Post Job Free
Sign in

Security Officer Information

Location:
Jacksonville, FL
Posted:
October 07, 2022

Contact this candidate

Resume:

JOSEPH HARRIS

PROFESSIONAL SUMMARY:

Top performing results driven professional with a comprehensive background across a broad spectrum of IT infrastructure within the services industry. Adept at identifying system vulnerabilities and security threats to determine best course of action in protecting the integrity of systems and enterprise-level environments.

Dedicated to excellence, improving IT compliance, streamlining processes, and leading development of technical solutions in highly structured environments.

Possess strong understanding of IT infrastructure, application architecture and security, data analysis, information systems and IT Auditing.

Articulate communicator, demonstrating excellent interpersonal skills across all levels and shares complex data with experts and neophytes.

PROFESSIONAL EXPERIENCE:

ARC American Recruitment and Consulting (Kemper), Jacksonville, Florida

Information Security Third Party Assessor 05/2022 – Present

CTO Team Security Assessor performs detailed examinations of client’s suppliers' information security practices, controls to confirm adherence to high security standards for accountability and to identify sensitive information risks.

Following established Third-Party Information Security Assessment (TPISA) process and framework, coordinate with TPISA line of business stakeholders to initiate, scope, and plan the control assessments of new and existing suppliers.

Performed assessments via conference calls, onsite assessments, reviewing independent audit service reports.

Obtained and reviewed supplier responses and supporting documentation to validate supplier appropriate implementation of information security controls to identify information security weaknesses or non-compliance with Kemper's policies and standards.

Produced detailed documentation of assessments and perform threat analyses of gaps identified.

Communicated supplier information security issues to line of business stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks.

Worked to ensure that security controls are managed and maintained by the line of business and IT partners in line with company policies, standards, and federal and state security and data privacy laws.

Tracked control gaps and risks through remediation and or risk acceptance by the line of business relationship owner, recommending mitigating/compensating controls to the line of business stakeholders and the supplier.

Continuously monitored supplier's security posture and information security risk through the supplier's lifecycle with Kemper.

Prepared and review third-party due to diligence reports for management.

Produced KPI and KRI metrics for management for the monthly IT operations reporting and monthly technology risk committee reporting.

JM Family Enterprises, Inc., Deerfield Beach, FL 01/2022 – 02/2022

Lead IT Audit Consultant

IT Assessment, monitoring, and information gathering concurrent with GAAP methodologies and IT compliance reporting.

Developed and presented annual audit plan to Senior Management.

Evaluated the effectiveness of governance, risk management and control processes.

Coordinated audits and projects to ensure timely completion.

Identified and reported high and critical risks.

Documented walk-through procedures identifying key controls and control gaps through flowcharts or narrative forms as appropriate.

Worked with Internal & External Audit Management to facilitate testing.

Documented test work, audit findings, and conclusions with associated business risks.

Enhanced internal controls and identified opportunities for improved efficiencies.

Prepared audit reports summarizing and ranking findings in control process deficiencies.

Ensured established vendor management procedures for each associated department.

CyberSearch (KPMG), Orlando, FL 11/2021 – 01/2022

IT Audit Consultant

Performed detailed evaluation, internal control, and audit reviews of information systems.

Researched a broad range of the technical frameworks and intricate components of computer systems, as well as used leadership experience overseeing & guiding teams working on a variety of platforms, such as operating systems, networks, databases, and enterprise resource planning (ERP) systems.

Tested and evaluated IT systems for conformity with SOX & other industry standards for efficiency, accuracy, and security, and created an action plan to prevent security breaches in the technology.

Planned and executed internal audit procedures. Present audit reports in compliance with statutory requirements and regulations in a clear, accurate and concise manner.

Tested, Review & Advisory of IT Application controls (ITAC) and IT general controls (ITGC) for Oracle and NetSuite.

