Manager Management
Resume:
BRUCE P. ZUKOWSKI *****.********@******.***
VALRICO, FLORIDA 33594 813-***-**** (CELL)
ACCOMPLISHMENTS
● ORGANIZED AND MATURED A FULL FUNCTION IT ORGANIZATION FOR A $10 BILLION DOLLAR BANK.
● DESIGNED AND MAINTAINED AN INFORMATION SECURITY PROGRAM COMPLIANT WITH GLBA AND OCC.
● EVALUATED SUPPLIER/VENDOR RISK AND IMPLEMENTED AN EFFECTIVE COMPLIANCE PROGRAM.
● ASSURED COMPLIANCE WITH INTERNAL & EXTERNAL AUDIT AND REGULATORY (SOX & PCI) REQUIREMENTS.
CITI BANK
SUPPLY RISK MANAGER
OCTOBER TO PRESENT
RESPONSIBLE FOR ONBOARDING NEW SUPPLIERS INCLUDING RISK EVALUATION, INFORMATION SECURITY ASSESSMENT,
CONTINUITY OF BUSINESS PLANS, INSURANCE COVERAGE AND REGULATORY COMPLIANCE. MAINTENANCE OF EXISTING
SUPPLIERS WHILE WORKING WITH BUSINESS RELATIONSHIP MANAGERS TO ENSURE THE ONGOING SUCCESS OF THE
RELATIONSHIP.DEVELOP EXIT STRATEGIES FOR SUPPLIERS THAT ARE NOT ACHIEVING SERVICE LEVEL GOALS OR OTHER
CITI BANK REQUIREMENTS. PREPARE MANAGEMENT PRESENTATIONS FOR BUSINESS UNITS SUMMARIZING SUPPLIER
PERFORMANCE.
INDEPENDENT INFORMATION SECURITY AND SUPPLIER/VENDOR RISK MANAGER
AUGUST 2013 TO PRESENT
RAYMOND JAMES BANK
INFORMATION SECURITY & RISK MANAGEMENT OFFICER
DECEMBER 2007 TO JULY 2013
USES EXTENSIVE FINANCIAL SERVICES INDUSTRY, IT KNOWLEDGE AND TECHNICAL SKILLS OBTAINED THROUGH EDUCATION
AND EXPERIENCE TO OVERSEE ALL ASPECTS OF RAYMOND JAMES BANK’S INFORMATION SECURITY PROGRAM. DIRECTS AND
PREPARES INFORMATION RISK MANAGEMENT PLANS, PROGRAMS AND RISK ASSESSMENTS TO ACCOMPLISH CORPORATE GOALS
AND OBJECTIVES. ESSENTIAL DUTIES AND RESPONSIBILITIES:
● PARTICIPATE IN IT STEERING COMMITTEE AND IMPLEMENT PLANS TO ACHIEVE STRATEGIC GOALS.
● PERFORM IDENTIFY AND ACCESS MANAGEMENT INCLUDING ASSOCIATE ONBOARDING, PERIODIC ACCESS REVIEWS
THROUGH TRANSFER/SEPARATION.
● DEVELOP AND MAINTAIN INFORMATION SECURITY RISK ASSESSMENT AND IMPLEMENT CORRECTIVE ACTIONS.
● ADMINISTER IBM MAINFRAME AND NETWORK APPLICATION SECURITY.
● NETWORK ADMINISTRATION AND DATA LOSS PREVENTION (DLP) SYSTEM SETUP AND MONITORING.
● DEVELOP AND MAINTAIN VENDOR MANAGEMENT RISK ASSESSMENT AND CONDUCT ONGOING DUE DILIGENCE.
● DEVELOP AND PERIODICALLY TEST BUSINESS CONTINUITY PLANS AND HARDWARE BACKUP FACILITY.
● NEGOTIATE AND ADMINISTER CONTRACTS AND SERVICE LEVEL AGREEMENTS (SLA) WITH VENDORS.
● PERFORM PROJECT MANAGEMENT ACTIVITIES FOR NEW SYSTEMS IMPLEMENTATIONS.
● IDENTIFY EMERGING INFORMATION TECHNOLOGIES TO BE TESTED AND INTEGRATED INTO THE ORGANIZATION.
● INTERFACE WITH INTERNAL/EXTERNAL AUDIT AS WELL AS OCC EXAMINERS TO ACHIEVE SATISFACTORY
RESULTS.
● ASSURE COMPLIANCE WITH SARBANES OXLEY, PCI AND FFIEC REQUIREMENTS.
