IT Auditor

*

Farai Jawi

*******@*****.*** +263-**-***-**** LinkedIn: Farai Jawi

Harare, Zimbabwe

Professional Summary

Results-driven IT Auditor with 3 years of experience in IT governance, risk management, cybersecurity, and compliance. Certified as a Certified Information Systems Auditor (CISA), ISO/IEC 27001 Lead Auditor, and PECB NIST Cybersecurity Consultant, with expertise in conducting IT audits, evaluating controls, and ensuring regulatory alignment with frameworks such as NIST, ISO 27001, and COBIT. Proven track record of identifying vulnerabilities and strengthening security postures. Work Experience

Job Title: IT Auditor

August 2021 - present

Bakertilly

Tasks

• Conduct IT audits to assess internal controls, security policies, and regulatory compliance.

• Evaluate IT systems, networks, and applications for vulnerabilities and risks.

• Ensure alignment with industry frameworks such as NIST, ISO 27001, and COBIT.

• Develop audit reports and recommend remediation plans for identified risks.

• Assist in regulatory compliance assessments, including SOC 2.

• Identify and assess IT risks, recommending mitigation strategies.

• Conduct cybersecurity assessments.

• Implement security controls to strengthen organizational security posture.

• Advise on incident response and disaster recovery planning.

• Monitor and improve IT governance, risk management, and compliance (GRC) programs.

• Develop and implement IT governance policies and procedures.

• Assist organizations in achieving and maintaining ISO/IEC 27001 certification. 2

• Conduct gap analyses against NIST Cybersecurity Framework and ISO 27001 standards.

• Train employees on cybersecurity best practices and compliance requirements.

• Support organizations in establishing IT risk management frameworks. Work Experience

Job Title: IT System Analyst

August 2019 – August 2021

Dream93 Technologies

• Analyze business requirements and translate them into IT system specifications.

• Evaluate existing IT systems to identify areas for improvement.

• Design and document system workflows, data models, and processes.

• Develop and recommend solutions to enhance system efficiency and functionality.

• Work with stakeholders to define system needs and objectives.

• Create detailed technical and functional documentation.

• Ensure system requirements align with business goals.

• Assist in selecting software, hardware, and IT solutions. Skills and Competencies

• IT Auditing & Compliance (CISA, ISO/IEC 27001, NIST)

• Risk Assessment & Management (IT Risk, Cyber Risk, Business Risk)

• Security Frameworks (NIST, ISO 27001, COBIT, CIS Controls)

• Regulatory Compliance

• Cybersecurity & Threat Analysis (Vulnerability Assessments)

• IT Governance & Controls Implementation

• Incident Response & Disaster Recovery Planning

• Security Operations & Monitoring

• Cloud Security & Compliance (AWS)

• Network & System Security Audits

• Analytical Thinking & Problem-Solving

• Strong Report Writing & Documentation

• Risk-Based Decision Making

• Communication & Stakeholder Engagement

• Project Management & Organizational Skills

• Continuous Learning & Adaptability

• Training & Awareness on Security Best Practice

3

Educational Qualifications

Bachelor of Science in Telecommunications Honors degree, Midlands State University, Gweru, Zimbabwe, 2017 (4 years).

Professional Qualifications

• Certified Information Systems Auditor (CISA)

• PECB Nist Cyber Security Consultant

• ISO/IEC 27001 Lead Auditor

• AWS Cloud Practitioner

• Project Management

• Python (CS50)

Projects & Achievements

• Led an IT security audit that identified and mitigated critical vulnerabilities, enhancing overall cybersecurity.

• Implemented a risk-based audit approach that improved efficiency and effectiveness of IT audit processes.

• Assisted organizations in achieving ISO 27001 certification through structured risk assessments and compliance roadmaps.

Professional Memberships

• ISACA

• PECB

REFERENCES

Mr. T Chitotombe - Bakertilly

Audit Manager

*******.**********@**********.**.**

+263*********

Mr. K Magwenzi – Dream93 Technologies Ltd

Director

***********@**********.***

+491**********

Contact this candidate