Cyrus Walker

Developed and matured the Non-Financial Risk Assessment (NFRA) framework to address technology risks and promote risk culture, providing insights for leadership. Led teams to advise and conduct NFRA reviews across IT, partnering with technology leaders to monitor key risk indicators and advise on mitigation. Established control governance aligning with COBIT, ITIL, ISO, and NIST frameworks to prot

Led and executed global IT internal audits and advisory services, assessing internal controls and mitigating IT/cybersecurity risks across a global organization. Conducted cybersecurity audits for medical devices (FDA, HIPAA) and performed annual PCI-DSS and SWIFT CSCF audits. Identified GDPR compliance gaps, created roadmaps, and reported audit findings to senior management and the Board.

Designed and implemented technical IT audits across diverse client portfolios, including systems development, application controls, and IT infrastructure. Led risk-based technology audits as part of integrated financial audits, identifying key IT risks and assessing controls. Supervised audit teams, managed engagements, identified risks/control gaps, and prepared reports in compliance with SSAE16,

Led IT audit and advisory services for St. John Health System, providing strategic risk management insights. Developed and executed annual audit plans focusing on high-risk areas like healthcare IT and network vulnerabilities. Led audits for the Medicare and Medicaid EHR Incentive Program and conducted Network Penetration Testing using Core Impact.

Led risk-based operational audits across IT infrastructure for the financial services industry, ensuring compliance with standards. Conducted audits of mainframe, distributed environments, security, networking, storage, data centers, and incident management. Evaluated internal controls, implemented corrective actions, and performed business continuity/disaster recovery audits.

Managed the preparation of the annual internal audit plan and oversaw SOX control testing execution, ensuring compliance with SOX requirements. Led and mentored audit teams, ensuring successful execution in adherence to professional standards (COBIT, ISACA, IIA). Conducted operational audits for the CIO on key IT areas and collaborated with internal/external auditors to streamline efforts.

Led SOX IT audits of technology infrastructure, including various operating systems and databases, assessing and evaluating IT controls to mitigate business risks. Developed risk-based audit plans and conducted thorough testing of business and IT controls, providing key insights and recommendations. Coordinated audit efforts with financial audit teams for integrated audits, leveraging ACL software

Managed IT audit engagements focusing on IT general controls, SOX 404, and FERC compliance, identifying control gaps and recommending remediation. Led SOX testing of critical IT processes and directed infrastructure project management for divested business units. Supervised 15 UNIX System Administrators, developing and executing strategic and operational plans.

Established governance to ensure processes and controls were integrated, comprehensive, effective, and automated, meeting regulatory and operational requirements leveraging industry frameworks. Partnered with key stakeholders to develop, enhance, and maintain processes and controls, driving control standards in an advisory role. Collaborated to build strong security controls, automate environments

Led IT audit teams across diverse industries, ensuring timely and high-quality completion of key client engagements. Performed SOX IT audits of ERP systems such as PeopleSoft and JD Edwards, validating the design and operational effectiveness of controls. Managed client relationships, facilitated communication with senior management, and supervised staff auditors, providing training on audit metho

Managed the construction and operation of a new data center with N+1 redundancy for disaster recovery, developing policies for security, power, and equipment. Established data center procedures for monitoring, change management, and issue escalation. Hired and trained system administrators, implementing HP/OpenView Network Node Manager.

Developed and implemented data storage strategies for VMS, Stratus, and AIX platforms, optimizing system resources and leading the data storage management team. Designed and executed disaster recovery strategies for production VMS systems, performing regular simulations. Completed TPF Systems Programming training, supporting the SABRE reservation system project.

Led a team of 30 hardware planning technicians overseeing IMAC activities for a Tier IV data center, ensuring high availability. Developed long-term strategies for data center operations, including an $80M project, managing internal projects, procurement, and RFP processes. Technical advisor for a $20M hardware maintenance outsourcing project, leading feasibility study, vendor selection, and negot

Completed a Master of Science degree focusing on Computer Information Systems. Gained advanced knowledge in information technology and systems management.

Obtained a Bachelor's degree in Business Management. Developed foundational knowledge in business principles and management practices.