Tristan Jones

Tristan Jones

Work History

Work History
May 2007 - Sep 2012

IS Audit Manager

Meritor

•Conductedrisk based InformationSystemsaudits primarily testing; physical and logical access controls, segregation of duties, business continuity, database and wireless network security, and system resilience for known vulnerabilities.

•Conduced IT Project Management Audits, to ensure business and IT integration; effective change control on project cost, scope, and timing; User Acceptance Testing, appropriate levels of training, and security measures implemented based on corporate policy.

•ReducedthecostofSOXcomplianceby60%,inpartbyenhancinggenerictestscriptwithtechnologyspecificsteps.

•CoordinatedSOXControlEffectivenessAuditsrelatingtokeyinformationtechnologycontrolsactivitiesandrelatedreportingforEuropeandAsiaPacific

•Conductedsystem/controlscopingandexecutedauditprogrambasedonCOBITassuranceguidelinestoidentifycontrolweaknesses.

•Developedandreportedoverallconclusionandrecommendationstolocalandcorporatemanagement.

•Built,pilotedandimplementedTeamCentralaweb-basedworkflowapplicationforexceptionreportingandimplementationtracking.

•Co-sourcedsecurityspecialisttoestablishateamtoconductannualattackandpenetrationaudits.

•DefinedACLscriptsfordata analysis onAccounts PayablesandReceivablescashflow,BillofMaterials,SegregationofDuties,and Access Controls.

Jun 2003 - May 2007

Enterprise Systems Manager

Meritor

• Responsible for Datacenter operations hosting Meritor's ERP systems supporting 34European manufacturing sites, offices and warehouses.

• Responsible for infrastructure roll-out and operations of Axapta ERP system focusing onSQL Server database management.

• Set Global standards for Change Control, Access Controls and Segregation of Duties for SOXCompliance.

• Conducted management self-testing at European locations to ensure effective IT operational controls.

• Responsible for sizing computer systems, placing orders, receiving, assembly, and deploying new systems on the corporate network in compliance  with change management, and security requirements.

• Responsible for setup and created monitoring alerts using WhatsUpGold.  This allowed us to be proactive noticed of low disk space, bandwidth issues, or hardware failures for example.

• Responsible for piloting new technology such as virtualization allowing for the consolidation of physical servers to virtual servers making our infrastructure more efficient resulting in cost savings. 

May 2000 - Jun 2003

IT Manager

Binck Bank

•Joinedfour(4)foundingpartnersasfirstemployeeinastart-upInternetBrokerresponsiblefor

InformationSystems.

•Defined,implementedandmaintainedproceduresforIToperations,change,andsystemsecurity.

•Evaluatedstaffingrequirements,builtteamoffive(5)toensuresufficientresourcestoprovideoperationalsupportreal-timetradingsystem.

•Implementedadequatesupervisorypracticestoensurethatrolesandresponsibilitiesareproperlyexercised

•IdentifiedeventswithapotentialnegativeimpactonthegoalsoroperationsofBinck.

•Producedaplanfortheacquisition,implementationandmaintenanceofthetechnologicalinfrastructure tomeetbusinessrequirements.

•Establishaweb-basedtrackingandreportingsystemtodocumentrejectedchanges,communicatethestatusofapprovedandin-processchanges,andcompletechanges.

•Putpreventive,detectiveandmeasuresinplacetoprotectEuroPort,backofficeWindowsservers,andworkstations.

•Establishedaservicedeskfunction,whichservedastheuserinterfacewithIT,toregister,communicate,dispatchandanalyzeallreportedincidents,servicerequestsandinformationdemands.

•Definedandimplementedproceduresforbackupandrestorationofsystems,applications,dataanddocumentationinlinewithbusinessrequirementsandthecontinuityplan.

Sep 2007 - Dec 2000

Microsoft Consultant

Charles Schwab

• SMS was Microsoft's Management Server that allowed for the deployment of application installations, updated, and changes from a central location.  We managed 50 SMS servers which serviced more then 1200 clients downstream.  This technology allowed for application standardisation, and greatly reduced deployment time thus saving money.

•Resolvedapplicationerrorsreportedbyend-usersfollowingtheremotedeploymentofsoftwareapplications.

•Built,testedandmigrateduserstonewSMSsitesasnetworkenvironmentchanged.

•Wroteandranscriptsagainstworkstationsandserverstoverifyregistrychangesandfileupdatesfollowingeachsoftwaredeployments.

•Attendednationaltacticalmeetingsheldviaphoneconferencetoprovidestatus,negotiatetimingandsetpriorityonapplicationdeployments.

• As a Microsoft Certified Solutions Expert, my daily responsibilities required deep technical knowledge of the operation systems its registry, networking, and common services such as WINS, DNS, DHCP, file systems, access permissions.

Sep 1995 - May 1997

Senior Network Engineer

McKesson

• Responsible for central application maintenance travelling nationally to install and resolve problems for over back-end systems supporting 10,000 users in a national network based on Novell servers.

• Oversaw the entire NT environment, designed, implementing a master domain with all its related services , and introduced SMS to the company.

• Facilitated all phases of implementation of client/server application software on the client side, thus defining, troubleshooting, and the implementing ODBC configurations to end-users nationally. 

• Served as the single point of contact for resolving SQL Database connectivity issues over TCP/IP and NetWare networking nationwide.

1995 - 1994

Technical Support Representative

Borland

• Responsible for resolving customer issues with Borland's ReportWriter.  This product allowed users to establish a direct connection to back-end databases and populate defined reports.  This allowed creating on meaningful ad-hoc reports and standard reports.

• Established a number of test environments using all common clients-server configurations.   This included back-end server on UNIX, Windows, and Novell all running common databases.  The test environment is invaluable in recreating user problems for troubleshooting.

1992 - 1994

Technical Support Representative

Novell

• Provided phone support to Novell customers regarding TCP/IP network configuration and routing.

•  Provide phone support to customers regarding UNIXWare, resolving installation, configuration, and performance issues.

• Resolved issues with installation, configuration, routing, Bootp, host emulation, keyboard re-mapping, dial-up connectivity.

Education

Education

Skills

Skills

TeamMate Audit Suite

ACL Data Analysis

Objective

Provide information systems assurance, security, and risk management solutions to increase transparency and add value.

Technical Highlights

SecurityandInformationsystemscontrol-relatedconceptsandtechniques,TCP/IPprotocol,localandwideareanetworkmanagement,Ciscoroutersandswitches,Checkpointfirewall,DOS,Windows,UNIX platforms,IISWebmanagement,VMware,wirelesscommunications,VPN,Encryption,SMS,MicrosoftSQLserver,Axapta,MFG/Pro,Oracle,EDI,hardwareandsoftwareclustering,MicrosoftOfficetools,Teammate,ACL,Nessus

Certifications

Certifications
2011 - Present

Certified Risk and Information System Controls (CRISC)

ISACA:1114337
2009 - Present

Certified Information Security Manager ( CISM )

ISACA:08420788
2008 - Present

Certified Information Systems Auditor ( CISA )

ISACA:0862546
2004 - Present

Cisco Certified Network Associate ( CCNA )

CISCO