|
IT Security and Compliance Analyst at Skilled Healthcare (03/2010- 11/2010)
- Monitored, Reviewed and Ensured that 20+ ITGC controls are enforced and proper evidences are generated based on frequency for Audits
- Compiled evidences for each ITGC control based on risk and frequency of the control to demonstrate compliance with SOX ,HITECH , HIPAA
- Communicated any violation of controls to appropriate team members and ensure compensating controls were implemented
- Developed and improve multiple processes in the areas of IT Security like User Access Management and Program Change Management
- Managed and Monitored day to day IT Logical and Physical Security operations including, New Hire, Termination and Transfer processes
- Maintained system security roles, permissions and privileges while maintaining SOD controls with Security committee approvals
- Threats, vulnerabilities and violations were reviewed with outsourced partner by doing in depth scrutiny and come up with best solution
- Responsible for oversight of Companies security and compliance Policies, Processes, Procedures and Standards
- Responsible for companies Business continuity and Disaster Recovery Business Impact Analysis, Paper Testing and Warm site testing
- Reviewed and discuss the progress of Key Financial and Business operations projects in IT Steering Committee as well as Security Committee
- Worked with BSA for proper IT Scoping Requirements and Design Specs are provide to outsourcing partners for development
- Responsible for a close relationship with the security teams of outsourcing partners to ensure compliance with multiple regulations
- Effectively presenedt information and provide responses to group of executives, manager, administrators, clients, and customers
- Managed and fulfilled requests or tasks with Internal Audit, External Audit and Control Owners for various regulation audits
- Reviewed Service Level Agreements, SAS70 Type II reports, Contracts and complete Client Control Considerations
- Reduced workload of CIO, Director of Application Engineering and Infrastructure Project Manger so they can focus on business development
- Managed various projects with 3rd party vendors
and outsource partners to fulfill business vision, goals and objectives
Senior IT SOX and Security Compliance consultant at Cricket Communications (07/2009- 03/2010)
- Worked on Crickets KEY Financial, Payment Card Industry and Personal Identifiable Information projects
- Ensured IT security and SOX Compliance requirements are implemented in New Systems, Enhancements and Upgrades
- Monitored ITGCC controls to avoid vulnerabilities or issues and sustain SOX, PCI and PII Compliance
- Identified the areas of improvement in departments and implementing process procedures and guidelines
- Engaged with IT Security, IT Infrastructure, IT operation, IT Architecture, to ensure ITGCC compliance
- Engaged with EPMO, IT Development, IT Production Support, and Helpdesk to ensure compliance with Application Controls
- Involved with Business Owners to ensure SDLC documentation (i.e. Scope, requirements, Design Specs, Conceptual documents)
- Worked with the business leaders, Internal Audit and project leaders to develop Roles & Responsibility to ensure SOD
- Made IT Security and Compliance dept run effectively and implement changes as directed by Senior and Executive Management
- Drove new process or process improvement by implementing appropriate controls so evidences could stand by it
- Provided training and bringing security
awareness in all depts.
Senior Compliance Analyst at SOX Solutions Corporation (07/2007- 12/2008)
- Managed and performed IT Advisory and IT Assurance services for 11+ clients in Southern California
- Played integral role during key process re-engineering efforts within various business cycles
- Ensured SOX and internal control and process compliance
- Evaluated any known deficiencies and/or functional areas needing improvement
- Helped implement changes, while working closely with business process owners and management
- Played a key role in the Company’s SOX compliance efforts including process documentation
- Assessed in design and refining documentation during process re-engineering efforts
- Performed process walkthroughs; performing internal controls testing
- Evaluated the adequacy of the company’s systems and related internal controls
- Assisted in developing remediation plans with key process owners
- Tracked remediation plans and performing follow-up procedures; and provided timely reporting to the management
- Effectively conducts periodic audits of Information Technology and Business areas as per audit plans
- Conducts interviews, documents client processes and procedures, reviews documents, and prepares work papers
- Performed audit procedures, including reviewing and analyzing evidence
- Identified and documents audit issues and develops recommendations using independent judgment
- Communicated or assisted in communicating the results of audit and consulting projects
- Demonstrated a high level of professionalism and the ability to manage multiple projects simultaneously
- Developed and maintained productive relationships through individual contacts and group meetings
- Interacted with various process owners and multiple levels of management
- Exercised excellent judgment and initiative in handling business issues of significance to appropriate management
- Worked independently under general supervision with considerable latitude for initiative and independent judgment
- Pursued professional development opportunities, like training and professional association memberships.
