INFORMATION SECURITY CONSULTANT

• I. T. Audit: Experienced with user recertification, risk identification management, technical risk assessments, creating disaster recovery plans, and implementation, revision and monitoring effectiveness of internal controls. Working experience with S-Ox, GLBA, Content Protection and EU Privacy directive 95/46/EC. Knowledge of 21CFR part 11. Familiarity with tracking tools such as RSA Archer, IBM Open Pages, and Trintech Unity. Experienced with deployment projects of RBAC software CA ETrust .
• Information Technology: Over 8 years of consulting experience with Legal services and financial services clients retail banks and secondary mortgage. Experienced in new application design, enhancements, and deployment information technology audit/assurance for compliance purposes. Worked as Business Analyst, I. T. Auditor, and Project Manager on projects with portfolio of 1 million or more.
• Financial Exposure: Prior work experience with amortization of financial instruments such as ARM, ABS, MBS, CDO, CMO, EITF 99-20 securities, single family/multi-family loans, Guarantee fees, GA/GO valuations, as well as securitization. Worked with financial accounting standards FAS 91 119, financial interpretation FIN 46.
• Business Analysis: Experienced with gathering/documenting business requirements documenting technical/functional specifications, meeting notes, process flows, user manuals developing test cases, status updates conducting JAD sessions UI design

PROFESSIONAL EXPERIENCE:

Confidential

Senior Consultant

Confidential , CapGemini provides an array of services to a diverse client base globally. Since July 2014, I worked in the insurance division of CapGemini servicing a large health insurance client in Confidential Metropolitan area. At the client site, I am responsible for managing end-to-end implementation of projects involving, security HIPAA remediation, infrastructure update, compliance with mandates. I was responsible for the initial kick off meetings, securing project signoffs and project estimation. Tools utilized included Failure Mode Effect Analysis FMEA , Plan View, Archer, Clear Quest and Microsoft Office.

Confidential

Information Technology Risk Analyst Independent Consultant

Following a regulatory audit, Confidential established a quality review function within the regulatory and audit management workspace to oversee and review the adequacy of operational risk related documentation for all businesses within Confidential worldwide, third parties affiliated with the respective business. This function was also responsible for generating reports related to risk data and audit findings for dissemination to the global community and executives.

Project Highlights Achievements

• Worked with management to improve the quality and review times of risk reviews performed as BAU. The new instilled measures helped reduce overall risk review response times by 500 over a period of five 5 months.

• Analyzed audit ARR findings and generated metrics based on the results.
• Advised business when required on issues related to compliance with corporate policies
• Conducted meetings with various Subject Matter Experts, if required, for risks related to regulatory compliance FFIEC, OFAC, local laws, etc.
• Performed testing of internal risk management software.

Confidential

Consultant Systems Analyst

Audit Project Manager Consultant

In an effort to have more accountability for the control environment, Viacom created an independent group, not affiliated with internal audit or any line of business to test and verify a wide range of controls on both information technology and physical assets. This group was also had oversight on certification accreditation.

Project Highlights Achievements

• Responsible for issuing Requests for Evidence RFE to application and control owners based on controls to be tested
• Managed collection of evidence and handing off of the evidence to testing compliance teams
• Held discussion with various application and process owners to determine scope of compliance for S-Ox, content protection, and Personal and sensitive Information initiatives
• Managed the development of in-house user certification and review tool
• Worked with control owners to ensure quarterly reviews were submitted on time
• Worked with infrastructure teams to load data for user review
• Generated reports on tests, RFEs, and controls

Confidential

Risk Manager Consultant

This project is part of an ongoing effort among the various lines of business LOB to achieve a satisfactory level of assurance as per directives set forth by regulations such as Sarbanes-Oxley, Gramm Leach Bliley Act, and other federal and state regulations. My responsibilities primarily, are to assist the divisional risk manager in functions related to IT audit, IT risk management, compliance and governance. I was also involved in identifying gaps with access management as well as responding to requests for evidence from audit.

Project Highlights Achievements

• Documented risk data and filed for exceptions where permitted by policy.
• Worked with technology teams to remediate issues
• Tracked on-going remediation efforts with respective process owners
• Standardized reporting metrics by transitioning to a quantitative approach from qualitative.
• Responded to requests for evidence from internal/external audit for all audits within Auto Finance division.
• Generated risk dashboards for executive review.

Confidential

Audit/Business DR Analyst Consultant

This project was initiated to revise existing control deficiencies related to application and infrastructure change management and also to revise existing service level agreements among cross-functional teams. The primary roles of this position were to evaluate which of the financial applications needed a new or revised SLA based on their tier levels and impact to business audit changes to production environment liaise with auditors assist the project manager with timely completion of deliverables and distribution of project dashboards and to work with business and technical teams to ensure compliance with company policies. I also worked on an enhancement project on a proprietary change management/tracking tool

Confidential

Audit/Business DR Analyst Consultant

This project was undertaken after the merger of Confidential. The primary roles of this position to serve as a lead auditor and project manager to standardize various I.T. process and procedures and ensure compliance with applicable local and European regulations.

Confidential

SOX Analyst Consultant

The purpose of this project was to remediate material weaknesses related to internal control over financial reporting, identified by external auditors PWC . The primary focus of this effort is based on identifying the business risks' by performing Gap analysis on existing controls around various business processes in order to attest to the data provided to various business teams. As a member of Chief Technology Officer's Group, I was responsible for providing oversight and direction to implement a new Role-based Access Control RBAC software in production environment. In addition to that I was also responsible for retiring existing monitoring systems. I worked closely with business and technical teams to identify business requirements, performed analysis, planned and established new processes for remediation of defects. The project encompassed production over 200 production applications in Capital Markets, Single-Family, Multi-family and Corporate Finance workgroups.

Confidential

Business/Technical Analyst Consultant

This project was part of Fannie Mae's restatement efforts. As a member of one of the development teams, my team was responsible for generating amortization schedules for Asset Backed Securities ABS , Adjustable Rate Mortgages ARM , Mortgage-backed Securities MBS , EITF 99-20 securities, Whole Loans single family and Multifamily and Guarantee fees. Some of the key responsibilities of this role were: Interface between Developers and Testers, Track system defects, Provide support for monthly production analysis activities troubleshooting as needed , research issues with the code and/or data, Report Development, Document development and/or Technical writing, and Sarbanes-Oxley S-Ox compliance.

Confidential

Systems Analyst

Responsibilities:

• Involved in recommending, customizing and implementation of practice management applications to keep track of:
  • Client cases status
  • Time spent
  • Accounts Receivables
  • Trust Accounting
  • Reimbursable expenses
  • Commissions
• Prepared reports on weekly, monthly and on-demand using ad-hoc queries for management.
• Involved in designing custom pages and interfaces used by the staff in practice applications.
• Designed and implemented network policies.
• Implemented IPSEC tunnel between various offices to ensure client confidentiality during information exchange session.
• Configured and maintained network-based applications.
• Analyzed and documented various business processes.
• Held discussions with upper management and staff to reduce filing time by 52 .
• Carried out feasibility analysis towards a paperless solution.
• Analyzed and implemented schema to migrate into a paperless environment documented requirements for an ideal solution.
• Prepared and deigned specifications for remote access applications.
• Liaised between technology vendors and the management.
• Involved in the preparation of training manuals.
• Held training sessions for staff.

Environment: Windows, SQL Server, Excel, PowerPoint, Visio, Requisite Pro, Cisco routers/switches, C-tree plus, MS Access, MS Word, MS Excel, Crystal reports, JavaScript, T1, MS windows 2000 server