Profiles search
Stanley Rosario, CISSP, CISA, MBA
Cybersecurity Internal Auditor at JPMorgan Chase & Co.
New York, NY, United States
Details
Education:
Master of Business Administration - MBA
Technology Management
Stevens Institute of Technology
2017 : 2021
Master of Science (M.S.)
Telecommunications Management
Stevens Institute of Technology
2012 : 2016
Bachelor of Science (B.S.)
Electrical and Computer Engineering
Rutgers, The State University of New Jersey-New Brunswick
2006 : 2011
Technology Management
Stevens Institute of Technology
2017 : 2021
Master of Science (M.S.)
Telecommunications Management
Stevens Institute of Technology
2012 : 2016
Bachelor of Science (B.S.)
Electrical and Computer Engineering
Rutgers, The State University of New Jersey-New Brunswick
2006 : 2011
Experience:
2023 : Present
JPMorgan Chase & Co.
Senior Internal Auditor, Vice President - Cybersecurity and Technology Controls
Performed in depth quality assurance (QA) reviews of UAR and SOD controls across SOX applications, working closely and in cross-functional, interdisciplinary ways with control performers and evaluators to address gaps in operating effectiveness.
● Acted as a first-rate liaison between external auditors and internal stakeholders to ensure audit evidence was delivered on time, management was addressing identified findings and leadership was made aware of testing progress.
● Assisted in the implementation of GRC software (Service Now) to manage SOX compliance across all Verizon lines of business. Provided guidance and training to IT staff on SOX compliance requirements and best practices.
2022 : 2023
Verizon
IT SOX Compliance Manager - Enterprise Risk Management
Led compliance initiative for wireline business focused on adherence to National Fire Alarm & Signaling Code (NFPA-72).
● Identified and vetted 42 recommendations across process reviews, where all but 3 recommendations (92% acceptance rate) were committed to by the business for implementation in an effort to significantly mitigate risks and improve processes.
● Created and refined an ongoing compliance plan to ensure Verizon remained compliant with NFPA-72 and provided regular executive updates to senior leadership (through SVP level).
● Conducted an internal process review centered on end to end Spectrum Licensing process within wireless business; spearheaded the creation of various deliverables including process maps, current and future state RACI, and a network directive.
● Served as strong and dedicated liaison to the Internal Audit and Enterprise Risk management organizations to facilitate and oversee the completion of control finding remediations and process improvement recommendations.
● Generated a state-of-the-art, department-wide issue tracker to be utilized as a repository for all issues and recommendations resulting from the process reviews/evaluations conducted by the team.
2021 : 2022
Verizon
Manager - Global Network & Technology, Operational Assurance
Conducted risk-based technology and integrated audits by evaluating the adequacy and operating effectiveness of internal controls, spanning all ITGCs and advanced IT controls such as data security. Contributed to the development of all audit processes including risk assessment, planning, execution of audit procedures, and communication of audit results to process owners.
● Led the IT Program Change Control standalone technology audit where SDLC controls were tested across a sample of 26 applications; observations led to tighter controls being put in place throughout the SDLC and change control cycles, including added visibility for higher risk applications through monthly spot checks and communications to executives, as well as tool enhancements to AYS (ServiceNow) and Jira to ensure integrity of work products.
● Technology audit lead during two integrated audits focused on benefits program vendors; identified priority issues around the handling of Verizon employee and dependent SPI within the vendors’ internal applications, which resulted in changes being made to better protect the visibility of the data in the front end.
● Created accurate, logical, and detailed work papers clearly describing the work performed, results of testing, and conclusions reached in an effort to provide meaningful insight to Management.
● Reviewed industry compliance certifications and reports, namely SOC 2 Type 2, PCI-DSS, and HITRUST, when evaluating the control environment of third-party partners with whom Verizon conducts business. Worked with Management to address issues or gaps identified, develop recommendations and action plans, and monitor the remediation of prior period issues.
