IT GOVERNANCE, RISK, COMPLIANCE, AND SECURITY
CISA, CGEIT, ITIL, CBCLA, and PMP
Global IT Governance, Information Risk, Compliance (GRC), Enterprise Security, and Project Management professional demonstrating progressive leadership, turning around IT culture and operations, and transforming business performance. Experienced with broad range of global Fortune 500 corporations (Pfizer, GSK, Bristol-Myers, and Siemens Healthcare) and clients of KPMG and Booz Allen Hamilton including utilities, pharmaceuticals, health care, and financial services.
" Building and implementing process improvement, project management and compliance programs using ITIL, COBIT, ISO 2700x, PCI, HIPAA, and PMBOK frameworks.
" Installing IT governance with portfolio management and building trusted relationships with C-level decisions makers to prioritize, negotiate, manage and control transparent IT multi-year budgets of up to $800,000,000.
" Developing customized system development lifecycle (SDLC) and project management methodology.
" Retooling dysfunctional IT groups into high performance business partners.
" Team leader with a strong technical background who is able to digest the most complex concepts to deliver executive-level action plans in a clear fashion.
" Organizing global cross-functional teams and program management offices (PMO) to deliver results that consistently exceed expectations and effectively communicate to stakeholders.
" Building and leading enterprise wide M&A integration teams and achieving lower than expected costs and shorter durations.
Suez Environnement UNITED WATER, Harrington Park, NJ (HQ Paris, France) 05/2003 Present
North American division of $100 billion international utility company
Director IT Security (05/2006 06/2014)
Reported to CIO. Mandated to install enterprise IT practices and IT security compliance and risk management into 200 remote sites and to lead IT integration of acquisitions in GDF Suezs North American growth strategy.
§ Achieved 100% Sarbanes-Oxley (SOX) and other security compliances by developing and implementing enterprise-wide IT controls using the COBIT, ISO 2700x, PCI, HIPAA, and ITIL frameworks.
§ Developed IT strategy, enterprise security architecture and technology roadmap. Lead all risk and security projects.
§ Developed and implemented security controls to pass SSAE 16 certification.
§ Developed comprehensive risk management, PII and privacy, vulnerability management, and incident management (data breaches) programs.
§ Originally wrote and recently updated United Waters Systems Development Lifecycle (SDLC) that is used for all IT projects.
§ Recognized need for comprehensive IT disaster recovery and business continuity, sold concept to senior management. Developed disaster recovery requirements and budgets, built cost-effective disaster recovery center, and tested disaster recovery and business continuity plans.
§ Created security strategy and audit programs for SCADA systems.
§ Using only internal resources successfully lead 4 M&A IT integrations that more than doubled company size. Successfully migrated legacy CRM/CIS systems in Oracle Utilities Customer Care and Billing (CC&B) and AMI.
§ Performed due diligence prior to acquisitions, created project plans and budgets, solicited senior management buy-in, assembled and led cross-functional teams (IT, HR, A/P, Finance, Payroll, and Operations).
§ Developed IT/Business Technology Master Plan. Drive enterprise-wide, global initiatives to identify process improvements, deliver innovations and generate revenue.
Director IT Applications Development & Support (05/2003 05/2006)
Reported to CIO. Specifically recruited to turnaround and develop IT Applications & Support and Program Management Groups following merger, acquisition, failed outsourcing to EDS, and senior management discontent.
§ Attained marked improvements in department output and quality despite a 50% reduction in headcount by implementing professional methodologies (IT Governance, program and portfolio management, security and compliance, SDLC, ITIL based service delivery/change management), developing enterprise architecture, standardizing technology, expanding knowledge base, improving stakeholder communication, and cross-training staff.
§ Reduced dependence on external consultants by developing internal project delivery capability by building PMO from scratch, writing SDLC with detailed templates, developing and implementing new processes, personally training and mentoring staff, and replacing some poor performing personnel.
§ Slashed maintenance and administrative costs, while improving system efficiency and management control through the consolidation of 5 stand-alone billing systems.
§ Significantly reduced annual IT operating costs (over 30%) by outsourcing major applications and services, including PeopleSoft Financials and Customer Billing.
§ Enhanced management control over rates, revenue, collections, meter readings and customer service, by championing and deploying enterprise data warehousing system (Oracle and Business Objects) integrating numerous heterogeneous legacy systems.
§ Updated CRM through the introduction of internet & telephony technologies to optimize processes for 13 mission-critical applications to enhance customer self-service options and ensure appropriate reporting.
§ Overcame stiff organizational resistance at all levels and implemented enterprise-wide Water Operations compliance system, which for the first time, alerted senior management to dangerous water quality issues and avoided costly remediation costs and adverse public relations.
PFIZER, New London, CT 05/1999 05/2003
Worldwide Head - Informatics Business Management
Reported to CIO. Accepted challenging mission to centralize global IT silos into a high performance, business-oriented organization.
§ Following merger with Warner Lambert established Worldwide IT Business Management Group to and direct the integration of IT governance, strategic planning, security, investment, portfolio management, SDLC, and PMO.
§ Consolidated 24 disparate global IT groups and cut $125 million from $900 million budget by instituting holistic ROI portfolio prioritization, Enterprise Architecture framework, and PMO to align IT with business goals and priorities.
§ Developed and produced quarterly report to business leaders to create transparency of IT achievements, spend, portfolio management, project status, and technology strategy.
§ Drove large-scale R&D systems and business process integration, following the mergers with Pharmacia and Warner Lambert. Achieved flawless day-1 transition without disrupting business continuity.
§ Headed a cross-functional team to develop and conduct enterprise security risk assessment. Led the development of standard security controls, architecture, policies, and auditing matrix tool.
§ Developed and implemented Managed Service Provider Program (MSP) controlling over 2500 global IT contractors, generating $80 million in savings, while improving quality of contractors.
KPMG CONSULTING, Radnor, PA and McLean, VA 08/1996 05/1999
Senior Manager Enabling Technologies Practice
§ Developed and implemented strategic IT organization, methodology, and PMO for a Fortune 50 insurance company to insource a completely outsourced IT department.
§ Planned and implemented an IT support organization and designed IT infrastructure for a $7 billion global companys ERP solution.
§ Chosen for national SWAT team to develop and implement KPMGs Enabling Technologies methodology, lead pre-sales and proposal development efforts, and correct imploding engagements, as well as to help local account teams close major deals exceeding $5 million. Set up initial PMOs for major engagements.
BOOZ ALLEN HAMILTON, INC., McLean, VA 07/1993 07/1996
§ Developed, managed, and controlled the entire engagement cycle, from lead identification, proposal development, client contract negotiations, PMO, and delivery.
EDUCATION & CERTIFICATIONS
§ Masters of Science - Engineering Management, Drexel University
§ Bachelor of Science - Computer Science, University of Pittsburgh
§ Certified Information Systems Auditor (CISA), ISACA
§ Certified in the Governance of Enterprise IT (CGEIT), ISACA
§ COBIT Foundation Certificate, ISACA
§ ITIL Foundation in Service Management Certificate
§ Certified Business Continuity Lead Auditor (CBCLA), Disaster Recovery Institute International
§ Certified Project Management Professional (PMP), Project Management Institute
§ Masters Certificate in Advanced Project Management, Stanford University