**** ********* ***** **, *********, MD *****;
Cell phone number: 240-***-****
Email: ac6yix@r.postjobfree.com
Permanent U.S. resident well versed in C, C++, Microsoft Windows, Unix, Linux, VB, VC SharePoint, AD; Strong knowledge of SOX, NIST Cybersecurity framework, NIST FIPS, PS standards and guidelines, Risk assess management; Strong PC skills including MicroSoft Office (Word and Excel), Mac office(Pages, Keynotes, Numbers); Strong Project management skill and experiences of managing teams with over 15 staff. 07/2017 – Now IT Compliance Analyst, Maryland Courts [Annapolis, MD]
• In charge of Maryland Courts Security Awareness Training Project for state-wide courts;
• Core team member of Judiciary IT Risk Management
• Coordinator between Internal/External Auditor and JIS technical personnel to support IT audit
• Update JIS information security policy based on NIST cybersecurity framework V1.1 and DoIT Cybersecurity policy
• Provide compliance requirement and analysis for executive management, project team based on federal and state, Judiciary security guideline
• Conduct Judiciary IT compliance and security tasks
• Perform SOC 2 report review
01/2015 – 07/2015 IT Support Manager, Lenovo [Shenzhen, China]
• Led the projects to integrate legacy systems, Datacenter, Infra and Voice etc after IBM X86 server acquisition by Lenovo;
• Supervised the team at Lenovo Integrated Supply Chain Center to provide IT technical support including Datacenter and infrastructure management as well as network, servers and IT supports to users on a global basis;
• In charge of IT Shenzhen team budge
• Interfaced on a daily basis with Lenovo and IBM IT teams to timely identify, resolve and track IT issues in operation and manufacturing software applications. 07/2010 – 12/2014 IT Security Specialist to IT Support Manager, IBM [Shenzhen]
• Worked closely with other Internal Control Team, BA analysts, Operation Team, and IT Specialists during all phases of Pricing Management System development, Operator Management system, ITSM, HR system transition;
• Ensure documented processes and procedures are followed and compliance with IBM Haihua Jiang
Core Qualifications
Experiences
standard and policy requirement, and responsible for appropriate artifacts are maintained.
• Worked to develop and update detailed system requirement specification documents, devise testing, document test plans/scripts, perform system testing, support user acceptance testing and help prepare security documentation.
• Reported to IBM Shenzhen CIO on peer review, Application audit, high priority issues during the operational supports
• Provided overall user support including laptop and printer support, development support;
• Reviewed and optimized IT governance process, monitor and enhance process execution;
• Supported IBM external/internal audit and review 03/2008 – 07/2010 IT Auditor, Vanke Co., Ltd, [Shenzhen]
• Constructed Vanke’s Corporate internal control system; Developed IT internal process, evaluation and self-assessment module;
• Worked directly with external auditor (PwC) in terms of internal control and IT audits 07/2003 – 03/2008 IT Engineer, China Life Insurance Co. Ltd. [Shenzhen]
• Led the team to build SOX 404 IT internal control system after China Life Insurance became listed on NYXE and HKSE;
• Conducted internal audits on SOX 404 compliances in other subsidiaries and branches;
• Conducted network management, upgrade and maintenance Cisco 6509/4500/2500 as well as server/system management and maintenance for Linux/Unix/AIX; and
• Provided maintenance and troubleshooting for Informix database administrator. CISA (2009, inactivation, working on renewal in 2018) CFA Level 1
09/2000 – 07/2003 Central South University, Master in Computer Science 09/1996 – 07/2000 JiNan University,Bachelor in Computer Science Education/Certification