Sr. IT Risk Assessment Consultant at MetLife
Cincinnati Area | Insurance

Audit Manager and Project Manager with extensive technology background and emphasis on IT-to-Business communication interested in opportunities where I can contribute to the success of a company by evaluating the effectiveness of computer and security controls, and assisting in the rollout and acceptance of change as it is expressed through project management, education, campaigning, or relationship management.


Project Management/SDLC in EssUP, Waterfall, Agile.

Written software documentation, reports, executive summaries, process documents, policies, governance documentation, regional service descriptions, prose fiction, non-fiction, product and media reviews.

Auditing: Process and security controls auditing w/ERPs, Security Software, DBs, Change Management.Disaster Recovery strategy & plans.

IT Risk & Security Consultant (2014 - Present)
IT Audit Manager (2012 - 2014)
American Modern Insurance Group

Determine direction of IT Audit group within Internal Audit including the activities of IT Audit at two additional sister companies that have no IT Audit presence. Includes hiring decisions and contracting with staffing agencies to provide temporary support.

Determine what audits to perform, manage the activities and reporting of those audits with all business units including IT, and discuss results with multiple VPs, the CFO, and the CIO, explaining results where appropriate.

Coordinate with Financial audit teams at each company and Group Audit at parent company, Munich RE, as well as Risk Management teams at each company.

Contribute to discussions on the role of IT Audit for Munich RE's North American region, including definition of the IT Risk Assessment, and how to approach testing of regionally shared controls and service centers.

Responsible for increasing output of IT Audit department over 400% in the first year as manager while simultaneously increasing quality of audit work and reports, and improving relationship with the IT Department.

Subject Matter Expert on SOC1 audits, assisting business units in the selection of audit firms, initial planning, and providing support during testing.

President (2014 - 2014)
Greater Cincinnati ISACA Chapter

Leads the Greater Cincinnati ISACA Chapter Board by organizing meetings, monthly chapter events, semi-annual training events, and other chapter events. Also coordinates with other professional associations in the Greater Cincinnati area, other ISACA Chapters in the region, and with ISACA International.

(Resigned as a result of a move out of the Cincinnati area.)

Secretary (2011 - 2014)
Greater Cincinnati ISACA Chapter

Maintain meeting minutes, record board voting, contribute to discussions on chapter decisions and direction.

IT Project Coordinator (2011 - 2012)
American Modern Insurance Group

Managed an estimated $1M infrastructure replacement project of IBM WebSphere Process Server with Apache Camel java solution to save $250k/year in costs. Developed project plan, SDLC documentation, and managed team, hours, budget, and risk register. Delivered on time and significantly under estimate.

Developed IT Services Model for site with input from site CIO and his direct reports, published to regional IT management.

Simultaneously managed 5 infrastructure application/OS upgrade projects over six months.

Brought in to recover damaged relationship between business and telecommunications group over previous project mismanagement. Greatly improved relationship and level of communication within three months.

Developed SharePoint governance and usage model for department. Managed creation of internal policy management system on SharePoint.

Senior IT Auditor (2008 - 2011)
American Modern Insurance Group

Responsible for developing audit plans, executing those audits, concluding on the results, and reporting those results to management and executive management including C-suite. Monitors several on-going initiatives including several major software development projects, and readiness simulations of business recovery and IT recovery plans.

Principal IT controls auditor for compliance audits, integrated audits, and system development audits.

Redesigned the technical controls framework for compliance audits and defined the IT Audit Universe.

IT Controls Auditor (2005 - 2008)

Performed in a supervisory role on 6 controls audit projects of Fortune 500 companies.

Designed major aspects of internal control framework for 2 companies.

Lead a team of four in the assessment and creation of a formal Disaster Recovery Strategy and Recovery Assessment documents for a Fortune 20 company.

HealthCare IT Consultant (2004 - 2005)

Performed testing in 6 Sarbanes-Oxley 404 Audits in the area of Application Security and Change Management Controls at 1 Fortune 500 company, 1 major university, and 4 Philadelphia-area hospitals.

HealthCare IT Consultant Intern (2004 - 2004)

Provided support to a PwC Director in redesign of IT department operations and staff based on the new organizational model and strategic plan.

Contributed to the development of the initiative prioritization methodology for a healthcare system's long term operating plan.

Created multiple formal documents, presentations and proposals for projects valued at $15-30 million.

Lead Software Developer (2002 - 2003)
Full Disclosure Media

Developed a web-based online conferencing and audio streaming service using largely open source technologies on a Linux platform. Designed web interface and back-end audio streaming functionality.

Online Classroom Technical Support (2001 - 2002)
Rochester Institute of Technology

Provided technical support for RIT's suite of online classroom software. Responded to domestic and international calls for support. Developed online database support and modification portal in ColdFusion.

Learning & Education Intern (2000 - 2000)

Provided materials collection and distribution support for several nationwide internal education seminars and training programs in Pasadena, CA; Dallas, TX; Fort Worth, TX; and New Brunswick, NJ. Acted as first contact for hotel personnel at Pasadena, CA training.

Skills & Expertise

Project Management, Agile Project Management, Technical Documentation, IT Audit, Internal Audit, Auditing, Security Audits, Blogging, Social Media, Creative Writing, Technical Writing, Process Improvement, Risk Management, Software Documentation, SDLC, Governance, Disaster Recovery, Information Technology

Rochester Institute of Technology (1999 - 2004)
B.S. in Computer Science, Add'l Study: System Administration, Software Engineering, Creative Writing

Leave a Reply