Description
ACCOMPLISHMENTS * Led implementation of IAM products: Lieberman ERPM and Verizon's UIS (2-factor authen) ensuring network integrity * Directed Bank of China's OCC compliance projects gained 100% Fed approval of systems security controls framework. * Turned around troubled SOX review - IT audit project for Steve Madden, completing process in days, not weeks. * Led security implementation for IBJ-Mizuho Bank, building fully-secure distributed system for 5000 users. * Established a Fleet Brokerage CIRT by documenting cyber invasion processes and designating contingency personnel. CAREER SUMMARY - Permanent Employee & Independent Consultant in all aspects of IT Controls - IT Audit, IT Security, IT Risk, IT Compliance/Governance Project Management, Team Head/Director/Manager/Leader, also Independent Peer and Project Subordinate Some work projects done as BEATRICE BLOCK ENTERPRISES, INC., 2003 - 2016 Personal mission: To fortify and improve the technology controls paradigm of an organization while simultaneously working with personnel team to enhance knowledge and capabilities to support the organization's IT controls structure. All of my work experience & accomplishments point to this. Personal Motto: Work-Knowledge-Humility * Conducted/ Performed multiple IT security/audits/SOX reviews, & risk assessments Identified threats/vulnerabilities, mitigated security risks inherent in technology products and vendor relationships verified IT general controls, addressed logical user privileges/entitlements, authentication, authorization, infrastructure controls architecture verified application interface integration with systems developed enterprise security policies and procedures for C-Level IT Steering Committee corrected outstanding audit findings/exposures mitigated operational risk review findings developed overall risk-controls framework based on NIST 800-53, 800-30, 800-37, 800-39, COBIT, ISO knowledge of FERPA & 1974 US Privacy Act, Cybersecurity Act 2015 Developed PMI project plans/schedules for security/ compliance/risk projects developed/monitored budget constraints flowed systems, data, and processes for internal business/IT units, outsourced vendors. Presented project status reports to exec leaders and key stakeholders. Reports submitted to gov't agencies. * Completed Regulator IT Risk initiatives (SOX 404) and IT audits for Citibank, JPMorgan Chase, AIG Bank One, Fleet Bank, Provident Bank, PSEG of NJ - Evaluated/recommended IT infrastructure/application controls for compliance per regulatory requirements assessments in financial, insurance, medical, manufacturing and government institutions to discover emerging risks and potential impact on the organization. Reviewed security control gaps, quantified/qualified risks and recommended corrective controls activities, reduced risk and strategically improved business performance, with emphasis on customer data leveraged Coopers & Lybrand project management training & experience to refocus teams towards tactical objectives and milestones completed projects in weeks with cooperation helped to modify enterprise wide business users' activities after troubleshooting problems in team environment. Drafted reports and PowerPoint presentations for executive management and others. Beatrice Block, CISA, CISSP, CISM, CIA, CGEIT, CRISC, CBM 914.564.9984 M 914.631.1993 H blockb@aol.comwww.linkedin.com/in/beatriceblock /http://www.jobfox.com/people/BeatriceBlock Summary
Accomplishments
Highlights:
Keywords
