We provide IT Staff Augmentation Services!

Security Analyst Resume

Richmond, VA

OBJECTIVE:

Seeking new role ensuring my passionate, service - oriented, skillful, and heavily tenured background in Information Security and assist any organization to build, strengthen, and disseminate the all important information and data security segment of their business to all interior and exterior customers and clients.

SUMMARY:

  • Creation, deployment and management of IT Security policies and procedures.
  • Standardization of IT security processes.
  • Management of IT BIA, Risk Assessment and Vulnerability programs and plans.
  • Creation and management of security best practices, procedures and processes.
  • Consistent review and management of third party supportive applications to comply with corporate security and audit goals.
  • Analysis, development, functional use, and management for Identity Access Management (IAM) processes and procedures for network, remote access, and single as well as cross platform application usage.
  • Built role-based security strategy and process. Met Audit Requirement to structure and control accesses.
  • Significant SAS70 / Sarbanes Oxley (SOX), Graham-Leach-Bliley (GLBA) and HIPPA Security Audit procedures, review, and audit review documentation. Service as semi-annual SOX SME (Subject Matter Expert). Strong focus on controllership of all owned and managed data.
  • Strong analytical work supporting access controls pertaining to NPI and API confidentiality
  • Participated in development of qualitative analytical efforts to define application usage for SOX audits.
  • Development of business segment plans with creation of vertical segmentation processes.
  • Customized version control software. Included creation of RFP with strong acceptance from Corporate Finance. Provided major financial savings negotiating purchase price to one-fifth of vendor’s asking price. Application still used ten (10) years of use with little to no alterations.
  • Database management including expansion capacities, dataset and data item securities, dataset repacks and organization. Cost savings limiting downtime to less than 1% controlling dataset size and scheduled maintenance window.
  • Creation of internal and external marketing communications tools such as newsletters, PowerPoint presentations and plans and programs.
  • Supporting corporate security infrastructure assigning remote access tokens, network (User Manager and Active Directory) permissions, systems and applications security, SOX Audit due diligence processes, creation of multi-level security procedures and provisioning for enterprise applications.
  • Project and sub-project leader implementing array of activities from audit compliance to application security to system version control processes.

EMPLOYMENT HISTORY:

Confidential, Richmond, VA

SECURITY ANALYST

Responsibilities:

  • Manage all components of SEC500 series of Confidential IT Security including Risk Management (SEC506), Contingency Planning (SEC508), Systems Security (SEC515), etc.
  • Negotiated for outside, cost-savings vulnerability scans and audits.
  • Promote current and generally accepted information security standards and best practices.
  • Create, deploy and manage Information Security Awareness statewide program.
  • Active security practices with business partners, IT staff, remote user community.
  • Perpetually active in promotion of current and generally accepted information security best practices and standards in numerous ways.

INFORMATION SECURITY CONSULTANT

Confidential, Richmond, VA

Responsibilities:

  • Contract to create Business Impact Analysis project plan, analysis, interviews, formatting and (COV Commonwealth Security approved) BIA documentation.
  • Extended contract to include creation of Information Security Program specific to the agency based off Confidential .

Confidential, Richmond, VA

INFORMATION ASSURANCE ANALYST

Responsibilities:

  • Responsibilities including review and decision third party access needs and requests with Confidential systems, networks and data.
  • This entailed reviewing and analyzing not just the needs but the wealth of impacts that the interface would have on Confidential data, both NPI and API.
  • Strong attention paid to risk assessments and levels of access points.
  • Assess interactive connectivity on a number of levels for both domestic and international companies and organizations requesting access.
  • Our interface is primarily with internal customers that we define as Third Party Managers responsible for managing the data inherent from the outside supplier.
  • These efforts also included faciliatating Discovery Meetings with the internal Third Party Managers and associates to identify and flush out additional dependencies and requirements.
  • Created modification requests for the Archer application which manages the Third Party data and access permissions.

Confidential, Richmond, VA

IT SECURITY ANALYST CONSULTANT

Responsibilities:

  • Performed security access control permissions on multiple platforms from to HP3000 with Security3000, and network Active Directory (XP and 2000) and web applications using SiteMinder.
  • Creation of standardization of security processes, procedures and rules.

Confidential, Ashland, VA

BUSINESS DEVELOPMENT MANAGER

Responsibilities:

  • Creation of new business segment for regional facility management company focusing on web-based software solutions for both facility and utility management.
  • These efforts included creation of marketing plan and materials, development of monthly electronic newsletter, client prospect development, PowerPoint presentations, and vertical market segment analysis and implementation.
  • Studied analytical data to ascertain qualitative and quantitative elements of client samplings for Confidential development and growth.

Confidential, Richmond, VA

APPLICATION SECURITY ANALYST

Responsibilities:

  • Created, implemented and monitored web-based application security residing on server and in a GUI-based web screen processing.
  • The security focus was on creating role-based security via user templates based on functionality job codes and business unit structures.
  • Solely responsible for identifying, creating, storing and managing security processes and procedures.
  • Worked consistently with EPIC Software Systems of Verona, WI analyzing and reviewing security consistency and audit compliance functionalities.

Confidential, Richmond, VA

INFORMATION TECHNOLOGY ADVISOR

Responsibilities:

  • Performed security access control permissions on multiple platforms from mainframe using ACF2, to HP3000 with Security3000, and network Active Directory (XP and 2000).
  • Creation of standardization of security processes, procedures and rules

Hire Now