BARRY L. WILLIAMS, MBA, CISA, CISSP, CGEIT, QSA
**** ***** ****** *********: 618-***-**** (cell)
Alton, IL 62002 email: abm5yu@r.postjobfree.com
QUALIFICATIONS
An analytical, resourceful and results-oriented professional with 20+ years experience including:
• IT auditing • Budget administration • Data center operations
• Operational auditing • IT management • Business continuity planning
• Strategic planning • Business analysis • Project management
PROFESSIONAL EXPERIENCE
W ILLIAMS TECHNOLOGY AUDIT SERVICES, LLC – St. Louis, MO / Alton, IL 2009 - Present
Williams Technology Audit Services performs audits and security reviews of networks, operating
systems, applications, databases and data center procedures, to ensure appropriate security and
controls are in place. We specialize in Sarbanes-Oxley compliance, IT risk assessments, and the
audit of general IT controls.
JEFFERSON WELLS – Clayton, MO 2006 - 2009
Jefferson Wells delivers professional services in the areas of internal audit, technology risk
management, tax, and finance and accounting. Serving clients, including more than half the
Fortune 500, through highly experienced, salaried professionals working from offices across North
America and Europe.
Professional, Technology Risk Management
Mapped current state processes related to a Customer Information System (CIS) and
recommended process improvements, resulting in a set of future state processes for a large
electric cooperative. Developed functional requirements for a new CIS system.
Performed an ISO 27001 IT Audit and review of the existing information security control
environment for a marketing services company.
Performed external network vulnerability assessments for a financial services company and a large
health care facility. Used open source and commercial vulnerability assessment software to
identify vulnerabilities. Provided recommendations to mitigate risk where appropriate.
Performed a cross-application Segregation of Duties (SOD) review across multiple business
processes for a large manufacturing company. Identified potential SOD conflicts for Purchase-to-
Pay, HR and Payroll, Production, and Financial Reporting, end-to-end business processes.
Developed and implemented procedures for remediation and annual testing for SOD conflicts.
2005 – 2006
MAGELLAN HEALTH SERVICES – Maryland Heights, MO
The nation's leading behavioral health and employee assistance company, offering a
comprehensive, integrated suite of products, including behavioral care management, condition
care management, and employee assistance and work/life programs.
Manager, IT Audit – Internal Audit Department
Designed and implemented a SOX 404 documentation and testing methodology for general IT and
other related controls. Supervised, trained and motivated other internal auditors. Worked closely
with upper and middle management to ensure timely remediation of noted deficiencies. Performed
audits of networks, operating systems, application interfaces and data center procedures. Helped
the company successfully comply with SOX, HIPAA and other regulatory requirements.
ARGOSY GAMING COMPANY – Alton, IL 2003 – 2005
BARRY L. WILLIAMS Page 2
Fifth largest gaming company in the United States. The company operates six riverboat casinos on
the Ohio, Mississippi, and Missouri rivers, at Alton, Illinois (serving St. Louis); Riverside, Missouri
(serving Kansas City); Sioux City, Iowa; Lawrenceburg, Indiana (near Cincinnati); and Joliet, Illinois
(serving Chicago).
Manager, IT Audit – Internal Audit Department
Directed the auditing of the casinos’ financial and operational information systems. Identified
problems and improvement opportunities. Presented findings and recommendations to senior
management. Assisted management in identifying and documenting key controls for Sarbanes-
Oxley requirements. Implemented a SOX 404 testing strategy for general IT and other controls.
Tested and documented above controls resulting in a favorable opinion from outside auditors.
FURNITURE BRANDS INTERNATIONAL – Clayton, MO 2000 – 2003
America’s largest home furniture manufacturer with over $2 billion in sales, owning and operating
the Broyhill, Lane, Thomasville, Henredon, Drexel Heritage and Maitland Smith furniture
companies.
Sr. Information Systems Auditor – Internal Audit Department
Lead and conduct audits of the operating companies’ information systems. Identified problems and
improvement opportunities. Presented findings and recommendations to senior management.
Completed projects include reviews of:
• RACF mainframe security
• SAP Basis
• Oracle database security
• AS/400 computer systems
• Local Area Networks and operating systems
Netware 5.1
NT and Windows 2000
• UNIX
• Internet and Web security
• EDI
• Data Center operations
• Disaster Recovery testing and procedures
AMEREN CORPORATION – St. Louis, MO 1984-2000
$3.3 billion energy services company that distributes electricity to 1.5 million customers (more than
90% of revenues) and natural gas to 300,000 in Missouri and Illinois.
Information Systems Auditor - Internal Audit Department (1997-2000)
Conducted post-implementation reviews of capital improvement projects to determine if proposed
benefits were achieved. Audited implementation of new IT applications and performed data security
reviews of Mainframe, LAN, and UNIX environments.
• Audited new client-server Customer Information and Billing System during and after conversion
from legacy system. Compared system performance with design specifications, identified
system shortcomings and recommended areas for improvement.
• Conducted a comprehensive data security review of Mainframe, LAN/WAN and UNIX
environments in conjunction with PricewaterhouseCoopers.
• Co-directed Ameren's Y2K program management team. Coordinated, monitored and reported
to senior management on the activities of 31 functional teams totaling 500+ people company-
wide who conducted assessments of hardware and software, identified critical projects,
developed timelines and budgets for completion and performed remedial work.
Supervisor - Data Operations (1988-1997)
BARRY L. WILLIAMS Page 3
Supervised, trained, motivated and evaluated up to 12 employees involved in computer operations,
data entry, scheduling, batch processing, and equipment/systems trouble-shooting. Identified new
technologies and recommended hardware and software acquisitions. Developed and administered
a $5 million annual budget as well as five-year strategic plan.
Computer Operator (1984-1988)
Operated mainframe and peripheral equipment including high-speed printers and microfiche
processors. Monitored on-line systems and performed help-desk functions. Satisfied user requests
for special production runs. Diagnosed equipment problems and maintained incident logs.
EDUCATION
Master in Business Administration, 1993
Southern Illinois University at Edwardsville – Edwardsville, IL
BA Business Administration, 1983
University of Missouri at St. Louis – St. Louis, MO
CERTIFICATIONS
Certified Information Systems Auditor (CISA)
Certified Information Systems Security Professional (CISSP)
Certified in the Governance of Enterprise IT (CGEIT)
Qualified Security Assessor (QSA)
ITIL - Foundation Certificate in IT Service Management V2