George Marountas
Washington D.C. Area
Summary
Director – IT Compliance, Audits and Cybersecurity Programs 21 years’ success leading technological innovations and audit compliance for high growth organizations. Proven success track record providing leadership, coaching and strategic direction related to enterprise-wide Information Security compliance and Technology Audits. Leads the successful development and management of IT audits by collaborating with internal IT teams to ensure the quality and timely execution of audits and risk assessments. Subject matter expertise launching and directing assessment programs related to cyber security, threat intelligence, enterprise risk IT management, operations management, infrastructure development, procurement, and shared services. Create and update policies, procedures and training as needed based on regulation changes and business needs. Charismatic presenter and accomplished negotiator; able to forge solid relationships with internal and strategic business partners and build coalitions across business leaders and operational teams.
Overview
15
15
years of professional experience
1
1
Certification
Work History
Director – IT Compliance, Audits and Cybersecurity Programs
BAE Systems, Inc.
Reston, VA
03.2022 - Current
- Directs, leads and evaluates IT Audits and IT Assurance projects, including focusing on various areas, such as IT General Controls, Application Controls and CMMC related Internal Controls
- Collaborates with internal engagement teams, to provide guidance, direction and coaching to proactively mitigate operational IT risks
- Creates IT policies, procedures and key operational metrics focused to support the implementation of strategic improvements in enterprise IT governance processes.
Manager II, IT Compliance Audits
BAE Systems, Inc.
Reston, VA
08.2020 - 03.2022
- Served as the primary audit liaison for ESS IT and the external auditors, tracking audit recommendations, and driving improvements in IT controls and governance processes
- Managed and coordinated all aspects of external IT questions and audits related to the status, remediation and responses for noted deficiencies along with providing timely status updates and recommendations to senior leadership
- Increased awareness and knowledge of compliance requirements and identified sustainable ways to streamline or improve the IT controls environment without increasing overall risk.
Leader, IT Risk & Advisory Services
CohnReznick, LLP
Tysons, VA
07.2017 - 08.2020
- Analyzed the business requirements of all departments to determine their technology needs, including designing and implementing the optimal mix of system components to support functional needs
- Managed the system development or enhancement lifecycle, from business and systems requirements analysis through development; testing, quality assurance, post-deployment support, including a portfolio of internal controls around business processes, systems, and sensitive data
- Identified continuous improvement opportunities, conducts research and investigates industry trends to support recommendations on enterprise-wide process changes.
Principal
Riza Cloud Solutions, LLC
Reston, VA
12.2015 - 07.2017
- Customized cloud-based solutions that efficiently solved client business needs and met all project defined requirements
- Trusted by top executives and stakeholders to make critical project decisions
- Successfully condensed outsourcing and IT spending by negotiating favorable client agreements in compliance with all COBIT4/5 and NIST 800.53 industry standards
- Led IT work sessions with external auditors, risk management-related departments and other internal stakeholders, including CIOs, CISOs, and Enterprise Risk Management stakeholders.
Manager, Assurance Services
PricewaterhouseCoopers (PwC)
McLean, VA
08.2014 - 09.2015
- Created and implemented complex risk management and governance strategies to maximizing operational management and commercial business expertise
- Provided consistent advisory support to numerous Fortune 100 companies on information technology risks and controls, recommending changed when necessary
- Assisted the IT Audit Directors and Practice Partners with the development and maintenance of the SOWs, IT audit plans and budgets for a plethora of complex engagements, execution of IT audits and advisory projects, and preparation of audit reports with specific recommendations to Senior Management
- Refined complex client engagement models to capitalize on revenue growth and profitability improvement opportunities for the business and clients
- Viewed as a subject matter expert in IT Governance regarding security, controls, audit testing techniques, documentation, and root cause analysis.
Manager, Audit and Enterprise Risk Services
Deloitte & Touche
Arlington, VA
05.2009 - 06.2014
- Completed expert reviews of IT audits utilizing methodologies to ensure requirements compliance with FFMIA
- Planned regular threat intelligence assessments to conduct Cyber Security of Fortune 100 companies
- Streamlined client processes by analyzing standard operating procedures to design automated processes
- Evaluated internal controls over financial reporting, using OMB Circular A-123 Appendix methodology and the Federal Financial Management System Requirements (FFMSRs)
- Fostered a culture focused on data-driven, constant improvement of operations and support processes, tools and methodologies with a focus on efficiency and automation.
Education
Executive Master’s in Leadership -
Georgetown University
Master of Business Administration -
John Hopkins University
Bachelor of Science in Business Administration -
American University
Skills
- IT Governance and Compliance
- Internal and External IT Audits
- Management consulting
- Enterprise IT Risk Management
- Cybersecurity programs
- Data Privacy Solutions
- Team Leadership and Development
- Contract Negotiations
- Project Management
- Operations Management
- Verbal and Written Communication
- Issues Resolution
- Legal and Regulatory Compliance
- Rules and Regulations
- Strategic Planning
IT Frameworks Expertise
- CMMC 20
- CMMI IT Governance
- Sarbanes Oxley (SOX)
- OMB Circular A-123
- COBIT 5 & NIST 80053
- COSO IT Governance
- FFMIA, FISCAM, SOC 1 & 2
Websites
Certification
- Project Management Professional (PMP) issued by the Project Management Institute
- Certified Information Systems Auditor (CISA) issued by ISACA
- Certified Data Privacy Solutions Engineer (CDPSE) issued by ISACA
- Cybersecurity Maturity Model Certification (CMMC – AB RP) (Registered Practitioner) issued by Cyber AB
Accomplishments
- Consistent receipt of Impact Awards and accolades from Senior and Executive Leadership for exceeding performance expectations.
Timeline
Director – IT Compliance, Audits and Cybersecurity Programs
BAE Systems, Inc.
03.2022 - Current
Manager II, IT Compliance Audits
BAE Systems, Inc.
08.2020 - 03.2022
Leader, IT Risk & Advisory Services
CohnReznick, LLP
07.2017 - 08.2020
Principal
Riza Cloud Solutions, LLC
12.2015 - 07.2017
Manager, Assurance Services
PricewaterhouseCoopers (PwC)
08.2014 - 09.2015
Manager, Audit and Enterprise Risk Services
Deloitte & Touche
05.2009 - 06.2014
Executive Master’s in Leadership -
Georgetown University
Master of Business Administration -
John Hopkins University
Bachelor of Science in Business Administration -
American University
Similar Profiles
TIMOTHY SORGTIMOTHY SORG
Operations Project Manager at BAE SYSTEMS, INC.Operations Project Manager at BAE SYSTEMS, INC.
ANGELA RIDDLE MCCORMICKANGELA RIDDLE MCCORMICK
Sales and Marketing Specialist at BAE Systems, Inc.Sales and Marketing Specialist at BAE Systems, Inc.
Dwight L. ChandlerDwight L. Chandler
Senior Engineering Manager at BAE Systems, Inc.Senior Engineering Manager at BAE Systems, Inc.
Marc HawseyMarc Hawsey
Program Manager, Supply Chain Risk at BAE Systems, Inc.Program Manager, Supply Chain Risk at BAE Systems, Inc.
Gabriel NorwoodGabriel Norwood
Business Development Manager at Everspark InteractiveBusiness Development Manager at Everspark Interactive