Experience

• 

  Duke energy corporation

  Apr 2004 - Oct 2004

  Sr. it sox and audit consultant

  Augmented the project through Jefferson Wells to developed, test, and attest compliance for IT General Controls (ITGC) to include network security and IT General Application Controls (ITAC) for Duke Energy's first year of SOX compliance efforts. This includes the analysis of process control networks (PCNs) responsible for the transportation of product through the company's pipelines.

• 

  Experis

  Nov 2004 - Apr 2005

  Sr. it consultant

  Performed numerous consulting projects ranging from large to small cap public companies completing primarily IT SOX 404 Compliance efforts. Primary responsibility was documenting key internal IT general and application controls, testing all key IT internal controls, recommend and rememdiate controls wherever necessary, coordinate with executive audit commitee, external auditors, control owners, and operators in all areas evaluating IT general and application controls.Clients include: Hitachi Data Systems, Catapult Communications, Zoran Show less

• 

  Bdo usa

  May 2005 - Nov 2005

  Sr. it internal audit consultant

  Sr. IT Audit and SOX Consultant for the New York City and Boston offices of Bridgemark augmenting and team leading there staff in completing SOX IT consulting services. Worked on Financial trading clients on Wall Street (MarketAxcess), along with pharmecuetical and manufacturing companies within the greater Boston region. On-site Manager for an IT SOX 404 Compliance effort for SkillSoft in New Hampshire.

• 

  Ceridian

  Dec 2005 - Dec 2005

  Sr. it sox consultant

  IT Audit augmentee for Ceridian performing their SOX 404 Re-testing and Remediation project for FY2005 Q4. Completed retesting of remediated internal controls for Q4 testing and met the Q4 end-of-year deadline.

• 

  Dolby laboratories

  Jan 2006 - Apr 2006

  Sr. it sox audit consultant

  Augmented through Resources Global Professionals to assist the Dolby Laboratories Internal Audit department in preparation of Dolby's first year attestation for SOX 404 Compliance in IT internal control documentation, testing, and remediation recommendations. Constructed and provided initial internal control documentation and testing for key IT General Controls and application controls while maintaining all documentation within SharePoint.

• 

  Shell

  May 2006 - Jan 2007

  Senior it aec audit consultant

  Contracted as an internal IT audit consultant with Audit Security Group augmenting Royal Dutch Shell's first Sarbanes-Oxley compliance efforts and responsible for the documentation, testing, and remediation of IT internal Application Embedded Controls (AEC) for the Shell U.S.A. division of the AEC Team. Tested internal IT controls to ensure the IT systems managing the financial reporting is compliant to Sarbanes Oxley 404 requirements. Financial environments include but are not limited to SAP R/3 modules (FI, CO, MM, and SD), and proprietary applications governing the acquisition, distribution, and refining of oil and chemical products. Maintained control documentation within SharePoint. Show less

• 

  Charles schwab

  Apr 2007 - Jun 2007

  Sr. it internal auditor

  Augmented Charles Schwab’s Internal Audit Dept. through Robert Half International by augmenting and completing one Continuous Monitoring audit of PeopleSoft (PS) Segregation of duties, and two full-scope annual audits of Access Administration for Schwab Technology, and Application Development for Schwab Institutional. Constructed work plans/papers and maintained files within TeamMate. Performed data testing, collection, and evidence analysis for compliance controls. The PS audit included both Finance and HR modules to evaluate permissions assigned for a specific roles. The Access Administration audit pertained to the Windows AD, UNIX, and mainframe environments. It centered primarily on the compliance of company policies for privileged user accounts and who creates, modifies, and deletes user accounts within the respective environments. The Application Development audit randomly selected projects for compliance to development policies, procedures, and industry standards for the approved development methodology, Rational Unified Process. Show less

• 

  Chevron

  Jul 2007 - Oct 2013

  It internal auditor

  As an IT Auditor for the Chevron Corporation, I've completed numerous IT Infrastructure, Application, Data Privacy and Business Process audits for finance and IT throughout the world for global operations (Upstream, Downstream, Corp. Treasury, Financial Shared Services, HR, Strategic Business Units, Global Gas, Shipping, Oronite, ETC and ITC company divisions). Completed numerous types of Business Process, Application, and IT audits focusing on PKI, Data Center, Backup & Recovery, IT Forensics, Windows, UNIX, and IIS technologies, Change Management, SDLC, Business Continuity & Resumption, Vendor/Contractor, and numerous application reviews. Provided internal control consulting for process improvements throughout the corporation. Participated on technical internal control review boards to ensure internal contorls remain current with the changing technical environments. Provided regular instructional guidance on the overall Privacy program while conducting Privacy risk assessment training sessions globally. Show less

