Major Mortgage Provider  / IT Application Control Testing & Design Analysis
Selected to represent the Midwest Area on this 100+ member International team, where we were engaged to assist the Internal Controls Organization in design and assessment of several hundred IT application controls over a period of 6 months. Our team met aggressive deadlines, facilitating timely release of the financial statements. 

• Selected to manage a 6 member project team (tasks, people, time) where we met each project milestone on-time and under budget
• Developed relationships with the functional area Directors and the Internal Control Organization and worked side by side to assess financial statement risks, and identify the most efficient key controls while eliminating redundancy, reducing audit pressure on the business areas
• Designed tests and reviewed work papers, increasing the quality of our team's deliverables
• Developed relationships with the IT Organization and worked to develop an IT Infrastructure to reduce engagement inefficiencies allowing our team to have access to all necessary knowledge and internal tools
• Requested to continue extending the duration of my time on the project 2 times

Healthcare Services Provider: Financial IT Application Process Re-Design and Deployment
Our team was brought in to guide application and process remediation efforts from triage to containment, eradication and recovery for a failed application deployment. Critical success and accomplishments included realistic scoping and resource identification, completion of a current state assessment and future state re-design of  the application, interfaces and business processes and guiding the client through the successful re-deployment of their improved application and Financial, Operations and IT business processes.

• Conducted a triage assessment and worked with engagement and client executive management to determine a strategic plan and assisted with creation of the project charter, project plan and engagement strategy
• Designed a "hard right", SWAT style approach which was facilitated during the triage stage of the project to rapidly bring the engagement team up to speed, identify and prioritize issues, and to begin establishing norms with the client's project team.
• Conducted GL mapping, application transaction, and process mapping exercises to tie front end operational processes to the application tables and functionality through to the General Ledger and to the financial statements.

Government Defense Contractor: Outsourced Internal Audit- 404
Selected for this business development project where our streamlined project team completed 6 subsidiaries' general controls assessment in 6 weeks, completing the project ahead of schedule.

• Conducted a gap analysis, designed control tests, tested, designed new controls, and provided recommendations to management for the Operations, Change Management, and Technical Configuration 404 control areas.
• Conducted technical configuration assessments of Mainframe ACF2, Unix, Windows, Oracle Database, Oracle Financials, and perimeter network security (WAP & firewalls).

Results of our team's efforts lead to an extension of the engagement and additional sales for our financial services team.

Top Payroll and HR Outsourced Provider: IT Security Advisory Services
Our team was engaged to conduct a security assessment and to provide recommendations to IT management regarding IDS deployment, DMZ architecture, Exchange Server, Email and Web Clients.

• Conducted reviews and provided written recommendations to IT management with issues, risks, categorizations and recommendations which was used in strategic planning for the upcoming year.
• Developed a cost / benefit model for strategic IDS re-deployment vs. IPS acquisition and deployment.

Berkshire Hathaway: Outsourced Internal Audit- Sarbanes Oxley
Assessed the readiness of the IT control environment with respect to Sarbanes-Oxley compliance and presented findings and recommendations to management.

Centene Corporation: Outsourced Internal Audit- 404 / SAS70
Responsible for guiding the client through 404 readiness efforts where I documented processes, identified key controls, tested controls, facilitated remediation efforts for Change Management, and succeeded in ensuring that no significant deficiencies were identified by external audit. Additionally, we conducted a service auditor examination (SAS 70 Type I).

Smurfit Stone Container Corporation: External Audit- 404
Conducted a Sarbanes Oxley compliance audit where I assessed their ERP system, Operations, Security Administration and other IT General controls.

Leading Credit Card Company: IT Security Advisory Services
Re-designed the incident response plan, assessed & provided reccomendations to the patch management process, antivirus compliance, firewall configurations.

• Convinced Microsoft to hire an MIS student consultant instead of keeping the position in the CS department as it had been since inception.
• Facilitated an increase in donations from Microsoft to the MIS and CS departments, including a technical library for student research.
• Designed and facilitated The University of Iowa's first Microsoft Certified Professional (MCP) training program. Obtained course materials free of charge.

• Pioneered initial Sarbanes-Oxley project plans and identified internal control objectives for Section 404. Coordinated efforts with both internal and external auditors beginning compliance efforts before formal guidance was released.
• Led an inter-departmental LeanSigma process improvement initiative, which lead to improvements in quality of service, a reduction in maintenance hours by 30%, translating to soft cost savings of $15,000 a month.
• Authored a Security Incident Response Plan for IT. 
• Performed a high level enterprise risk assessment and presented findings to IT management.

• Identified security risks to the Internal Audit Department and they invited me to become an intern and serve as a Information Security Advisor to the Senior Auditor to assist in creation of the work plan and baseline standards for the University's first campus-wide security audit.
• Conducted interviews and walkthroughs with campus information technology process owners.

• After being laid off due to state budget cuts, I created a web marketing and web based process improvement group where I designed and developed product and service offerings, developed client relationships, negotiated terms, sold contracts on products and services prior to establishing a proven track record on that service offering to clients up to $13M in annual revenue, managed up to 4 students, delivered projects on-time with high client satisfaction.
• Established a value-driven bill rate which averaged over $100 an hour.
• Earned a client's business over all the web development firms in the state, including a competitor with over 40 employees who bid 40% less than our professional fees.
• Designed and managed the web marketing and process improvement project (previous bullet) where we delivered a web site: ranked by Google in the top 10 listings for the client's preferred search terms, containing a full content management back-end so the technically challenged can administer the site, providing fully paperless processes, demonstrating a significant increase in web traffic, and providing a fully paperless back office automation system complete with time logging and inventory tracking.

• Hired as a freshman to fill a position vacated by a CS masters program graduate.
• Conducted a departmental IT gap assessment, designed an IT infrastructure, obtained budget approval, implemented servers (file, print, web, firewall), UPS and backup devices. Served as the systems and security administrator for the systems, which housed over 50 million dollars worth of research data.
• Increased efficiency by 50% by converting the procurement process from paper to an ASP web-based system.

• Worked directly for Alan Paller, the President, where I managed a database containing over 100,000 members, developed the NS 99 conference CD, and reviewed conference thought leadership submissions for technical accuracy.

• Obtained an internship which turned into part-time employment my sophomore year in high school where I convinced the President of a successful IT services company to hire me as a Web Developer, which turned into a Network Administrator position.
• Wired an office building with CAT5 network cable.
• Conducted internal vulnerability assessments, presented action plans, and patched vulnerabilities.
• Set up, deployed, and fixed Windows NT workstation both internally and at client sites.