● Responsible for onboarding and mentoring new team members within the Technology Audit group.
2018 : 2021
Verizon
Technology Audit Team Lead - Internal Audit
Led a team of 26 Technicians and Engineers that provide fault management and disaster recovery support for 13 markets through the continuous monitoring of alarms for all wireless network elements and platforms.
● Reduced overtime hours dramatically, by over 80% month over month by creating balanced schedules and managing headcount requirements across both NOC locations.
● Contributed to a 23% alarm reduction year over year by leading an effort to gather and analyze alarm data and collaborating with the NOC Integration team to determine appropriate automation rules to apply to the alarms.
● Coached and developed direct reports through monthly performance reviews and reinforcement of proper ticket handling, troubleshooting, and company and departmental policies, as well as provided shadowing opportunities with other departments to further develop technical skills and knowledge of the business.
● Hosted quarterly staff meetings for employees to review business critical initiatives, process changes, etc., as well as address concerns, gather feedback, and encourage productive discussions.
● Created reference documentation/playbooks and updated existing documentation for NOC personnel and identified areas for improvement in existing processes and developed/implemented solutions to those issues. Accountable for the review and approval of Service Disruption Reports (SDR), which are distributed to all levels of leadership during customer impacting network events.
● Headed reporting to upper management of widespread network impacts during significant weather events through the creation and tracking of Emergency Operation Center (EOC) reports. Developed system requirements for NOC Operational Excellence team to drive enhancements to both the NOC Website and Data Warehouse.
2015 : 2018
Verizon Wireless
Supervisor - Network Operations Center
JPMorgan Chase & Co.
Senior Internal Auditor, Vice President - Cybersecurity and Technology Controls
Performed in depth quality assurance (QA) reviews of UAR and SOD controls across SOX applications, working closely and in cross-functional, interdisciplinary ways with control performers and evaluators to address gaps in operating effectiveness.
● Acted as a first-rate liaison between external auditors and internal stakeholders to ensure audit evidence was delivered on time, management was addressing identified findings and leadership was made aware of testing progress.
● Assisted in the implementation of GRC software (Service Now) to manage SOX compliance across all Verizon lines of business. Provided guidance and training to IT staff on SOX compliance requirements and best practices.
2022 : 2023
Verizon
IT SOX Compliance Manager - Enterprise Risk Management
Led compliance initiative for wireline business focused on adherence to National Fire Alarm & Signaling Code (NFPA-72).
● Identified and vetted 42 recommendations across process reviews, where all but 3 recommendations (92% acceptance rate) were committed to by the business for implementation in an effort to significantly mitigate risks and improve processes.
● Created and refined an ongoing compliance plan to ensure Verizon remained compliant with NFPA-72 and provided regular executive updates to senior leadership (through SVP level).
● Conducted an internal process review centered on end to end Spectrum Licensing process within wireless business; spearheaded the creation of various deliverables including process maps, current and future state RACI, and a network directive.
● Served as strong and dedicated liaison to the Internal Audit and Enterprise Risk management organizations to facilitate and oversee the completion of control finding remediations and process improvement recommendations.
● Generated a state-of-the-art, department-wide issue tracker to be utilized as a repository for all issues and recommendations resulting from the process reviews/evaluations conducted by the team.
2021 : 2022
Verizon
Manager - Global Network & Technology, Operational Assurance
Conducted risk-based technology and integrated audits by evaluating the adequacy and operating effectiveness of internal controls, spanning all ITGCs and advanced IT controls such as data security. Contributed to the development of all audit processes including risk assessment, planning, execution of audit procedures, and communication of audit results to process owners.
● Led the IT Program Change Control standalone technology audit where SDLC controls were tested across a sample of 26 applications; observations led to tighter controls being put in place throughout the SDLC and change control cycles, including added visibility for higher risk applications through monthly spot checks and communications to executives, as well as tool enhancements to AYS (ServiceNow) and Jira to ensure integrity of work products.
