FEATURED JOBS
Popular Searches
RESOURCES
Sr IT Auditor / PM Resume Details
<< Back to list of resumes
| First Name: | Hidden |
| Middle Name: | Hidden |
| Last Name: | Hidden |
| Company: | Alliance Data |
| Address: | Hidden |
| Region/Country: | Americas |
| States/Counties: | Texas |
| City: | - |
| Postal Code: | - |
| Primary Email: | Hidden |
| Alternative Email: | Hidden |
| Home Phone: | Hidden |
| Office Phone: | Hidden |
| Fax: | Hidden |
| Mobile Phone: | Hidden |
| Preferred Contact Method: | - |
| Resume Name: | Sr IT Auditor / PM |
| Current Job Title: | Sr. IT Auditor , CISA, Info Security, Risk and Compliance P/M |
| Summary/Headline: | Sr. IT Auditor (CISA), Risk and Compliance P/M A Professional, hands-on Bilingual Consultant - with almost 20 years of total experience in Quality Assurance and Testing. Last 6 years exclusively in Risk, Audit + Compliance (SOX/GLBA/HIPAA) and over 10 years total in IT Auditing. Over 12 years in Management and a strong background in Financial / Accounting, CASINO/Gaming, Telecom, E-Commerce / Internet Revenue Systems. Adept at leading QA Process and Testing Efforts for multiple teams in companies that are the leaders in their respective industries, including MCI, MBNA, American Airlines, IBM, Verizon, as well as Government (State of Texas and the Federal Government - 3 Years). Accustomed to working in high-pressure, time-sensitive, high-visibility projects where quality is the key. Over 3 years of Y2K Compliance-Testing experience ranging from Director of Test Projects to Project Manager and training front-line test staff. Transitioning between an active Team-member and a creative Manager/Lead. Strong experience with Automated Testing Tools, Test/Traceability Matrix and SDLC/Methodologies. Trained in I/T Security, Team-Building and Best Practices focusing on Process Improvement and Reducing Costs. Education M.B.A., Management and Finance B.B.A., MIS, Honor’s List and Dean’s List |
| Employment Objective: | For a Domestic or Int'l company wanting to become a Leader in their Industry, To develop a Dept/Team, or build up an existing team's skills in the area of Information Security, Internal Audit, or Compliance / Risk Management. To Help a company with Managing Mission-Critical Projects, Defining / Documenting Key-Business Processes per Best Practices, Overseeing Enterprise-Level Process-Improvement and Cost-Reduction Programs. |
| Employment Type: |
Permanent
Temporary Contract |
| Sector: |
Asset Management
Consulting Energy Global Corporation Software Analytics Other |
| Sub Sector: |
Insurance
Risk & Performance / Pension Generalist Consulting Energy Captive Financial Non-Financial Corporate Risk Solutions Other |
| Risk Type: | Regulatory/Compliance |
| Expertise: |
Risk Manager
Regulatory/Compliance Technology Other |
| Degree: | Masters |
| Salary: | 110000 |
| Resume Text: | PATRICK ANGEL, CISA® Dallas, Texas Hm. (214) 826-3812 Email - DFWRAT@AOL.com Skills Summary Skill Experience Project Management (PMI) /Lead experience 10 years I/T Audit, Planning and Security experience 12+ years Sarbanes-Oxley (SOX Hands-on) 4 years Overall I/T experience 18+ years COSO / COBIT Audit Standards 3 years Systems and Software Testing 15 years Document Repository Management 8 years Best Practices Control Implementation 10 years Computer Programming / DB SQL Queries 8 years Professional Acknowledgements/Affiliations • Recipient of Chief Audit Executive’s Award – Pen of Excellence - ALLIANCE DATA, July 2005 • Outstanding Project Manager Award – First-Command Bank, 1999 • Ranked Top 10% by Management and Recipient of the MPS Project Leader Award - IBM, 1992 • Current Member – IIA, ISACA, PMI, Amer. Society of Quality, Nat’l Society of Hispanic MBAs. Professional Summary A Professional, hands-on Bilingual Consultant - with Big-4 / Public-Accounting Experience and almost 20 years of total experience in Quality Assurance and Testing. Last 5 years exclusively in Audit + Sarbanes-Oxley (SOX) and over 12+ years total in IT Auditing and Compliance. Over 10 years in Management and a strong background in Financial / Accounting, Telecom, E-Commerce / Internet Revenue Systems. Adept at leading QA Process and Testing Efforts for multiple teams in companies that are the leaders in their respective industries, including MCI, MBNA, American Airlines, IBM, Verizon, as well as Government (State of Texas and the Federal Government - 3 Years). Accustomed to working in high-pressure, time-sensitive, high-visibility projects where quality is the key. Over 3 years of Y2K Testing experience ranging from Director of Test Projects to Project Manager and training front-line test staff. Transitioning between an active Team-member and a creative Manager/Lead. Strong experience with Automated Testing Tools, Test/Traceability Matrix and SDLC/Methodologies. Trained in IT Audit, Team-Building and Best Practices focusing on Process Improvement and Reducing Costs. Education M.B.A., Management and Finance, 1993, U.T. Arlington B.B.A., MIS, 1988, U.T. El Paso, Honor’s List and Dean’s List – 4.0/4.0 GPA in Core Courses Publications • “So Many Beans, So Few (SOX Audit) Counters,” Kansas City Star, Bus. Section, 2004 (listed). • “Y2K Process, Business, Staffing and Legal Issues,” Texas Business News, 1998. • “Merging Project Management with Auditing - The Oil & Water Dilemma” CommuniqAA, 1993. • “Is Big Brother Watching?” Remote Service Machines, Creativity Magazine (IBM), 1991. Technical and Professional Skills Synopsis Standards: COSO, COBIT, (SEI/CMM), ISO9000, PMI’s PMBOK, ASQ BOK QA and Testing: Mercury Interactive (Test Director, WinRunner), Sharepoint®, TeamMate EWP, CompuWare (HiperStation), Rational (ClearQuest, Rational Rose), SQA TeamTest and Robot, VISIO © Charting, COSO, COBIT, Risk and Audit Matrix, Process-Mapping, MS Office, Test Plans, Test Trace Matrix, Change Management, Automated Testing and Manual, Black / White-Box, End-to-End, System, Stress / Volume Test Technical Summary: MainFrame (ES9000), RACF, TSO, CICS, MidRange (AS400), Windows 3.1/95/2000/NT/ XP, JAVA, MS Project, Word, Excel, PowerPoint, MS Access, Lotus Notes and MS Exchange email, VISIO, XML, PVCS Tracker, Visual Source Safe, PERL, REXX, UNIX, Windows 3.1, 95, 2000, NT, IBM 3090, VM/CMS, PL/I, COBOL, “C” Project Management: MS Project, PMBOK, WBS Templates, work with / in PMO Groups Software Methodologies: WaterFall SDLC, RUP/UML - Rational Rose, ClearCase, JAD Sessions Industries: Sarbanes-Oxley (SOX-404) Legal Compliance, Federal Government / State Regulated, GLBA 501b, Financial / Banking / Investment, PCI, Telecommunications, Airline / Travel, Insurance, Utilities / Electric WORK EXPERIENCE Senior I/T Audit Project Manager – ALLIANCE DATA (employee) Oct 2004-Present • Sr. Project Manager with responsibility for Strategic Initiative of improving Audit Dept, hiring 3 FTE staff, reporting to the Director of Internal Audit, • Helped Build Master Enterprise-Level Program-Plan identifying Critical-Path, prioritizing work for over 130 Audit projects, and verifying scope of work and timeline as adequate, • Oversaw International Audit on company-wide operational activities for CANADA Division, • Managed and led Teams of 9 I/T total Staff (Jr, Sr and Mgmt), worked closely with Financial Audit on Fraud Investigations, interfacing w/external Consultants, built Dept and Procedures manual • Built Annual I/T Audit Plan for 2005, Ranking and developing schedule to cover over 150 Audit projects. Used TeamMate Audit software v7.1 by Price-Waterhouse-Coopers (PWC© for creating, reviewing and Managing electronic workpapers (EWP), • Met with Executive management and V.P. Audit and Audit Committee to provide details on Projects, Risk-findings and recommendations to Board of Directors, • Managed and led multiple Project-Managers and cross-functional Teams including International Staff (Canada) to fulfill efforts and insure integrated successful, uniform process across