Information Security Cyber

DARNELL LEAVELL, CPA, CISA, CISSP, CFE, PMP

Chicago, Illinois 60637

www.linkedin.com/in/darnell-leavell-cpa-cisa-cissp-pmp-cfe-9534bb19

773-***-**** - ********@*********.***

TECHNOLOGY / IS RISK PROFESSIONAL

Skilled in the identification, mitigation and communication of technology and IS risks

Accomplished Technology risk professional with extensive technology /IS risk, operational risk and technology audit experience in Banking. Strong leadership capabilities managing diverse audit/risk teams. Maintains several coveted industry certifications and memberships in professional associations. Possess diverse interpersonal strengths, including outstanding communications skills, both verbal and written. Identified as top performer in Audit. Core competencies include:

Technology and Information Risk Assessment – Operational Risk Assessment – Cyber Security Assessment - Cloud Security Assessment - Fraud Risk Assessment – Technology Audit – Project Audit - Information Security Plan Development - Project Management – Technology Risk Governance

PROFESSIONAL EXPERIENCE AND ACCOMPLISHMENTS

DLeavell Enterprises, LLC – Chicago, IL December 2019 to Present

Information IS/IT Risk Consultant

Offering consulting services in the following areas: Cyber Security Governance, Technology Risk, Operational Risk and Audit.

•Provided IS Risk consulting services to Robert Half International as an independent contractor since September 2020.

•Led and performed second line of defense challenge of Information Security procedures, controls and control testing for a large financial services company.

•Performed IS assessments using NIST Frameworks (800-53, 800-37and NIST Cyber Security).

Bank of Montreal Harris Bank – Chicago, IL November 2001 to December 2019

Vice President and Senior Technology Risk Officer, – February 2012 to December 2019

Led the 2nd line challenge and assessment of IS risk, IT risk and Operational risk for the US Technology and Information Security Groups.

•Conducted extensive annual and quarterly Risk Control Self-Assessment of IS and Technology units. These assessments were performed in accordance with bank standards, FFIEC Technology and Information Security Handbooks /Guidelines and NIST Frameworks.

•Facilitated multiple IT/IS risk assessment of Technology/ Information Security/Business Units simultaneously.

•Assisted in the development of the Technology and Information Security Policies / Standards and implementation of the NIST Cyber Security Framework within the Bank.

•Participated in the assessment of Third Party/Cloud vendors in Technology / Cloud Gating Committee meetings.

•Performed application and infrastructure risk assessments analyzing and documenting systems and business processes.

•Analyzed, evaluated and reported on significant Cyber Security Incident responses.

DARNELL LEAVELL Page Two

Vice President and Senior Manager – IT Audit– November 2001 – February 2012

Managed technology audit teams at BMO Harris Bank and Bank of Montreal (Canada). Performed technology operations, information security, project and integrated audits. Assessed, reviewed and opined on Technology and Information Security governance framework across BMO Financial Group. Audits were performed in accordance with FFIEC regulatory guidance.

•Selected as Top 10 finalist to receive Chief Auditor's Award for world class performance three times.

This enabled the US Audit team to pass US regulator reviews without any finding and enhance the profile of the Enterprise Audit group within the US Banking group.

•Enhanced US IT Audit practice by hiring, training and mentoring qualified technology audit professionals.

•Coordinated Division-wide IT Audit off-sites to enhance information sharing and best technology audit practices across the enterprise.

•Identified very significant disaster recovery issues for critical US applications that helped avoid regulatory scrutiny and fines.

•Created presentations and facilitated quarterly IT Audit management meetings with federal (OCC, FED) and Illinois state regulators that improved the bank’s IT control regulatory control rating.

•Implemented significant improvements to the application audit approaches practiced by the Corporate Audit Division. This allowed the Audit Department to conduct more efficient and effective audits of core applications.

EDUCATION AND CERTIFICATIONS

DEPAUL UNIVERSITY - CHICAGO, IL

Bachelor of Science in Commerce - Major in Accounting

•Certified Public Accountant

•Certified Information Systems Auditor

•Certified Fraud Examiner

•Certified Information Systems Security Professional

•Project Management Professional

PROFESSIONAL AFFILIATIONS

•American Institute of Certified Public Accountants – AICPA

•International Information Systems Security Certification Consortium – ISC2

•Institute of Internal Auditors - IIA

•Information System Audit and Control Association - ISACA

•Association of Certified Fraud Examiners - ACFE

•Project Management Institute - PMP

Contact this candidate