👤 About Me
I am a seasoned IT Auditor with over a decade of experience evaluating information systems, cybersecurity controls, and IT governance frameworks across public-sector and financial institutions. My work focuses on translating complex technical risks into clear, actionable findings for executive stakeholders.
With deep expertise in standards such as COBIT, ISO 27001, NIST CSF, and ITIL, I have led end-to-end audit engagements covering ERP systems, cloud infrastructure, data governance, and third-party risk. I thrive at the intersection of technology and compliance — ensuring systems are not just functional, but trustworthy.
⚙ Core Skills
🏆 Certifications
CISA — Certified Information Systems Auditor
ISACA · ActiveCISSP — Certified Information Systems Security Professional
ISC² · ActiveCRISC — Certified in Risk & Information Systems Control
ISACA · ActiveAWS Certified Security – Specialty
Amazon Web Services · ActiveISO 27001 Lead Auditor
PECB · Active💼 Experience
Senior IT Auditor
Lead risk-based IT audits of core financial systems, ERP implementations, and cybersecurity posture. Produced findings adopted in national IT governance policy revisions.
IT Audit Manager
Managed a team of 6 auditors conducting annual IT general controls reviews across 12 SOEs. Introduced data analytics tooling that reduced sampling time by 40%.
IT Auditor
Conducted application controls reviews and access management audits for government information systems. Supported performance audits with technical findings on data integrity.
IT Risk Consultant
Delivered SOX IT compliance assessments and ISO 27001 gap analyses for banking and insurance clients across Southeast Asia.