multiple Divisions, • As Consulting-Architect, helped lead effort on Enterprise-Level Identity Management project across 3 Divisions, conducting GAP Analysis on different platforms (SUN, ORACLE, and CA) to compare and select technology and related impact to organization and investment, • Assisted Information Security in assessing Intrusion Detection Sensor (IDS) on Network and security activity with, and set Roles-Based Access Control (RBAC) standards on SUN project. • Built a Management Dashboard tool to report Status on Projects, identify problem-areas, staff-placement, Final Report status, hours-to-date, and Annual Plan status. • Identify Security and Financial Risks within each Audit project using weighted Risk-Matrix and producing an overall Risk Factor to prioritize Projects, knowledgeable in Accounting Rules / GAAP, • Assisted Financial Audit departments and Led Teams and assisted in fieldwork phase for Privacy Act / Gramm Leach Bliley (GLBA) 501 regulatory and Sarbanes-Oxley (SOX) 404 Compliance audits and Payment Card Industry (PCI) reviews, and BSI 17799, • Provided direction in documentation of observations and guidelines for prioritizing exceptions, • Conducted Opening and Closing / Exit Audit Conferences with Mgmt and key staff, • Helped build detailed Audit Programs for new areas including WebServer Audit, and AS/400 and used TeamSchedule in Planning projects and Assigning and Managing Resources • Used TeamCentral to Publish findings and Audit Reports with supporting workpapers and related documentation, and used SharePoint® for document evidence storage / group-sharing, • Develop Audit follow-up Process via a Quarterly Tracking Report for Key Control deficiencies, • Coordinated Resources for and scheduled Audits for multiple Lines of Business (LOBs) (Utilities, Retail Svcs, Credit-Card Processing, Marketing/Loyalty Programs) both in and out-of-town, while keeping Mgmt apprised on progress via high-level intranet web-site reporting, • Conducted Audits per CISA standards while identifying area for synergy across depts. and divisions • Review and Approve staff’s Workpapers using TeamMate software in various areas: SOX, WebServers, OS/400, NT and UNIX platforms, Info Security Policy Compliance, GLBA, and PCI. • Provide input from Audit dept on Disaster Recovery and Business Continuity Plan development and execution, incorporating industry best-practices, • Assisted in updating Information Security Policy (ISP) per new Laws and Industry Regulations, • Developed Payment Card Industry (PCI) standards summary, and Fraud Investigation guidelines, • Assisted in conducting and analyzing eTrust and ePC compliance scans on desktop / servers, assessing Intrusion Detection Sensor (IDS) on company Network and security activity • Helped develop standards relating to Free-and-Open-Source-software (FOSS), Open Web-Systems (OWASP), and Rules-Based Access Control (RBAC), • Implemented COSO / COBIT Audit Standards and Processes and performed General Controls Audits focusing on IT Accountability for ORACLE 8i Financials Accounting System, and • Conducted Operational Assessment on Off-shore Development and Testing Activities (India), Independent Contracting Consultant 1998-2005 As an Independent Contractor, I provided consulting services directly to various clients and served in the capacity of Sarbanes-Oxley Compliance IV & V Specialist, SQA Test and Audit Director, Quality Assurance and Business Analyst, Project Manager and Team Lead. Significant Projects, Clients and relevant job responsibilities and accomplishments are highlighted below: SOX (404) I/T Audit Test Program Lead / Manager – GARMIN International Oct 2004-Mar 2005 • Reporting to the Vice-President and Director of IT for Government subcontractor, GARMIN International (GPS Systems) in Kansas City, Kansas. • Implemented COSO / COBIT Audit Standards and Processes and performed General Controls Audits focusing on IT Accountability for ORACLE 8i Financials Accounting