SUMMARY

• Over 9 years combined IT, Security, Internal Audit and Risk Management experience.
• Strong background in Internal Controls Assessment, testing, documentation and compliance with the Sarbanes Oxley Act and SAS 70 Audits.
• Experience in evaluating existing internal controls, risk assessment, identifying the control gaps
• Strong knowledge and experience in analyzing, assessing and developing internal controls based on the COBIT framework.
• Experience in performing risk assessments and vulnerability assessments for different applications.
• In depth knowledge of Retail and Finance (Credit Cards and Auto Lending) and BankingSector.
• Excellent oral and writing skills to effectively communicate at all levels within the organization.
• Good team player with strong interpersonal skills and willing to share and learn new business concepts, technology and knowledge.
• Analytical thinking with good business acumen.
• Strong problem solving and exceptional decision making skills.
• Developed strong troubleshooting skills by solving hardware and software conflicts.
• Certified in Risk & Information Systems Control (CRISC) in August 2011.

TECHNICAL SKILLS

Languages: Java, C/C++, Prolog, ML, Assembly, Smalltalk, SQL, JavaScript, and COBOL.

Web: HTML, XML and JavaScript

Design Tools: Microsoft Visio, Rational Rose and Rational Clear Case.

Databases: MS Access, Oracle and SQL Server.

Software: MS Office, Adobe Photoshop, Adobe Illustrator, Adobe Premiere, Macromedia Dreamweaver, Macromedia Director, Macromedia Flash, AutoCAD, Blackboard, Citrix, Remedy, TPM, MS Project, Microsoft SOX Accelerator, Lotus Notes, Archer GRC Suite

Operating Systems: Windows 95, 98, 2000, NT, XP, MS Dos, Linux, and Mac OS X.

PROFESSIONAL EXPERIENCE

Confidential, Troy, NY

IT Risk & Security Consultant

Responsibilities:

• Responsible for providing archer support across the Global Confidential IT’s footprint on remediation of audit findings as well as sustainability testing
• Built and managed a state of the art audit interaction model which provided centralized support for all IT Audits across the Confidential footprint.
• Developed detailed Monthly reporting for all IT Audit findings as well as risk findings for the senior IT leadership.
• Lead remediation efforts for an international Audit spanning across 4 countries in Europe.
• Updated Archer (GRC Tool) with the latest statuses for the assigned Audits.
• Developed monthly reporting decks for all IT related Open/Past UD

Confidential, Plano, TX

Risk Management Consultant

Responsibilities:

• Performed compliance monitoring and testing functions from bank regulatory perspective.
• Developed test steps for new Compliance Controls related to Small Business Banking (SBB)
• Lead risk assessment initiatives to strengthen the Operational controls environment
• Developed centralized Compliance reporting, trending and analysis on numerous key risk indicators for SBB leadership.
• Accountability for ensuring critical compliance deliverable due dates are met.
• Reviewed business process documents for SBB Underwritingand Loan Documentation and recommended enhancements to these processes.
• Conducted Sarbanes Oxley (SOX) testing on behalf of management and provided an independent view
• Assisted Small Business Risk team with Federal Reserve Exams & Office of the Comptroller of Currency (OCC) Audits and requests.

Confidential, Providence, RI

Risk Management Consultant

Responsibilities:

• PerformedIT risk assessments for applications owned by IT as part of SOX remediation efforts.
• Developed Management Action Plan for Audit issues where IT was the remediation performer.
• Lead risk assessment initiatives to strengthen the IT General Controls.
• Enhanced the monthly Risk Findings reporting for the IT Dashboard.

Confidential, Plano, TX

Risk Management Consultant

Responsibilities:

