Profile:
Accomplished professional with over twenty years of progressive IT Audit experience which includes: Planning, Project Management, Compliance Support and Security. Proven ability to manage technical projects, lead teams and communicate with both internal and external stakeholders. Ability to see the big picture while focusing on the details necessary to ensure success. confident, analytical decision-maker and effective problem solver focusing on outcomes and measured results.

Confidential – IT Audit Manager (Manufacturing Industry)
200 Nyala Farm Road, Westport, CT (April 2008 – June 2009)
Responsible for the start-up of the IT Internal Audit function at Terex (domestically and internationally); conducted a global IT Risk Assessment, Network Vulnerability Assessments, multiple IT General Control – Data Center Audits and Pre-Implementation Reviews for the entity-wide implementation of a universal ERP system (Oracle 11i). I conducted several fraud investigations on behalf of the Ethics and Compliance Committee for anonymous allegations made via the Fraud Prevention Hotline. Assisted a subsidiary (Genie - Aerial Work Platforms) with their PCI-DSS compliance and assessed the Business Continuity and Disaster Recovery plans at numerous sites. Additionally, I performed all IT control reviews in support of SOX compliance in a Distributive data processing environment; Client-Server, Mid-range and Mainframe configurations.

Confidential – IT Audit Manager (Retail Industry)
1 Geoffrey Way, Wayne, New Jersey (April 2006 – April 2007)
Responsible for planning and performing IT Audits, (Domestically and Internationally) leading and participating in technical audits and integrated audits (Warehouse Management System and Return Goods Application) for Toys ‘R’Us, Babies ‘R’ Us and Toys ‘R’ Us .com. I conducted IT General Control Audits of data centers and technical reviews in support of compliance to the Payment Card Industry Data Security Standards (PCI-DSS) and Payment Card Industry’s Personal Identification Number (PIN) encryption requirements in a Distributive Data Processing environment; Client-Server, Mid-range and Mainframe topologies.

Confidential – IT Internal Control Manager (Financial Services Industry)
99 Church Street, New York, New York (January 2005 – April 2006)
Responsible for planning and supervising all Sarbanes-Oxley Section 404, Information Technology compliance reviews (Domestically and Internationally) and resulting business process re-engineering initiatives for all domestic and international functions of Moody’s Investors Services and Moody’s KMV (subsidiary). I provided consistent policy interpretation to business units, while actively promoting awareness of policies and standards. I provided guidance for procedural / baseline (automated) control development and ongoing maintenance. I conducted SOX 404 reviews in a distributed data processing environment consisting of: Windows 2000, NT, UNIX AIX, Sybase, PeopleSoft applications (CRM, Financial and HRMS) and numerous proprietary applications.

Confidential – IT Audit Manager (Investment Banking / Private Banking Industries)
1177 Avenue of the Americas, New York, New York (March 2003 – January 2005)
Responsible for planning and performing all IT Audits for the North American Internal Audit Department of Bank Hapoalim (International Investment Bank) and a New York based subsidiary; Signature Bank (Private Bank) domestically. I collaborated with various business units and technology staff to ensure the timely completion of all Sarbanes-Oxley, Gramm-Leach Bliley, FIDICIA and New York State Banking requirements and performed all technical audits in a centralized mainframe data processing environment consisting of system applications: CICS, MVS, RACF and various proprietary application software packages. In addition, I performed numerous technical reviews on the UNIX – SUN /client-server configuration.

Confidential– IT Audit Manager (Publishing Industry)
1330 Avenue of the Americas, New York, New York (October 2000 – April 2002)
As IT Audit Manager I was responsible for the start-up of the IT Audits function at Pearson and subsidiaries on a wide variety of technology platforms; in the United States, Canada and South America. Conducted risk assessments to prioritize and assign limited in-house IT Audit resources. I performed and /or supervised (co-sourced and out-sourced) all IT General Control reviews and technical audits (MVS, CICS, DB2, Top Secret Security, ACF2 Security, Windows NT and UNIX). Due to the adopted multiple ERP implementation strategy (SAP, JD Edwards) I also performed numerous ERP pre-implementation reviews and data integrity reviews using “ACL” software for data cleansing / data scrubbing assessments; while performing pre-implementation audits. I conducted several Quality Assurance reviews, which proved to be instrumental in assisting two subsidiaries (NCS) in attaining CMM Level III and CMM Level IV Certifications. Additionally, I performed several Fraud Investigations on behalf of management.

Confidential – IT Audit Manager (Entertainment Industry)
1515 Broadway, New York, New York (June 1998 – October 2000)
Responsible for planning and performing all IT Audits for operating companies in Television (CBS, UPN, BET), Paramount Pictures (Production), Simon & Schuster (Publishing) and Blockbuster Video (Movie & Game Rental/Retail). Performed Data Center Audits, Pre and Post Implementation reviews of applications deployed on various technology platforms within the varying subsidiaries. Conducted and assisted in several Fraud Investigations at various subsidiaries. I implemented the use of AXENT to test security of Windows NT, HP, UX, Solaris and AIX Operating System Security. Additionally I implemented the use of “DetectIt” software for IBM AS-400 reviews and “WizRule” software for data integrity analysis and completed 100 % of the scheduled IT Audit Plan while also performing multiple unbudgeted Y2K validations.

Confidential – IT Audit Manager (Transportation Industry)
340 MacArthur Blvd., Mahwah, New Jersey (May 1993 – June 1998)
Responsible for managing the General Control audits for domestic and international Data Centers, Consolidated Billing Sites, Consolidated Customer Service Centers and Regional Accounting Service Centers. Due to various mergers and acquisitions overseas; performed Data Center audits, pre and post implementation reviews of applications deployed on varying technology platforms. Initially I was hired solely to perform pre-implementation audits, and then introduced the concept of Integrated Auditing. I was promoted to Manager-In-Charge of General Controls Audits for all consolidations (data centers, billing, customer service and accounting centers). I conducted two separate international fraud investigations.

Education:
(Oct 1986) SUNY Rockland (May 1983)
BS Integrated Info. Systems Mgt. (Oct. 86) AAS Computer Programming: Business Emphasis
New York College Rd, Suffern, New York

Professional Designations:
Certified Information Systems Auditor (CISA) – Information Systems Audit and Control Association
Certified Fraud Examiner (CFE) – Association of Certified Fraud Examiners

Military Service: Retired in April 2000
U.S. Navy – Ready Reserve: 1981 - 2000 (Air/Sea Transportation Management)
U.S. Navy – Active Duty: 1978 – 1981 (Logistics, Supply Chain Management)
U.S. Coast Guard – Ready Reserve: 1976 – 1978 (Port Security, Search & Rescue)

Languages:
English, Spanish and Italian