System. • Directed and Conducted I/T Audits (Inspect to ensure Procedure correct and followed, Verify Approval of Management, ensure Forms Existence, verify Source Documents and their locations, ensure Recording and Monitoring of Requests and Responses, Inspect Logs and Error Files). • Managed Test Audit Team and Tech Writers building Process Flows using VISIO © and updating Policies and Procedures. Develop and Implement recommendations based on findings. • Assisted on technical Audit – UNIX System-Hardening – root-access, unused services, SSH, sudo, • Maintained Document-Inventory List of Source Audit-documents and created Audit Test-Sample-Size Grid to guide collection of samples including eMails, Screen Snapshots, Reports and Error Logs. • Verified Logical Security via UserID Access-Level, Audit-Trails and Separation of Duties, and Physical Security via WinPak© Badge Access cross-matched to employee job descriptions, • Audits included: O/S, UserID/Password Security, Separation of Duties, Network, Remote Access. • SOX work published in Newspaper Article, - Kansas City Star - Business Section, December 2004. • Worked with Ernst & Young Auditors to address Audit Issues Controls and Control Concerns. Sr. SOX Audit and Testing Project Manager – VERIZON Wireless Telecom Feb 2004-Sept 2004 • Built Management Dashboard Reporting Tool and process for Tracking project at Executive Level. • Created SOX-Audit-Checklist with an I/T-focus on PeopleSoft A/R and A/P Financials. • Helped Build Manager’s Guide to SOX (404) Compliance including: Quality of Test Data, Adherence to Methodology, Change and Configuration Management, Policies, Testing Standards, Data and Test Results Retention Standards, Risk Management, Project Audit and Review Procedures. • Built Traceability Test-Matrix template that tracked Financial transactions and functions from data-entry to G/L posting and account Reconciliation. • Worked with PMO in Managing SOX Compliance across multiple Departments and Mgmt reporting. Sr. P/M of SQA Audit and Gov’t Compliance – IDESSA Consulting Oct 2003-Feb 2004 • Reviewed Federal Law - Help America Vote Act (HAVA), ensuring software systems’ compliance • Ensured data prepared for Audit and Certification by the ITA - Independent Testing Authority. • Built Test Lab Environment and Trained Test Team Staff. Managed Audit and Compliance Testing. • Developed Policies and Procedures. Identified and addressed various security concerns. Project Lead (QA and Auditing) – U.S. Dept of Education (Financial) Mar 2003-Oct 2003 • Focus on Auditing Financial Applications handing data transactions, processing millions of dollars. • Conduct Gap Analysis of current SDLC and testing Process, making changes to include Test Team early in the process and Leverage current investment in Testing Tools (e.g. Mercury). • Leverage Approving Test Results via Web-Site to save travel-costs ($15,000 /QTR) and down-time due to travel (2 weeks per cycle). • Modify SDLC process to Build-in development checkpoints and Phase Quality Gates per PMBOK. • Focus Testing on Critical Areas - Test Matrix to lower test redundancy 30% and test scripts coverage (raised from 20% to 65%). • Build and Design System Test Data File (PDS) for pre-selected Regression Testing conditions. Test and Compliance / Audit Project Manager – TXU Electric Utility Co. Jan 2001-May 2001 • Reporting to Director, Coordinate Progress of Testing Efforts across multiple areas (Registration, Distribution, and Legacy/Mainframe Systems). Worked with consulting groups including Accenture. • Represented TXU Electric (Distribution and Retail) at Texas State Test Planning Meetings. • Helped define Issue Escalation and Resolution Management Process. • Helped Generate ERCOT Master Test Schedule using implementation of EDI transactions • Reviewed content and progress of detailed Test Scripts development for each Functional Area to ensure Auditability and ability to verify End-to-End Testing • Developed