• Responsible for providing support across the Bank on remediation of audit findings as well as sustainability testing
• Assist the various Business Units during the life cycle of Internal Audit process and as well as Office of the Comptroller of the Currency (OCC) and Federal Reserve Banks (FRB) examinations.
• Led the Application Control review (ACR) initiative and conducted Application Security Reviews (ASR) for all Bank IT applications to strengthen the control environment
• Worked with Information Security group in performing Vulnerability assessments for Consumer bank applications.
• Developed centralized risk reporting, trending and analysis on numerous key risk indicators to Bank senior leadership
• Identifiednew internal controls and developed test plans if required.
• Built and managed a state of the art audit interaction model which provided a much needed centralized support for all lines of businesses across the Bank for internal and external audits
• Performed mapping of Internal Controls to the Process and Procedures as part of Step Ahead with Controls (STaC) project.
• ConductedBusiness Compliance Testing (BCaT) and SOX Control testing on behalf of management and provided an independent view.
• Conducted controls testing of all ITGeneral Control domains, documented work papers and escalated/reported issues to management.
• Performed additional compliance functions including preparation of business policies and process improvement initiatives.
• Evaluated SAS 70 reports for third party vendors for the Small Business Banking Line of Business.
• Assisted Retail Branch Banking group with the Touchpoint Audit and developed Remediation plans for the risks identified in this audit.
• Assisted in migrating Risk Management tool from Archer to Open Pages.

Confidential, Chicago, IL

Project Manager

Responsibilities:

• Identifiednew internal controls and developed test plans if required.
• Plan and manage direct and indirect monitoring of controls for applications.
• Coordinated all control gap remediation activities
• Provided support to the application owner in the timely and accurate completion of quarterly of assessment reports and letters.
• Provided initial point - of-contact support for external auditors and internal review
• Coordinated with central Sox governance team on overall planning and gap reporting.
• Supported the application owner in any other Sox-related activities as and when required, for example, in ensuring that procedures related to new applications and upgrades are Sox compliant.
• Assisted in internal control testing including preparation of supporting documents.
• Assessed the testing documentation and determine action plan for remediation where necessary.
• Developed and maintained high level project plans (HLP).
• Performed additional compliance functions including preparation of business policies and process improvement initiatives.

Confidential, Dallas, TX

Risk Management Consultant

Responsibilities:

• Oversee and coordinate the execution of prescribed Change Management processes on a daily basis.
• Performed pre CAB (Change Advisory Board) on changes prior to Implementation.
• Performed Vulnerability assessments for the Change Management applications.
• Coordinated weekly Change Advisory Board (CAB) meetings.
• Perform operational, compliance and Regulatory audits for Confidential Change Management group.
• Assisted in User training for HP Service Desk Tool and developing the internal operations Guideline Document for the Change Management team.
• Developed Control Statements/Risks/Objectives based on COBIT 4.0 framework.
• Worked with Process Engineering teams in developing new processes in accordance with Sarbanes-Oxley guidelines
• Developed process monitoring steps for Internal Controls Change Management related controls.
• Assisted inthe documentation of various IT processes identified as in scope of Sarbanes Oxley requirements.
• Proposed mitigation plans to Confidential IT and obtain consensus on control gap mitigation.
• Worked with IT Risk Office (ITRO) in identifying new SOX Key Controls.
• Accountability for ensuring critical SOX deliverable due dates are met.

Confidential, Richmond, Virginia

Internal Audit (Consultant)

Responsibilities:

• Performedfieldwork for operational, financial and compliance audits of Confidential ’s Global Financial Services and US Card businesses.
• Performed detail SOX testing for US Cards Rewards Program Management (RPM) as required by the test steps provided in assigned audit work program.
• Documented work steps and test results in a work paper utilizing Automated Work Paper (Lotus Notes) application.
• Performed risk assessments of business activities, investigated potential exposures and the materiality of loss for US Cards division.
• Propose mitigation plans to Corporate Audit Services (CAS) and US Cards business and obtain consensus on control gap mitigation.
• Reviewed business requirements/functional design documentation and attended walkthrough sessions. Recommended enhancements to project management processes
• Worked with US Cards to ensure that new processes (e.g. systems implementations) are implemented in accordance with Sarbanes-Oxley guidelines.

Confidential, Westlake, TX

Risk Management Consultant

Responsibilities:

