Profiles search
Mark Schmidtberger
Information Security Technology Manager, Federal Reserve Bank of Kansas City
Kansas City, MO, United States
Details
Experience:
2016 : Present
Federal Reserve Bank of Kansas City
Information Security Technology Manager
Sprint, Overland Park, KS ($35 billion Telecommunications Company)
• Management of the Enterprise Risk Management (ERM) program. Accountable for the evolution of the ERM program, and identification/refinement/quarterly updates to senior management and Audit Committee of enterprise risks. Responsibilities also include Audit Plan creation/maintenance, Audit Resource scheduling and Functional Risk Mapping.
• Management of the Technology Audit Group (TAG). Accountable for the execution of the IT Audit Plan and development of IT Audit Staff. Responsibilities also include building out the Continuous Audit/Monitoring function utilizing big data in the identification of potential fraud scenarios, internal control and operational risks for input into the audit planning process, technology support of the audit plan being executed by Corporate Audit Services.
• Selected Contributions :
Facilitation of Tier 1 ERM Risk Mitigation Plans with Senior Management for quarterly Executive and Audit Committee update.
Creation of ERM Heat Map giving Senior Management and the Audit Committee insight into enterprise risk trends.
Generation of Functional Risk Maps for input into audit planning.
Identification of multiple fraud, cost recovery and internal control breakdown scenarios through the continuous audit/monitoring analysis of big data. Performed Foreign Corrupt Practices (FCPA) analysis to identify FCPA risks.
Collaborated with business owners on National Security Agreement (NSA) control mapping to meet the Committee on Foreign Investment in the United States (CFIUS) requirements.
Main point of contact between Corporate Audit Services and Sprint IT business function.
Completion of multiple risk assessments (i.e. Cyber Security, Acquisition Risks, Mobile Payment Platform).
Completion of multiple operational reviews (i.e. Sprint.com review, Demo/Device Request Module).
2013 : 2016
Sprint
Manager, Audit & Enterprise Risk Management
Collective Brands Inc. (CBI), Topeka, KS ($3.5 billion Retail/Wholesale Company)
• Played key role in the facilitation and development of the Annual Audit Plan. Developed and administered local and remote audit staff through all facets of the Audit plan. Performed all operational and internal control reviews assigned.
• Partnered with external auditors to gain alignment of internal control testing across CBI entities.
• Selected Contributions :
Performed all aspects of ITGC testing (planning, fieldwork, reporting) for SOX compliance across CBI entities. Reviewed work papers of junior Auditors performing business process compliance testing.
Held the designation of Payment Card Industry (PCI) Internal Security Assessor (ISA). Played primary role assessing and validating the Payment Card Industry (PCI) Report on Compliance (ROC) for the CBI entities.
Completion of multiple operational reviews (i.e. Social Media, Disaster Recovery, Business Continuity, etc.)
Implemented Audit Command Language (ACL) in the CBI environment to build out the continuous Auditing/Monitoring processes. Identified $750K of duplicate payments within a 3 month timeframe. Automated processes to detect/notify Foreign Corrupt Practices Act (FCPA) risks.
2005 : 2013
Collective Brands, Inc.
Internal Audit Manager
Payless ShoeSource, Topeka, KS ($2.7 billion Retail Company)
• Developed and directed a staff of twelve database and storage professionals. Performed cost center management for assigned department. Created annual plan to support IT Portfolio projects meeting business objectives. Accountable for administration and maintenance of storage needs for the Payless ShoeSource enterprise.
• Selected Contributions :
Restructured the organization to be more responsive to the business needs. Through teamwork and cross training, implemented “best practices” throughout the organization of assigned responsibility.
Championed the migration of the Payless DataWarehouse to the new z-Series platform to provide better system performance, reliability and availability to the end-user community.
Implemented new Optical Reporting System that provided more timely sales and analysis data for the different Payless functional areas and a supported platform for future growth.
Ensured that Payless ShoeSource’s Database Administration systems would pass Sarbanes-Oxley compliance audits by implementing new processes for the tracking and auditing of production database changes.
2000 : 2005
Payless ShoeSource
Group Manager, Database Administration and Technology Services
Payless ShoeSource, Topeka, KS ($2.7 billion Retail Company)
• Developed and directed a team of eleven LAN Support Analysts in the areas of Windows Server and Desktop administration.
• Selected Contributions :
Researched, converted and tested a Year 2000 strategy for all Windows servers and desktop systems to ensure minimal production downtime during the Y2K date change.
Annually refreshed 1/3 of the servers and desktop hardware at the corporate office and distribution center to ensure Service Level Agreements were being met.
Developed and directed the LAN Support Analysts in the areas of Windows Server and Desktop administration.
Coordinated the annual Disaster Recovery exercise, for the group of assigned responsibility, providing management reassurance that systems configuration and data recovery could be performed successfully should the need arise.
1999 : 2000
Payless ShoeSource
Group Manager, LAN Support
Federal Reserve Bank of Kansas City
Information Security Technology Manager
Sprint, Overland Park, KS ($35 billion Telecommunications Company)
• Management of the Enterprise Risk Management (ERM) program. Accountable for the evolution of the ERM program, and identification/refinement/quarterly updates to senior management and Audit Committee of enterprise risks. Responsibilities also include Audit Plan creation/maintenance, Audit Resource scheduling and Functional Risk Mapping.
