RICHARD E. JAYNES
Quakertown
Summary
IT SOX Risk & Compliance Analyst with 7+ years of experience in leading ITGC testing and SOX compliance initiatives. Demonstrates strong skills in managing the IT SOX lifecycle, from scoping to deficiency assessment and remediation. Works closely with IT and business stakeholders to ensure effective documentation and issue resolution. Proven track record in improving control environments and SOX program maturity.
Overview
21
21
years of professional experience
1
1
Certification
Work History
Senior SOX IT Risk & Controls Analyst
UGI
02.2019 - Current
- Plan and execute IT SOX testing by developing audit scope, testing procedures, and walkthroughs aligned with key risk areas and business processes.
- Lead concurrent IT SOX audits across multiple domestic business units, providing guidance and mentorship to junior team members to ensure consistent, high-quality testing.
- Evaluate control exceptions and deficiencies by reviewing evidence, validating root causes, identifying systemic issues, and recommending practical remediation and improvement opportunities.
- Coordinate with external auditors and third-party contractors, ensuring clear communication, timely evidence delivery, and alignment on testing approaches for domestic and international business units.
- Support system implementation projects by advising on control design, automated control optimization, and SOX readiness to ensure new systems meet compliance and reliance requirements.
- Utilize and administer AuditBoard to manage SOX testing, documentation, workflows, and issue tracking, ensuring accurate evidence management and consistent audit execution.
IT Security Analyst
Randstad Technologies / Barclaycard
10.2017 - 12.2018
- Led the Barclaycard US Developer Access to Production project, reviewing daily access reports and validating access appropriateness in production environments.
- Produced weekly risk reports and presented findings to management and business stakeholders to strengthen access control posture.
- Onboarded critical applications to enterprise IAM toolsets by coordinating with business owners, application owners, and third-party vendors.
- Provided evidence and documentation for audit reviews and supported audit-driven access initiatives.
Identity & Access Management Analyst
TEKsystems / JPMorgan Chase
02.2017 - 10.2017
- Led access uplift initiatives to onboard system accounts into target-state IAM tools.
- Collaborated with Application Development Managers and Information Owners to remediate control gaps and strengthen access governance.
- Facilitated application meetings to drive remediation strategies and reduce access-related risks.
Security Business & IT Compliance Analyst
CEI / PPL Electric Utilities
01.2015 - 01.2017
- Supported major security updates across critical infrastructure systems (NERC CIP), gathering requirements and configuring workflows and security settings.
- Managed 150+ quarterly critical access control reports using RSA Access Governance Suite.
- Maintained compliance by reviewing and managing daily security controls across Active Directory, databases, and privileged accounts.
- Assisted with SOX audit reports, evidence collection, and control testing.
Business Risk Analyst
JPMorgan Chase
07.2013 - 01.2015
- Supported global IAM programs for the Credit Card division, partnering with business owners and engineering teams to implement IAM tools.
- Promoted information security standards and ensured alignment across technical operations teams.
- Participated in audit activities related to IAM and collaborated with Information Risk Managers to identify and resolve access control issues.
- Identified control gaps and recommended improvements to strengthen access governance.
Senior Information Security Analyst
GMAC Mortgage / Ally Financial
07.2005 - 06.2013
- Designed and executed monthly, quarterly, and ad hoc enterprise user access reports across 20,000+ users and multiple platforms.
- Supported SOX and PCI compliance by executing quarterly IT control testing across 50+ applications.
- Provided detailed access reports to internal and external auditors and supported audit follow-up activities.
- Served as primary support for Symantec Control Compliance Suite (CCS), configuring reports, troubleshooting issues, and coordinating with business units and Symantec support.
Education
Bachelor of Science - Information Technologies
Southern New Hampshire University
01.2020
Skills
- IT SOX and ITGC testing
- AuditBoard administration
- Identity and access management
- Access provisioning and governance
- Change management controls
- Operational controls
- Segregation of duties
- Risk and compliance analysis
- System implementations
Certification
Certified Information Systems Auditor (CISA), 2011
Timeline
Senior SOX IT Risk & Controls Analyst
UGI
02.2019 - Current
IT Security Analyst
Randstad Technologies / Barclaycard
10.2017 - 12.2018
Identity & Access Management Analyst
TEKsystems / JPMorgan Chase
02.2017 - 10.2017
Security Business & IT Compliance Analyst
CEI / PPL Electric Utilities
01.2015 - 01.2017
Business Risk Analyst
JPMorgan Chase
07.2013 - 01.2015
Senior Information Security Analyst
GMAC Mortgage / Ally Financial
07.2005 - 06.2013
Bachelor of Science - Information Technologies
Southern New Hampshire University