• Composed Narratives and Procedures for different functional units under the Risk Control Self-Assessment (RCSA) Process for regulatory compliance on a quarterly basis.
• Review and update the RCSA procedures.
• Review and provide Quality Assurance (QA) feedback of the Self-Assessments received from different functional units of the Confidential Technology Infrastructure (CTI) North America Data Center (NADC).
• Assist in documenting Risk Profile for each functional units of NADC.
• Assist in documenting Operational Risk Report for the whole NADC organization.
• Review and update the material for conducting the Self-Assessment training workshops and RCSA Workshops.
• Participate in the RCSA Workshop for analyzing risk, risk controls and rate the risks and assisted in documenting Risk Analysis Workshop (RAW) results.
• Provide support to Compliance Office by submitting deliverables for Audit purpose.
• Provide weekly status reports to Senior Vice President, Control Office.
• Celanese Corporation, Bedminster, NJ Risk Management Consultant, Sarbanes Oxley Implementation Team
• Assist in the primary documentation of various Finance process identified as in scope of Sarbanes Oxley requirements.
• Conduct workshops with Subject Matter Experts (SME) to document the process.
• Review and provide quality control assessments on Sarbanes-Oxley 404 documentation.
• Identifying accounting-related areas and controls that materially impact the reliability of client financial statements
• Assist Business Process Lead in developing Risk Control Matrix (RCM) and Control Deficiency Evaluation Log (CDEL) for individual processes.
• Conduct tests and document internal control gaps and deficiencies propose mitigation plans.
• Propose mitigation plans to Subject Matter Experts (SME) and management and obtain consensus on control gap mitigation.
• Worked closely with management to ensure that new Finance processes are implemented in accordance with Sarbanes-Oxley guidelines in US and Germany.
• Accountability for ensuring critical SOX deliverable due dates are met.

Confidential, Minneapolis, Minnesota

Systems Administrator

Responsibilities:

• Assisted clients in resolving hardware issues and support customized applications in JAVA, .NET, Reporting tools, Microsoft Exchange servers, LAN/WAN/VPN passwords and rights issues.
• Troubleshooting servers and workstations running Windows NT 4.0/2000/XP/2003, and IBM AIX 5.x.
• Configured and maintained Windows Servers and NT/2000 Domains (TCP/IP using DHCP, DNS, User, and Rights).
• Revised and updated blueprints to reflect existing and proposed LAN Infrastructure at store level.
• Designed and implemented backup Methodology using Veritas Backup Software.
• Troubleshoot MTS (Indyme) Servers, RSA Servers, RPL server for Linux, Cisco 1200 Series RF scanners, Access Points, Network printers.
• Configured and maintained about 500 Citrix Servers for desktop publishing purposes for remote clients at Confidential, Marshall Fields and Mervyn’s stores.
• Design and maintain product ownership and maintenance responsibilities for Windows server builds. This encompasses OS, SP, and hot fixes.
• Worked closely with support groups and vendors (IBM, Decision One and Getronics) to promptly respond to customer needs, with strong follow-through and consistent commitment.
• Documented technical notes and research client issue using IBM Tivoli Management and Remedy problem management system.
• Troubleshoot LAN integration on multiple OS networks and Administrated network Operations for LAN security.
• Maintained a strong working knowledge of supported systems through ongoing training, reading and participation in projects and improvement initiatives.
• Provided on call support for support teams for Virus Outbreaks and rollout projects.
• Supported 6000 users in their Network and System Problems, both remotely and Desktop.
• Reloaded POS Terminals and workstations remotely using SMS servers.
• Identified, analyzed, prioritized and resolved issues on day-to-day basis.

Confidential, Decorah, Iowa

Lab Assistant

Responsibilities:

• Administered Blackboard, course management system used by faculty for conducting online classes.
• Designed and implemented website for Computer Science Dept.
• Installed and networked new workstation and servers for computer labs.
• Configured and maintained 5 Citrix Servers for off campus purposes.
• Deployed computer images using client-server model for campus computers.
• Conducted training sessions for help desk team to bring them to pace with current technologies on campus.
• Configured Norton Antivirus Corporate Edition for the whole network as well as the Email servers using the Exchange option of the antivirus.
• Maintained 24/7 Incident Response for virus outbreaks
• Assisted system administrators on system related security issues (O/S. patches, user controls, operating system attacks) and Performed periodic security reviews of corporate systems and environment.
• Developed strong troubleshooting skills by solving hardware and software conflicts.

Confidential, Decorah, Iowa

Reference Desk Staff

Responsibilities:

• Processing interlibrary loans and Media Rentals.
• Extensive use of specialized library software.
• Assisted in Cataloging all the Media and Science Journals.
• Developed strong communication skills by catering to patron needs.

Confidential, Decorah, Iowa

Teacher’s Assistant

Responsibilities:

• Grading Calculus and Pre Calculus Homework for thirty students on regular basis.
• Aided professor in formulating student’s homework grade.