• Management of the Technology Audit Group (TAG). Accountable for the execution of the IT Audit Plan and development of IT Audit Staff. Responsibilities also include building out the Continuous Audit/Monitoring function utilizing big data in the identification of potential fraud scenarios, internal control and operational risks for input into the audit planning process, technology support of the audit plan being executed by Corporate Audit Services.
• Selected Contributions :
Facilitation of Tier 1 ERM Risk Mitigation Plans with Senior Management for quarterly Executive and Audit Committee update.
Creation of ERM Heat Map giving Senior Management and the Audit Committee insight into enterprise risk trends.
Generation of Functional Risk Maps for input into audit planning.
Identification of multiple fraud, cost recovery and internal control breakdown scenarios through the continuous audit/monitoring analysis of big data. Performed Foreign Corrupt Practices (FCPA) analysis to identify FCPA risks.
Collaborated with business owners on National Security Agreement (NSA) control mapping to meet the Committee on Foreign Investment in the United States (CFIUS) requirements.
Main point of contact between Corporate Audit Services and Sprint IT business function.
Completion of multiple risk assessments (i.e. Cyber Security, Acquisition Risks, Mobile Payment Platform).
Completion of multiple operational reviews (i.e. Sprint.com review, Demo/Device Request Module).
2013 : 2016
Sprint
Manager, Audit & Enterprise Risk Management
Collective Brands Inc. (CBI), Topeka, KS ($3.5 billion Retail/Wholesale Company)
• Played key role in the facilitation and development of the Annual Audit Plan. Developed and administered local and remote audit staff through all facets of the Audit plan. Performed all operational and internal control reviews assigned.
• Partnered with external auditors to gain alignment of internal control testing across CBI entities.
• Selected Contributions :
Performed all aspects of ITGC testing (planning, fieldwork, reporting) for SOX compliance across CBI entities. Reviewed work papers of junior Auditors performing business process compliance testing.
Held the designation of Payment Card Industry (PCI) Internal Security Assessor (ISA). Played primary role assessing and validating the Payment Card Industry (PCI) Report on Compliance (ROC) for the CBI entities.
Completion of multiple operational reviews (i.e. Social Media, Disaster Recovery, Business Continuity, etc.)
Implemented Audit Command Language (ACL) in the CBI environment to build out the continuous Auditing/Monitoring processes. Identified $750K of duplicate payments within a 3 month timeframe. Automated processes to detect/notify Foreign Corrupt Practices Act (FCPA) risks.
2005 : 2013
Collective Brands, Inc.
Internal Audit Manager
Payless ShoeSource, Topeka, KS ($2.7 billion Retail Company)
• Developed and directed a staff of twelve database and storage professionals. Performed cost center management for assigned department. Created annual plan to support IT Portfolio projects meeting business objectives. Accountable for administration and maintenance of storage needs for the Payless ShoeSource enterprise.
• Selected Contributions :
Restructured the organization to be more responsive to the business needs. Through teamwork and cross training, implemented “best practices” throughout the organization of assigned responsibility.
Championed the migration of the Payless DataWarehouse to the new z-Series platform to provide better system performance, reliability and availability to the end-user community.
Implemented new Optical Reporting System that provided more timely sales and analysis data for the different Payless functional areas and a supported platform for future growth.
Ensured that Payless ShoeSource’s Database Administration systems would pass Sarbanes-Oxley compliance audits by implementing new processes for the tracking and auditing of production database changes.
2000 : 2005
Payless ShoeSource
Group Manager, Database Administration and Technology Services
Payless ShoeSource, Topeka, KS ($2.7 billion Retail Company)
• Developed and directed a team of eleven LAN Support Analysts in the areas of Windows Server and Desktop administration.
• Selected Contributions :
Researched, converted and tested a Year 2000 strategy for all Windows servers and desktop systems to ensure minimal production downtime during the Y2K date change.
Annually refreshed 1/3 of the servers and desktop hardware at the corporate office and distribution center to ensure Service Level Agreements were being met.
Developed and directed the LAN Support Analysts in the areas of Windows Server and Desktop administration.
Coordinated the annual Disaster Recovery exercise, for the group of assigned responsibility, providing management reassurance that systems configuration and data recovery could be performed successfully should the need arise.
1999 : 2000
Payless ShoeSource
Group Manager, LAN Support
Company:
Federal Reserve Bank of Kansas City
Spoken Language:
English
About
Job Summary represents experience prior to my current role:
Nine years of Audit Management experience in the Retail and Telecommunications industries demonstrating consistent record of process improvement, cost recovery, and compliance testing. Instrumental in Managing the Enterprise Risk Management program, creation of the Annual Audit Plan, build out of the Continuous Auditing/Monitoring processes, and execution of the IT Audit Plan. Fifteen years of IT experience in the Retail industry. Performed all facets of IT across the Application Development (i.e. program development, project management) and Infrastructure (i.e. Database Management, Storage Management, Local Area Network Management) organizations. Strengths include overall understanding of the Audit and IT functions at both a strategic and tactical level. Worked within a heterogeneous IT environment (i.e. Mainframe, UNIX, Windows). Familiar with ERP packages (i.e. PeopleSoft). Advanced knowledge of security applications and concepts.
Profile Photo
