Management Manager

BARRY L. WILLIAMS, MBA, CISA, CISSP, CGEIT, QSA

**** ***** ****** *********: 618-***-**** (cell)

Alton, IL 62002 email: abm5yu@r.postjobfree.com

QUALIFICATIONS

An analytical, resourceful and results-oriented professional with 20+ years experience including:

• IT auditing • Budget administration • Data center operations

• Operational auditing • IT management • Business continuity planning

• Strategic planning • Business analysis • Project management

PROFESSIONAL EXPERIENCE

W ILLIAMS TECHNOLOGY AUDIT SERVICES, LLC – St. Louis, MO / Alton, IL 2009 - Present

Williams Technology Audit Services performs audits and security reviews of networks, operating

systems, applications, databases and data center procedures, to ensure appropriate security and

controls are in place. We specialize in Sarbanes-Oxley compliance, IT risk assessments, and the

audit of general IT controls.

JEFFERSON WELLS – Clayton, MO 2006 - 2009

Jefferson Wells delivers professional services in the areas of internal audit, technology risk

management, tax, and finance and accounting. Serving clients, including more than half the

Fortune 500, through highly experienced, salaried professionals working from offices across North

America and Europe.

Professional, Technology Risk Management

Mapped current state processes related to a Customer Information System (CIS) and

recommended process improvements, resulting in a set of future state processes for a large

electric cooperative. Developed functional requirements for a new CIS system.

Performed an ISO 27001 IT Audit and review of the existing information security control

environment for a marketing services company.

Performed external network vulnerability assessments for a financial services company and a large

health care facility. Used open source and commercial vulnerability assessment software to

identify vulnerabilities. Provided recommendations to mitigate risk where appropriate.

Performed a cross-application Segregation of Duties (SOD) review across multiple business

processes for a large manufacturing company. Identified potential SOD conflicts for Purchase-to-

Pay, HR and Payroll, Production, and Financial Reporting, end-to-end business processes.

Developed and implemented procedures for remediation and annual testing for SOD conflicts.

2005 – 2006

MAGELLAN HEALTH SERVICES – Maryland Heights, MO

The nation's leading behavioral health and employee assistance company, offering a

comprehensive, integrated suite of products, including behavioral care management, condition

care management, and employee assistance and work/life programs.

Manager, IT Audit – Internal Audit Department

Designed and implemented a SOX 404 documentation and testing methodology for general IT and

other related controls. Supervised, trained and motivated other internal auditors. Worked closely

with upper and middle management to ensure timely remediation of noted deficiencies. Performed

audits of networks, operating systems, application interfaces and data center procedures. Helped

the company successfully comply with SOX, HIPAA and other regulatory requirements.

ARGOSY GAMING COMPANY – Alton, IL 2003 – 2005

BARRY L. WILLIAMS Page 2

Fifth largest gaming company in the United States. The company operates six riverboat casinos on

the Ohio, Mississippi, and Missouri rivers, at Alton, Illinois (serving St. Louis); Riverside, Missouri

(serving Kansas City); Sioux City, Iowa; Lawrenceburg, Indiana (near Cincinnati); and Joliet, Illinois

(serving Chicago).

Manager, IT Audit – Internal Audit Department

Directed the auditing of the casinos’ financial and operational information systems. Identified

problems and improvement opportunities. Presented findings and recommendations to senior

management. Assisted management in identifying and documenting key controls for Sarbanes-

Oxley requirements. Implemented a SOX 404 testing strategy for general IT and other controls.

Tested and documented above controls resulting in a favorable opinion from outside auditors.

FURNITURE BRANDS INTERNATIONAL – Clayton, MO 2000 – 2003

America’s largest home furniture manufacturer with over $2 billion in sales, owning and operating

the Broyhill, Lane, Thomasville, Henredon, Drexel Heritage and Maitland Smith furniture

companies.

Sr. Information Systems Auditor – Internal Audit Department

Lead and conduct audits of the operating companies’ information systems. Identified problems and

improvement opportunities. Presented findings and recommendations to senior management.

Completed projects include reviews of:

• RACF mainframe security

• SAP Basis

• Oracle database security

• AS/400 computer systems

• Local Area Networks and operating systems

Netware 5.1

NT and Windows 2000

• UNIX

• Internet and Web security

• EDI

• Data Center operations

• Disaster Recovery testing and procedures

AMEREN CORPORATION – St. Louis, MO 1984-2000

$3.3 billion energy services company that distributes electricity to 1.5 million customers (more than

90% of revenues) and natural gas to 300,000 in Missouri and Illinois.

Information Systems Auditor - Internal Audit Department (1997-2000)

Conducted post-implementation reviews of capital improvement projects to determine if proposed

benefits were achieved. Audited implementation of new IT applications and performed data security

reviews of Mainframe, LAN, and UNIX environments.

• Audited new client-server Customer Information and Billing System during and after conversion

from legacy system. Compared system performance with design specifications, identified

system shortcomings and recommended areas for improvement.

• Conducted a comprehensive data security review of Mainframe, LAN/WAN and UNIX

environments in conjunction with PricewaterhouseCoopers.

• Co-directed Ameren's Y2K program management team. Coordinated, monitored and reported

to senior management on the activities of 31 functional teams totaling 500+ people company-

wide who conducted assessments of hardware and software, identified critical projects,

developed timelines and budgets for completion and performed remedial work.

Supervisor - Data Operations (1988-1997)

BARRY L. WILLIAMS Page 3

Supervised, trained, motivated and evaluated up to 12 employees involved in computer operations,

data entry, scheduling, batch processing, and equipment/systems trouble-shooting. Identified new

technologies and recommended hardware and software acquisitions. Developed and administered

a $5 million annual budget as well as five-year strategic plan.

Computer Operator (1984-1988)

Operated mainframe and peripheral equipment including high-speed printers and microfiche

processors. Monitored on-line systems and performed help-desk functions. Satisfied user requests

for special production runs. Diagnosed equipment problems and maintained incident logs.

EDUCATION

Master in Business Administration, 1993

Southern Illinois University at Edwardsville – Edwardsville, IL

BA Business Administration, 1983

University of Missouri at St. Louis – St. Louis, MO

CERTIFICATIONS

Certified Information Systems Auditor (CISA)

Certified Information Systems Security Professional (CISSP)

Certified in the Governance of Enterprise IT (CGEIT)

Qualified Security Assessor (QSA)

ITIL - Foundation Certificate in IT Service Management V2

Contact this candidate