0 calificaciones0% encontró este documento útil (0 votos)
29 vistas3 páginas
Senior Business Analyst; Risk Manager; Information Security & Compliance Specialist; Senior Internal IT Auditor; Senior SOX Audit Lead; Sarbanes Compliance Manager with 20 years experience looking for a Middle Management position.
Título original
Senior Business Analyst; Risk Manager; Information Security & Co
Senior Business Analyst; Risk Manager; Information Security & Compliance Specialist; Senior Internal IT Auditor; Senior SOX Audit Lead; Sarbanes Compliance Manager with 20 years experience looking for a Middle Management position.
Copyright:
Attribution Non-Commercial (BY-NC)
Formatos disponibles
Descargue como TXT, PDF, TXT o lea en línea desde Scribd
Senior Business Analyst; Risk Manager; Information Security & Compliance Specialist; Senior Internal IT Auditor; Senior SOX Audit Lead; Sarbanes Compliance Manager with 20 years experience looking for a Middle Management position.
Copyright:
Attribution Non-Commercial (BY-NC)
Formatos disponibles
Descargue como TXT, PDF, TXT o lea en línea desde Scribd
Information Systems Security & Compliance Risk Specialist
Oceanside, CA 92057 Phone: 513-253-3781 mpc41244@westpost.net Relevant Business Experience: Accomplished Senior Level SOX 404 & IT InfoSec Compliance Pro with 20 years of functional COSO / COBIT / NIST / ISO / PCI based Internal & Operations Audit Exp erience analyzing InfoSec, SOX & e-Commerce controls for various Corporations th at utilize a wide variety of Custom / Legacy SaaS, ERP / CRM & Financial Systems . Expertise includes database cleansing and standardization; identification of an d amarkinga of sensitive data; implementing methodologies to encrypt data in mot ion and at rest; and the Certification of Interfaces, Spreadsheets and Reports f or Sarbanes Compliance. Experienced in all aspects of Corporate Information Systems Security Compliance including but not limited to: Vendor Risk Management - Stateside and Offshore - including drafting, communica ting and tracking remediations required to maintain the same Standard Service Le vels required by Client Contracts & Regulations such as Gramm-Leach-Bliley; Red Flags; Sarbanes Oxley; HIPPA; Patriot Act, etc. Formal Client Requests Fulfillment a" Security Risk Assessments, RFPs / RFIs, & coordinating onsite audits. Mapping and routine updating of Systems Schematics a" hardware, platforms, soft ware licenses and peripherals tied to Fixed Asset Records, User Profiles and mai ntenance contracts. Proper Segregation of Duties and Access Control for internal employees and cons ultants as well as external clients, vendors and auditors. Continuous protection of privacy of information and intellectual property throu gh the ongoing testing, logging, reviewing, monitoring and prevention of intrusi on, through vulnerability assessments, and systems / applications stress testing to ensure the quick and efficient processing of, and access to data. Providing training and presentation of continuously updated process narratives, policies & procedures, user guides and technical reference manuals that reflect the ever-changing industry needs, client demands & best practices while operati ng within legal and regulatory constraints and boundaries. Standardization of databases and efficient uploading of updates from a wide var iety of financial and government sources, validating Website display and functio nality of data access. Proactively scouring for exceptions using data forensics a" running ahead of th e auditors proactively remediating problems found thereby proving that managemen t is effectively managing risk and mitigating fraud potential. Securing and documenting Applications development through effective and efficie nt Change Management. Maintaining SAS-70 Compliance and providing the required annual updates as need ed by clients in the manner approved by Legal. Facilitating and supporting legal compliance through intelligent Documentation Retention and need-to-know access to approved contract and audit document reposi tories, corporate governance files and apermanenta business files. Periodically updating and testing Business Continuity and Disaster Recovery Pla ns starting with Daily Backups. Contracting for specialized IT / IS services from specification development, RF Pas written and answered, contract award and management. Experienced in all aspects of SOX Compliance from AS-5 Entity-Wide Risk Assessm ent through the identification and testing of Key Controls, IT data mining and f orensics using ACL, audit interviewing, writing and updating business process na rratives / policy & procedure documents, updating COSO / COBIT control matrixes, and writing test scripts. Re-designed existing IT and Financial controls to mitigate and remediate risks/ deficiencies. Streamlined testing by cross-referencing controls required to be tested by various Regulatory entities. Proficient at IT Project and Change Management a" drafted plans and coordinated critical IT remediation projects required to obtain / maintain Sarbanes Complia nce a" mapping data to facilitate System Conversions and uploading electronic da ta filings via EDGAR, FERC (Federal Energy Regulatory Commission), EPA (NPDES) & IRS 1099as. Greatly reduced corporate audit costs through integrating External Financial Au dit Coordination together with Internal Operations Audits and SOX 404 related au dit activities. Facilitate filing of IPOas and SEC S-1as. Relevant Career Experience: 1997-Current Companies: Insight Global; Xperianz / Resources Global; Robert Hal f Itnal; K-Force & 1099 