We provide IT Staff Augmentation Services!

It Security Architecture Lead Resume

Iselin, NJ

SUMMARY

  • Highly capable information security leader experienced in multiple security domains:
  • Security architecture: architecting and engineering secure business, IT and security systems end - to-end in complex environments, and good understanding of architecture frameworks (e.g. SABSA, ISF)
  • Security governance, risk and compliance (GRC)
  • Security operations, monitoring and incident response, including data forensics and electronic discovery
  • Well versed in security risk methodologies (e.g. NIST 800-30), security risk management, and quantitative risk analysis (e.g. FAIR method)
  • Capable of performing application risks assessments covering all layers (application, network, OS, physical, virtual, cloud, crypto, access control, and other security controls)
  • Experienced in cloud security and cloud infrastructure / migrations (Public, Private, Hybrid, SaaS, IaaS, PaaS, Amazon AWS CSA)
  • Experienced in identity and access management (IAM)
  • Principal/Lead Security Architect on large, strategic, and highly visible projects
  • Development of security policies, standards, processes & procedures, technical baselines and guidelines
  • Planning and executing multi-year security strategy to improve maturity of the security program
  • Development of security reference architectures and design patterns, capability maps, roadmaps
  • Automating and improving security processes (exceptions, risk management, third party risk, compliance, etc.)
  • Developing security metrics and dashboards in RSA Archer
  • Thorough understanding of the Software Development Lifecycle (SDLC), DevOps and associated security
  • Business case development, and executing projects in cross-functional model (cross-organization)
  • Experience in security consulting, RFPs, pre-sales and statements of work (SOWs)
  • Security and architecture standards (ISO 27001/27002 , NIST CSF, NIST 800-53, ISF, PCI, IAF, SABSA, ITIL)

TECHNICAL SKILLS

  • RSA Archer, CyberArk, Websense, Imperva WAF, ArcSight, Qualys, Syslog-NG, McAfee Anti-Virus / HIPS / Full Disk Encryption, Invincea, Bit9
  • Juniper SSL VPN, Checkpoint FW, Two Factor Tokens (Safenet, RSA), Nessus, IDS/IPS, Microsoft PKI, Hardware Security Modules (HSMs), SAML, oAuth2, Open ID Connect
  • Amazon AWS CSA, Microsoft Azure, VMWare, Docker, OpenStack
  • Encase, FTK, iCONECTnxt, iPRO eCapture, Concordance, FYI Reviewer
  • MCSE, Windows, Active Directory, Linux, Solaris, IIS, Apache, MS-SQL, MySQL
  • DevOps, Python, Perl, C/C++, C#, VB.NET, ASP.NET, Java, JavaScript, R, PHP, HTML/CSS, XML
  • Cisco Unified Communications, (V)LAN and WAN security, VPN, IP Telephony, SIP, Jabber
  • OWASP, SANS CIS Top 20, NIST 800.53, NIST CSF, ISO 27001/27002 , ISF, PCI, IAF, SABSA, ITIL

PROFESSIONAL EXPERIENCE

Confidential, Iselin, NJ

IT Security Architecture Lead

Responsibilities:

  • Leading the IT Security Architecture function managing a team of 9 direct reports and a portfolio of about 100 active projects requiring security architecture input
  • Lead security architect on many business, infrastructure, and security projects, including:
  • A strategic and highly visible hybrid cloud migration project based on IBM cloud
  • A high-visibility project based on cutting edge technologies such as blockchain, Distributed Ledger Technologies (DLT), Docker, Hyperledger, SELinux, elliptic curve crypto, peer-to-peer networking
  • A global communications project implementing Cisco Expressways and CUBEs for next-gen SIP telephony solution leveraging Cisco Unified Communications, Webex, Jabber, SIP, H323 and XMPP
  • A highly visible vulnerability management program designed to address FRBNY MRIA audit findings
  • Managing penetration tests on new applications and services and follow up remediation
  • Implemented RSA Archer for the vulnerability management program mentioned above
  • Assisted in addressing a FRBNY MRA audit finding regarding the application security risk assessment process
  • Improvements to the security architecture function (standards, processes)
  • Improvement of other security processes at CLS including vendor management process

Confidential, Murray Hill, NJ

Senior Security Architect / Senior Manager

Responsibilities:

  • Lead Security Architect on strategic IT and security projects: Infrastructure as a Service (Hybrid Cloud, HP Helion Public/Private/Virtual Private, HP OpenStack), Privileged & Service Account Management (CyberArk), Bring Your Own Device (BYOD), Mobile Device Management (MDM), Web & Email Filtering (WebSense), Desktop-as-a-Service (NaviSite), Central Logging (Syglog-NG), Full Disk Encryption (McAfee EEPC), Secure Zone & Secure Store
  • Involvement with other projects: Vulnerability Management (Qualys), Data Loss Prevention (WebSense), Software Whitelisting (Bit9 Parity), SIEM - Security Information and Event Management (IBM QRadar), SOC (Security Operations Center), Identity and Access Governance, Cloud Identity Service (MS Azure AD / Office 365)
  • Member of “Cloud First” core steering team for cloud initiatives
  • Development of 3-year overall security strategy and next-generation security architecture
  • Produced security requirements for projects researching best practices and industry standards
  • Performed security and IT vendor selection (RFP process) and scoring of vendor RFI/RFQ/RFP responses
  • Supported annual security compliance activities, data element inventory and asset classification
  • Ensured that security was “baked-in” to business processes with appropriate checkpoints (projects, RFC’s, etc.)
  • Performed security risk assessments and managed exceptions to security policy (risk management)
  • Supervised a team of 2-3 security consultants working on the following activities
  • Metrics/dashboard for business and security leaders aggregating different security metrics
  • Security reference architecture, including high level architecture, capability map and service catalog
  • Automating security processes in Archer (Risk Management, Security Reviews, Third Party Assessment)

Confidential, Eatontown, NJ

Director

Responsibilities:

  • Led project to develop ISO 27001 compliant security policies and standards for a major client.
  • Developed security policy for client regulatory compliance, including SOX, HIPAA, PCI-DSS, data privacy
  • Performed consulting engagements including: Security assessments, security policy development, penetration tests, e-discovery & data forensics. Also responded to RFP’s and developed statements of work.
  • Led a software solutions team developing web-based (e-discovery) solutions for clients
  • Performed data analysis and report generation on very large (>1TB) data sets for clients
  • Assisted with build out of the security practice’s $5M Data Center
  • Implemented secure access method for clients and consultants to access data center services and applications

Confidential, Warren, NJ

Senior Security Analyst / Senior Manager

Responsibilities:

  • Developed security policies and procedures
  • Participated in architecture working groups developing IT solutions and standards for Confidential
  • Managed the Computer Security Incident Response Team (CSIRT) tracking computer security incidents to closure
  • Developed procedures for incident response, trained security operations staff and network operations staff, and developed an incident response toolkit
  • Lead architect for the Security Incident and Event Management (SIEM) solution
  • Led development of custom security software to scan 80,000 internal hosts for security vulnerabilities
  • Led a project to collect and analyze 40GB of email log data daily
  • Deployed a Public Key Infrastructure (PKI) based on Microsoft Windows Certificate Services
  • Managed a 4-person team deploying RSA SecurID cards to Confidential employees

Security Analyst

Confidential

Responsibilities:

  • Designed, developed and maintained security software used by over 10,000 employees for single sign-on (SSO)
  • Performed penetration tests of mission critical systems: Voice Mail, PeopleSoft HR database and Exchange
  • Supported security investigations in technical matters
  • Presented security topics at Confidential internal conferences

Hire Now