- Experience with business process and Information technology process and procedures re-engineering
- Performed IT Risk Assessment and IT scoping based on COSO and COBIT frameworks for SOX
- Recommend and coordinated IT SOX requirements and supported Implementation
- Plan and scope the internal audit process pertaining to Sarbanes-Oxley act of 2002.
- Identified key ITGC Controls for Change Management, Physical and logical security and Operations domains
- Created flowcharts, process narratives, risk control matrices for change management, physical & logical security
- Created flowcharts, process narratives, risk control matrices for Operations and Configuration Management
- Identified Key Controls for User Access Management, SDLC and Entity level Controls
- Created flowcharts process narratives, risk control matrices for HR/Payroll, CD, Revenue, Inventory & FSCP
- Performed Analysis on current environment and business functions systems impacting financial statements
- Prepared planning memo, audit plans test scripts, sampling, implement testing of controls and audit report
- Identified gaps suggest and recommend the remediation of the issue findings
- Assist in creating sustainability models for
compliance with SOX using COSO, COBIT and ITGI latest guidance
Senior Information Security Analyst, Programmer/Analyst at ACC Capital Holdings /AMC Mortgage Services (December 2004 – June 2007)
- Interacted with CIO, VP of Information Security and Business heads for IT Audits and Issues Remediation
- Coordinated company-wide both internal & external audits between IT, ERM and Business
- Lead company to sustain compliance by optimizing ITGC Controls and process improvement
- Lead Automated and Manual monitoring control using Automated Systems and Quarterly reviews
- Planed and lead the SOX compliance activities for organization to Sustain SOX Compliance
- Participated with various IT teams during internal and external audits
- Coordinated and assisted in timely remediation of ITGC and application controls
- Involved in IT Design Effectiveness and Operational Effectiveness Testing
- Involved in development of SDLC, Change Management and IT Operations Compliance projects for Financial Services
- Implemented appropriate segregation of duties between various team members to sustain compliance
- Involved in development, review, execution and maintenance of disaster recovery plans.
- Coordinated remediation of issue findings for over 30+ Loan Servicing applications and infrastructure
- Coordinated server and database violations and vulnerability assessments on a quarterly basis
- Implemented ITGC controls related to user access management, change management, backup and restore
- Coordinated Database management, configuration management, and operating systems configuration
- Managed and documented multiple policies, procedures, standards and guidelines using MS SharePoint and MS Office
- Created, recommended, ensured implementation of appropriate policies, standards and procedures
- Responsible to Develop and provide weekly reports to CIO, VP, BRM and Directors using MS Excel pivot tables
- Coordinated NPI Project to maintain scrambled data in development and test environment of applications
- Assisted owners and IT staff in understanding and responding to audits reported by internal and external auditors
- Conducted quarterly user access management for 30+ applications
- Recommended and reviewed user access management, program change process and procedures
- Implemented appropriate segregation of duties between various team members to sustain compliance
- Managed and enhanced multiple applications during production application support
- Onsite production support for end users and business customers
- Resolved multiple problem and request tickets and updated peregrine ticket system
- Supported enhancements of existing systems, including business and system workflow analysis
- Meet frequently with business partners to develop requirements and project plans
- Perform all duties in accordance with AMC policies and procedures and all State and Federal regulations
- Supported small to medium size development projects or as a member of specific area in large project
- Perform required administrative functions associated with production application support
- Participate in strategic planning for helpdesk request and problem ticket management
- Develop documentation for production support and escalation procedures for multiple applications
- Managed and completed multiple projects with
critical deadlines
- Coordinating SOX and NON SOX issue remediation and security standard implementation with following teams:
- Application Architecture
- Application Security
- Application Technology
- Cashiering Applications
- Contact Center
- Customer support
- Desktop Engineering
|
- Helpdesk
- Identity Management
- Network & Systems Engineering
- Operations
- Oracle Database Management
- Customer support
- Privacy Assessment
|
- Product Development
- Production Application Support
- Project Management
- Special Servicing
- SQL Database management
- Third party/ Vendor Management
- Web Assessments
|
|
Programmer Analyst and SOX Coordinator at AMC Mortgage Services(08/04 - 12/04)
- Managed and enhanced multiple applications during production application support.
- Onsite production support for end users and business customers
- Resolved multiple problem and request tickets and updated peregrine ticket system
- Supported enhancements of existing systems, including business and system workflow analysis and design
- Meet frequently with business partners to develop requirements and project plans.
- Assist project manager or director in planning and support activities.
- Perform all duties in accordance with AMC policies and procedures and all state and federal regulations.
