Senior Information System Auditor & Compliance Analyst

New York, NY, US

Sep 2018

→

Mar 2024

Summary

Led comprehensive IT audit and compliance initiatives, enhancing control environments and ensuring adherence to global regulatory standards for a Fortune 500 technology firm.

Highlights

Directed 10+ annual IT General Control (ITGC) and application control audits for critical financial systems (SAP, Oracle), identifying 20+ high-risk vulnerabilities and driving remediation efforts to achieve 100% compliance with SOX requirements.

Developed and implemented a robust GDPR and CCPA compliance program, resulting in a 30% reduction in data privacy risks and successful certification across 5 international business units.

Conducted enterprise-wide risk assessments and gap analyses against NIST and ISO 27001 frameworks, guiding the implementation of 15+ new security controls that strengthened the overall information security posture.

Streamlined audit methodologies and reporting processes utilizing GRC platforms (e.g., Archer), improving audit cycle efficiency by 25% and enhancing executive-level visibility into compliance status.

Collaborated cross-functionally with IT, Legal, and Business Operations teams to translate complex regulatory requirements into practical, actionable controls, reducing potential non-compliance fines by an estimated $2M annually.

Managed external audit relationships, facilitating seamless data requests and control walkthroughs, which contributed to unqualified audit opinions for 3 consecutive fiscal years.

Education

State University of Technology

Anytown, CA, United States of America

Sep 2014

→

May 2016

Master of Science

Information Systems Management

Grade: 3.8/4.0 GPA

Courses

IT Governance & Risk Management

Advanced Cybersecurity Principles

Data Privacy & Compliance Law

Enterprise Resource Planning Systems

Audit Analytics

Awards

Excellence in IT Audit Award

Jan 2022

Awarded By

GlobalTech Solutions

Recognized for outstanding contributions to enhancing the company's IT control environment and achieving 100% SOX compliance.

Languages

English

Spanish

Certificates

Certified GDPR Practitioner

Jun 2020

Issued By

International Association of Privacy Professionals (IAPP)

Certified in Risk and Information Systems Control (CRISC)

Mar 2019

Issued By

ISACA

Certified Information Systems Auditor (CISA)

Aug 2017

Issued By

ISACA

Skills

IT Audit & Compliance

IT General Controls (ITGC), SOX Compliance, GDPR, HIPAA, PCI DSS, NIST CSF, ISO 27001, GRC Frameworks, Risk Assessment, Control Testing, Audit Planning & Reporting, Remediation Management, Data Privacy, Regulatory Compliance.

Technical Proficiency

SAP ERP, Oracle Financials, AWS Cloud Security, Azure AD, SQL, Windows Server, Linux, Network Architecture, Cybersecurity Principles, SDLC.

Tools & Platforms

Archer GRC, ServiceNow GRC, ACL Analytics, IDEA, Microsoft 365, Jira, Confluence.

Professional Skills

Project Management, Stakeholder Engagement, Analytical Problem Solving, Policy Development, Technical Documentation, Cross-functional Leadership, Process Optimization.