Steve Marlar
Management Information Systems graduate from Washington State University. Extensive experience in business process improvement and IT Compliance. Currently working at Microsoft as MSN Compliance Program Manager.
| Headline: | Entrepreneur |
| Interested in: | Brainstorming, Finding business partners, Finding cofounders, Finding team mates, Meeting new people, Professional opportunities, Promoting my startups, Recruiting for my startup |
| Schools: | Washington State University at Pullman |
WORK EXPERIENCE
| Employer: | Microsoft |
| Position: | MSN Compliance Program Manager |
| Time period: | January 2005 - Present |
| Description: | • Sarbanes Oxley
• Responsible for each application that supports the Paid Search and Display platforms within MSN including the General Application Controls (i.e. controls that support the revenue business process, backend access, and backups) and General Computing Controls which includes SDLC and Hot Fix controls. • Perform testing in support of Management testing. • Supported the external auditors by providing support documentation verifying Microsoft SOX controls were fulfilled. • Supported all required activities for the Quarterly 302 survey and provided feedback to the VP of MSN AdCenter Engineering team. • Media Rating Council (MRC) and Interactive Advertising Bureau (IAB) • Met with auditors to provide supporting documentation as evidence that the Display Advertising platform was fulfilling MRC and IAB guidelines. • Brought issues to resolution and provided remediation to auditors. • Met with the MRC Board and Audit firm for MSN Display to discuss audit results and discuss any potential issues and concerns. • Received confirmation that the MSN Display platform was MRC and IAB compliant. • Joined IAB working groups to help build display guidelines. • Provided browsers and spiders/robots to add to IAB’s positive browser list and negative spider/robot list. • Assisted in creation of an internal MSN spider to check on IAB guidelines. • Payment Card Industry (PCI) standard • Worked with product engineering and operation teams to ensure the Paid Search applications complied with PCI standards. • Met with PCI auditor to perform audit and provide supporting documentation as evidence that PCI standards were fulfilled. • Resolved any issues identified to ensure PCI compliance. • Received confirmation from PCI auditor that AdCenter received PCI certification. • MSN AdCenter Engineering SDLC • Created a formalized SDLC for the AdCenter Engineering team which included the Display, Paid Search, and Global Business Intelligence Engineering teams. • To ensure that all engineering teams have one document that provides details on all required SOX controls, the AdCenter Engineering SDLC Narrative centralizes all SDLC controls. |
| Employer: | Microsoft |
| Position: | OEM IT Sr. Program Manager |
| Description: | • Sarbanes Oxley Lead
• Managed OEM IT systems, which processes $17 billion in revenue (includes OEM and SBC Type I and Royalty Type II revenue) to ensure that IT controls were operating effectively in support of SOX and the MS Financial Statement. • Supervised OEM IT SDLC process to ensure compliance in support of SOX. Reduced the amount of controls within OEM IT by 81% and the number of roles within MOO to be reviewed quarterly by 89%, while also reducing the SOX budget by 80%. • Presented areas of opportunity to the Financial Compliance Group and IT Compliance team to make more reliable and reduce the number of controls within MS. This included modifications to the Backend Review tool as well as having engineering teams rely on controls that previously existed which further reduced controls throughout Microsoft. • Received the People Excellence and Strategic awards for SOX Lead during FY07 for my contribution in reducing the number of controls. • OEM Business Transparency Project • Supervised three global project teams (Development team in Beijing, Program managers in Beijing and Redmond, and the Deployment and SIT test team in India) to create three new applications (OEM Scorecard, SBC Distributor Health Dashboard, and OEM Revenue Analysis Dashboard) that included six releases. Budget was $1.7 million over two years. • Inspected business requirements, created functional spec test plans, and launched Team Software Process (TSP). • Familiarized the vendor development company with the OEM IT environment and deployment process. • Created Prototypes with Solution Delivery to provide a proof of concept and to finalize scope with the business. • Facilitated multiple training sessions to ensure support team could support OEM IT with new application during development life cycle and after Go Live. • Scheduled the vendor development company to get trained on TSP to ensure TSP was performed on the project. • Shasta Project • Directed project team that included developers, SIT test team in India, Solution Delivery team, and a business team in Reno on the Shasta Organization and Participant Viewer project. • Coordinated UAT testing teams that were in Reno and Ireland. • Managed risk and issues and drove bugs to closure in a timely fashion. One of the lowest bugs per KLOC (thousand lines of code) project ever in OEM IT. • Security / Privacy Lead • Assisted multiple project teams to ensure they met MS Security and Privacy standards. • Managed and drove to closure any Security/Privacy issues that were identified by ACE team. • MS Poll Committee • Successfully led committee to improve work on items identified during MS Poll. • Presented action items to OEM IT management to assist with MS Poll results on how to enhance work/ life balance and more consistent recognition awards. |
| Employer: | Deloitte & Touche |
| Position: | ERS Sr. Consultant |
| Time period: | January 2002 - December 2005 |
| Description: | • Performed various business process control reviews for a global software client in an SAP environment.
• Assessed current processes against control standards and provided recommendations for improvement to upper-level management. • Led audit on largest revenue stream for three years that included Type I, Type II, and Royalty Reporting. • Responsible for various business process control reviews for a global aerospace/manufacturing client. Reviews included IT audit programs, identifying information technology risks, and led three consultant resources on engagement. • Administered IT system reviews for a large food retail corporation, which encompassed critical IT processes such as change management, security administration, operations, and disaster recovery planning. Reviews consisted of assessing the current processes against IT process standards and reporting recommendations for improvement to upper-level management. • Developed journal entry analysis techniques in conjunction with SAS 99 fraud requirements for a wide range of audit clients, including extracting anomalies within large sets of data based on statistical and interpretive analysis. • Conducted multiple application and network level security reviews for the following technologies: Windows NT, Novell Netware, AS/400, JD Edwards, and Great Plains. |
| Employer: | CyberGold.com |
| Position: | Web Producer Intern |
| Time period: | June 2000 - August 2000 |
| Description: | • Produced various marketing web pages for clients. Responsibilities included creating advertisements on the site as well as promotional pages.
• Collaborated in revamping of website. Responsibilities included evaluating user interfaces, designing, and documenting user process. |
EDUCATION
| University: | Washington State University at Pullman |
| Time period: | 2001 |
| Degree: | Management Information Systems, BA |
INFORMATION
| Memberships: | • 2006 – current
Washington State University, Business College, MIS Advisory Board Member - assists the MIS dean on issues to support the Business College. |
| Awards: | • Washington State University: Received the Overall Excellence Award from the MIS department – 2001 |
Steve's Startups (1)
View all
Steve's Contacts (1)
View all-
Milan Miki
CEO and owner BestTravelWebsites.com