IT Security/Risk Management Resume
|Desired Industry: Information Technology
|Desired Job Location: Houston, Texas
||Date Posted: 7/5/2016
|Type of Position: Full-Time Permanent
||Availability Date: ASAP
|Desired Wage: Negotiable
||U.S. Work Authorization: Yes
|Job Level: Management (Manager, Director)
||Willing to Travel:
|Highest Degree Attained: Bachelors
||Willing to Relocate: Undecided
IT RISK & CONTROLS LEADER
EXPERIENCED TECHNOLOGY PROCESS, RISK AND CONTROLS PROFESSIONAL FOCUSED ON ADDING VALUE AND IMPROVING OPERATIONS
Highly adaptable, solution-driven professional focused on helping organizations add value, achieve business strategies, and improve business operations. My experience and skill sets position myself uniquely to help add value through a broad range of roles including Internal Audit, Governance, Risk Management, Compliance, Information Security, Cybersecurity and Strategic Projects. Demonstrated expertise in Sarbanes-Oxley compliance issues as well as the development of the IT Internal Audit functions. Motivated leader who can navigate a dynamic and sometimes ambiguous environment. Communicates effectively with technology and business stakeholders to establish control practices and reduce risk.
CARDTRONICS, Houston, Texas (2011 to 2016)
Director – Internal Audit
Initiated, developed, and implemented IT Audit function in newly emerging Internal Audit department. Worked directly with Executive Chief Auditor to develop policies, procedures, and standards for the newly formed department and educate company on commonly accepted good control practices.
•Worked directly with executive leadership and senior management on implementation of risk-based (top down and bottom up) approach, establishing short and long range IT audit plans that focused on areas of high risk to the company.
•Defined scope and direction for Internal Audit participation on strategic organizational initiatives, reducing implementation risk and focusing primarily on requirements definition, security design, and user acceptance testing.
•Evaluated emerging PMO and SDLC policies and procedures, presenting findings to executive management and implementing improvements which enhanced strategic project delivery.
United Airlines (Continental Airlines), Houston, Texas 2008 to 2011
Manager - IT Audit
Managed planning, execution and reporting related to all aspects of the IT audit function as well as Sox compliance activities. Participated on strategic projects to accomplish the stated goals and objectives of the organization.
•Collaborated with senior leadership to define scope and direction of Internal Audit participation on strategic IT initiatives, consulting with project teams on issues and concerns related to project success as well as process and technology component risk.
•Participated in skills development of audit team, identifying areas of training necessary to perform planned audits.
•Fostered a positive working relationship as a trusted business advisor to senior IT leadership, providing guidance regarding existing technology, new initiatives and emerging risks and concerns.
•Led IT audit engagements that resulted in a total recovery of over $1.5 M, identifying recoverable amounts through audit procedures related to debit memos, contract pricing, duplicate payments and faulty program logic.
GLO CPA’s - Contractor (2006-2007)
Supported Sarbanes-Oxley compliance activities by identifying and documenting application controls for Mariner Energy, an oil and gas exploration and production company. Scope of work included applications and spreadsheets in support of the following business processes: Revenue, Accounts Payable, Corporate Accounting, Marketing, HR, Treasury, and Tax.
Ernst and Young LLP – Manager II – Technology and Security Risk Services (2004)
Provided guidance in Duke Energy’s Sarbanes-Oxley implementation. Scope of work included applications in support of the following power and gas trading operations: Deal Capture, Confirmations, Deal Validation, Valuation, Scheduling, FAS133, Curve Validation, Settlements, Contract Administration, Collateral Management and Counterparty Credit.
Independent Contractor (2003 – 2004)
Provided support and guidance to client organizations related to implementation of Sarbanes-Oxley requirements.
•Led IT component of Sarbanes-Oxley implementation for a large cancer care and research company, focusing on identification and documentation of both ITGC and application controls in support of revenue, expenditure, inventory, asset management, and payroll transaction cycles.
•Provided Sarbanes-Oxley pre-implementation consultation to senior management of large energy corporation in preparation for pending larger effort to document and test key controls related to corporate consolidation and financial reporting.
Arthur Andersen LLP, Experienced Manager – Technology Risk Consulting (1994 to 2002)
Contributed to development and expansion of outsourced internal audit practice. Served as the responsible engagement manager on several large outsourced internal audit arrangements and oversaw all aspects of planning and execution of audit plans. Championed and contributed technological component expertise within the local office.
•Served as subject matter expert in project management and systems development life cycle.
•Supported financial statement audit team as Technology Engagement Manager on numerous audits.
•Led multiple projects and teams through pre and post project implementation engagements, demonstrating strong organizational and communication skills.
•Participated in recruiting and hiring efforts, mentoring and evaluating professional staff and facilitating training programs related to technical subject matter expertise.
Bachelor of Business Administration (BBA) – Accounting; Management Information Systems, University of Houston
Sigma Chi Fraternity
CISA; CRISC; Internal Audit; Risk Management; Risk Identification; Risk Assessment;Technology Process Improvement; Technology Security; Regulatory Compliance; Cybersecurity; Information Security; Data Security; SDLC; PMO; Governance; Sarbanes Oxley; General Controls; Application Controls; GITC; Operating System Security; Database Security.
Seeking to transition to a new career path leveraging existing skills obtained in the areas of Internal Audit and consulting. Willing to consider new career paths that position myself to contribute and add value to the organization.
Available upon request.
Candidate Contact Information:
|JobSpider.com has chosen not to make contact information available on this page.
Click "Contact Candidate" to send this candidate a response.