Direct. POSITIONS: Information Systems Security & Comp liance Risk Officer; Sr. SOX 404 Audit Consultant; Sr. SOX IT Audit Consultant a nd Sr. Business Analyst for Database(s) Standardization, Systems Integration, Re mediations Design and Project Coordination. a Feb 2010-Current CoreLogic, Inc. (formerly First American) a" $2B leading technology provider of business information, analytics and outsourcing services. Segment: Valuation Services IT Shared a" offering SaaS Real Estate Appraisals and Broker Price Opinions to the Financial Services industry and Federal Governm ent. POSITION: IT Information Security & Compliance Specialist a 2007-2009 NewEgg.com - $2B Import/Export Ecommerce Electronics Retailer. a POSITION: Sr. SOX Audit Consultant, including ITGC & Applications Audit. Sys tems: SAP, AMS Legacy, BizTalk, SQL, Excel & ACL a 2007 PriceSmart - $900M International CostCo. POSITION: Sr. SOX Audit Testin g Consultant. Systems: Policy IQ a 2007 E&S International - $500M Import / Export Electronics Manufacturer & Whol esale Distributor., POSITION: External Auditor Management Coordinator. POSITI ON: Systems: SAP a 2006-2007 Fuel System Solutions / Impco Technologies, Inc.- $175M Manufacturer of industrial automotive fuel conversion systems. POSITION: SOX IT Testing Co nsultant a" US, Netherlands & Australia. Systems: SAP & JD Edwards a 2005-2006 Dayton Power & Light a" $1.2B MidWest Gas & Electric Company. POSIT ION: SOX Remediations Coordination, EDGAR / Federal Energy Regulatory Commissio n (FERC) & IRS 1099 Electronic Filing Specialist. Systems: JD Edwards, EDGAR, YES a 2005 Reynolds & Reynolds, Inc.- $1B ERP / CRM Software Developer for 2/3 of th e US & Canadaas Auto Manufacturers and Dealerships. POSITION: SOX IT Specialis t for Spreadsheet Certifications. Systems: SAP and Legacy a 2005 General Cable Corporation - $2B Manufacturer of Fiber-Optics, Wire & Cabl e Products. POSITION: SOX Audit Test Consultant & Operations Remediation Speci alist. Systems: H Friedman, Legacy & Hyperion a 2004-2005 NS Group & Subsidiaries Newport & Koppel Steel - $500M Manufacturer of Seamless Steel Pipeline. POSITION: SOX Audit Test Consultant including IT A pplications a 2004 UNOVA / Intermec Corporation - $710M Manufacturer of Industrial Automatio n Components & Robotics. POSITION: Sr. SOX Audit Test Consultant. Systems: M apics & Legacy a 2000 Convergys - $ Telecom Billing Provider for: AT&T, Cincinnati Bell, Ver izon & Sprint Billing. POSITION: Y2K Legacy Systems IT Consultant. Systems: PeopleSoft, Hyperion, SAP, Legacy. 2003-2009 Genlor, Inc. / Gannett Inc. a" Merchant Acquisition & Customer Loyalty Programs for Gannett and other Large Metro Newspapers. POSITION: Principal a" Financial & Tax, Sales and Marketing Support, Website & E-Commerce Management 1997-2003 Kruse & Crawford CPAas a" Partnership Accounting, Succession Planning and & Corporate Tax Services CPA Firm. POSITION: Sr. Corporate Tax Accountant Contractor 1994-1997 Rippe & Kingston CPAas, PSC / R&K Systems, Inc. / HLB International - Accounting Systems Implementation and Integration Specialists for Law Firms and Municipal Enterprises. POSITION: Director, Government Services Division 1990-1994 City of Cincinnati. Departments: Recreation Commission; Public Works a" Stormwater Management Utility; Finance; City Council. POSITIONs: Financial IT Manager / Internal Auditor / City-Wide SW Conversion Specialist
Education & Certifications:
University of Cincinnati - BS, Accounting & Information Systems Technology CPA a" OH inactive - Pursuing CA Registration and CISSP Certification Resume Addendum: Industry, Functional IT Security & Applications Experience Sum mary INDUSTRY EXPERIENCE a Consulting, Financial Services; a Import/Export Electronics Distribution: Wholesale, Retail & E-Commerce a Industrial: Robotics Manufacturing for Automotive, Pharmaceutical, Bio-Tech a Media a" Large Metro Newspapers a Utilities: Oil, Gas, Electric & Telecom a ERP / CRM Software Development: Auto Manufacturers & Dealerships a Fiber-Optic Wire & Cable Products a Steel Foundries & Pipelines a Government Contracting: Legal, Engineering, & Accounting Firms, EPA a Municipal Enterprises a Regional Computing Centers a Airports and Airport Security FUNCTIONAL IT SECURITY EXPERTISE a Data & Analytics; Data Bases Cleansing, Standardization & Normalization a Sensitive Data marking and Encryption Protection a" in motion & at rest, trans mitting & receiving a Gramm-Leach-Bliley, Red Flags, Patriot Act, HIPPA & PCI Compliance a Vendor & Client Security Risk Management a Information Security, Compliance & Enterprise Risk Management a SOX 404 Risk Assessments, Key Controls ID, Test Scripts, Testing, Remediations & Mitigating Reports a Business Process Re-Engineering, Change & Project Management a P&P/Process Narrative Development a Internal Operations & External Audit Management Coordination a CoA, JEas, SoD, Access Analysis, Data Mining, & Forensic Auditing a Corporate Governance, MIS, Accounting Systems / Interface Evals a Global ERP Systems Implementation a Financial / Regulatory Reporting, Planning & Analysis a M&A Systems Integration Plans a Strategic Master Planning a" Operations, Maintenance & Capital a Preparation of IRS, FERC & SEC Uploads & Supporting Schedules a Employee & Customer Surveys APPLICATIONS SYSTEMS EXPERIENCE ERP Systems Integration / Audit: a SAP, JD Edwards, PeopleSoft, Oracle a Great Plains a AMS / Legacy eCommerce, Appraisal & BPO Systems a Hyperion Enterprise, a ADP, HRIS, BizTalk, Pro FX AUDIT / REPORTING TOOLS EXPERIENCE: a ACL , Policy IQ a EDGAR (SEC & FERC) a YES (IRS 1099)