Alfred Moresi, BS, MS Email: ad25h8@r.postjobfree.com

**** ****** **** ***** ****: 303-***-****

Castle Rock, Colorado 80109 Cell: 303-***-****

Summary

• Over 20 years of experience in the audit of cybersecurity, payment card, information technology

(IT) and people management.

• “Big 4” Partner and Practice Management in cybersecurity and IT Risk/Issues, Audit and Regulatory controls.

• Excellent Bank experience in Risk/Issues, IT General Controls and Regulatory controls.

• Demonstrated leadership in cybersecurity in support IT environments (e.g., mainframe, midrange, distributed, database, network, credit card and application) compliances and PCI controls in conformance with COSO, NIST Cybersecurity Framework, and COBIT standards.

• Subject matter expert in Cryptographic Controls, SDLC Controls, BCP and Resiliency Controls, Incident Response Controls, Change Management Controls, Payment Card Industry (PCI) Controls V4, Identity and Access Management Controls, PKI and PII Controls.

• Knowledgeable of Threat and Vulnerability Management, Information Risk and Governance and Physical Security.

• Excellent written and verbal skills; interpersonal skills; and analytical and problem-solving skills.

• Extensive experience managing teams, gaining consensus and approvals for project plans, findings and strategies with stakeholders and executive management in matrix organizations. Technical Skills

MS Project, Excel, Word, PowerPoint, Visio, and Access; Lotus Notes, Outlook, Clarity, and SharePoint; SQL; VPN and Citrix; Oracle ERP Systems; and numerous Accounting Systems. Education

Master of Science in Accounting, Grand Canyon University, Phoenix, Arizona (Graduated with Honors) Bachelor Science – Mathematics & Computer Science, University of Illinois, Champaign- Urbana, Illinois

(Graduated)

Certifications

CISA; working toward CPA

Professional Memberships

Information System Audit and Control Association (ISACA) The Institute of Internal Auditors (IIA)

Honors Society Membership

Delta Mu Delta Honor Society Business Administration Alfred Moresi, BS, MS in Accounting Email: ad25h8@r.postjobfree.com Page 2 Work Experience

Employer: Wells Fargo Bank, Denver, CO, IT Lead Audit Manager and Vice President, June 2015 to December 2023

Conducted risk assessment audits on security issues and determined risk ratings based on information security controls, cryptographic controls, PKI, and PCI controls. Designed, lead, and executed a PCI Compliance program. Tracked and documented PCI compliance gaps. Supervised and mentored audit teams in effective design of work products, work paper reviews and reporting.

Provided periodic written recommendations based on documented evidence that addressed root causes of risk assessment issues including cryptographic, PKI and PCI controls. Coordinated evidence gathering of IT teams based on audit inquiries. Validated evidence in reports for audit management, audit committee and Board of Directors. Prepared periodic reports on issue management metrics and issue validation reports. Assisted Audit Management with annual planning activities for the department that included design of control environments of known, emerging, or perceived risks. Supported and participated in advancing Internal Audit’s ability to assess cybersecurity and IT’s control environment by using data analytics and other non-traditional methods. Utilized data models to identify and solve a variety of cybersecurity and IT issues and utilized a risk- based approach to assist in remediations of action plans. Mentored and trained staff through the development of data mining related training and intranet materials.

Employer: ERNST & YOUNG, LLP, San Francisco & San Jose, CA, Partner, and Practice Leader, June 2009 to June 2015. As a Partner and Practice Leader, I was responsible for audit and assurance services for software, telecommunication, banking, venture capital, and insurance companies with emphasis on security and payment card industry controls. Designed and led periodic PCI compliance audits. My markets included Silicon Valley and Seattle in the US as well as China and Europe. My major clients included: Microsoft, Intuit, Intel, Sun, HP, Bank of America, Wells Fargo, Washington Mutual, Banc One, Chase, Fleet, Federal Reserve, HSBC, American Express, Boeing, Wal-Mart, Sears, Sprint, AT&T, Disney, McKesson, Kaiser Permanente, Catholic Healthcare, and Cigna. I managed and mentored a team of over 50 auditors.

Employer: Pictet Bank, Geneva, Switzerland, Director of Audit and Risk, June 2002 to June 2009. As Director, I was responsible for auditing, risk and client services across major banking, brokerages, payment card, data processing for the bank. I established and managed a subsidiary Securatec SA from start-up to three offices in Europe with emphasis on payment card applications. Designed and led periodic PCI audits. I developed long term client relationships with Visa, American Express, Ericsson, PTTs and the Top 100 European Banks. As a highlight of my leadership, I was the principal executive and manager of a five-year project to build Norway’s EFTPOS system that was deployed to 350 Norwegian banks. I was a frequent speaker at major international banking and credit card conferences. Supervised and mentored a team of 25 auditors and consultants.

Contact this candidate