● Technology audit lead during two integrated audits focused on benefits program vendors; identified priority issues around the handling of Verizon employee and dependent SPI within the vendors’ internal applications, which resulted in changes being made to better protect the visibility of the data in the front end.
● Created accurate, logical, and detailed work papers clearly describing the work performed, results of testing, and conclusions reached in an effort to provide meaningful insight to Management.
● Reviewed industry compliance certifications and reports, namely SOC 2 Type 2, PCI-DSS, and HITRUST, when evaluating the control environment of third-party partners with whom Verizon conducts business. Worked with Management to address issues or gaps identified, develop recommendations and action plans, and monitor the remediation of prior period issues.
● Responsible for onboarding and mentoring new team members within the Technology Audit group.
2018 : 2021
Verizon
Technology Audit Team Lead - Internal Audit
Led a team of 26 Technicians and Engineers that provide fault management and disaster recovery support for 13 markets through the continuous monitoring of alarms for all wireless network elements and platforms.
● Reduced overtime hours dramatically, by over 80% month over month by creating balanced schedules and managing headcount requirements across both NOC locations.
● Contributed to a 23% alarm reduction year over year by leading an effort to gather and analyze alarm data and collaborating with the NOC Integration team to determine appropriate automation rules to apply to the alarms.
● Coached and developed direct reports through monthly performance reviews and reinforcement of proper ticket handling, troubleshooting, and company and departmental policies, as well as provided shadowing opportunities with other departments to further develop technical skills and knowledge of the business.
● Hosted quarterly staff meetings for employees to review business critical initiatives, process changes, etc., as well as address concerns, gather feedback, and encourage productive discussions.
● Created reference documentation/playbooks and updated existing documentation for NOC personnel and identified areas for improvement in existing processes and developed/implemented solutions to those issues. Accountable for the review and approval of Service Disruption Reports (SDR), which are distributed to all levels of leadership during customer impacting network events.
● Headed reporting to upper management of widespread network impacts during significant weather events through the creation and tracking of Emergency Operation Center (EOC) reports. Developed system requirements for NOC Operational Excellence team to drive enhancements to both the NOC Website and Data Warehouse.
2015 : 2018
Verizon Wireless
Supervisor - Network Operations Center
Company:
JPMorgan Chase & Co.
Years of Experience:
15
Spoken Language:
English, Spanish
Skills
Auditing, Business Process Improvement, Business Requirements, CISA, CISSP, COBIT, Customer Service, Cybersecurity, Data Analysis, Data Privacy, Enterprise Risk Management, Information Security, Information Technology, Infrastructure as a Service (IaaS), Internal Audits, Internal Controls, IT Audit, IT Auditors, ITGC, IT Internal Audit, IT Risk Management, Leadership, Management, Networking, Network Security, NIST, PaaS, Process Improvement, Program Management, Project Management, Relationship Building, Requirements Analysis, Risk Assessment, Risk Management, Sarbanes-Oxley Act, Security, Security Audits, Security Controls, ServiceNow, SOC 2, Software as a Service (SaaS), Software Development Life Cycle (SDLC), Software Project Management, SOX 404, System Requirements, Systems Analysis, Team Leadership, TeamMate, Technical Writing, Telecommunications
About
High performing professional with over 14 years of dynamic telecom and financial services industry experience in the areas of Business Systems Analysis, Network Operations, Internal Technology/Cybersecurity Audit, Risk Management, and IT SOX Compliance. Strong analytical, technical, organizational, and communication skills with meticulous attention to detail. Astute problem solver with demonstrated ability to thrive in a fast-paced environment. Great soft skills and proven experience collaborating with internal and external clients to bring innovation to life.
Cross-Functional Communications | Corporate & Regulatory Compliance | Cybersecurity | Risk Mitigation | IT Audit | SOX
Profile Photo
