Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
Generic

Charles Heller

Mesa,USA

Summary

Technology Risk Management professional with extensive experience in the financial services industry. Demonstrated success developing and implementing risk reduction solutions. Effectively leads others to reduce risk and exceed project goals. Key skills include: Risk Management Strategy | Sarbanes-Oxley | COBIT | ITIL |CMMI| Information Security Configuration Management| IT Audit | IT Governance |Technology Regulations & Compliance

Overview

21
21
years of professional experience
1
1
Certification

Work History

Lead Business Technology Consultant (contract)

US Tech at Wells Fargo
03.2024 - Current
  • Managed compliance gap analysis pursuant to information technology governance across Wells Fargo Enterprise
  • Working knowledge of governance for artificial intelligence (AI):
  • AI agents (epochs, neuro networks, processing units, user output/interface)
  • ISO/IEC 420001
  • NIST AI Governance Framework
  • Working knowledge of governance for cloud technology architecture:
  • Dockers and Hypervisor for virtual machine containerization
  • Kubernetes for orchestration of containers
  • Cloud service models: SaaS (Software as a Service), PaaS (Platform as a Service), IaaS (Infrastructure as a Service) and specialized cloud services
  • Cloud deployment (business models): Private, Public, Hybrid
  • Developed and organized enterprise level technical process and documentation, pursuant to cyber security and security policy exceptions
  • Coordinated implementation of dashboards (MS Power BI and SalesForce Tableau) pursuant to reporting with metrics
  • Developed documented baseline for information technology governance base on COBIT 5 and ITIL 4 frameworks

Lead Control Management Officer

Wells Fargo
10.2017 - 10.2023
  • Provide technology risk management support for Wells Fargo Cloud Automation Services
  • Achieved streamlined risk management process
  • Guide resolution of information security policy exceptions
  • Manage compliance related technology issues and associated corrective action resolutions
  • Manage internal compliance pursuant to software and application technology design and performance requirements

Operational Risk Consultant

Wells Fargo
02.2016 - 10.2017
  • Facilitated technology risk management for Wells Fargo Enterprise Information Technology (EIT) as a member of Control Review Activity Team (CRT)
  • Manage risk based control testing (design effectiveness and performance)
  • Work to develop and maintain valuable and trusting relationships with internal business partners by executing efficient activity reviews and offering suggestions to enhance risk management based on Wells Fargo enterprise internal standards and external regulatory requirements
  • Actively apply subject matter expertise in Basel, CoBIT, CMMI and ITIL frameworks to EIT - IT environments in scope for activity review
  • Act as part of first line of defense on behalf of EIT lines of business
  • The goal being for CRT to facilitate organizational maturity and achievement of Wells Fargo enterprise level compliance risk objectives
  • Participated in CRT to implement world class technology risk review services across Wells Fargo EIT
  • Assist CRT with recommendations to improve internal risk based control testing taxonomy and external reporting to business stakeholders

IT Senior Audit Leader

Wells Fargo
09.2013 - 02.2016
  • Led technology-focused audit projects in Information Technology lines by identifying and assessing risks in business context related to the technologies and IT management processes and by developing audit tests designed to achieve audit objectives
  • Utilized the Audit Management Platform (AMP) tool and utilized applied knowledge of Remedy, CMDB, SPARC and CICAT tools
  • Executed (as needed) audit tests for the technology-focused audit projects on own audits or under the direction of another lead auditor
  • Led audits by identifying project tasks and assigning them to audit resources and by ensuring that projects are executed according to budgets and schedules
  • Developed and executed audit tests of IT general computer controls based on the relevant risk management processes and industry vendor best practices, meeting corporate quality standards
  • Evaluated the business impact and significance of audit findings, identifying mitigating controls and other factors and assessing whether residual risks are consistent with risk tolerance and management

Process Manager / IT Audit Consultant

Signature Consulting
04.2012 - 09.2013
  • Managed processes and audit coordination for EPTS
  • Worked with Network Lifecycle, Inventory and Decommission areas
  • Also consulted on change and configuration management processes
  • Managed audit preparation and response for Communication technology Services (CTS)
  • Reviewed change management standards and applied use of Remedy tool by CTS for audit
  • Interfaced with Wells Fargo corporate audit responding to auditing requests and managed corrective action plans (CORT items) in response to findings
  • Implemented framework for design analysis, design effectiveness testing and operational effectiveness auditing of software and hardware assets life cycle management at Wells Fargo Bank NA
  • Reduced cycle time for deliverables by 30%
  • Implemented quality measurement based on COBIT

