Technology Audit Manager

Marcel E. Derodel, CISSP

Profile:

Talented IT Audit & Security Professional with certification and progressively responsible IT experience. Expertise includes: multi-platform environments (Windows, Linux, Solaris, Ethernet & Token Ring, LAN/WAN/MANs Networks, Checkpoint, CISCO Routers & Firewalls, SAN).

Key Skills:

Technical

• Systems Analysis & Evaluation

• Intranet Design & Implementation

• Real-Time Intrusion Analysis

• LAN/WAN Network Optimization

Managerial

• Supervision & Team Building

• Project Management

• Training & Instruction

• Research & Analysis

Professional Experience: NEW YORK COMMUNITY BANCORP – WESTBURY – NY

VP – Technology Audit Manager – June 2007 to May 2009

• Managed system/application reviews to assess the adequacy and effectiveness of internal controls within the Bank.

• Assisted Senior Management in reviewing audit reports prior to sign-off.

• Assisted Senior Management in developing annual IT audit plan based on a risk based approach.

• Developed and maintained strong and effective on-going relationship with business auditees.

• Reviewed, supervised and provided guidance to IT audit team members to ensure that audit processes and risks are assessed appropriately.

• Maintained and supported departmental Audit Management System to facilitate audit planning and project documentation.

CREDIT SUISSE – NEW YORK – NY

AVP – Technology Security Auditor – March 2004 – June 2007

• Managed system/application reviews to assess the adequacy and effectiveness of internal controls within the Bank.

• Reviewed various infrastructure platforms for compliance with Firm security standards.

• Assisted management in designing and reviewing major data center project to accommodate growth and meeting regulatory requirements.

• Developed and recommend effective security policies and procedures, project documentation and milestones, and technical/business specifications.

TD WATERHOUSE INVESTOR SERVICES, INC. – NEW YORK – NY

VP – Corporate Audit – March 2001 to February 2004

• Provided the technology vision and strategic advice to TD Waterhouse Senior Management Team.

• Performed detail security assessments to identify policy and procedure inefficiencies, risks and vulnerabilities associated with networks components.

• Tested and evaluated existing Information technology Security Applications and Configurations to ensure policy compliance.

• Assisted management in creating and implementing enterprise wide security standards.

• Developed and present security-related findings reports for company executives and implementation plans to mitigate security-related exposures.

AXA FINANCIAL, INC. – NEW YORK – NY

Senior Technology Auditor – May 1999 to March 2001

• Project leader in developing and implementing departmental workflow system.

• Reviewed AXA Financial Firewalls design and network configuration.

• Performed Internet penetration testing in collaboration with PricewaterhouseCoopers.

• Analyzed corporate network infrastructure and communications.

• Designed and implemented ACS Internal Audit Department Intranet web site.

• Provided assistance to management in creating enterprise wide security standards.

BANQUE NATIONALE DE PARIS – NEW YORK – NY

Senior Technology Auditor – June 1998 to May 1999

• Developed change control procedures and methodology.

• Assessed disaster recovery and back-up procedures.

• Reviewed logical security access to Windows NT and UNIX.

• Developed guidelines to be followed for the creation of DBA and Security procedures.

JOHNSON & JOHNSON – NEW BRUNSWICK – NJ

Information Management Auditor – March 1997 to May 1998

• Reviewed and tested implementation of SAP R/3 business application system.

• Reviewed access authorization to Oracle database.

• Provided solutions to affiliates for their business needs, including Year 2000 Compliance.

• Assessed disaster recovery and back-up procedures.

• Instructed Affiliate Companies on self-assessment of internal controls.

• Reviewed security access of business application and operating system.

Education:

POLYTECHNIC UNIVERSITY

Master of Science in Information Systems Engineering NEW YORK – NY - JUNE 2001

NEW YORK UNIVERSITY

Leonard N. Stern School of Business

Bachelor of Science in Accounting NEW YORK – NY - MAY 1994

Computer Expertise: Hardware & Operating Systems:

• EMC Symmetrix / CLARiiON / Centera / 3PAR

• Windows 2000/XP

• Linux / Sun Solaris

• Ethernet Networks

Protocols/Networking:

• CISCO Routers, Switches & Firewalls Software:

• Checkpoint

• TeamMate Audit Management System

Programming Language:

• Java

Languages: Fluent in French. Reading knowledge of Spanish.

References: Available upon request.

Contact this candidate