LEONTINE M. LAND, CISA, CISSP
*** ***** ******** ***** - #***
Chicago, IL 60605 - 2009
Home: 312-***-****; Cell: 312-***-****
E-mail: abhhhc@r.postjobfree.com
SUMMARY
Experienced information security specialist and IT auditor. Informed,
trained, and sensitized associates on information security and data privacy
requirements and performed audits to ensure compliance in related areas.
Responsibilities included partnering with users and senior management to
determine business needs and deliver business solutions. Excellent project
management experience in ensuring corporate initiatives and projects are
completed within required timeframes. Fluent in Spanish and German
languages.
TECHNICAL SKILLS
Hardware Platforms - Large mainframe, mid-range, and client server
platforms
Operating Systems - Windows, Linux/Unix, OS/400, MVS, TSO/ISPF,
JCL, Novell NetWare
Applications - Microsoft Word, Access, Excel, and PowerPoint;
Visio 4.0, mainframe and client
server application systems
Audit Tools - ACL and Easytrieve Plus programming language
Audit Areas - Departments, Application Control, Change Management,
Client Server Technology, Data Center,
Data Security, LAN Security, Network Security, System
Software, System Development Life Cycle, Business
Recovery/Contingency Planning, SAP, SAS70, and
Sarbanes-Oxley
Security - ACF2, Top Secret, Cobit, BS 7799, ITSEC,
Secude, OSI, TCP/IP, FTP, Telnet, HTTPS, SSH,
IPSec, SSL, IDS,
IPS, VPN, S/MIME, PIX and ASA firewalls
CAREER HISTORY
Federal Home Loan Bank of Chicago, Chicago, IL
IT Governance Risk and Compliance Specialist
(2009-2010)
. Performed extensive work updating the Bank's Business Continuity Plan and
analyzing the Plan's compliance with FHFA and FFIEC regulations.
. Assisted with the review of software licensing for applications used by
the Bank to identify process improvement and expense reduction measures.
IT Training, Independent Study, and Community Service
(2007-2009)
. Pursued formal training toward the CCNA and CCSP certifications; obtained
knowledge and skills required to install, configure, operate, and
troubleshoot networks and secure and manage VPNs, firewalls, and
intrusion prevention systems.
. Attended seminars and performed research on data privacy, SOX, auditing
databases, PCI DSS, IT project management, e-commerce/e-business, Open
Web Application Security Project (OWASP), code review, XSS, HIPAA, Gramm
Leach Bliley, NIST, SANS, ISO 27001.
Robert Bosch LLC, Broadview, IL
Regional Data Security Officer/Data Security Manager
(2000-2007)
. Installed the information security (IS) and data privacy (DP) program in
more than fifty (50) sites in North America and was responsible for the
overall coordination of all IS and DP matters in the region; trained site
coordinators in their IS and DP responsibilities.
LEONTINE M. LAND
Page 2 of 2
. Finalized the Corporate Computer Usage Policy prior to issuance by senior
management.
. Performed IS and DP audits in departments, including assessing their
security levels and recommending safeguards to management; audited ten
(10) data centers.
. Conducted quarterly security reviews of seven (7) SAP systems, including
partnering with KPMG as SAP Security Officer to keep abreast of the state
of security in the systems.
. Developed a comprehensive e-mail encryption rollout plan to disseminate
ITSEC throughout North America.
. Conducted a Security Awareness Campaign to sensitize associates to
security and related requirements.
. Conducted a workshop in Europe on auditing to associates of the
International Data Security Officer Forum.
Chicago Title and Trust Company, Chicago, IL
Information Systems Audit Officer
(1999-2000)
. Developed and implemented audit objectives, organized and analyzed audit
data, reported audit findings, and made recommendations to management;
assisted external auditors with the review of the corporation's multi-
million dollar technology initiative to allow customers to order, track,
and receive credit, flood, appraisal, title, escrow, and closing products
and services through an interconnected network of interfacing systems;
developed the firewall, UNIX, application, and change control audit
programs for the review.
Bally Total Fitness Corporation, Chicago, IL
EDP Auditor
(1998-1999)
. Developed and implemented audit objectives, organized and analyzed audit
data, reported audit findings, and made recommendations to management;
assisted external auditors with year-end general controls review of the
AS/400 and analysis of corporate data using ACL software.
AuditForce, Inc., Chicago, IL
Information Technology Auditor
(1997-1998)
. Developed audit programs and implemented application, security, general
controls, and data communications and networking reviews for clients of
utilities, banking, insurance, and manufacturing industries.
Loyola University Chicago (Loyola University Medical Center), Maywood, IL
Information Systems Auditor
(1990-1997)
. Planned, developed, and implemented audit objectives; organized and
analyzed audit data; reported audit findings; and made recommendations to
management; conducted ACF2 and MVS audits and joint CICS audit with
external auditors.
. Provided support to the internal auditing department in developing and
maintaining computer assisted audit programs for use in general ledger,
financial aid, housing, statistical sampling, ad hoc reporting and year-
end procedures for external auditors. Programs were written in
Easytrieve Plus and Panaudit Plus programming languages. Also developed
and maintained the department's inventory of computer programs.
EDUCATION & CERTIFICATIONS
. Certified Information Systems Security Professional (CISSP) designation
. Certified Information Systems Auditor (CISA) designation
. Past board member of the Information Systems Audit and Control
Association
. M.S., Computer Science, DePaul University, Chicago, Illinois
. B.S., Mathematics, University of Illinois, Chicago, Illinois