• 

  Robert half

  Nov 2013 - Jan 2014

  Senior it auditor consultant

  Augmented for Protiviti (a wholly owned subsidiary of Robert Half) on a Sarbanes-Oxley (SOX) project assisting Restoration Hardware (RH) with their first year of SOX compliance testing of IT General Controls in Change Management, Backup & Recovery, Computer Operations, and Security Access controls while collaborating with the external auditors (PwC) to ensure all controls are tested completely and accurately between internal and external audit resources. Additionally, completed the preliminary review of internal controls assigned to internal financial spreadsheets. Completed initial testing for the project on time! Show less

• 

  Rasgas company ltd.

  Jan 2014 - Jan 2018

  Senior information technology (it) internal auditor

  RasGas was the world's second largest Liquefied Natural Gas (LNG) producer supplying continents of Asia, Europe and Americas. Also, RasGas operated two helium plants extracting, purifying and liquefying helium to produce 25 percent of the world's supply, making Qatar the world’s largest exporter of liquid helium. Companies recognized RasGas as a strong company with a deserved reputation in safety, security and reliability of deliveries.RasGas was a leading employer of Qatari nationals and people from 67 countries. Beyond its workforce, RasGas regarded its Corporate Social Responsibility (CSR) integral to business with the four cornerstones (community, education, environment and health) aligned to Qatar's National Vision 2030. Its CSR program strengthened RasGas' connection to Qatari society and supported corporate citizenship activities.As Sr. IT Auditor, I identified local and international IT regulatory requirements applicable to general operations. Completing audits business line applications, SAP BASIS, Oracle and SQL databases, Network Infrastructure, Wireless networks, IT Systems & Data Center Ops, Telecommunications and Off-site Recovery Data Center Operations. I've developed audit programs, lead, and completed audits for Industrial Control Systems (ICS) governed by State of Qatar National ICS Security Standards. Participated on integrated audits of P2P, financial compliance, employee development & training audits assessing management of change, access controls, segregation of duties, interfaces, input/output data flow processes, while reviewing operational control environment publications. Completed a special Marketing unit assessment identifying key business processes for 3rd-party contracted services, and assessing vendor control expectations through ISAE 3402 reports. Developed audit programs for IT Network Infrastructure, SAP & Database, Service Desk, IT Systems, Data Center, & Telecommunication business lines. Show less

• 

  Qatarenergy lng

  Jan 2018 - Oct 2020

  Sr. internal auditor (it specialist)

  With the completion of the RasGas-Qatargas integration merger, the new Qatargas (QG) Operating Company leads the Liquified Natural Gas (LNG) industry and provides 25% of the world's Helium product. I was the Senior IT Auditor that lead all IT Internal Audits up to my departure, and training fellow colleagues to meet Qatar's Nationalization requirements. Kevin lead & completed Internal Audits covering the Company's Network & Security Operation Centers (NOC & SOC), Information Security, Network Infrastructure, Data Centers, Telecommunications, and Project Management review of deployed Industrial Control System Controls to meet the State of Qatar's mandatory compliance requirements. Kevin also ensured appropriate IT remediation closures for all identified IT related process and compliance gaps for the Company. The sole Senior IT Auditor assisting in the creation and operational deployment of the Internal Audit's new IT Forensic Laboratory. Participated on numerous IT, Information Security and internal business related Company investigations. Kevin was the Company's Internal Audit representative for the State of Qatar's IT review preparing for the 2022 FIFA World Cup games. Show less

• 

  Wells fargo

  Jun 2021 - Feb 2023

  Corporate risk - independent testing & validation - enterprise testing sr associate

  Supporting & ensuring the second (of three) level of defense for the IT Infrastructure is operating effectively.

• 

  Tallgrass energy

  Nov 2022 - now

  Senior it internal auditor