Dedicated IT Risk and Information Security Manager well-versed in analyzing and mitigating risk and working with
teams to find the most cost-efficient and realistic solutions to help ensure organizational compliance.
Strong communication skills
Managing tight deadlines
Software Development Life Cycle principles (SDLC)
Strong working knowledge of Information Technology General Controls
Familiar with PCI, SOX, FFIEC, ISO and many banking regulations
Blue Rewards with American Express
Helped American Express to obtain PCI ROC 6th year in a row
Consistently served as audit liaison between internal and external auditors and EGT with all ending in successful audits
Maintained audits for 2 offices within Fifth Third Bank, both of which were successful with a passing rate over 95%
Exceptional monthly audit ratings with Fifth Third Bank
Consistent "A" or 5 star rating in Gallup Polls
Acknowledged as "Best Employee Coach" among my peers with Fifth Third Bank
Record of "No Employee Turn Over" during time spent as Operations Manager
Stellar Teller Award from AmSouth Bank
Honorable Discharge following completion of time served in US Army
Humanitarian Services Medal for providing support after Hurricane Mitch in Honduras
Joint Service Achievement Medal for service in Bosnia.
05/2016 to Current
Senior IT AuditorAuditwerx a Division of Carr, Riggs and Ingram, LLC - Tampa, FL
SOC planning, testing, budgeting and reporting.
Kicking off the engagements with all relevant parties on the client side, setting timelines and expectations for all major engagement milestones and determining potential audit risks.
Plan the engagement to address the audit risks, develop test plans including knowledge of sampling standards and execute the testing through final reporting to the client.
05/2011 to 05/2016
IT Risk/Information Security ManagerAmerican Express - St. Petersburg, FL
Responsible for management and oversight of Process Risk Self-Assessment (PRSA) within the Information Technology General Controls (ITGC) - including completion of RAQs, RCMs, identification of process risks and controls along with continual updates as technology and processes change.
Design and perform testing for key internal controls including but not limited to Security, System Development Lifecycle (Agile and Waterfall methodology), Change Management, Operations at the Application, Database, Operating System, and Network level.
Responsible for management and oversight of the creation and design of controls used for testing to ensure Payment Card Industry (PCI DSS) standards are met to ensure Report of Compliance is received annually.
Complete annual risk assessments to ensure adherence to GLBA, PCI and ISO standards.
Act as a key custodian for Key Management process to participate in the secure administration and distribution of cryptographic keys.
Serve as the liaison between auditors and the technology organization to support the facilitation of internal and external audit exams and regulatory activity which includes collection and review of data and samples requested, seeking resolution and assisting in the closure of findings by working closely with all pieces of the EGT organization for long term remediation.
Maintain ownership of and responsibility for the Serve IT Information Security Policy suite and Information Security Program including design and delivery of employee awareness training.
Manage IT Operations exceptions which includes advising on creation and following through to closure.
Create presentations for senior leadership team used to demonstrate our Information Security Program.
Maintain the ORE (Operational Risk Event) inventory and CAPs (Compliance Action Plan) on behalf of Serve technology for inputs, updates and closures.
02/2008 to 12/2010
Customer Service ManagerFifth Third Bank - Indian Shores, FL
Responsible for maintaining compliance within dual offices through regular monthly audits to identify and assess any risk
Review accounts, files, data, and any other system information for accuracy and compliance.
Assist customers with fraud disputes relating to any method of payment.
Work on disputes against back office and items not posting correctly or missing from customer's account.
Keep branch up to date and trained on current regulations, policies and procedures through innovative means.
Attend monthly meetings to stay cognizant of any and all changes to the bank and bank regulations.
Responsible for coaching and mentoring staff on security and customer service.
Prepare performance reviews, make hiring and firing decisions and perform weekly one on one coaching.
Received promotion to dual manage and audit two offices during time of downsizing.
Contact Supervisor: Yes, Supervisor's Name: Michael Constantine, Supervisor's Phone: 727-399-2725.
05/2007 to 02/2008
Relationship BankerAmSouth / Regions Bank - Holiday, FL
Act as a financial advisor regarding loans, savings, mortgages and investment opportunities along with account openings and maintenance.
Established strong customer relationships in order to better understand their needs and where the bank would be of benefit to them.
During AmSouth and Regions Bank merger, provided field support by traveling to Illinois as sole support for legacy Regions branches located in and around that area.
Ensured a smooth transition for legacy Regions staff and management by seeing that regulations were followed, any computer errors were troubleshot, and employees were proficient in utilizing the new system and were aware of its capabilities and limitations.
Contact Supervisor: Yes, Supervisor's Name: Ken DiBenedetto, Supervisor's Phone: 727-937-5173.
07/2006 to 05/2007
Operations ManagerAmSouth / Regions Bank - Holiday, FL
Held the position for less than one year due to a promotion within the company.
Maintained dual positions for 6 months until someone could be on-boarded as my replacement but was still looked to as a source of guidance by the tellers and management even after this time.
Made on the spot decisions for the tellers regarding uncommon transactions/customer requests, provided solutions to various questions and problems that arose on a day to day basis with both the staff and customers.
Placed disputes for customers, assessed the situation to help determine the cause and solution.
Prepared performance reviews for the tellers as well as any disciplinary action that was necessary.
Maintained compliance within the branch through monthly audits, monitoring cash items, accounts and data entry.
Attended monthly meetings to receive updates and training on current regulations and best practices.
Contact Supervisor: Yes, Supervisor's Name: Ken DiBenedetto, Supervisor's Phone: 727-937-5173).
Master's Degree: Business AdministrationAmerican InterContinental University USBusiness Administration