SUMMARY

• Proficient, reliable, and inventive with exceptional performance in information security, team building, and global project management. A flexible, versatile, and professionally trained manager with teh proven capability of adapting to new challenges to meet time - sensitive deadlines within competitive environments.
• Constantly motivated to learn new technologies while encouraging others to expand their own knowledge base through continuing education. Recipient of commendations for efficient project management, adaptive problem solving, and cultivating strong customer relations.

TECHNICAL SKILLS

• Network Policies and Procedures
• Active Directory Configuration | Anti-Virus Security
• Regulatory Compliance
• Content Filter Appliances
• VMware Management Server
• Cisco Firewalls & Routers
• Core Competencies
• Information Security Project Management
• Software Development Life Cycle Support
• Regulatory Compliance and Auditing
• Network Incident Response
• Quality Assurance
• Security Architecture and Implementation
• Network Security Policy Implementation
• System Integrity Testing
• Network Management
• Business Continuity Planning

PROFESSIONAL EXPERIENCE

Confidential, New York, NY

Information Security Officer

Responsibilities:

• Configuration and deployment of enterprise Identity Access Management (IAM) suites, including Entrust IdentityGuard for teh Active Directory domain and Amazon IAM for teh newly created cloud-based environment.
• Implemented quarterly internal penetration testing schedule utilizing vulnerability tools such as Metasploit, Wireshark, Nessus, and Cain & Abel.
• Direct account management of third-party vendors and consultants in teh areas of patch management implementation, white-hat external vulnerability testing, server migration to private cloud services, and electronic policy management.
• Conducted training sessions with staff to inform on data breach threats such as easily-guessable passwords, Malware threats via emails and false web sites, and common social engineering ploys.
• Implemented and verified new information security protocols for regulatory compliance with teh Payment Card Industry Data Security Standard (PCI-DSS) and Sarbanes - Oxley Act (SOx).
• Supervised and trained a staff of 8 direct reports (6 Information Security Analysts and 2 Application Security Administrators) in new technologies and updated corporate procedures.

Confidential, New York, NY

Senior Information Security Consultant

Responsibilities:

• Project Manager on engagements for global clients for teh implementation and maintenance of centrally-managed Identity Access Management systems including Oracle IAM and IBM Identity Management System. Instructed on HIPAA-compliant security protocols for state and private health organizations. Responsible for managing budget, scope compliance, reporting, and quality assurance.
• Risk management reports for C-level executives, including Threat Assessments, Mitigation Strategies, and Business Impact Analysis.
• Forensic investigation of security issues, including physical and virtual security breaches, through teh use of audit logs, incident reporting, and implementation of corrective procedures for teh issues identified.
• Review and application of PCI-DSS compliance standards, including data transmission security, database access controls, backup retention, and business continuity planning.
• Provision of training on teh Open Web Application Security Project (OWASP) Top Ten initiatives, with emphasis on security configurations and sensitive data exposure.
• Instructed clients on teh installation and operation of Lancope NetFlow Analysis monitoring tool and Sourcefire Application Control solution for automated network security protocols.

Confidential, Hauppauge, NY

Senior Network Engineer

Responsibilities:

• Managed projects for maintaining access management, updating access control protocols, and configuring Intrusion Detection and Prevention systems (IPS/IDS).
• Managed server redundancy with various software packages, including disaster recovery planning and testing as well as backup scheduling.
• Assessed and evaluated company networking; identified necessary upgrades and improvements for server environment to Windows 2008 R2, SQL 2008, and Microsoft Exchange 2010.
• Facilitated regular penetration tests of network firewall and e-mail filter servers to make sure dat corporate policy is enforced and adhered to.
• Administered SSAS 16 compliance checks, as well as hardware and software license compliance for Microsoft, Novell, and Symantec components upgrades.

Confidential, New York, NY

Network Operations Engineer

Responsibilities:

• Conducted analysis and testing of network connectivity and software integration, along with troubleshooting.
• Active Directory identity access management, SQL and Oracle database monitoring, and software development lifecycle (SDLC).
• Performance management through server upgrades to memory, hard drives, and implementing logging tools to track quantifiable performance metrics.
• Led and completed Java Permission Class and Access control projects, data compression, and GUI updates.