David M. Stolz abmfad@r.postjobfree.com
*** ***** ***** ************, ******* 30215 770-***-**** residence
678-***-**** cell
* ******* ************* / ** ******* / IT SOX Auditor
Supporting information technology environments with multiple locations,
providing management support in network operations, helpdesk, systems
support, project management, security and IT implementations, including
compliance (SOX 404 and ISO 9000). Utilized principles from from ITIL,
COBIT, ISO, PCI, etc to implement best practices. Soft skills include
dealing with all levels of user skills, at all levels of an organization.
Able to manage multiple projects and to communicate effectively. Core
competencies include:
. Business change partner. Moved corporate data centers at Cumulus Media
and Siemens while maintaining access to critical systems. The Siemens
move entailed 50+ servers and 300+ workstations. At Cumulus, generated
$1M yearly savings by eliminating underutilized circuits; also reduced
back office infrastructure by 75%. Consolidated email services providing
uniform access to all employees. Reduced costs of implementing new
business system by %80 using thin client technologies. Involved in the
full SOX life cycle: management's assessment, process narratives, IT
general controls, IT application controls, testing, and remediation and
implementing best practices. At GPS, reduced management exposure to
audit deficiencies by 80%.
. Customer Support. Maintained internal Siemens customer relations by
training and managing up to 12 technicians in a distributed corporate
helpdesk. Provided support for over 3500 accounts in up to 60 locations
at Cumulus.
2 Professional Experience
1 2005 - Present D.M. Stolz & Associates Fayetteville, Georgia
Serve as an IT compliance consultant; assisted management with their audit
preparation. Clients included:
1 Global Payments Atlanta, Georgia Multiple years
Global Payments (globalpaymentsinc.com) provides credit and debit card
processing, check authorization, and other functions for merchants and
financial institutions with earning of $1.2b.
. Performed change management, logical access and IT operations testing to
ensure adherence to established key controls.
. Fully involved in the full SOX life cycle: management's assessment,
process narratives, IT general controls, IT application controls,
testing, and remediation and implementing best practices.
. Created accurate process and control documentation by performing walk
through with process owners.
. Created and completed comprehensive test plan and all tests, covering
most of the domains of the COBIT framework.
. Tested effectiveness of IT controls, including accuracy of company
documentation, efficiency of IT operations, and effectiveness of change
control and problem tracking systems.
. Organized and maintained all related documentation; updated test plans as
necessary.
2 ChoicePoint Atlanta, Georgia
ChoicePoint (choicepoint.com) with earnings of $980M provides risk
management and fraud prevention information, primarily to the insurance
industry.
. Interviewed application owners and documented the applied security of any
SPII contained therein.
. This audit was based on ISO 17799 standards and was designed to assist
the company with their government mandated yearly audits.
3 Knology Atlanta, Georgia
Knology (knology.com) is a communications provider based in western Georgia
with annual sales of $347M.
. Wrote and implemented test scripts based on customer generated controls
in a SOX year one audit.
2 2000 - 2005 Cumulus Media Inc. Atlanta, Georgia
Cumulus Media (cumulus.com) is the #2 radio station ownership group in the
US (behind Clear Channel) with more than 300 owned or operated stations in
more than 60 mid-sized markets throughout the country with sales of $328m.
1 Manager, Network and Telecommunications
. Responsible for day-to-day management of corporate Windows 2000/2003/XP
LAN/WAN in an HP, DELL, CISCO environment..
. Responsible for user support for 3500 users. Duties included
responsibility for Circuit procurements, Network management and all
Network and Telecom related projects.
. Technical consultant to all remote office IT staff.
. Planned consolidation and moves of multiple corporate data centers into
one Atlanta area facility while maintaining access to critical systems.
An additional benefit was the $1M yearly savings from eliminating an
underutilized frame relay network.
. Introduced thin client technology through Citrix, Terminal services and a
Netilla SSL VPN appliance, reducing application rollout costs by 80%.
. Implemented new corporate Exchange 2000 mail system, later upgrading to
Exchange 2003. This change resulted in a 75% reduction of mail servers,
giving all users a common email system with multiple access methods.
. Moved Data Centers from Chicago and Milwaukee and Atlanta to new Atlanta
facility. Project encompassed 50 people and 10 servers - plus phone
system and over 100 data circuits. Completed project with no unscheduled
outages.
3 1986 - 2000 Siemens Electromechanical Components Inc. Peachtree
City, Georgia
Siemens Electromechanical Components made products used in the control,
distribution, and utilization of electricity.
1 Manager, Network and Telecommunications / Manager Network Systems
. Responsible for operations and support of all PC Servers and Unix
computers, including backup and restore, job scheduling and
modifications, job documentation, physical and environmental security,
and operations staffing.
. Managed up to 12 technicians in a distributed corporate helpdesk
environment.
. Planned and executed move of corporate data center from Indiana to
Atlanta area facility while maintaining access to critical systems.
. Elimination of three shifts of 24 hour coverage. Reduced Operations
Support staff by five full time employees as a result of the move.
. Moved Data Center from Princeton, Indiana to Peachtree City. Move
involved over 300 workstations 50+ servers with no unscheduled downtime.
. Managed Corporate wide phone system.
. Developed rollout plans for corporate wide desktop and server upgrades.
3 Education
M.S., Management Oakland City University Oakland City, Indiana
1998
B.S., Organizational Management Oakland City University Oakland
City, Indiana 1997
4 Additional Keywords
These are words and phrases within my experience and skill set, used here
to complete this document.
. Knowledge management: decision support, content management system,
document management, tacit, explicit, communities of practice,
communities of interest, taxonomy, change management, culture
. Knowledge systems: expert systems, data mining, neural networks, decision
trees, genetic algorithms, market basket
. Collaboration tools: web conferencing, webinar, podcast, forum,
discussion group, message board, bulletin board, instant messaging,
wikis, blogs, application sharing, file sharing, whiteboard, awareness,
text chat, video, audio, teleconference, VoIP, polls, surveys
. Project management: integration, scope, time, cost, quality, human
resources, communications, risk, procurement, work breakdown schedule,
critical path, metrics, service level agreement
. Security: information assurance, access control, firewall, anti-virus,
patch management, backup, encryption, public key infrastructure (PKI),
SSL, VPN, IPSEC.
. Software development lifecycle (SDLC): analysis, design, implementation,
testing, deployment, maintenance
. Network management: administer, install, maintain, upgrade, benchmark,
testing and tuning, troubleshoot
. Network architecture: topology, Internet, Intranet, Extranet, local area
network (LAN), wide area network (WAN), TCP/IP, 802.3, 802.11, copper,
fiber, wireless, mobile, remote access dial-up server (RADIUS), T1, DSL,
ISDN
. Hardware: desktop, laptop, blade, storage arrays, RAID, NAS, SAN, router,
switch, hub, firewalls
. Database: SQL, Oracle, Access,
. Servers: Windows, IIS, Exchange, DNS, Active Directory, DHCP, LDAP, Unix,
Linux, SQL, clustering, load balancing, Blackberry Enterprise server
. Client: Windows, XP, Word, Excel, PowerPoint, Project, Outlook, Visio,
Blackberry Devices
. Knowledge of: ERP, CRM, SCM, MIS, TPS, data warehousing, business
intelligence systems, disaster recovery
. Compliance: Sarbanes Oxley (SOX 404), ISO 9000, ISO 17799, COBIT, ITIL,
PCAOB, best practices, control objectives, management assertions