Steven A. Mills
CISA,
CISM, PMP
528 Tremont Street, Taunton, Massachusetts
02780
stcastemer@comcast.net
|
Summary
Accomplished Information Technology
Leader with 25 years experience in Information Architecture and leading
complex business and technical initiatives. Seasoned facilitator with strong
written and verbal communication skills. Specializing in program management
and in leading diverse project and operational teams. Experienced in
identifying, designing, proposing, and implementing business technology
solutions. Prior experience in financial management with a proven ability to
transform high-level business strategy into cost-effective operations.
Core Competencies
·
Experienced
Director with Functional & Technical Expertise. Skilled in OLAP &
Data-Warehouse design, Data analysis, and Data modeling. Leads Business
Intelligence (BI) and Data Governance implementations.
·
Excellent
analytical and problem-solving skills, trusted advisor. A strong
liaison and relationship builder, able to collaborate at all organizational
levels.
·
Experienced
Program Manager specializing in the areas of Compliance, Accounting &
Finance, Human Resource & Payroll, Customer Relationship Management
(CRM), Supply Chain Management, Financial Planning & Budgeting, Business
Intelligence, and Technology Infrastructure Outsourcing (Cloud Computing).
·
Leads
Business Process Improvement (BPI) initiatives. An expert in the use of
industry frameworks, benchmark analysis, and quality improvement
methodologies such as: Total Quality Management (TQM) and Lean Six-Sigma.
·
Leads
Regulatory Compliance programs, assesses organizational and infrastructure
security risks, establishes information security policies, standards, and
internal controls. Leads Business Continuity and Disaster Recovery planning.
Expert in “Security-In-Depth” design and rules of eDiscovery (FRCP).
·
Leads
Vendor and IT auditing programs. Conducts internal IT audits, tests and
recommends appropriate internal controls. Reviews all technology proposals
with direct impacts to the business enterprise architecture, the IT
infrastructure, or to network or application support.
Experience
The Executive Office of
Health and Human Services, Quincy/Boston, MA 2012 - present
A Government
Executive Office with oversight over 15 State Agencies headquartered in
Quincy.
EHS/DPH Director of Applications and Compliance (Dec 2013 – Present)
·
Currently
supporting the Governor’s and Commissioner’s Opioid Prescription Monitoring
Program (PMP) Initiative, responsible for managing and directing all IT work
streams in support of this great effort.
·
Managed
the transition of the legacy applications to the existing IT Support team,
trained the project management teams, established the IT program roadmap,
established the PMP IT Program Office required to oversee the key five
project and vendor teams.
·
Established
the Project Management reporting, escalation, and communication protocols,
participated in the requirements and contract negotiations. Act as
oversight and advisor to these same strong self-managing IT management and
technical teams.
·
Acted
as a System Architect to the many required technical design requirements
including: interfaces, transformations, data quality, and analysis tasks
needed for the migration of the legacy applications to the new PMP solution -
ensuring at all time data integrity and confidentially.
·
Established
the Security Advisory Group (SAG), a joint effort between EOHHS and MassIT
Security to advice the Commissioner of risks and impacts of any found
vulnerabilities, this prior to her “Authorization to Operate” or Go Live
decisions.
·
Provide
ongoing help, support and consulting services to the Bureau to move all
efforts forward. As a member of the Steering Committee participate in
strategy planning, tracking the resolution of open items, managing appropriately
all risks to the successful delivery of this initiative.
·
Manage
the appropriate communications to senior secretariat executives, which may
include advice or making recommendations, along with status updates.
·
As
Director of Applications and Compliance responsible for establishing
long-term Agency support strategy, hire, direct, manage, and mentor IT staff
in support of DPH and the EHS ACIO for DPH.
·
Working
across the multiple DPH Bureau’s responsible to ensure that high priority
initiatives are delivered to time, cost, and quality standards. Acted as an
advocate to DPH in working with UMASS Medical and Harvard Medical on Data
Warehouse proposals for the Commissioner’s Office of Data Management and
Outcomes Assessment (DMOA).
·
Designed,
Implemented, and Managed the Prevention Wellness Trust Fund Pilot EDW at DPH
250 Washington St. and presented on behalf of the DMOA the “Future State of
the DPH Enterprise Data Warehouse (EDW)” at the Epidemiology
Conference. The “Proof of Concept” resulted in new legislation (2014
Gun Law Chap 284 Sec 102 - DPH Data Warehouse) on the part of the Office of
Data Management and Outcomes Assessments.
