IT Security and Compliance professional
Extensive experience in: IT Security; Sarbanes-Oxley; PCI-DSS; IT Audit and Compliance
Technology Assurance and Advisory Services
Specialties: CPA, CISA, CISSP, CGEIT, PCIP, CRISC, ITIL
.
IT Security & Compliance Manager @ IT Security
o Evaluate IT security capabilities.
APT Threat Detection project
Security Risk Assessment project
o Cyber Security Roadmap development.
o Direct IT security activities such as:
Review and assess new and developing threats.
Develop and Maintain IT Security Policies.
Develop Security Awareness Programs.
Manage the Enterprise Information Security Awareness program.
Develop and coordinate incident response plans.
Perform root cause analysis.
Develop new policies and standards.
Monitor for enforcement of security policies and standards.
Develop, monitor, and maintain a Security Monitoring program.
o Manage physical security reviews and audits for facilities and data centers.
IT Compliance
o SOX
Set overall direction for IT SOX compliance.
Socialize and evangelize SOX compliance.
Drive change that protects or enhances SOX compliance.
Direct IT SOX projects and processes.
o PCI-DSS
Determine strategy for PCI compliance.
Socialize and evangelize PCI compliance.
Drive change to achieve and improve PCI compliance.
Manage internal/external staff conducting internal annual audits as a PCI merchant.
Coordinate and interface with external auditors (QSA).
IT Process Improvement
o Establish and mature the IT Governance process.
o Direct the design and implement a broad framework of IT controls.
o Create and operate a Change Approval Board From August 2012 to Present (3 years 5 months) Houston, Texas AreaConsultant @ From September 2009 to August 2012 (3 years) Sr. Manager TAAS @ System Selection projects
System Implementation projects
Sarbanes-Oxley IT documentation & testing
Sarbanes-Oxley Financial documentation & testing
Internal Control Design and Implementation
Business Process Documentation
Business Process Improvement
System requirements and configuration projects From August 2006 to September 2009 (3 years 2 months) Consultant @ Conversion projects
Sarbanes-Oxley IT documentation & testing
Sarbanes-Oxley Financial documentation & testing
System requirements and configuration projects
Tax return preparation
Accounting system set up
Business acquisition analysis
Interim department head
Office automation projects
Database development
Regulatory compliance projects From February 2000 to August 2006 (6 years 7 months) Consultant @ From 2004 to 2005 (1 year) Consultant @ From 2004 to 2004 (less than a year) IS Director @ Supervised a staff of seven.
Responsible for the company's Y2K review, policies, and procedures.
Stabilized existing systems to allow for a ten day monthly closing cycle.
Implemented client-server accounting system that allowed for a five day monthly closing cycle while the company grew 500%.
Negotiated and implemented telephone and data contracts.
Installed company's first e-mail system, web site and WAN.
Developed billing and regulatory compliance system.
Performed over 20 accounting system conversions. From May 1997 to February 2000 (2 years 10 months) Controller & IS Director @ Established software systems from the ground up.
Acquired and installed telephone & computer systems.
Collected delinquent loans.
Made new loans and checked collateral. From October 1996 to May 1997 (8 months) Director of Information Systems @ Supervised and managed LAN, WAN and host-based systems.
Oversaw the development, deployment, and maintenance of accounting systems.
Evaluated new technologies, purchased software, and created accounting and internal controls for internally developed systems.
Prepared long-term plan and established standards.
Created policies and procedures for software development and disaster recovery.
Acquire, maintain, and program telephone system.
Developed and implemented a point-of-sale system for the company's landfills.
Evaluated, selected, and implemented software for the company's hauling operations.
Managed the systems growth of the company from start-up to revenues exceeding $500 million.
Negotiated and implemented telephone and data contracts with multiple vendors.
Created systems which allowed for a five day monthly closing cycle.
Successfully completed over 40 accounting system conversions.
Prepared RFP and headed up selection process for client-server accounting system.
Converted data and implemented client-server accounting system.
Assisted in preparation of SEC filings including S-1, S-3, 8-K, 10-Q, and 10-K.
Combined the accounting operations of five separate companies following IPO.
Set up initial accounting system, chart of accounts, and reporting formats. From June 1990 to October 1996 (6 years 5 months) Assistant Controller @ Performed acquisition due diligence.
Prepared purchase price allocation workpapers, entries, and post-closing adjustments for new acquisitions.
Evaluated and implemented accounting systems, procedures and personnel for acquired operations.
Assisted external auditors with preparation of federal and state tax returns and annual audits.
Developed computer models for use in purchase price allocation.
Oversaw and implemented new G/L, A/P, and contracts system.
Converted contracts for automated and manual systems. From October 1989 to June 1990 (9 months) Senior Auditor @ Responsible for audit planning, budgeting, and audit procedures.
Supervised staff, reviewed audit workpapers, and prepared reports and management letters.
Became proficient in computer-assisted audit techniques to increase audit efficiency.
Industries audited were financial institutions, architecture & engineering firms, and software development companies. From January 1987 to October 1989 (2 years 10 months) Assistant Controller @ Prepared and reviewed all internal and external financial and regulatory reports.
Supervised a department of six bookkeepers.
Implemented internal controls and reconciliation procedures.
Developed PC models to enhance clerical employees' efficiency.
Streamlined the financial reporting process. From June 1986 to December 1986 (7 months) PC Auditor @ Performed all aspects of audits of financial institutions, governmental entities and
non-profit organizations..
Assisted in preparation of SEC filings.
Completed accounting education hours to qualify to take CPA exam while working From August 1984 to June 1986 (1 year 11 months) Controller @ Responsible for all accounting areas and a staff of three.
Oversaw purchase and implementation of new computer system.
Received company award for implementing new system and establishing a credible
accounting system. From August 1983 to August 1984 (1 year 1 month) Graduate Assistant Instructor @ From August 1982 to May 1983 (10 months)
Master of Business Administration (M.B.A.), Finance @ Sam Houston State University From 1981 to 1983 Bachelor of Business Administration (BBA), Finance, General @ Sam Houston State University From 1977 to 1981 Brad Hollingsworth is skilled in: CISA, CISSP, Internal Audit, Enterprise Risk Management, IT Audit, Segregation of Duties, Internal Controls, Sarbanes-Oxley Act, Disaster Recovery, Risk Assessment, Sarbanes-Oxley, Risk Management, Auditing, Business Process, Business Process Improvement