Process Manager / IT Audit Consultant

Techni source Consulting
03.2011 - 12.2011
  • Implemented framework for design analysis, design effectiveness testing and auditing of IT controls for Network Services Division at Wells Fargo Bank NA
  • Reduced compliance costs by 75%
  • Utilized COBIT ERM as basis for control design framework creating a quality control baseline where there was previously none in place
  • Implemented platform for measuring organizational maturity of business units based on CMMI standards
  • Set standard for operational cost reduction

IT Audit Consultant

Intertec Consulting
04.2010 - 01.2011
  • Managed process engineering for software audit planning and execution at Honeywell
  • Lead development of company-wide processes pursuant to multimillion dollar software license and vendor management resulting in savings of $5 million dollars
  • Developed robust audit processes using 6 Sigma & CMMI methodologies, leveraging internal and external best practices
  • Developed proactive assessment processes - pre audits and audit readiness guidelines
  • Identified potential issues/risks and developed remediation plans

Compliance Analyst / SOX 404 Auditor

The Boeing Company
02.2004 - 04.2010
  • Lead successful Sarbanes Oxley (SOX) 404 compliance efforts for Boeing Commercial Aviation Services (risk identification, risk management, IT control design implementation, testing and IT SOX control operational effectiveness testing - SOX audits)
  • Reduced compliance costs by 80% - implementing enhanced process engineering for IT controls

Education

BA - Behavioral Sciences (heuristics), Management Information Systems (MIS)

Colorado Mesa University
Grand Junction, CO

Skills

  • Risk Management Strategy
  • Sarbanes-Oxley (SOX 404)
  • COBIT
  • ITIL
  • CMMI
  • SDLC
  • Information Security
  • Configuration Management
  • IT Audit
  • IT Governance
  • Technology Regulations & Compliance
  • Cloud Architecture Business and Service Models
  • Artificial Intelligence working knowledge

Certification

  • Member, Information Systems Audit and Controls Association
  • Certified Information Security Manager (CISM)
  • Certified In Risk and Information Systems Control (CRISC)
  • Certified Foundational Microsoft Azure Cloud Technology 900

Timeline

Lead Business Technology Consultant (contract)

US Tech at Wells Fargo
03.2024 - Current

Lead Control Management Officer

Wells Fargo
10.2017 - 10.2023

Operational Risk Consultant

Wells Fargo
02.2016 - 10.2017

IT Senior Audit Leader

Wells Fargo
09.2013 - 02.2016

Process Manager / IT Audit Consultant

Signature Consulting
04.2012 - 09.2013

Process Manager / IT Audit Consultant

Techni source Consulting
03.2011 - 12.2011

IT Audit Consultant

Intertec Consulting
04.2010 - 01.2011

Compliance Analyst / SOX 404 Auditor

The Boeing Company
02.2004 - 04.2010

BA - Behavioral Sciences (heuristics), Management Information Systems (MIS)

Colorado Mesa University

Similar Profiles

  • Valanika Spears

    Valanika SpearsValanika Spears

    Senior Business Control Specialist at US Tech Solutions on Assignment With Wells FargoSenior Business Control Specialist at US Tech Solutions on Assignment With Wells Fargo

  • Tequila Turner

    Tequila TurnerTequila Turner

    Risk Consultant at Wells Fargo-US TechRisk Consultant at Wells Fargo-US Tech

  • Kim Lay

    Kim LayKim Lay

    Operational Risk Consultant at US Tech Solutions On Assignment With Wells FargoOperational Risk Consultant at US Tech Solutions On Assignment With Wells Fargo

  • Dwayne Castronova

    Dwayne CastronovaDwayne Castronova

    Photo and Data Processing Specialist at Food for the HungryPhoto and Data Processing Specialist at Food for the Hungry

  • Anet Arriola

    Anet ArriolaAnet Arriola

    Assistant Fitness Manager at EoS FitnessAssistant Fitness Manager at EoS Fitness

CREATE PROFILE
Charles Heller