Rapid Response Team via PMO to Coordinate Issue Resolution and Escalation. Y2K Test and Audit Project Manager – First-Command Bank & Investments Aug 1998-Jan 2000 • Advised Management on Y2K Project including overall WBS, Audit & Security Guidelines, Staffing, Financial Accountability, Budgeting, etc. • Audited Teams / Test Results for Compliance to Methodology. Created Testing Standards • Trained QA department in Audit, Analysis and Testing procedures for Y2K. Duties included Building QA Program for I/T Division and initiating a PMO office. • Reviewed Web-applications / e-Commerce developed in XML and JAVA. • Project was completed under-budget and within schedule, leading to Award from Management. Senior I/T Auditor – Arthur Andersen 1993-1998 As a staff consultant, I provided I/T Audit and SDLC services. Significant Clients are listed below: Y2K SQA Audit and IV&V Lead – LaSalle Int’l Bank Jan 1998-Jul 1998 • Worked with Sr. Management, Internal Audit and Legal Department to define requirements. • Assess Compliance to Controls and Verify Accuracy of Data. • Helped to Build/Refine Work Breakdown Structure (WBS) Templates. • Reviewed project deliverables against established standards of multiple (8+) Teams. • Developed SQA Audit Evaluation/Scoring methodology and reporting documents and identified key metrics in SQA Review process. • Set Risk standard for determination of project’s Mission Criticality covering over 300 Projects. • Coached LOB Managers and Project Managers in Audit, Y2K and IV&V Process. Testing and I/T Audit Lead – FORTIS / Time Insurance May 1997-Dec 1997 • Helped build dedicated off-site Y2K Test Facility for 65 staff for company. • Served as Testing and Audit Lead to drive End-to-End Testing and Financial Reporting and Tracking. • Managed 3 projects concurrently and test teams in developing Test Scripts and Test Matrixes. • Created graphic charts of code, testing environment, and flow using VISIO © software. • Reviewed User-Access to client’s host environment and disabled outdated accounts/UserIDs and deleted users with non-expiring passwords I/T Audit and Compliance Team Lead - American Airlines Oct 1992-Mar 1993 • Identify problems in software projects for new SABRE © Division of American Airlines, created an Audit Team to Assess the division’s development maturity. • Created Audit Checklist for Managers and overall Management Score-Card to verify compliance. • Inspected Project Plans for soundness of planning, reviewed Test plans, test cases and test results for accuracy and completeness. • Created for rating of individual projects and their relative success to fulfilling objectives and meeting customer expectations. • Audited projects covering all platforms (Host/mainframe, mid-range UNIX / RS6000, Client-Server under Windows NT and Novell and stand-alone systems under Windows © and OS/2 ©. Software Programmer / Business and Test Analyst - IBM, Dallas (employee) Jul 1988-Sept 1992 • Ran Database Queries using SQL on IMS and DB2 Databases on ES9000 and 3090 Mainframes. • Built software as a Software Programmer using – PL/1, COBOL, REXX, ‘C’ and C++. • Conducted JAD Sessions with end-users, and Code-Walkthroughs for software of peers. • Built Test Plan and Test Cases, and Tested software for Order Management & Billing applications. • Provided Guidance on – Unit / System Testing, E2E Testing / Model-Office and Regression Testing. • Conducted Training on data-exchange and download between systems and databases. • Assisted Sales-Teams in technical presentations regarding PC’s and Operating Systems References and additional information on projects and responsibilities provided upon request. |
| Availability Status: | - |
| Availability Date: | 07/21/2008 |
| Relocation Preference: | Americas |
| Certifications: | CISA |
| Personal: | Self-Motivated, Results-Oriented, Hands-on Technical Professional |
| References: | contact on final offer |
| Application File: | Hidden |
| Post Date: | 07/15/2008 |
