Ziad Ammouri

Cyber/ IT Auditor GRC

Talent

Detroit, City of Detroit, Wayne100 USD/hourMember since January 31, 2025

Hire their services

Request a quote with no obligation

it auditor data protection it governance risk management compliance

About

Experienced IT Governance, Risk, and Compliance professional with 4+ years of expertise in IT Audit, SOC compliance, and regulatory frameworks including NIST, ISO 27001. Proven ability to assess risks, implement security controls, and enhance organizational security posture. Proficient in leveraging Power BI, Python, and GRC tools to deliver data-driven insights and optimize audit and compliance processes.

Experience

Executed strategic audit plans and established risk profiles, reducing potential operational impacts by 25%.
Managed audit initiatives, reducing security incidents by 30%.
Performed data mapping and governance tasks using NIST and CJIS frameworks, mentoring junior team members to enhance their understanding of compliance requirements and data protection protocols.
Conducted in-depth risk assessments, identified and mitigated 50+ risks, and facilitated remediation of audit findings, improving overall compliance posture.
Ensured compliance with audit recommendations through consistent follow-up on remediation efforts, achieving 95% resolution rates for identified vulnerabilities.
Enhanced IT audit cycle efficiency by 25% through automation of reporting and analysis using Power BI, enabling real-time insights into risk and compliance metrics and supporting strategic decision-making.
Designed and implemented a Power BI dashboard for IT audit reporting, improving data visualization and enabling real-time insights into IT risks and compliance.
Regularly monitored sensitive data across networks, implementing DLP checks to safeguard information and minimize unauthorized access risks.
Collaborated with IT and business units to synchronize IT processes with business goals, enhancing operational efficiency and alignment.
Contributed to creating a cybersecurity-aware culture through dedicated training and awareness programs, reducing security incidents and improving protocol adherence.