| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidate Candidate's Name , CISSP, CISA
Street Address Carolyn Court
East Hanover, NJ Street Address
PHONE NUMBER AVAILABLE
EMAIL AVAILABLE
|OBJECTIVE: |Desire a security, audit, and compliance position with a dynamic |
| |leading edge company enabling me to apply my security knowledge, |
| |risk management skills and technical expertise in the development|
| |and support of systems and applications. |
|SUMMARY |Extensive Information Technology (IT) knowledge and experience in|
| |the evaluation, development, and implementation of security, |
| |audit, and management controls. |
| |Developed and refined Information Security (IS) standards and |
| |policies to comply with financial industry standards and |
| |government laws, rules and regulations. |
| |Excellent oral and written skills used to effectively to |
| |communicate and work with management when addressing significant |
| |IT management control and compliance issues. |
| |Fully knowledgeable and experienced with the system development |
| |life cycle process enabling me to provide effective consultation |
| |and direction with the implementation of such major trading and |
| |accounting systems as FNX and MIDAS. |
|PROFESSIONAL |CITI TECHNOLOGY INFRASTRUCTURE (CTI), Warren, NJ (2004 - 2012) |
|EXPERIENCE | |
| |Vice President/ Business Information Security Officer |
| |Provided security guidance and support for Network and Voice |
| |Infrastructure Services, Branch Support and Client |
| |Infrastructure in North America. Promoted security awareness |
| |and ensured compliance of Citi Information Security (CIS) |
| |standards and data privacy policies through team meetings, |
| |training, email communications and quarterly newsletters. |
| |Lead quality management audits to ensure compliance with ISO |
| |9001 and 27001 certification standards for our Service Delivery|
| |Management Center, Branch Field Services and Desktop Asset |
| |Management. In addition evaluated the quality of vendor |
| |controls by performing security assessments of voice services |
| |and media management support vendors. Provided recommendations|
| |for compliance with IS policy and standards. |
| |Collaborated with CIS Standards Committee to ensure compliance |
| |throughout CTI North America by soliciting feedback from IS |
| |Officers on compliance issues with existing CIS standards. |
| |Provided revisions to CIS standards to strengthen compliance |
| |going forward. |
| |Performed tracking and monitoring of global security |
| |initiatives by providing management IS metrics on such matters |
| |as vulnerability threat management, security risk assessments, |
| |end-of-life equipment, entitlement reviews, and security |
| |investigations. |
| |OFFICE OF THE COMPTROLLER OF THE CURRENCY, Short Hills, NJ (2002|
| |- 2003) |
| | |
| |IT National Bank Examiner |
| |Evaluated the security, audit and governance controls for the IT| |
| |systems development and support environments for Northeast | |
| |District Banks and their IT service providers. | |
| |Provided IT guidance and recommendations for strengthening IT | |
| |security controls used by our Banks to safeguard their systems, | |
| |networks and applications to ensure the compliance with data | |
| |privacy and IT control objectives of Gramm-Leach-Bliley and | |
| |Sarbanes-Oxley. | |
| |Field-tested and provided recommendations as to the strength and| |
| |adequacy of the IT Retail Payment Systems Handbook guidelines | |
| |and procedures being developed by the Federal Financial | |
| |Institutions Examinations Council (FFIEC). | |
Candidate's Name
PAGE TWO
| |THE ASAHI BANK, New York, NY (1997 - 2002) |
| | |
| |Vice President/ IT Audit Manager |
| |Provided annual IT Audit coverage for U.S. operations by testing| |
| |and evaluating security and integrity controls for all UNIX, | |
| |AS/400, Windows and Novell system environments. | |
| |Consulted on the development of the company's data security | |
| |policy, control standards, and security monitoring procedures | |
| |for all business applications and technical operations including| |
| |local area networks, and Internet and Firewall controls. | |
| |Provided recommendations to management regarding the recovery | |
| |and continuation of business operations after the September 11th| |
| |attack on the World Trade Center. | |
| |Consulted on the implementation of the company's new trading and| |
| |accounting systems, FNX and MIDAS, by reviewing project | |
| |management controls, and systems development life cycle | |
| |controls, methodologies and procedures. Provided | |
| |recommendations to ensure on time completion of the project in | |
