85 Mountain Avenue * New Rochelle, NY 10804 ea6b3246@westpost.net Home: 914-834-6242 Cell: 914-980-3211 PROFILE Unique blend of practical hands on and targeted audit experience in Information Technology Auditing. Solid technical background effectively identifying selecte d critical technology risks and controls. Focused on achieving high performanc e standards, ensuring system data availability, integrity, compliance, and confi dentiality. * IT Governance * Business Continuity/Disaster Recovery * Distributed and Mainframe Systems * Compliance (e.g., SOX) * Quality Assurance * Capacity Planning * Computer Operations * Application Development and SDLC * Facilities and Data Center Assessments * Information & Physical Security * Incident & Problem Management * Crisis Management/Pandemic Planning * ITIL, COBIT, COSO, FFIEC HIGHLIGHTS * Conducted in depth reviews for complex enterprise wide technology environments , business systems and processes, such as IT Governance processes, systems opera tions management (IBM, midrange/UNIX), and change control (IBM, VAX, Harvest). M VS and OS/400 operating systems, information security operations, disaster recov ery participation, contingency planning, incident response and suspicious activi ty reporting, technology compliance, new data center readiness, mainframe subsys tems such as JES2, enterprise integration services, data architecture, identity management and authorization, web authentication components, e.g. LDAP, and capa city planning. * Reshaped standard audit processes and procedures, and tailored a continuous mo nitoring program governing technology-related incidents, business continuity, Op erations/Technology meetings and presentations, and change control status meetin gs, resulting in an enhanced view of IT Infrastructure Audit. * Conceived several initiatives to improve business continuity programs, includi ng monitoring business continuity technology recovery testing and critical appli cation contingency testing solutions. * Managed the audit process in the performance of specific IT audits, e.g., IT G overnance and business continuity/disaster recovery, including supervision of au ditors assigned. * Improved the configuration management process by suggesting enhancements to au thorization of program and system changes. EXPERIENCE The Bank of New York Mellon, New York, NY 2000 - 2010 Vice President - Infrastructure Audit Accountable for the development of infrastructure audit plans and execution of i nfrastructure audit programs, including IT Governance, business continuity, disa ster recovery participation, program change control, incident and problem manage ment. Critically assessed technology environments and provided input for develop ment of policies, standards and procedures. * Collaborated with co-workers to develop a comprehensive risk management framew ork; identified critical risks and controls, and categorized them into thematic IT issues and strategic solutions to resolve them. * Partnered with SOX examiners to develop a comprehensive assessment program to evaluate risks and controls in IT infrastructure, resulting in reduced issues. * Provided audit oversight on the performance of business continuity technology recovery testing and critical application contingency testing. * Performed data center physical and environmental audits, utilizing expertise i n assessing major building systems for the purpose of determining whether the da ta centers could adequately support the production environment. * Supervised global staff in performing a comprehensive IT Governance review. The Federal Reserve Bank of New York, New York, NY 1989 - 2000 Senior IT Auditor - Infrastructure Audit Lead the data center physical and environmental audits, including major building systems, e.g., fire detection and suppression. Enhanced infrastructure audit p rograms including IT Governance, business continuity, disaster recovery particip ation, program change control, configuration management, and incident and proble m management. Critically assessed technology environments and provided recommend ations for development of policies, standards and procedures. American International Group, New York, NY 1987 - 1989 IT Auditor - Technology Audit Made a lateral move into IT Audit from Technology. Learned the art and science of IT Audit including developing expertise in risks and controls. Developed exp ertise in performing physical and environmental control reviews. Performed vari ous technical reviews including the MVS operating system. F.I.S.A., New York, NY 1984 - 1986 Business Systems Analyst Developed, implemented and supported several business solutions, working closely with application developers and user areas. Team member responsible for improv ing the Warrant Reconciliation system. Collaborated with Senior Management in t he procurement of software products, and managing vendor relationships. Financial Trading Systems (FTS) Incorporated, New York, NY 1984 Documentation Specialist Developed technical and user documentation for on-line securities products. Dun & Bradstreet, Wilton, CT and New York, NY 1982 - 1984 Applications Development Programmer Developed software for the insurance industry. EDUCATION & CERTIFICATIONS Advanced Computer Science Certificate, Long Island University, Brooklyn, NY B.A., Queens College, Flushing, New York Certifications: CGEIT, CFSA, ITIL Foundation Certified Member of ISACA International and New York chapter Member of ISSA International and New York chapter SKILLS Strong understanding of business requirements for IT, IT management practices, a udit concepts, and continuous monitoring/auditing Experience with System Development (SDLC) processes and requirements for develop ing business applications Hardware, Operating Systems: IBM mainframes (MVS-z/OS), AS/400 (OS/400), Digital VAX/VMS Databases: DB2 Security and Audit: Various systems including Remedy 7, Service Center, Harvest, CA-Examine for MVS, SiteMinder, LDAP, mainframe security: Top Secret, ACF2, and RACF. Paisley AA/2000, and TeamMate audit work papers Software: Microsoft Office, Lotus Notes