| 20,000+ Fresh Resumes Monthly | |
|
|
| | Click here or scroll down to respond to this candidateCandidate's Name , CISA, CRISC, CSXF, HCISPPLINKEDIN LINK AVAILABLECERTIFICATIONS:CISA Certified Information Systems Auditor Street Address
CRISC Certified in Risk and Information Systems Control Street Address
CSXF Cyber Security Risk and Control Fundamentals Street Address
HCISPP Healthcare Information Security Privacy Practitioner 2016EXPERIENCE:Propharmagroup LLCDigital Auditor June 2023 - presentResponsible for planning and conducting GxP Digital/CSV audits as applicable to experience (e.g., CMO, CRO, mock regulatory inspection, PV, internal process, investigator site, etc.) on behalf of clients.Subject Matter Expert (SME) for Digital-related projects and responsible for developing and managing the auditing program.Responsible for independently managing clinical-related projects and providing consulting and contract services to clients as needed.Assisted in designing, implementing, monitoring, and maintaining ProPharmas auditing program, policies and strategies and ensuring company compliance to GxP regulations, internal procedures, and policies in cooperation with peers.Note: Break in employment history is due to leave of absence to care for family member.Cognizant, Technology SolutionsRisk Management - Corporate Security Americas & Rest of World (ROW) May 2020 to October 2020Responsible for managing IT security risks within the Life Sciences business. Supported the SIP (shared information platform) for multiple pharmaceutical companies.Plan, write and deliver security management plans (SMP) and strategies to protect Cognizant client data (bio pharmaceutical companies)Cyber Incident IT security Team incidents addressed incidents within contract timeframe.Provide status on any discovered risks associated with application deployment.Worked with IT Security Architect to ensure security controls are being implemented during the Software Development Lifecycle (SDLC).Bristol-Myers Squibb Jan 2014 Apr 2020IT Security and IT Audit Manager Global supportConducted Third Party risk assessments on Software as a Service (SaaS) cloud providers.Assisted information security officers with updating and tracking plan of action and milestones on remediation items.Conducted risk assessments, within the suppliers IT control environment using the following control frameworks; ISO 27001, COBIT, NIST, HIPAA, HITRUST, GMP, (GxP) and PCI.Conducted Quality assessments for software systems requiring Computer Systems Validations packages (CSV).Responsible for the monitoring, tracking of the Governance, Compliance and Risk Data Base (GRC).Experienced conducting third party GXP audits with regulatory requirements such as CFR 21, Part 11 Electronic Record and Electronic Signature (ERES), Annex 11Worked across various platforms and with multiple internal and external business partners to implement Corrective Action Plans (CAPA)Prepared documentation for onsite Food and Drug Administration (FDA) audits.Conduct contract compliance, SOX compliance, and SOC2 type 2 IT auditsPrivacy compliance for healthcare regulations and General Data Privacy Regulation (GDPR) for data usage in the EU.Citi Group - Division of Citibank Dec 2010 Dec 2013VP for North American Operations Financial Reporting Operations (FRO) -Business Information Security Officer (BISO) for Financial Reporting Operations for risk and control operationsReported to Global Risk Senior VP results of control related and business operations activities to ensure compliance with Citi policies and regulatory requirements.Dotted line responsibility to the Global Information Security Officer included managing network security alerts.Developed Business Impact Analysis plans (BIA) and Business Continuity Plans (BCP)Provided managerial oversight and performance evaluations of eight (8) staff members.Liaison for external audit firm KPMG for all audit risk issueResponsible for Regulatory and Compliance audits and attestationsIdentification of potential process improvements to increase the efficiency within the FRO organizationResponsible for FROs business Corrective Action Plan (CAP) processResponsible for performing quarterly key control review activities for (FRO)Performed Risk Control and Self-Assessment (RCSA) process to determine quarterly compliancePerformed test(s) validation to ensure the effectiveness of general controls over financial reportingPerformed testing of (COB) at onsite recovery facilityExperis /Jefferson Wells Consulting April -2009-12/2010Senior IT Risk Advisory ConsultantAdvisory Lead for customer facing consulting engagements within Healthcare, Energy and Banking industries:Developed and wrote business impact analysis (BIA) for Continuity of Business PlansPerformed application IT Security Risk Assessment to identify potential security vulnerabilities.Performed IT Security testing on software applications to verify internal and external user accounts adhered to HIPAA and PCI privacy requirements.Performed IT audits of System critical applications in support of Americas largest payment card processing and electronic ecommerce and payment solutions company First Data CorporationResponsible for auditing system to ensure compliance with PCI Data Security Standard (PCI DSS)HONORS EDUCATION & CREDENTIALSInvited to participate as a subject matter expert for two consecutive years 2018 & 2019 in the development of exam questions and to set standards for ISC2s professional Information Security CertificationsNova Southeastern University, Ft. Lauderdale, Florida Bachelor of Science (BS) ManagementNuclear Medicine Technology Associate of Science |