·
As Director
of Applications and Compliance, communicates and collaborates with the
Commissioner, Boards, Executive Bureau leadership, DPH & Program legal
counsel, EHS & MassIT Security, EHS Shared Services (VG4, Chief
Technology Office, IT Operations, Document Management, Data Warehouse, Health
Information HiWay, Integration, DBA, QA Teams), outside Secretariats, EOHHS
Executive Senior Management, and DPH IT staff. Developed the Program
Management framework used in the management and oversight of all DPH IT
application project initiatives on behalf of the DPH ACIO and is in direct
alignment with both the EOHHS and MassIT project standards.
EHS/DPH
Project Manager - Information Security Analyst (2012 –
2013)
·
Responsible
for Supporting EHS/DPH ACIO and EHS CSO on enterprise information security
efforts across DPH and the Secretariat.
·
Established
the DPH Security Executive Committee.
·
Participated
in the quarterly Commonwealth Executive Security Board (ESB) meetings. Worked
directly with the PDOA and Program Legal counsels to review the many Privacy,
HIPAA, IRB, and ISA agreements.
·
Managed the
annual E0504 Agency reporting efforts for the DPH ISO. Conducted multiple
security reviews for Human Research (IRB) data sharing requests. Conducted
multiple vendor security assessments in accordance with NIST and Commonwealth
Standards, jointly developed the DPH Cloud Providers security assessment - in
partnership with Verizon and CSA (Cloud Security Alliance). Coordinated
PCI-DSS audits for the Agency’s ISO and for the Comptroller’s office.
·
Worked with
multiple Executive Offices including; The Executive Office of Public Safety,
Trial Court, and Transportation. Managed many specialized projects for the
EHS CSO in areas of IRS and SSA Audits, Risk Management, Security
Assessments, and helped in the development of the EHS Security Roadmap.
·
Acted as
Subject matter expert to CSO on state, federal, and international laws &
standards (FTC Safe Harbor, JOSHUA, ISO 27000 series, etc.) in regards to
security. Managed and mentored project staff, conducted system architecture
reviews, documented appropriate application controls, business continuity,
disaster recovery, incident response, forensics, eDiscovery and proper
project management procedures in accordance with Commonwealth Standards.
The Christian Science
Monitor/The First Church of Christ, Scientist,
Boston, MA 2004 - 2012
A non-profit
Publishing organization headquartered in Boston.
Senior
IT Manager/Manager of Compliance & IT Auditing (2010 –
2012)
·
Managed the
security and IT audit program for the Compliance & Audit Committee in
support of their corporate vision to move all technology to Cloud based
providers. Reported migration status, findings and managed remediation
efforts, reported on monthly basis to the CIO, CFO, and The Office of General
Counsel (OGC). Developed and Managed the Corporate Information Security &
Compliance program. As a Senior IT Manager collaborated and helped develop
intra-departmental plans and annual budgets with each of the Business area
leaders (Senior Management). Managed the IT Program Management Office (PMO)
& Business Application Support (BAS), conducted the IT portfolio reviews
as part of annual business budgeting and planning process with over 30+
Senior Executive Management teams. Worked with Capital Budgeting to determine
overall project priorities and order of migration by department to the Cloud.
·
Manages
“Compliance Roadmap” and INFOSECT Team: Established and chaired the
INFOSECT Team; responsible for the development of Written Information
Security Policies, Procedures, Standards and Employee Awareness. INFOSEC Team
(IT, HR, and OGC oversight members) responsible for corporate awareness,
defining and documenting proper controls in business & IT processes
(Using COSO, NIST 800-53, & COBIT Frameworks), establishes standards in
contract negotiations, physical, application, & electronic record access
controls (established classification & security levels), Responsible to
define and oversee Change Management policies specifically in the
Infrastructure, Application, and Development domains. Team responsible to
document activities, improve current state of “Information Security
Readiness”, and ensure business continuity in annually assessing Disaster
Recover Program.
·
IT
Application and Infrastructure Auditing: Worked with external auditors,
reviewed QSA Vulnerability and Penetration Results Tests, developed Plan of
Actions (POA) and fulfilled requests made by Auditing Committee, CIO or CFO,
established annual IT auditing program. Through substantive audits ensures
that all information assets are appropriately protected (confidentiality,
integrity, and availability). In collaboration with the full IT Management
Team established monthly audit schedules and conducted vendor site audits.
