Kieron Pocknell
Tel. 602-***-****
Cell 602-***-****
e-mail: abinmy@r.postjobfree.com
PROFESSIONAL SUMMARY
I have over 17 years Information Technology international (U.S., U.K. and
Japan) experience, currently specializing in the IT Audit and Compliance
process. In my current role as Head of Compliance I have managed,
successfully, multiple PKI, PCI and SOX audit projects. Certified in CobIT
4. Introduced identity management system in to company. I am an
accomplished Project Manager/Business Analyst and extremely well versed in
the design and production of the full life cycle of IT technology. I have
extensive experience at the executive, IT auditing and customer service
advisory and practical levels in IT, technology, engineering and project
management. I have excellent oral and written communication skills at all
levels of the organization & totally competent in front of both large and
small audiences at all levels. I regularly establish a good rapport with
stakeholders (whilst suitably discreet) and this has been evidenced by
repeat business over several years in consultancy. In addition I am a
strong team player both seeking and offering new ideas and mentoring other
members of the team. I have an eye to detail and a commitment to getting
the job done, always going the extra mile
EDUCATION
B.S., 1st Class Honors in Electrical & Electronic Engineering specializing
in computers at City University, London 1972
Post graduate research in operating systems and mathematical analysis.
High School Diploma with a 4.0 GPA equivalent.
PROFESSIONAL EXPERIENCE
Go Daddy Software, Inc.
Scottsdale, AZ April 2007 - to date
Head of Compliance and IT Infrastructure Audit
. Successfully completed multiple PKI (Webtrust) audits on a yearly
basis
. Defined, introduced and refined identity management system using role
based access integrated across HR and user administration
. Successfully completed multiple PCI audits on a yearly basis
. Successfully completed multiple IT Financial audits on a yearly basis
. Prepared data centers for SAS-70 audit after carrying out an
assessment of current state and successfully completed audit.
. Designed IT security policy
. Worked within the CobIT 4 framework
. Prepared documentation for SOX audit - advised financial department on
construction of narratives and policies/procedures
. Designed and implemented a comprehensive regular audit procedure
ensuring that all departments were audited on a 3-month rolling basis
to be ready for each annual PKI and PCI audit.
. Managed a team of auditors and financial analysts. Monitored
compliance and best value for money relating to contracts and
licensing.
. Carried out regular (monthly) audits of software licensing to ensure
compliance
Control Solutions International
San Diego, CA Sept 2006 - April
2007
IT manager
. Managed a team of consultants carrying out Sarbanes-Oxley ITGC reviews
for clients including logical access, segregation of duties, physical
security, review and monitoring of firewalls and IDS.
. Planned and supervised all phases of SOX audit. This included scoping,
risk assessment, work plan and audit program development and ensured
that all documentation was completed and signed off by the appropriate
Supervisors.
. Mapping of Cobit 3 and Cobit 4 controls.
. Experience with the creation and issuance of all audit reports.
. Performed effectiveness testing and operational testing that met all of
ITCG IT internal control for the SOX compliance.
. Responsible for providing professional communication of audit findings
(both written and verbal).
. Supervised the data extractions, analysis, and security reviews
utilizing various analytical and security tools including NMAP, Core
Impact, Look@LAN, Metasploit, Nessus.
. Reviewed new system developments of various enterprise wide business
applications and other critical business applications, including
designing audits of the new systems.
. Responsible for supervising general and specific control reviews on a
wide variety of platforms and networks, including UNIX, AS/400, Windows
NT/2000, and Internet/Intranet servers and devices
. Performed special assignments and other duties as requested by the Audit
Committee and company management.
Wells Fargo Bank,
Phoenix, AZ July 2006 - Sept
2006
Contract IT auditor
. Sarbanes-Oxley design and testing of both ITGC and business processes.
. Planned and supervised all phases of SOX audit. This included the
planning, work plan and audit program development and ensured that all
documentation was completed and signed off by the appropriate
Supervisors.
. Experience with the creation and issuance of all audit reports
. Performed effectiveness testing and operational testing that met all of
ITCG IT internal control for the SOX compliance.
. Responsible for providing professional communication of audit findings
(both written and verbal).
GR Consulting
Philadelphia, PA January 2006 - July 2006
Senior IT Auditor
. International Sarbanes-Oxley assignment with client working in Canada,
U.K., U.S, Brazil, India and China.
. Solely responsible for the following activities at 3 sites in the
U.K.:
o Production of flowcharts and narratives, policies and
procedures.
o Design & production of design effectiveness (DE) plans.
o Design & production of test plans (Operational Effectiveness
[OE]) leading to...
o Full-scale evaluation and testing of key controls, remediation
and re-testing.
. Thorough knowledge of IT auditing techniques and IT audit tools.
. Knowledgeable with working with new business processes, auditing
principles, business controls, internal controls and system controls.
