Post Job Free
Sign in

Project Manager Management

Location:
Edmonton, AB, Canada
Posted:
October 30, 2013

Contact this candidate

Resume:

MONI MANIRUZZAMAN MBA, CRISC, CPM, CFS, CRMP, CICA

** ***** ***** **, *******, AB-T2K 5Y1

Mb: 403-***-****

E-Mail: ******@*****.***

PROFESSIONAL PROFILE:

Moni is an expert at business strategy and satisfying the business process owners’ needs in the areas of

Information Technology Audits, System Security Risk Management, Improvements and Software

Configuration Management. These processes are established and implemented using leading

methodologies (SOX 302/404, ISO 17799, ITIL, HIPPA, NIST, COSO, COBIT,GAAP, PCAOB, Six Sigma,

RUP, CMM, IEEE, ISO 9000, SEI, MSF).

EDUCATION & LANGUAGES:

Master of Business Administration (MBA), Global Technology Management, American College,

Washington, DC, USA – Mar’02 to May’04

Bachelor Degree, Information Technology, American Intercontinental University, Atlanta, GA, USA –

Jun’97 to Jan’01

Project Leadership Management Certification, Cornell University, Ithaca, New York, USA – Jan’12 to

Mar’13

Bachelor Degree, Science in Technology, Brozo Mohan College, Barisal, Bangladesh – Feb’92 to Jul’94

IS Programming Diploma, City College of Hong Kong, Hong Kong – Nov’94 to Jun’96

Mechanical Engineering Diploma, Barisal Polytechnic Institute, Bangladesh – Jun’88 to Dec’91

Language Ability: Bangla, Hindi, Urdu, & Basic Cantonese, Japanese, & Arabic

PROFESSIONAL CERTIFICATIONS:

CRISC – Certified in Risk and Information Security Control

CPM – Certified Project Manager

CFS – Certified Fraud Specialist

CRMP - Certified Risk Management Professional

CMP – Certified Management Professional

CCS - Certified Control Specialist

CICA – Certified Internal Controls Auditor

PMO – Certified Project Management Official

CLEARCASE – Certified Software Development Life Cycle Management tool by IBM

UCM – Unified Configuration Management

CISSP – Information Systems Security Professional – November’13 candidate

CISM – Certified Information Security Manager - Sitting in December’13

TECHNICAL SKILLS:

Operating Systems: Windows 7, Server 2003, HP-UNIX and Linux, Sun Solaris, RS6000/AIX, Sun Sparc 20,

AT&T3B2, DEC (VAX).

Hardware: IBM PC’s, Apple, AIX 3.2.5

Applications: MS Office 2010, MS project 2007, MS Visio 2010, FrontPage 2003, Visual Basic, Lotus Notes, Novell

Netware, Visio, Rational Rose, Citrix, Perl Scripting, Shell Scripting, LDAP, Quantify and Purify.

Languages: C, and C++, ASP, JSP, HTML, COBOL Programming, System Analysis, Design and Networks, Pascal,

Software Package.

Databases: Access 2010, Oracle 11g, Informix, Sybase, DB2, RDBMS, and SQL.

ERP Package: SAP 5.0, Lawson 9.0, Oracle.

SCM Tools: ClearCase/MultiSite 2.x, 3.x 4.x and 2002.05, Rational Enterprise 2001A.04

Data Mining tool: ACL 10.0, AX Core 3 server, SAS.

Methodologies: COBIT, ITIL, C-SOX/SOX, COSO, GRC (SAP, PROTIVITI, REUTERS) CMM, PCAOB, ISO 17799,

GAAP, RUP, SDLC, UCM, and UML.

PROFESSIONAL EXPERIENCE:

NAL Energy Corporation (Consulting position by Petrotech Inc), Calgary, Ab, Nov’12 – Present

(Energy, Oil and Gas wells support industry)

MONI MANIRUZZAMAN MBA, CRISC, CPM, CFS, CRMP, CICA 1

IT Risk Consultant

• Responsible for project based security risk assessments, project management, managing process

owner expectations, managing relationship with leaders of various department, and executing both

business and provided key project management supports for various regulatory and compliance

related tasks by continue improvement of NAL’s micro compliance projects.

• Led a diverse IT audit unit and executed detailed audit procedures including reviewing system

security logs, transactions, documents, records, reports, policies and procedures for accuracy and

effectiveness.

• Designed, developed, planned, and conducted IT General Controls and Application Controls testing

for SOX 404 & 302, SAS 70, Integrated Audit support to cross-functional teams with multiple

reporting relationships and broad advisory projects to decrease compliance costs by +95% (using a

top-down financial statement risk based approach and scoping relevant IT layers).

• Conducted improvement of projects (e.g. development of a project control and assessment

framework for system implementation projects, implementation of SAP GRC).

• Provided advisory support (e.g. application controls, segregation of duties development and

implementation of several IT projects).

• Met with department managers to discuss system requirements, costs and project timelines.

• Investigated potential fraud and abuse cases conducted by NAL employees, vendors, suppliers,

remote gas field administrators and Sales/Marketing team. Performed special assignments and

other duties as requested by board of directors and NAL executive management.

• Identified key factors for Physical/Logical Security risk assessment including PCI compliance

readiness, strategic advisory engagement, security audit review of virtualized wireless network,

single sign on application and system application implementation.

• Constantly transferred knowledge to co-consultants in the key risk management area of IT security

management, security process improvement, regulatory compliance issues, PCI compliance,

security architecture, and compliance practice.

• Responsible for planning, organizing, directing, and evaluating of information systems operations

and electronic data processing by various departments in NAL energy.