Reported finding to Executive Management, recommended controls, and resolved
any open issues. Worked with IT Management Teams directly to review
architectural, development, or vendor solution plans. Reported findings and
recommendations to CIO, OGC, and Committee. Working with External IT Auditors
resolved and at times contested noted issues and findings. Assesses &
maintains Services Providers certifications – PCI-DSS, SAS70, & SSEA 16
SOC2).
Manager
of Financial Applications & Technical Architect (2008
–2010)
·
Defined,
managed, and promoted a long-term corporate strategy for reducing the
existing Financial Enterprise Architecture (EA) by centralizing all global
Financial and Reporting Systems. Collaborated with the business and
technology communities, established a formal “Control Board” responsible for
reviewing & approving all “change requests” with impacts to the existing
Financial Architecture. Managed business and vendor service level
agreements, assured compliance with Change Management policies. Collaborated
with other IT & Business Managers on new project initiatives.
·
Oracle
On-Demand: Managed project,
negotiations, conducted workshops, and made presentations on benefits of
migrating existing Oracle EBS infrastructures (Development, Testing,
Production) to Oracle On-Demand.
·
Oracle EBS
R12 Implementation: Managed the Oracle EBS R12
business and technical projects teams. Defined “R12 Roadmap”, conducted
Functional & Configuration workshops, managed user acceptance testing and
training. Approved technical infrastructure, managed contract negotiations,
and worked directly with the business and technical implementation teams.
Regularly reported and presented to Sponsor and Management Teams.
·
Architect
of the “Our Future State of Finance & Accounting” - Strategic advisor to CFO, developed roadmap for
simplifying and improving all Financial & Accounting areas. Received
Buy-In from full Management Team.
·
Business
Process Improvement - Finance and Accounting (F&A): Developed and Co-managed the Finance & Accounting
BPI initiative. Trained the process improvement team (8 Analyst) in current
TOGAF, Lean Six Sigma, Business Analysis, BPMN, and SCRUM Agile
methodologies. Reduced exception processing by 35% (ongoing).
IT
Business Application Manager of DBA’s, Applications Developers, &
Financial Systems Administrators (2006 – 2008)
·
Managed
operations and project staff, provided budgetary planning and
reporting. Served as Senior Financial Systems Architect and managed
vendor negotiations, contracts, and acted as project oversight. Maintained
External and Internal SLA performance, managed vendor upgrades, patches and
releases in multiple environments (Development, Test, QA, and Production).
Managed migration of all Business Applications, IT and Network Infrastructure
to global Cloud infrastructure (CenturyLink and Oracle OnDemand Cloud)
·
Oracle EBS
11.5.10.2 Reimplementation:
Manager of the technical implementation team and defined the technical
architecture. Served the business as their internal EBS functional expert
resolved all configuration and setup issues with outside consultants.
Technical resource for OBIEE, BIS, BI Publisher, Discoverer, XML & EC
Gateway, and ETL development.
·
Oracle EBS
11.5.9 Expansion: Collaborated with Business
mangers to expand the use of Oracle EBS. Served as Functional Subject Matter
Expert (SME) provided ongoing Oracle EBS Technical support & User
training. Managed the Oracle EBS ETL integrations, all Third party systems,
resolved workflow and Metalink issues, developed PL\SQL extensions, and
created custom OLAP schemas used with the Discoverer EUL.
·
Consolidated
Oracle and MS SQL Database infrastructures
(Reduced 50% of the Database Infrastructure and reduced 1 FTE).
Program
Manager & Senior Business Analyst (2004 – 2006)
·
Managed
multiple IT and Business related projects. Conducted detailed Business
Analysis, managed project resources, project budgets, and reported to Senior
Management. Developed the Business Analyst (BA) - “Center of Excellence” and
co-developed the Project Management Office (PMO) -“Center of Excellence”.
Worked with Senior Managers to document their 1-3 year strategic business
plans to better align IT initiatives to business objectives.
·
Project
Manager – Managed Corporate Projects;
Human Resource & Payroll, PCI-DSS & HIPAA Compliance, Fulfillment
& Logistics Outsourcing, and others
·
Senior
Business Analyst – Trained in IIBA standards.
Conducted “As-Is” workshops, documented business and technical requirements,
Data modeled & mapped business processes, systems, and mapped OLAP
reporting requirements. Conducted multiple feasibility, cost benefit, and
risk analysis. Researched alternative technology solutions, designed “To-Be”
solutions, and presented to Senior Management & Technical Committee for
approval.
