Chief Information Security Officer Resumes in US-New Jersey: Carol

Chief Information Security Officer Resume - Click here to send us your resume

Contact Candidate

Name:

Carol

Location:

US-New Jersey

Experience:

Willing to Relocate:

Willing to Travel:

Most Recent Job Title:

Chief Information Security Officer

Personal Website:

Objective:

Award winning results-driven senior manager with multi-faceted information technology and operations experience. Expertise in software development methodologies, testing, information security, computer systems validation (CSV), business process controls engineering, regulatory compliance (SOX, HIPAA, FDA, etc.), information systems audit, change management, technology planning, risk management, project management, and systems quality assurance. Superior adaptive, analytical, creative, and problem-solving capabilities. Experience in both consumer and regulated industries.

Resume Text:

Let us help you find a job, submit your resume now.

Or visit our education page to learn about getting your degree online

.....Begin Resume Preview.....

& Johnson Health Care Systems Inc.
Chief Information Security Officer
Program Manager, Quality Assurance & Security
Developed strategic direction and operational processes for Software Quality Assurance, Operational Change Management, and Information Systems Security including the application systems development life cycle (SDLC) methodology, computerized systems validation (CSV), project management governance framework, regulatory compliance (FDA GxP, HIPPA, Sarbanes-Oxley, Privacy, DMCA) and audit programs. Developed and delivered training and support programs in all areas of responsibility and contributed directly to major strategic initiatives to ensure alignment of project goals with customer and regulatory requirements and business objectives.

•Managed and recruited a staff of IT professionals. Executed timely performance appraisals, consistent coaching and mentoring, staff development, training and work life balance resulting in 95% retention
•Instituted web-based reporting tool resulting in a decrease of print volume by 50% and annualized cost avoidance of $1.8 million
•Automated software and service access request process to a workflow enabled intranet-based system. Three additional J&J operating companies leveraged the application.
•Developed and implemented a comprehensive information security program that achieved CMM Level 3 and was identified as best in-class within J&J.
•Led IT SOX compliance and process remediation efforts to meet 404 attestation for a $19 billion revenue stream. Identified as a benchmark company by J&J Corporate Internal Audit.
•Established CSV program to support compliance with FDA GxP requirements in the implementation of Siebel Pharma for multiple Johnson & Johnson Medical Device & Diagnostics operating companies that was acclaimed as the best of breed within the MD&D Global Supply Chain.

1998 —2000 PricewaterhouseCoopers LLP
Senior Consultant, Operations and Systems Risk Management
Supervised staff level auditors on client engagements. Applied industry and PricewaterhouseCoopers best practice control objectives, including automated and manual controls gap analysis of change management processes and the appropriate level of segregation of duties. Developed and conducted training on proprietary testing tools and audit processes. Prepared illustrative data quality test plans and templates used on client engagements. Successfully completed SAP 4.5 Basis certification training, Mercator data conversion training and SAP Security and Controls training. Performed application security, change management processes and interface reviews for SAP ERP systems for Fortune 100 clients including:

•Warner Lambert
•Hoffman La Roche
•Johnson & Johnson
•Millennium Chemicals
•Applied Biosystems
•RMI Titanium
•Calgon Carbon
•Mine Safety Appliance
•Eastman Kodak
•Suburban Propane
•Pearson Publishing
•Pacific Gas & Electric
•Pratt & Whitney

1994 — 1998 United Parcel Service
Business Analyst
Conducted application reviews for international billing systems to define adaptive software maintenance requirements for foreign currency compliance. Collaborated with system users and development teams to outline design requirements, corrective maintenance and enhancements for future software releases. Coordinated change management/change control procedures throughout the design process.

Project Leader
Managed a team of eight webmasters developing an Intranet site for a global application support center that included FAQ's, on-line manuals and downloadable software links for application upgrades. Designed logos, reviewed content, led meetings and presented project status to executive management. Project innovations decreased training time for support technicians, lowered software deployment costs, lowered payroll costs and realized annual departmental savings of $10 million dollars.

Senior Technical Analyst
Managed a team of 16 helpdesk support technicians who deployed and supported proprietary applications on Windows NT, OS/2, UNIX, CICS, TSO/MVS, and Novell platforms. Implemented and maintained production support service level agreements for UPS’s largest facilities improving system reliability and availability from 75% to 95%. Authored troubleshooting documentation and conducted training courses for helpdesk support personnel. Implemented self-directed work teams and skills based routing support system.

Education
Masters of Science, Management Information Systems
New Jersey Institute of Technology, Newark, NJ

Bachelor of Science, Operations Management
New Jersey Institute of Technology, Newark, NJ

Professional Certifications, Awards & Affiliations

American Society of Quality (ASQ), Certified Quality Auditor
Computerworld Magazine Honoree, Premier 100 IT Leader 2005
Johnson & Johnson Standards of Leadership Award, Sarbanes-Oxley
Johnson & Johnson Standards of Leadership Award, Siebel Implementation
Judge, 10th Annual TechForum Best Practice Awards 2005: IT Compliance
Speaker at Security Forum 2004, May 20th, 2004, New York City: “You Are the Weakest Link: Common Failings of Security Practice”
Speaker at the Pharmaceutical Regulatory and Compliance Congress, November 14-17, 2004, Washington, D.C.: “Product Quality & Organizational Compliance”
Information Systems Security Association (ISSA), Member
Project Management Institute, Member