C I N D Y H AR R O P M P, CIP P, CISA*

N L I O N* 012@ Y A H O O . C O M, 2-03-746-****, N E W F A I R F I E L D, CT

Positive and collaborative IT Information Security Professional with 25+ years of experience across

multiple IT disciplines. Demonstrated ability to provide direction and motivate teams, analyze data and

processes to drive compliance and performance improvements and manage projects to completion.

• I dentity and Access Management • • IT Security Policy, ISO 17799,

IT compliance, Risk

(IAM). Role based access control Management, Governance and ISO/IEC 27002, ITIL

(RBAC) audit readiness.

• Software tools development, • Process improvement and

• Certified in Project Management

(PMP) and Information Privacy configuration and simplification. Metrics.

(CIPP) deployment.

• Communication and presentation • Computer Science degree, • Senior Management and

skills for executives, client, large B.S. global leadership experience.

audiences The Pennsylvania State

University

I BM (Seterus Mortgage Servicing): Identity and Access Management (IAM), IT Security and Compliance

M anager 2013 - now

• Day to day management responsibility for IAM activities, using Role Based Access Controls (RBAC) for

2200 person organization. Implement “least privilege access” for information assets containing financial

and personal information through careful design/model of access groups, business roles and account

provisioning.

• Monitor and test compliance to security policy, to ensure audit readiness for PWC SSAE16 (assessed

against ISO/IEC 27002). Present IAM processes to auditors, all audits passed successfully.

• Identified bottle necks in IAM process. Defined and implemented actions to reduce/eliminate.

• Developed IAM operational metrics, including average resolution days, and unassigned ticket rate.

I BM: IT Service Management Program Manager

2012 – 2013

• Performed data mining of historic IT incidents and Root Cause Analysis reports (RCAs) across 10 global

teams to find common high impact risks. Developed proposal to address findings, engaged with VP and

gained support to lead and manage implementation of remediation plan across global teams.

• Led weekly IT incident analysis global meetings, guided teams through RCA process. Provided

summary to VP.

• Led all stages of application lifecycle for the configuration and deployment of a global RCA tool to

replace monthly spreadsheet distribution and consolidation. I developed the financial business case,

showing a 50% labor cost reduction and 3 month ROI, received immediate VP approval.

I BM: Software Tools Configuration, Deployment and Support Manager

2008 – 2012

• Configured and installed “Upside” contract management tool and migrated IBM contract document

image data to it.

• Built education and training materials and communicated frequently with lead legal and contract

professionals.

I BM: I T Security Compliance and Governance Manager

2000-2007

• Analyzed compliance testing failures reported across 19 global teams and proposed remediation plan to

VP.

• Global leader for the deployment of 5 IT security risk management tools across global organization to

mitigate test failures in IAM, System Currency, and Risk management. Selected ‘best fit’ tools, set up

configurations and tracked/reported on-boarding progress monthly to VP.

• Performed and managed Service Management functions (incident reporting, metrics) for IT

infrastructure offering.

• Drove compliance assessments and readiness of IT delivery teams for PWC audit. Received satisfactory

rating.

I BM: Application Services M anager, Project Manager and Programmer

1985-1999

• Responsible for on time, on budget delivery of code for multiple business applications using ITIL

Change, Incident and Service Management disciplines. Performed Programmer and DBA activities.

EDUCATIO N AND CERTIF I CAT I O NS

The Pennsylvania State University, Bachelor of Science, Computer Science

P MP Certification, Project Management Professional

C IPP Certification, Certified Information Privacy Professional

* CISA (studying for June 2015 exam, expect to be certified in 3Q15), Certified Information Systems Auditor

ACTIV I T I ES

Information Systems Audit and Control Association, member.

Community Service Club volunteer (New Fairfield, CT)

• Website Master and Facebook administrator

• Food Pantry coordinator

• “Kids Dress for Success” coordinator for elementary school (grades 3-6)

Contact this candidate