·
Order
Management, Inventory, and Accounts Receivable (11.5.9): Project Manager and Oracle SME Implementer for the
Oracle Order Management, Inventory, and Accounts Receivable Modules (75%
Savings)
TekSystems Inc - Independent Contractor
Client - The Christian
Science Monitor\ The First Church of Christ, Scientist,
Boston, MA (2002
– 2004)
Provided
project management, business analysis, and Oracle technical expertise
significantly improving operations.
Program Manager & Oracle EBS Functional
Expert
·
Managed
multiple Business and IT projects, requiring sensitivity to organizational
culture and resource constraints. Mentored internal project managers.
Successfully managed scope, budget, requirements, resources, and schedules.
Reported to CIO and Technical Steering Committee.
·
PM to
multiple Enterprise Application projects:
IBM Maximo - Facility Management project, Membership & Gift Planning
solution, VTLS Library Management solution, Point of Sale, and Enterprise
Content Management project.
·
PM to
multiple Technology Infrastructure projects: Network Perimeter upgrade, EMC SAN replacement,
Active Directory Redesign & Migration, VMware Infrastructure upgrade,
Disaster Recovery Planning, KACE Systems Management, and Data Center Server
consolidation.
·
Implemented
Oracle Fixed Assets (11.5.9) and Taxware:
Configured and implemented Oracle Fixed Assets and Taxware Modules. Responsible
to perform the duties of the “General Ledger-Accountant” reporting to the
Manager of Accounting until the assigned accountant returned from a “Leave of
Absence”.
Kerr McGee Corporation, Oklahoma City, OK (2000-2002)
Chemical,
Forest Products, and Energy & Oil Exploration Divisions of $15 B
global energy corporation. Oil Exploration & Production Divisions
acquired by Anadarko Petroleum in 2006, remainder spun off as Tronox Inc. the
same year.
Oracle
Functional Team Leader & ETL\EDI\BIS Developer
·
Performed
as client-side functional team leader, EDI\ETL integrator, and Report
Developer for the Oracle ERP, Process Manufacturing (OPM), Project Costing,
and HRMS PeopleSoft implementations. Collaborated with external project
teams, managers, and business stakeholders.
·
Managed
Business Analyst teams:
responsible for requirements gathering, process mapping and data modeling of
Financial, HR & Payroll, Projects, Manufacturing, and Legacy processes
& systems. Conducted client workshops, gathered business, technical,
functional, and reporting requirements. Managed quality of team deliverables.
·
Managed the
Quality Assurance team: tasked
with testing (BR100) the work of the external project teams in configuring
QA-CRP2 “Conference Room Pilot” instance. Resolved service issues through
Oracle TARs (Metalink SR).
·
Managed
Developers and Third Party Implementations:
Designed EDI\XML\ETL Integration processes for the Financial, HR, Projects,
and OPM modules. Configured and tested E-Commerce & XML Gateways.
Implemented Oracle supported third party products; Vertex, Evergreen, and
Harbinger EDI. Developed custom applications, schemas, PL\SQL procedures, BIS
Business Areas supporting non-oracle MES data, extended many Oracle Forms &
Reports.
ACS-GSG (a Xerox
Outsourcing Division), Rockville, MD (1999-2000)
Project
Leader & ETL\EDI\OLAP Integrator (Client - Ginnie Mae &
Department of HUD)
·
Led the
technical project team responsible for the transition of the Technology
Infrastructure from Pricewaterhouse to ACS-GSG, which served the
ginniemae.gov mortgage-backed securities loan “Issuers” program.
Designed and implemented the ETL\EDI\OLAP integration strategies which
supported the multiple levels of “Loan Issuers” reporting (Web Based, EDI,
and Non-EDI filings) required by the SEC and the US Department of Housing and Urban
Development.
