|
tharook (ID: 710722)
|
|
|
Finance & Accounting
|
|
Earnings (Year):
$0
|
|
|
|
|
Summary
|
| Member Since: |
May 12, 2003 | 0 quotes in last 30 days
| Last Signed in: November 28, 2009
|
| Location: |
Atlanta, Georgia | United States |
| Would work on site: |
Yes |
| Earnings (All Time): |
$0 |
Earnings by Skill (Year): |
| Finance & Accounting |
$0 |
| CPAs & Public Accountants |
$0 |
|
Feedback |
| Rate: |
Min. Rate: $90.00 | Min. Budget: $0.00 |
Work Terms |
| Industries: |
Consumer Goods & Services, Health Care, Hospitality & Leisure, Professional Services, Technology & Internet |
|
|
Highlights
|
|
Professional Services
Robert Half- Dallas 09/2004 to Current
03/2006 to Current
� Project Manager SOX Remediation - McAfee Inc.
Lead project initiating for reviewing, revising and implementing the Critical Views for Siebel to align with existing SOX compliance goals. By identifying Roles and Responsibilities, Major Milestones, Deliverables, Communication Plan, Issue Management Plan, Risk Management Plan and Project Change Management Strategy. Develop Scope Statement and Project Strategy (Objectives).
? Implement standardized processes for systems, applications, and data:
? Account Creation & Deletion
? Account Change Management,
? Segregation of Duties (SOD) Enforcement
? Standardize identity stores, introducing access control platforms, and integrating approval workflow
? Address SOX logical access control and segregation of duties (SOD) deficiencies for critical views and create manual audit processes to ensure continued compliance
? SOD Matrix
? Define Matrix that would be limited to Siebel Critical Views only
? Secure Access to Critical High Risk Views
? Implements control activities around Siebel Critical (Administrative) Views
? Define Siebel User Administration Processes
? Re-align User Access for all functions related to Provisioning, De-provisioning and Maintenance of User Access as well as all other System Security functions for critical views.
? Create a User Administration Team responsible for the Provisioning, De-provisioning and Maintenance of User Access, including CAM Partner Access. User Administration Team would also be responsible for Responsibility Administration and Position Administration.
? Create a SOX Monitor Role, separate from the User Administration and Siebel System Administration team, to perform the auditing of all processes providing evidence for SOX Compliance for User and System Administration.
? Perform any necessary BPR (Business Process Remediation) to accommodate the goals listed in above.
10/2006 to 01/2006
� UICI-North Richland Hills, IT Controls Auditor: Test general controls based on the COBIT/COSO guidelines: Audit of financial computer system (Insight/PowerStepp/CYMA/Blue Card/Starbridge) including reviews of financial information access and internal control (as required by Section 404 of the Sarbanes Oxley Act) supporting and advancing the regulatory, governance and business objectives of organizations. Assist client in assuring controls and assessing risk management systems by incorporating control assurance into the audit process.
9/2005 to 10/2005
� Trammell Crow Company-Dallas, IT Access Security Controls Auditor: Test general controls based on the COBIT guidelines: Audit of financial computer system (CTI/PeopleSoft) Working directly with a remediation team made up of IT staff representing AS400, and RS6000 which includes reviews of financial information access and internal control (as required by Section 404 of the Sarbanes Oxley Act) supporting and advancing the regulatory, governance and business objectives of organizations. Assist client in assuring controls and assessing risk management systems by incorporating control assurance into the audit process.
12/2004 to 5/2005
� Baylor HealthCare System-Dallas, Information Security Analyst/Risk Management: Identify and make recommendations concerning security vulnerabilities; complete and implement project plans; and resolve security issues. Provide security capability, vulnerability, and risk assessments of the information systems. Provide and maintains technical expertise on security aspects of systems, applications, and networks; and assists in assuring that specific information security plans/goals are consistent with organizational plans/goals.
11/2004 to 12/2004
� Sabre-Holdings-Southlake, IT General Controls Auditor: Test general controls based on the COBIT guidelines: Audit of financial computer systems (SAP, Hyperion, ADP and Scorpion) including reviews of financial information access and internal control (as required by Section 404 of the Sarbanes Oxley Act) supporting and advancing the regulatory, governance and business objectives of organizations.
9/2004 to 11/2004
� Trammel Crow Company-Dallas, IT Controls Auditor/Project Lead: Test general controls based on the COBIT guidelines: Audit of financial computer systems (PeopleSoft and CTI) including but not limited to descriptions listed above.
Securance Consulting 01/2006 to 03/2006
� Pantry Holdings- Raleigh, Risk Management: Responsible for conducting assessments ensuring the secure operation of systems, implementation of and compliance with security policies and procedures, and develop remediation plans following security incidents. Develop
remediation plans following data and information systems security incidents, work with system administrators to implement corrective measures and follow up on audit findings and remediation plans to ensure that management has taken corrective action(s). Develop and implement strategies/processes that validate policy and regulatory compliance in close coordination with internal auditors. Respond to reported security violation project work received by phone, email or Data Security Organization. Prepare and present written and oral reports and other technical information in a pertinent, concise, and accurate manner for distribution to management.
Jefferson Wells International 09/2004 to 11/2005
10/2005 to 10/2005
� Innkeepers REIT-Morristown, IT Controls Auditor/Project Manager: Test general controls based on the COBIT guidelines: Audit of financial computer system (Galaxy PMS/Global Tech POS/AP Tech Accounting) including reviews of financial information access and internal control (as required by Section 404 of the Sarbanes Oxley Act) supporting and advancing the regulatory, governance and business objectives of organizations. Assist client in assuring controls and assessing risk management systems by incorporating control assurance into the audit process.