• Served as the main point of contact for business and IT process owners in the various NAL

locations, summarizing test results and coordinates with the Director of Enterprise Risk

Management and the Chief Information Officer to ensure effective IT risk management processes

are implemented across the enterprise.

StoneMor Partners, L.P. Levittown, Pa, Aug’05 – Oct’12

(Consumer Services Industry)

IT Audit

• Led the development of appropriate IT security risk profiles for annual risk management audit plan

appropriate for the industry based needs.

• Led audit planning, fieldwork, reporting meetings and was the subject matter expert (SME) in the

field of Information Security and IT auditing.

• Supervised the review of the daily Network Security log, CARLIB OS400 CM security log, Data

center visitor log, physical security log by utilizing CHKCHK utility for the Levittown corporate office

and high profile remote locations.

• Managed co-sourced security projects and contractor personnel for several advisory engagements

and ensured all engagement expectations were met on time, budgets and per policy guided by

executive management and as well as by the Board of Directors.

• Led the development of the Audit Command Language (ACL) application for clients and AX3

server, SAS, and several other data analytical tools to identify and prioritize security risks and

potential financial frauds across the enterprise.

• Responsible for performing integrated application reviews, pre and post-implementation reviews,

General Computer Control (GCC’s) reviews for home grown ERP applications (OS400 CARLIB)

physical and logical security reviews, Disaster Recovery (DR)/Business Continuity Plan (BCP)

plan, etc.

• Assisted software quality assurance team as well as change and release management under the

ITIL framework.

MONI MANIRUZZAMAN MBA, CRISC, CPM, CFS, CRMP, CICA 2

• Assisted the Internal Audit Director in overall departmental planning, budgeting, recruiting,

supervising computer analysts, engineers, programmers, technicians and other personnel for staff

development, coaching, and monitoring various departmental policy and procedures and as well as

system applications are in use across the company.

• Created, reviewed and revised IT Policies and Procedures including Network/Physical/Logical/end

user access security, Risk Control Matrix, Visio flow charts, Narratives, and audit request list to

ensure that company has adequate continues business operation, technology and system controls

to meet overall business objectives and customer needs.

• Recommended to executive management several ways to improve work place safety while not

undermining the cost, budget and time constraints.

Protiviti Inc, Philadelphia, Pa October 04 – August 05

(Risk Management and Advisory Consulting Industry)

Sr. IT Audit Consultant

(Clients Served for Protiviti Inc: AmerisourceBergen Corp, MBNA America Unisys Corp, Ulticom Corp,

Palatin Technologies, Auxilium Inc, Immunicom Corp, GRC Consulting, Home Depot Inc, Unilever,

FiberLink Corp, Lexington Inc, American Financial Realty Trust, EarthLink Inc, Malix IT, Radio Shack and

Viasys Healthcare Corp.)

• Created and tested IT General Computer Controls (GCC’s), IT Applications and developed all Test

Plans and testing the applications with SME’s and External Auditors KPMG, D&T, PWC and Ernst

& Young.

• Responsible for meeting with SME’s and interviewed them to document both the business and IT

processes.

• Developed the work flow documents and Visio docs, and identified risk and associated remediation

plans.

• Promoted Management training and communication of compliance requirements and acted as

control tester. Created observation reports for higher management and confirmed with the audit

committee member during ad-hoc meetings.

• Assisted with SOX training development for associate process owners and PM’s.

• Advised on internal and external Security audits and identified issues for security compliance to

remedy.

• Created and Maintained a Risk Control Matrix (RCM) during risk assessment for the IT PM’s,

Network engineers and IT support team for testing the appropriate controls.

• Ensured all IT issues, Network Management, network security risk and change management

processes were executed efficiently, effectively, and to the standards of the client.

Intel Corporation/Ebix Inc, Sacramento, Ca, Atlanta, Ga, Boston MA, January 01- October 04

(Semiconductors, Insurance/Banking Application Service Provider)

Sr. Risk Management Engineer - Compliances

• Guided Information Technology (IT) Application PM (Project Manager) to determine where KPMG &

PwC is in the Application control review process.

• Reviewed cycle application control documents, Including PwC and KPMG review comments from

walkthrough with SME’s.

• Ensured that PwC and KPMG comments were fully and properly incorporated into the final

application controls works.

• Evaluated test plans to determine if retesting needs based on the control changes made.

• Responsible for Testing IT General Controls, IT Applications and developed all Test Plans and

Tested the applications with SME’s and External Auditors KPMG and Ernst & Young

• Responsible for meeting with SME’s and interviewed them to document both the business and IT

processes.

Additional Professional Experience:

Software Process, Inc, Atlanta, Ga, June 98 – December 00

(Software Configuration Management (SCM) Services Provider)

IT Project Management Consultant

Crown Central Petroleum Co. Atlanta, Ga, and Baltimore, Ma, May 96 – June 98

MONI MANIRUZZAMAN MBA, CRISC, CPM, CFS, CRMP, CICA 3

(Oil and Energy Petroleum Service Company)

Area Manager Business Operations

Royal Data Mgmt Co., Ltd. Tokyo, Japan. Feb 96–April 96

(Food service Company)

Data Process Coordinator/Sales

Brytex Enterprise, Ltd. Kowloon, Hong Kong. Nov 94 – Jan 96

(Professional Technology Service Provider)

Junior Engineer

Nissan Motor Company. Dhaka, Bangladesh. Feb 92 - Nov 94

(Automobile Manufacturing Company)

Budget Engineer

MONI MANIRUZZAMAN MBA, CRISC, CPM, CFS, CRMP, CICA 4



Contact this candidate