Education & Professional Development
BRIDGEWATER
STATE UNIVERSITY, Bridgewater, MA
Major:
Political Science - Minor: Accounting & Finance
Professional Development
· CIO Executive Council – CIO Pathways Leadership Program, CIO Mentoring Program
· American Management Association – Operations Management, Inventory Management, Total
Quality Management
· Boston University – Project Management Certificate Program, Foundations of
Project Management, Principles of Project Management, & Comprehensive
Project Management
· Global Knowledge – Advanced Project Management, Business Process Analysis
· Oracle Classroom – EBS R12
Essentials for Implementers, Financial
Applications Overview, GL, Sub-ledger Accounting, Cash Management, Assets,
Enterprise Asset Management, AR, AP, Purchasing, iProcurement, Internet
Expense, Procurement Contracts, Inventory, OM, Project Foundations, Project
Costing, HRMS Administration, HRMS Work Structures, System Administration,
Implement Workflow, Install\Patch\Maintain E-Business, BI Publisher,
Discoverer OLAP 10G, Business Intelligence for EBS, Database Administration
10GR2 I & II
Professional Certifications
CISM - ISACA
Certified Information Security Manager
CISA – ISACA
Certified Information Systems Auditor
PMP – PMI Project
Management Professional
Business and Technical Competencies on Final
Page - If Required
Business and Technical Competencies
|
Accounting
Systems
|
Oracle EBS
Financial 11.0.3 - R12 (12.1.2), PeopleSoft HCM & FMS 8.4 – 9.0, MAS
ERP 90 (Now 100), MS Dynamics - Great Plains & Navision, MS Solomon
(Now Dynamics SL)
|
|
Databases
& OS
|
Oracle 7.3 –
12gr2, SQL Server 7 – 2014, mySQL, Linux, Solaris, Windows
|
|
Project
Experience
|
FINANCIAL
Accounting
& ERP (Profit, Non- Profit, Public Sector), COA Redesigns, General
Ledger, Treasury & Cash Management, Financial Planning & Budgeting,
Fixed Assets, AP, AR, Purchasing, Contracts, Taxation, Project Portfolio
& Costing, Travel & Expense, HR, Payroll, Time & Labor, Order
Management, Inventory, Shipping, Process Manufacturing (OPM), Process
Execution, Operations, Formula (BOM), Cost Management, E-Records ERES,
MRP\MPS, Quality, Regulatory, Facility Management, eCommerce, Point of
Sale, OLAP Data Marts & Warehouses, Service Provider Integrations
NON-FINANCIAL
Project
Portfolio “Center of Excellence”, Business Analyst “Center of Excellence”,
IT Service Catalog & Vendor Management (ITIL) Program, Corporate Record
Keeping, Intellectual Property & Rights Management, Information
Security, PCI & HIPAA HITECH Compliance, Business Continuity &
Disaster Recovery, IT Auditing, IT Infrastructure (Data Center Migrations,
Network Design & Upgrade, Cloud Storage, Email, Penetration testing,
Virtualization)
|
|
Programming
& Reporting
|
Unix &
Linux Scripting, FTP and Batch scripting, ODBC, OLE, JDBC, SQL, SQLJ,
Transact SQL, SQL Plus, SQL Loader, PL\SQL, Workflow, Oracle Developer
Forms & Reports, Oracle Discoverer, OBIEE, Hyperion, XML, Xpath,
XSL-FO, Xquery, XSD JMS, WS-BPEL, SOA, WSDL, SOAP
|
|
Networks
& Protocols
|
Firewalls,
Routers, Switches, Proxy, NAC, IDS, IPS, DMZ, VPN, SAN, Fibre Channel,
iSCSI, NFS, IPSec VPN’s, PKI Encryption, Kerberos, WINS, DNS, DHCP, SNMP,
TCP\IP, FTP, Sub-netting, VLAN, WLAN, VOIP, QOS, SAML, XACML
|
|
Integration,
ETL, & EDI
|
Oracle
Warehouse Builder, Designer, Forms & Report Developer, DataLoad,
Informatica, Sterling Commerce-Gentran, Cast Iron, Oracle EDI\EC & XML
Gateway, Oracle Workflow BES, BPEL, Oracle XML (BI) Publisher, Evergreen,
PeopleSoft Tools, Jitterbit, Altova XML-Spy & Mapforce, ebXML, ANSI
X12, EDIFACT
|
|
Regulatory
Frameworks
|
GAAP, COSO
ERM, Uniform Commercial Code, SOX, HIPAA & HITECH, PCI-DSS, Safe Harbor
Privacy Principles, ITIL, ISO 270001&2, ISO 15489-1, ISO 9001:2008,
SCOR, Copyright, IRS, FASB, COBIT, FISM, SEC, FDA, GLBA, NIST, ISACA, Cloud
Security Alliance (CSA)
|
|
Business
Analysis & Modeling Tools
|
IIBA BABOK
v2, BPMN, BPM, TOGAF, Interfacing EPC - Business Process Modeling, MS
Visio, Erwin Data Modeling, ER Studio, PeopleSoft Process Modeler
|
|
Improvement
Methodologies
|
TQM via
Defect Prevention, Business Process Improvement (Ernst & Young), Six
Sigma Lean Financial
|