LEONTINE M. LAND, CISA, CISSP

*** ***** ******** ***** - #***

Chicago, IL 60605 - 2009

Home: 312-***-****; Cell: 312-***-****

E-mail: abhhhc@r.postjobfree.com

SUMMARY

Experienced information security specialist and IT auditor. Informed,

trained, and sensitized associates on information security and data privacy

requirements and performed audits to ensure compliance in related areas.

Responsibilities included partnering with users and senior management to

determine business needs and deliver business solutions. Excellent project

management experience in ensuring corporate initiatives and projects are

completed within required timeframes. Fluent in Spanish and German

languages.

TECHNICAL SKILLS

Hardware Platforms - Large mainframe, mid-range, and client server

platforms

Operating Systems - Windows, Linux/Unix, OS/400, MVS, TSO/ISPF,

JCL, Novell NetWare

Applications - Microsoft Word, Access, Excel, and PowerPoint;

Visio 4.0, mainframe and client

server application systems

Audit Tools - ACL and Easytrieve Plus programming language

Audit Areas - Departments, Application Control, Change Management,

Client Server Technology, Data Center,

Data Security, LAN Security, Network Security, System

Software, System Development Life Cycle, Business

Recovery/Contingency Planning, SAP, SAS70, and

Sarbanes-Oxley

Security - ACF2, Top Secret, Cobit, BS 7799, ITSEC,

Secude, OSI, TCP/IP, FTP, Telnet, HTTPS, SSH,

IPSec, SSL, IDS,

IPS, VPN, S/MIME, PIX and ASA firewalls

CAREER HISTORY

Federal Home Loan Bank of Chicago, Chicago, IL

IT Governance Risk and Compliance Specialist

(2009-2010)

. Performed extensive work updating the Bank's Business Continuity Plan and

analyzing the Plan's compliance with FHFA and FFIEC regulations.

. Assisted with the review of software licensing for applications used by

the Bank to identify process improvement and expense reduction measures.

IT Training, Independent Study, and Community Service

(2007-2009)

. Pursued formal training toward the CCNA and CCSP certifications; obtained

knowledge and skills required to install, configure, operate, and

troubleshoot networks and secure and manage VPNs, firewalls, and

intrusion prevention systems.

. Attended seminars and performed research on data privacy, SOX, auditing

databases, PCI DSS, IT project management, e-commerce/e-business, Open

Web Application Security Project (OWASP), code review, XSS, HIPAA, Gramm

Leach Bliley, NIST, SANS, ISO 27001.

Robert Bosch LLC, Broadview, IL

Regional Data Security Officer/Data Security Manager

(2000-2007)

. Installed the information security (IS) and data privacy (DP) program in

more than fifty (50) sites in North America and was responsible for the

overall coordination of all IS and DP matters in the region; trained site

coordinators in their IS and DP responsibilities.

LEONTINE M. LAND

Page 2 of 2

. Finalized the Corporate Computer Usage Policy prior to issuance by senior

management.

. Performed IS and DP audits in departments, including assessing their

security levels and recommending safeguards to management; audited ten

(10) data centers.

. Conducted quarterly security reviews of seven (7) SAP systems, including

partnering with KPMG as SAP Security Officer to keep abreast of the state

of security in the systems.

. Developed a comprehensive e-mail encryption rollout plan to disseminate

ITSEC throughout North America.

. Conducted a Security Awareness Campaign to sensitize associates to

security and related requirements.

. Conducted a workshop in Europe on auditing to associates of the

International Data Security Officer Forum.

Chicago Title and Trust Company, Chicago, IL

Information Systems Audit Officer

(1999-2000)

. Developed and implemented audit objectives, organized and analyzed audit

data, reported audit findings, and made recommendations to management;

assisted external auditors with the review of the corporation's multi-

million dollar technology initiative to allow customers to order, track,

and receive credit, flood, appraisal, title, escrow, and closing products

and services through an interconnected network of interfacing systems;

developed the firewall, UNIX, application, and change control audit

programs for the review.

Bally Total Fitness Corporation, Chicago, IL

EDP Auditor

(1998-1999)

. Developed and implemented audit objectives, organized and analyzed audit

data, reported audit findings, and made recommendations to management;

assisted external auditors with year-end general controls review of the

AS/400 and analysis of corporate data using ACL software.

AuditForce, Inc., Chicago, IL

Information Technology Auditor

(1997-1998)

. Developed audit programs and implemented application, security, general

controls, and data communications and networking reviews for clients of

utilities, banking, insurance, and manufacturing industries.

Loyola University Chicago (Loyola University Medical Center), Maywood, IL

Information Systems Auditor

(1990-1997)

. Planned, developed, and implemented audit objectives; organized and

analyzed audit data; reported audit findings; and made recommendations to

management; conducted ACF2 and MVS audits and joint CICS audit with

external auditors.

. Provided support to the internal auditing department in developing and

maintaining computer assisted audit programs for use in general ledger,

financial aid, housing, statistical sampling, ad hoc reporting and year-

end procedures for external auditors. Programs were written in

Easytrieve Plus and Panaudit Plus programming languages. Also developed

and maintained the department's inventory of computer programs.

EDUCATION & CERTIFICATIONS

. Certified Information Systems Security Professional (CISSP) designation

. Certified Information Systems Auditor (CISA) designation

. Past board member of the Information Systems Audit and Control

Association

. M.S., Computer Science, DePaul University, Chicago, Illinois

. B.S., Mathematics, University of Illinois, Chicago, Illinois

Contact this candidate