Jefferson Wells International, Phoenix, AZ April 2005 - January 2006
Technology Risk Management Consultant
. Sarbanes-Oxley general computer controls consultancy work, with
financial, manufacturing and realty clients in California, Pittsburg
and Phoenix, analyzing current systems, advising on and carrying out
remedial work to meet Cobit and Coso standards, production of Design
Effectiveness (DE) and Operational Effectiveness (OE) documentation
and testing of SOx projects, liaising with external SOx auditors.
. Carried out structured systems analysis to determine conformity with
current industry best practice.
. Advised on and designed software & systems development life cycle
standards.
. Analyzed Help Desk facilities and advised on remedial work to conform
with SOX standards.
. Evaluated physical access controls on data centers and advised on
corrective actions where appropriate.
. Advised clients on all aspects of systems access security including
physical and logical.
. Up-front interface with clients on a daily basis at CIO and CEO
levels.
Allied Systems International, Inc., Phoenix, AZ 1992-March
2005
Consultant
. Designed, developed and project managed an entire migratory
replacement computer local area network system at 4 sites in Japan.
System included database server, applications server, MS Exchange
Server, work stations and MS Office software suite as well as the
network infrastructure.
. Advised on both short and long-term plans for the deployment of new
technology including communications facilities.
. Worked with clients to provide secure access control techniques to
computer facilities.
. Advised on the use of password controls, physical access control of
servers, server room environmental control, and intrusion detection.
. Advised on risk management and developed & implemented several IT
Business Continuity Plans (including off-site data storage and
processing facilities) successfully testing their integrity.
. Compiled Requests for Proposals and negotiated with contractors
leading to the evaluation of those proposals to determine value for
money and technical compliance.
. Provided advice regarding secure networked systems for storage of
confidential data.
. Proposed the introduction and implementation of new technology to
integrate and share the data facilities of client departments.
. Managed Internet and Intranet services maintaining, adding and
developing facilities.
. Project managed the installation of a secure & confidential X-400/SMTP
MS Exchange e-mail system.
. Proposed the development and subsequently designed a training needs
database to analyze staff training requirements.
. Managed multiple staff members and coordinated the facilities of
several customer sites.
. Managed Information Systems teams for more than 10 years supporting MS
servers (including Windows 2000, SQL Server and Active Directory),
LANs.
. Managed client Help Desks including user training and trouble shooting
with emphasis on customer service and 24x7 support.
. Installed operating systems and software and established software
policies.
. Reduced maintenance time and ensured that staff had up-to-date and
accurate information by designing and project managing a relational
database-based client contact system.
. Designed an on-line system to provide access to accurate patient
records and patients with quicker responses for a major healthcare
company in Phoenix, AZ.
. Provided design, installation and supports services to Western
Behavioral Centers in Phoenix.
. Designed and installed a video conferencing system using the very
latest technology.
. Saved three staff by leading the design of a centralized storage
system for corporate data utilizing a relational database.
Other experience
Worked with the Central Computer and Telecommunications Agency in London,
England managing large government projects in both local and national
government.
Project managed, using Prince methodologies, including liaising and
managing contractors.
Project managed the implementation of a large 1,500 user computer system
employing a Codasyl database system completing project on schedule and
within $40M budget.
Successfully project managed the implementation of a large government
computer payroll system.
Worked in a manufacturing environment for several years.
Successfully project managed an on-line transaction processing unemployment
benefits system.
Recruited, trained and developed staff as project requirements
necessitated.
Implemented an X-25 network providing a high speed link between two
computer centers.
PROFESSIONAL DEVELOPMENT
Attended advanced courses in:
Staff Management
Project Management
Relational Database Management
Structured Systems Analysis & Design
Programming
Software and Operating Systems
Interpersonal Communications Skills.
Member of several IT and management user forums
TECHNICAL KNOWLEDGE AND SKILLS
IT security, disaster recovery, business continuity plans, system analysis,
remediation,
Prince2 project management techniques
Software: Citrix, MS Project, MS Office products including Word, Excel,
PowerPoint, Access (programming), Publisher, Visio, Project Manager, Adobe
Photoshop, Adobe Illustrator, Paint Shop Pro, Outlook, Outlook Express,
Firefox.
Utilities: Data security (e.g. Backup Exec, Stomp), anti-virus software
(McAfee, Symantec, Grisoft) and many others.
Programming: C, FORTRAN, COBOL, Access
Languages: Basic Japanese (and learning Spanish)
Operating systems: MS Windows XP, 98, Windows NT & 2003 including Active
Directory, MS Exchange Server, UNIX/Linux, Internet Information Server
(IIS), MS SQL Administration.
Design, installation and support of LANs using MS Windows based PCs &
servers and Novell products.
Hardware and software network analysis tools.
Infrastructure design including copper and 100Base fiber cabling, routers
and hubs
Networking and troubleshooting LANs (TCP/IP, NETBEUI, IPX/SPX, LAN, WAN, X-
400, Wireless access, VPN, DHCP, DNS, WINS, SMTP, ADSL) Remote access using
RAS.
Video conferencing and VoIP (SIP).
Telecommunications Including telephony and modems.
Hardware design and assembly including servers, RAID5 disk arrays, DLT &
DAT tapes and PCs.