● DEVELOP AND PRESENT QUARTERLY REPORTS TO EXECUTIVE MANAGEMENT AND THE BOARD OF DIRECTORS.
ACCUME PARTNERS
DIRECTOR OF INFORMATION TECHNOLOGY SERVICES
MAY 2000 TO DECEMBER 2007
ACCUME PARTNERS SPECIALIZED IN PROVIDING HIGH QUALITY INDEPENDENT INTERNAL AUDIT SERVICES SERVICES TO
CLIENTS IN THE FINANCIAL SERVICES, MANUFACTURING, DATA PROCESSING AND DISTRIBUTION INDUSTRIES. MY PRIMARY
RESPONSIBILITIES INCLUDED:
● BUSINESS DEVELOPMENT AND MAINTAINING RELATIONSHIPS WITH SENIOR CLIENT MANAGEMENT.
● PLANNING AND DELIVERY OF IT AUDIT AND ASSURANCE SERVICES FOR SARBANES OXLEY ACT COMPLIANCE.
● CONDUCTING IT RISK ASSESSMENTS TO ENSURE GLBA COMPLIANCE.
● SCHEDULING AND PERFORMANCE OF IT AUDITS AND SSAE 16 SERVICE ORGANIZATION REPORTS.
ARTHUR ANDERSEN LLP
SENIOR MANAGER
NOVEMBER 1994 TO MAY 2000
AS THE PRACTICE MANAGER FOR THE FLORIDA COMPUTER RISK MANAGEMENT (CRM) GROUP I HAD OVERALL
RESPONSIBILITY FOR THE MARKETING, PERFORMANCE, QUALITY CONTROL AND DELIVERY OF INFORMATION SYSTEMS
CONSULTING AND AUDIT SERVICES. MY SPECIFIC RESPONSIBILITY INCLUDED:
● FINANCIAL AUDIT AND CONTRACT IT AUDIT SUPPORT (APPLICATION AND GENERAL CONTROLS TESTING).
● INDEPENDENT SERVICE AUDITOR REVIEWS (NOW SSAE 16 ATTESTATION ENGAGEMENTS).
DELOITTE & TOUCHE LLP
SENIOR MANAGER
1987 TO NOVEMBER 1994
I JOINED DELOITTE, HASKINS & SELLS AS A SENIOR CONSULTANT RESPONSIBLE FOR GENERAL IT CONTROLS REVIEWS
WITH THE TAMPA OFFICES FINANCIAL AUDIT CLIENTS. I ADVANCED TO THE SENIOR MANAGER FOR THE D&T FLORIDA
PRACTICE SERVING TAMPA, MIAMI AND ORLANDO WITH A STAFF OF 20 IT AUDITORS. IN THIS CAPACITY I RECRUITED
COLLEGE AS WELL AS EXPERIENCED ASSOCIATES. MY GROUP PERFORMED IT AUDIT SERVICES BUT ESTABLISHED A
PRACTICE FOCUSED ON DELIVERING SAS 70 (NOW SSAE 16) ATTESTATION ENGAGEMENTS ACROSS THE FINANCIAL
SERVICES, DATA PROCESSING, DISTRIBUTION, PUBLISHING AND HEALTHCARE (MEDICARE & MEDICAID) INDUSTRIES.
UNITED STATES TREASURY
OFFICE OF THE COMPTROLLER OF THE CURRENCY
COMMISSIONED NATIONAL BANK EXAMINER – COMMERCIAL BANKING AND INFORMATION SERVICES
1977 TO 1987
RESPONSIBLE FOR THE EXAMINATION AND SUPERVISION OF REGIONAL AND COMMUNITY BANKS AND THEIR RELATED DATA
PROCESSING OPERATIONS. AREAS OF SPECIALIZATION: COMMERCIAL AND MORTGAGE LENDING; INVESTMENTS; DEPOSIT
MANAGEMENT; INFORMATION SYSTEMS. DESIGNED, TESTED, IMPLEMENTED AND PROVIDED USER TRAINING FOR THE
SUPERVISORY MONITORING SYSTEM.
INDUSTRY EXPERIENCE
FINANCIAL SERVICES (BANKING, INVESTMENT SECURITIES, CREDIT CARD PROCESSING AND INSURANCE).
TELECOMMUNICATIONS (WIRELESS CELLULAR).
HEALTHCARE (HOSPITALS AND MEDICARE/MEDICAID).
MANUFACTURING.
DISTRIBUTION.
EDUCATION
STATE UNIVERSITY OF NEW YORK
B.S. BUSINESS MANAGEMENT AND COMPUTER SCIENCE.
Contact this candidate