8/2005 to 9/2005
� Innkeepers REIT-West Palm Beach, IT Controls Auditor/Project Manager: Test general controls based on the COBIT guidelines: Audit of financial computer system (ADP/JD Edwards). Validate the security program and verified that the implementation is aligned with security policy and regulation applicable to the business, as well as industry best practices. Identify, develop, and test internal controls and policies. Write detailed reports and analysis of research findings and also performed an assessment of current state and gap analysis including survey and interviewing activity.
7/2005 to 8/2005
� World Airways Holdings-Atlanta, IT Controls Auditor/Project Lead: Test general controls based on the COBIT guidelines: Audit of financial computer system (Crew Check/AIMS) Validate the security program and verified that the implementation is aligned with security policy and regulation applicable to the business, as well as industry best practices. Identify, develop, and test internal controls and policies. Write detailed reports and analysis of research findings and also performed an assessment of current state and gap analysis including survey and interviewing activity.
5/2005 to 7/2005
� Global Payment Inc-Atlanta, International IT General/Application Controls Auditor: Test general controls based on the COBIT guidelines: Audit of International financial computer system (MUZO/Czech Republic) Working directly with a virtual remediation team across international borders made up of IT staff representing AS400, CMS accounting, FoxPro, DC2 and Tandem Base24, Web and Security globally. Delivering a SOX compliant process that will pass auditor scrutiny.
09/2004 to 12/2004
� Innkeepers USA-West Palm Beach, IT Controls Auditor/Project Manager: Test general controls based on the COBIT guidelines: Audit of financial computer systems (JD Edwards and ADP) including but not limited to descriptions listed above.
Employers Direct Health Inc- Dallas 4/2001 to 7/2004
Provided Business Continuity and Information Security services to clients as described below:
� Soserv Inc. Continuity Consultant/Project Manager: Served as lead advisor in the development of audit program, risk assessment, work papers and audit findings, and reviewing event and activity logs to identify any malicious or unauthorized activity.
� School Way Inc. Business Continuity Consultant/Project Lead: Manage the successful delivery of effectively priced professional services; (Technology Profile; BIA; Plan Strategy; Business and Technology recovery plan and Test Management). Develop and price comprehensive statement of work for; (Technology Profile; BIA; Plan Strategy; Business and Technology recovery plan and Test Management).
� NCM Disaster Recovery Consultant: Lead group in policy and procedure implementation and documentation writing, implementation of security solutions, patch management techniques and processes, risk management and mitigation, identity management, PKI, forensics, incident response, biometrics, work with Compellent Technologies in providing a SAN solutions.
� Employers Direct Health, ISAS Security Manager: Project Manager for a team that provided management and maintenance of a highly secure hardware and software systems and the implementation of Quality Standards (HIPAA Privacy and Security and ISO- 17889) in all phase of life-cycle development.
� Cam-Bran Entertainment Project Manager: Led network security design, implementations and cost evaluations. Provided configuration management of network security devices and wrote policies and procedures. Evaluated major security control systems and determined business impacts on projects. Directed security team efforts and communicated actions and tasks. Lead the development and presentation of an overall strategic plan to the client for their input and approval.
|
|
Skills
|
| Years of Experience: |
No information provided |
| Highest degree: |
High School Degree |
| Software Skills: |
No information provided |
| Additional Skills: |
A Seasoned Information Security/Business Continuity Professional with years of Risk and Regulatory Compliance management with experience in IT Services, e-Commerce, Retail, Warehousing & Distribution, Banking, Health Care, Insurance, and Educational industries.
Profile
Compliance and Project Mgmt PMP, PMI Member, Project 2003, Visio 2003, MS Office, and Exposure to formal design methodology such as Monte Carlo, CMM, COBIT, COSO, SAS70, SDLC, Risk Management, Business Intelligence, Business Process Management, HIPAA Privacy and Security, ISO-17799 and Sarbanes Oxley 404.
ERP, CRM iManage, Stellant, Share Point, Front Range (Goldmine and Heat), SAP, JD Edwards, Siebel, ADP, Scorpion, FoxPro, CMS, DC2, Tandem Base24, RIS, Hyperion, CTI and PeopleSoft.
Operating Systems MS Windows, Netware, UNIX, OS/2, AS400, Tandem, SUN and RS6000
Programming and Web C++, Rexx, MS Visual Basic, ASP, HTML, HTTP(S) and IIS 4-5-6
Test Tools Net scan Tools Pro, Ping Plotter, Solar Winds Network Management Tools, ISS network Scanner, Eye Retina Network Security Scanner, Wild Packets Ether Peek Packet Analyzer and Ethereal Packet analyzer and IDS/IDP, Anti-Virus, Anti-SPAM
Network Architect Cisco Routers/ Pix Firewalls, WatchGuard Firewalls, HP ProCurve switches, 3Com switches, McData and Foundry ServerIron, eProvision Novell Nsure
Telecommunications PBX phone systems AT&T, NEC 2000 and Nortel Meridian Opt 11-81C,
Meridian Mail, Call Pilot, Symposium Call Centers |
| Tested Skills: |
 |
| The Freelancer has not taken any Skill Tests. |
|
|
Work Terms
|
|
No information provided
|
|
|
| |
|
|
|
|
|
<
|
The Freelancer has not uploaded images.
|
>
|
|
|
|
My Account URL
|
|
Contact this Freelancer Now!
|
|
Instant Messenger
|
|
The Freelancer has not entered IM information.
|
|
Global Region
|
| Country: |
|
United States |
| GMT: |
|
(UTC-05:00) Eastern Time (US & Canada) |
| Local Time: |
|
8:15 PM |
|
|
|
|
|
| Profile |
|
|
|
