Steven Needham Greater Atlanta Area

Company Name

HD Supply (Wholesale)

Position Held

Principal Technologist - Information Security

Dates

0000 - Present

Details

Reported directly to the Chief Information Security Officer (CISO) and Chief Technology Officer (CTO)Managed the company's PCI, Blue Coat, and Sophos Endpoint Protection projectsDirected an internal staff of 4 security engineers and 1 manager for geographically numerous projectsManaged of Service Level Agreements via the company's own proprietary ticketing system including web and email filtering; laptop encryption, and aspects of the company's mobile device management (MDM) experiments Prepared daily, weekly, and monthly project reporting for varying levels of management, including IT management, directors, and vice presidentsScheduled to attended the CIO Magazine Conference in Colorado Springs, Colorado in August 2011

Company Name

HD Supply (Wholesale)

Position Held

Manager, Internal Audit - IT

Dates

0000 - Present

Details

Established the first IT internal function for a newly formed companyManaged 3 full-time and 6 contract employees, responsible for coaching and their annual goal setting and review process; approved expense accountsCompleted and presented the company’s enterprise wide IT risk assessment for 2009 in conjunction with PwC; presented the findings and recommendations to the CIO and IT executive leadershipDeveloped, maintained, and executed the IT audit plan based upon the IT risk assessment, company management requests, regulatory requirements, and external audit coordinationServed on the SOX steering committee: managed and integrated the SOX IT subproject for year one of compliance in 2009, including formulating a communications plan, training materials for process and control owners, and identification of entity-level controls, application controls, and rationalizing IT general controlsEstablished the relationship with the company’s new external auditor, including sharing of workpapers and reports, and coordinating the annual audit planTraveled over 50% of the time to San Diego, Orlando, and Houston from AtlantaOwned and administered the audit department’s electronic repositories: TeamMate workpapers, department shares and intranet portals; responsible for determining proper usage, application service management and vendor relations; requested, managed, and tested client and server upgradesBuilt the internal audit department’s business continuity plan using Living Disaster Recovery Planning System (LDRPS); including the identification of processes, contingency plans, vital records, applications, personnel, vendors and locations used for a department of 10 headcountDesigned and taught audit training courses to ensure that over 100 attendees could claim CPE creditAttended the CSO Magazine Conference in San Jose, California in March 2011

Company Name

Turner Broadcasting System, Inc. (Broadcast Media)

Position Held

Manager of Financial Compliance - IT

Dates

0000 - Present

Details

Facilitated initial fraud risk assessments workshops with IT, distribution, and tax department management.Compiled and presented risk assessments to executive management, controllers group, and line management on key risks.Designed and implemented the company’s first formal risk assessment.Pioneered the use of an aggressive strategy to implement AS 5, a control self-assessment program, and established standards for achieving a reliance strategy with the company’s external auditor, further containing overall compliance costs.Pursued, obtained, and interpreted for management SAS 70 reports covering advertising sales, payroll tax, purchasing cards, broadcast, and cable media operations.Nominated for a Gold Star for “Building Camaraderie” in the Corporate Finance and CNN Special Projects groups.Delegate to the 2008 SC Magazine Spring Executive IT Security Forum.Speaker at ISACA’s 2007 Atlanta Geek Week, “Implementing An Integrated Top-Down, Risk Based Approach for SOX”