| |accordance with user specifications, leading business practices,| |
| |and in compliance with regulatory requirements. | |
| |Provided quality assurance guidance for implementing security | |
| |and control over the testing and acceptance of significant | |
| |changes to over 40 systems and applications. | |
| |Achieved satisfactory Year 2000 rating from the regulatory | |
| |authorities by advising management on the appropriate action to | |
| |address all significant Year 2000 control issues. | |
| |PRUDENTIAL INSURANCE COMPANY OF AMERICA, Roseland, NJ (1995 - |
| |1997) |
| | |
| |IT Audit Manager |
| |Developed risk assessments, assessed project plans, and |
| |consulted on system development life cycle controls, |
| |methodologies and procedures used for the consolidation of 18 |
| |agent payroll systems used for compensating over 25,000 |
| |agents. |
| |Reviewed and tested the claims validation and image processing|
| |controls for the Alternate Dispute Resolution (ADR) claims |
| |system used to process up to 450,000 claims. |
| |Consulted on the development of the Lotus Notes based quality |
| |assurance process implemented as the company standard for |
| |changes to its 400 applications. |
| |Developed action plans to improve control over interface |
| |feeds, change control, application security and vendor |
| |management of the consolidated tax reporting system. |
| |Evaluated Year 2000 Compliance Certification process to be |
| |applied to 400 applications. |
| |CSX CORPORATION, Elizabeth, NJ (1993 - 1995) |
| | |
| |IT Project Supervisor |
| |Instrumental in saving $550,000 in management and operating |
| |costs through the development of action plans from a |
| |post-implementation review of the world's first automated |
| |terminal system. Action plans enhanced management reporting, |
| |established systems help desk, prioritized system change |
| |requests and addressed interface control issues for the |
| |booking, billing and container management systems. |
| |Reviewed IT project request and approval process of which more |
| |than 100 enhancements, some valued up to $20 million, were |
| |analyzed. Advised the Systems Review Board on how to improve |
| |control measures for tracking project costs, time, and realized|
| |benefits. |
| |Reviewed Top Secret and RACF security for 500 users in the |
| |Finance/Operations areas |
Candidate's Name
PAGE THREE
| |IBJ SCHRODER BANK AND TRUST COMPANY, New York, NY (1990 - 1993) |
| | |
| |Senior IT Auditor |
| |Performed general controls and systems security reviews of IBM|
| |mainframe and Novell LAN operations in all U.S. locations. |
| |Designed and developed audit software using Easytrieve Plus |
| |for auditing the Omnitrust custody application. Developed |
| |procedures to maintain and run the software. |
| |THE HOWARD SAVINGS BANK, Livingston, NJ (1986 - 1990) |
| | |
| |Senior IT Auditor |
| |Developed the IT Audit function by creating audit programs and|
| |performing reviews of general controls, data security, systems|
| |development, and end user computing. |
| |Programmed in COBOL and Easytrieve Plus to automate the |
| |monthly loan and deposit account confirmation production and |
| |mailing for over 2000 confirmations. |
| |STRAUSS DISCOUNT AUTO, Union, NJ (1985 - 1986) |
| | |
| |Operations Manager |
| |Managed the implementation and continued technical support of |
| |the company's computerized point of sale systems for its 100 |
| |stores. |
|INFORMATION |Software: Word, Excel, PowerPoint, Outlook, MS Project, Lotus |
|TECHNOLOGY |Notes, Patrol 400, |
| |Kane Security Analyst, Easytrieve Plus, Visio. |
| | |
| |Systems: Archer, Citi Information Risk Assessment System |
| |(CIRAS), |
| |Enterprise Entitlement Review System (EERS), UNIX Solaris, |
| |OS/400, IBM Mainframe, Windows, Novell, Banyan, Checkpoint |
| |Firewall, RACF, |
| |Top Secret, Changeman, Multitrack, FNX, MIDAS, Omnitrust, M&I |
| |Loan and |
| |Deposit Systems, MSA General Ledger and Human Resource Systems. |
|EDUCATION |Fairleigh Dickinson University, Madison, NJ. |
| |MBA with concentration in Management; 1993. |
| | |
| |Rutgers College, New Brunswick, NJ. |
| |Bachelor of Arts in Computer Science with Minor in Finance; 1984.|
|CERTIFICATIONS |Certified Information Systems Auditor (CISA) |
| |Certified Information Systems Security Professional (CISSP) |
| |ISO 9001 Quality Management Auditor |
|ACTIVITIES |DIRECTOR, SECRETARY, TREASURER, ISACA, NJ Chapter, 2002-Present. |
| |HEAD COACH, East Hanover Girls Soccer Association. 2005-2010. |
| |HEAD COACH, East Hanover Girls Basketball Association, 2005-2010.|
| | |
| |DIRECTOR, SECRETARY, TREASURER, Knights of Columbus, Union NJ |
| |1986-2000. |
| |ALUMNI REPRESENTATIVE, Rutgers College. |
|