- Conduct quarterly application user access reviews of systems
- Develop proposals and project plans.
- Created and analyzed business requirements and develop system requirements using AMC SDLC Process.
- Supported small to medium size development projects or as a member of specific areas in large projects.
- Perform required administrative functions associated with production application support.
- Participate in strategic planning for Helpdesk Request and Problem Ticket Management.
- Analyzed all AMC Applications and make sure that proper Process and Procedures are created for SOX Compliance.
- Develop documentation for production support and escalation procedures for multiple applications
- Available 24 hours a day, 7 days a week
for application support needs
|
|
Helpdesk Tech Support, Damage Claims & Credit Agent at CTX Technology Inc (4/02 to 08/04)
- Reduced abandon calls to 1%, Increased the profit by providing excellent Tech support and customer service.
- Perform preliminary diagnostic on the problem determine the severity of the problem and suggest the solution
- Assist customers to troubleshoot hardware and software problems related to Monitors, Projectors and LCD'S
- Update customer Information and issue the RMA number for the units to be repaired or replaced
- Keep in touch with customers through phone emails and fax
- Took care of the damaged units by informing customers about damages and procedure for filing the claims
- Issued credit to the distributors on the condition of the monitors and LCD’s received
- Increased the profit for the company by
providing tech support, handling damage claims and credits
|
|
Faculty Assistant & Repair Tech At DeVry University in Information Technology (09/01 - 10/02)
- Responsible for 400 + windows 2000 workstations connected to Novell Netware servers, and two Unix servers
- Kept the down time to less than 1%.
- Using process of elimination repaired all the computers, fixed and replaced the computers parts to keep it up and running.
- Assist students and faculty to troubleshoot hardware and software related problems
- Train students by debugging and compiling their programs
- Perform preliminary diagnostic tests on PC's and printers
- Duties Include Hardware and network upgrade and maintenance, software installation, windows and Internet support
- New user training and performed daily operations of an automated tracking system
- Completed daily processing task, report generation, and code maintenance needed
- Record grades, developed spreadsheet and
important documents for the professor
|
|
Plant Manager at Siddhi Vinayak Syntax Pvt. Ltd, (03/94 - 03/97)
- Worked as a plant manager, while supervising 25 employees increased production by 18% and 30% in profits
- Took care of all mechanical and technical settings of machinery for production
- Reviewed and tested the quality of the produced material using various testing equipments
- Reviewed and managed clerical records of daily production and shipment of products
- Reviewed Statement of cash flows and balance sheet and fulfilled all taxes and duties to be paid with each sale
- Managed and fulfilled all legal process and procedures with attestations of upper management
- Created and reported daily, weekly and monthly reports for Managing Director and Chairman of the company
- Reviewed Production Assets, Inventory, Waste Management, Quality Control, Accounting and Financial reports
- Administrated quarterly and yearly documents at the regional office for yearly financial statements
- Made critical decisions with Managing Director and kept good credit standings with various Financial Institutes and Banks
- Did Inventory Management, Production Planning, Quality Assurance, and Machine Maintenance review and reports
- Reviewed and discussed the status of
monthly financial rotation by purchasing raw material for
production and collection of funds from various customers
|
|
Project Manager on Senior Project for IDD corporation (10/2002)
- Managed and Developed a front and back-end applications accessing a single MySQL database backend located on a third party server with the team of four.
- The two front-end applications were composed of an administrator side and a driver side.
- The administrator side front-end application was coded in Visual Basic, which would run on the local client machines while accessing the back-end database through the local Internet.
- The Driver side front-end Internet application was coded in Perl and run on the same third party server that hosts the database
- Managed project plan, created business charter and requirements, developed flowcharts, Entity Relationship diagrams, Use Case Diagrams
- Did process analysis and information analysis using business core values
- Development costs for this solution was approximately $14,720
- The new system required three months to implement and will have a payback period of six months
- The projected Net Present Value was $421,829 given a six-year projection
- Based on operational, technical, economic,
and schedule feasibility, system achieved a total of ninety-four
(94) in the feasibility analysis matrix.
|
|
Account Manager at CompUSA (7/98 to 8/99)
- Started with five accounts, opened twenty new accounts, and changed the overall performance of the corporate sales.
- Did monthly sales of 150k to 200k, while maintaining 25 government and corporate accounts.
- Full filled the requirements of hardware, software, networking, training and technical support
- Provide full tech support as well as customer service over the phone and on site
- Issued quotes and turned prospective leads
to sales. Maintained the future sales pipeline
|
|
