Expertise in SOX Controls, Policy, Digital Technology Controls, SailPoint IIQ - Logical Access Reviews and Access Requests, Segregation of Duties - Compliance Manager Service NOW - Governance Module - Policy, Control Framework, Risk Assessments

Currently working at SAIT leading the Information Technology Service Management Project. Design, develop and implement ITIL best practices to enable effective and efficient services for the University customers. Processes include: Service Catalog, Request Fulfillment, Incident and Change Management.

─ Utilization of ManageEngine and the ITIL framework in spearheading, developing, and implementing change, incident, request, problem, asset management processes, and service level objectives and procedures─ Management and coordination of all internal, external, and National Credit Union Administration (NCUA) audits while arranging, monitoring, and resolving gaps─ Leadership of the IT Service Desk for all IT and end business user support including desktop engineering and associated toolsets─ Fulfillment of business technology operations tasks for all check, electronic transfers, ATM, and cash processes─ Systematic migration of two data centers into Azure Cloud services for all production, disaster recovery, test infrastructure, and applications─ Spearheading of the IT operations in 2016 and 2017 without National Credit Union Administration (NCUA) findings and gaps from external auditors

─ Strict compliance with the Code of Federal Regulations (CFR) 12 Part 748 through COBIT 5 mapping FFIEC, ITIL, PMBOK, and NIST cybersecurity control─ Administration of all policies, processes, standards and procedures for information technology─ Planning and implementation of data classification, categorization, and risk universe for the company’s enterprise applications; as well as all key metrics for IT operations to the board of directors─ Completion of all remediation items for audit findings in a span of 30 days of report issues─ Major decrease in the service incidents for business-critical system from 2016 up to date by 60%─ Attainment of 99% business operations and service level agreements for operational support as well as 97.3% service requests and incidents response and resolution for the past two years─ Key contributions in decreasing the number of internal audit findings for IT in the last two years by 60%

Lead SOX testing for Chewy

Performing as the IT Lead for SOX audit access review for SAP, ARIBA and ServiceBench. Working with all supervisors and approvals to obtain the necessary artifacts and certifications for PWC annual audit.Upon completion of all the documentation will provide recommendations to eliminate the challenges in this audit with process changes, software changes to streamline and simplify the current state.Career Highlight Completed the project and produced a simplified technology solution ahead of project schedule by 33%.

Description─ Creation of the Sarbanes-Oxley Act (SOX) risk assessment and financial controls which included entity, IT general, and application controls ─ Preparation of reports regarding key focus areas of risk business plans for the next steps in remediationDescription─ Collaboration with the Nemours Audit Team in establishing IT audit risk framework and data classification─ Development and update of the Health Insurance Portability and Accountability Act (HIPAA) and Payment Council Industry (PCI) controls and procedures ─ Seamless design of web pages for catalog services, while formulating and executing a show back and cost allocation model for all IT services throughout the Nemours functional business lines;─ Demonstration of skills in generating templates for business benefits realization for IT projects, as well as strategy and gap analyses for IT policies, standards, and procedures with associated regulatory controls ─ Enforcement of the new IT audit function including the development and implementation of the IT audit control frameworks, processes, and methodologies

─ Go-to person in charge of the formulating and implementing following initiatives:– Service and catalog portfolio as well as assistance for medical affairs and SLUCare physicians network;– Fixed asset reporting for IT and all the university’s divisions;– Cost allocation model for the IT operating budget ensuring transparency of cost throughout the IT services and divisions;– Key performance metrics to monitor IT progress for capital and expense budgets;– Customer and employee satisfaction surveys; and– IT manager surveys in collaboration with human resources─ Supervision of the University-wide IT Governance Committee, processes on risk assessment, and IT audits; along with compliance and remediation efforts for HIPPA in the areas of healthcare for EPIC, MyChart, Dermpath, and IDX as well as PCI for all credit cards transactions within the university─ Strategic direction to the upcoming Federal Information Security Management Act (FISMA) certification for the university clinical trial federal grants, as well as the university information technology policy, standards and standard operating procedures in alignment with the FISMA controls─ Fulfillment of in-depth business continuity and disaster recovery gap risk and analyses─ Strict compliance and audit controls to the FISMA, HIPAA, PCI, GLBA, and FERPA regulations ─ Implementation of standard legal language for both security and compliance utilized in vendor ASPs, software, hardware, and university contracts; IT resource and forecasting standard reporting and procedures; as well as IT staffing and contractor plans and forecasts for run rates─ Management of the CIO and team in formulating a three-year strategic plan while monitoring the goals, strategic initiatives, and key performance measures─ Integral role in executing new deliverables and standards for a project portfolio amounting to over $8M as well as leading the university in the strategic program for security and compliance valuing $5.5M

─ Collaboration with the CIO to provide expertise, direction, review, and suggestions for the following:– Identity access management strategy including policies, process, and procedures;– Roadmap and architecture for identity access management; and – IT budget, forecast, process, and models─ Completion of IT cost allocation, labor rates, optimization modeling, service level costing, and total cost of ownership─ Expert leadership to the HR on- and off-boarding process improvement in partnership with the vice president of HR─ Development of an allocation model for the IT service portfolio and the university’s customer departments

─ Presiding over of training regarding application architecture, solutions delivery lifecycle as well as complex project schedule administration, while executing effective project milestone tracking matrix─ Administration of risk mitigation and issue resolution while collaborating with the Architecture Team in designing all integration patterns for robustness and scalability to assist stringent SLA requirements and data integrity through SAP transformation engine─ Expert consultation to implement the ITIL processes and vendor partner management─ Analysis of statements of work for vendor partner relationship, while delegating and monitoring deliverables with vendor partners measuring success against published and agreed upon milestones

─ Accurate validation of a five-year security plan for set-forth projects and initiatives in collaboration with Security and SAP Architecture and Developers teams─ Identification of policy, process, and standards for the quality assurance (QA) testing services─ Close coordination with the Application Development Team on the ITIL processes for request fulfillment, release and deployment, and service catalog management─ Conceptualization of the IT security reference architecture that served as stand for future security solutions for application and infrastructure─ Integration of final security policy to application development standards in conjunction with architecture and application development management─ Effective security information access management as well as e-Discovery and data retention strategies while creating the Personally Identifiable Information, (PII) data standards for clients and staff

─ Planning of IT governance function which included risk, compliance, and finance management that handled the IT decision-making procedures for all innovative technologies─ Initiation of roadmaps and business process competency strategy and mapping in alignment with business strategy and plans─ Effective management to a team of 12 highly technical resources involving architecture team members and developers─ Heading of constant strategy meeting with each business owner to understand business capabilities to align technology roadmap with their objectives─ Seamless implementation of ITIL process, standards, and procedures for change, incident, and request fulfillment management procedures ─ Carrying out of IT governance function value, strategic alignment, performance, risk and resource processes, and a two-year plan─ Key efforts in the development and implementation of the following:– Applications for IT budget forecasting in-house in charge of architecture direction and application development;– IT resource forecast and allocation/tracking application for CIO and executives to effectively manage IT resources and bandwidth and all architecture and development;– Strategy, goals, and objectives for identity access management;– Solution development life cycle RACI, process, SharePoint site, standard deliverables, and route maps for IT organization; and – Project estimation and TCO model for all IT services