1. Led and executed over 30+ SOX 404 internal IT audits annually, assessing ITGCs and application controls across user access, change management, system operations, and data integrity 2. Conducted ISO 27001–based internal audits and NIST CSF–aligned IT risk assessments on automated applications, identifying control gaps and improvement areas that led to a 30% reduction in repeat audit findings over two years 3. Evaluated and advised on IT control design and effectiveness, independently reporting risks to compliance leadership and control owners 4. Leveraged RSA Archer and ServiceNow GRC platform to manage audit workflows, log issues, and track remediation of control deficiencies across multiple lines of business 5. Prepared detailed audit reports with actionable recommendations and present findings to senior IT and compliance stakeholders 6. Managed and led team members for third-party due diligence and risk assessments for 45+ vendors, including infosec policy reviews, AML/anti-fraud analysis reports and monitoring, Privacy Impact Assessments (PIA), KYC documentation, and compliance