Florida Blue, Jacksonville, FL 07/2020 – 08/2021

Senior IT Auditor

Utilized an understanding of the Company’s information technology environment and how systems support business activities to coordinate and/or conduct audits as assigned, including specialized activities.

Managed IT audit projects and assigned staff to achieve the scope, timelines, and objectives of each assignment.

Identified opportunities and made recommendations to improve efficiency, security and effectiveness of internal controls and operating processes within IT.

Maintained relationships with audit customers at appropriate levels and promoted teamwork and responsibility with engagement team members.

Completes audits in accordance with the industry standards and guidelines.

Led facilitation of audits with regulatory agencies and other 3rd parties.

Blue Cross & Blue Shield, Little Rock, AR 05/2019 – 12/2020

Senior IT Auditor

Conducted all phases of internal audits and compliance audits within the enterprise.

Developed an annual audit plan and championed internal control and corporate governance concepts throughout the Audit process to promote operational efficiency and effectiveness, and financial and non-financial reporting of the Enterprise as identified in the annual plan which stayed consistent with the COSO Internal Control Framework.

Worked with all levels of management and staff, particularly in finance, information systems, and operations areas, as well as with external auditors and regulators.

Planned and developed the audit scope, documenting and testing internal controls, reporting on the results of testing, making recommendations for improvement, and following up on the implementation of those recommendations.

Coordinated and facilitated external audits of the private business lines and worked in compliance with Arkansas Rule 25 (NAIC Model Audit rule).

Documented risks and key controls within the financial reporting processes and developed appropriate testing and management certification of the controls, working with executive staff to identify and resolve internal control issues.

Maintained regulatory compliance activities as identified in the annual plan and stayed consistent with the COSO Internal Control Framework.

Coordinated and facilitated external audits of private business lines.

Entergy of Arkansas, Little Rock, AR 12/2015 – 05/2019

Senior IT Specialist

Built a cohesive team and proactively collaborated across infrastructure with team members to manager access for key information resources residing on multiple platforms, with a focus on Windows systems, Active Directories and other automations.

Participated in the continuous improvement of the identity and access management life cycle practices and provided Subject Matter Expertise over IAM practices, policies, and procedures for the Enterprise and Essential practices.

Provided direction to employees and contractors according to established policies and management guidance.

State of Arkansas - DHS, Little Rock, AR 02/2013 – 05/2015

Compliance Officer

Supervised, evaluated, and mentored employees in high standards and best practices.

Handled Information Security, Audit, Risk Management, Confidentiality, Integrity, Availability, and Assurance for DHS applications.

Served as liaison to DHS management, data owners, and support staff for the Electronic Eligibility Framework (EEF) for the Affordable Care Act (ACA) initiative.

Provided technical guidance and project management for Information Technology and security solutions, while reporting directly to the Chief Information Officer (CIO), or Chief Information Security Officer (CISO).

Project manager ensuring new applications comply with state and federal regulations.

Managed and mitigated potential or actual breach of PHI, SSN, FTI, or PII.

Developed and managed enhancements to existing programs like CIA and compliance.

State of Arkansas - DHS, Little Rock, AK Little Rock, AR 11/2012 – 02/2013

Cybersecurity Auditor

Led Information Security Audits, Risk Management, and Assurance for applications.

Liaison to DHS management and data owners supporting the DHS mission and protection of agency assets and public data through a proactive approach.

Provide technical guidance and project management for IT and security solutions reporting directly to the Compliance Officer.

Ensured new applications comply with state and federal regulations.

EDUCATION: University of Phoenix:

Master of Business Administration - Business Administration/Project Management – 2016

Master's Degree in Information Science / Project Management – 2013

Bachelor of Science in Information Technology and Information

System Security, Information Technology Management – 2011

Associate of Arts in Information Technology, Information Technology Management & Networking – 2009

CERTIFICATION: ISACA: Certified Data Privacy Solutions Engineer (CDPSE)



Contact this candidate