SUMMARY:

• An experienced Information Security/Business Analyst knowledgeable and skilled to work with internal/external customers aligning computer access and business processes;
• Access Administration
• Critical Thinking
• Requirements Gathering
• Incident Management
• Lean Six Sigma
• Process Flow Diagrams
• Procedure Documentation
• Audit Preparedness
• Business Use Cases

Identity Manager, Active Directory, EPV, ITSM(Service Now), Bit Locker, Symantec, Group Policy, Office 365, eCopy, DUO, RACF, Defender II, ACF2, AIX, PSRM, Endpoint Encryption, Hyena, Varonis, FTP GoAnywhere, Druva, OAKS, Securing the Human, Salesforce, Cisco, LAN/WAN, Windows (7 and 10), SharePoint, Mainframe (MVS,VM & AS400), AirWatch, Teradata, AVPN/Mobile Broadband, UNIX, Oracle, SQL, Sybase, Lotus Notes, Data Warehouse, Cognos, ARES/Delphi, Tivoli, Clarity, TCP/IP, LDAP, RSAM, Peregrine, IBID, Teradata, DB2, Auto Sys, Cambar, Empower, Qualtrend, LIMS, SAP, WebEx, InQuira, Visio.

PROFESSIONAL EXPERIENCE:

Confidential

Business Analyst

Responsibilities:

• Applied knowledge of corporate security regulations (e.g. PCI, Sox, and similar standards) and several software applications; (Microsoft Word, Excel and Visio).
• Led Requirement gathering activities and drove deep dive discussions across disparate technologies/disciplines on the Project Uplift team.
• Assisted with process mapping and use cases.
• Documented findings and with the team helped to ensure the project met timeline goals.
• Designed and verified Target Maps were standardized across the lines of business in preparation for integration of new technology and business.
• Set up reoccurring meetings with various Stakeholders.

Confidential

Information Security Analyst

Responsibilities:

• Proactively followed federal, state and local guidelines to protect FTI, PII, HIPAA, PCI etc., while keeping information safe and confidential.
• Performed periodic testing to verify safeguards functioned correctly.
• Applied the use of Symantec (for Security and escalated Incident Response) along with several other applications (e.g. Identity Manager, EPV, Active Directory, Group Policy, RACF, Mainframe, Outlook, PSRM).
• Worked directly with Tax Deputies, Sr. Management, and other clients to satisfy system access requirements and troubleshoot issues.
• Attended meetings for the STARS project (post new system implementation) and worked with Project Managers to ensure their system access requirements were being met.
• Mobile Phone security configuration and support for Tax Enforcement Agents and Audit Personnel.
• Composed departmental documentation and also current process on Confidential ’s website for uploading documents.
• Monitored and sent reminders to clients that needed to complete training.

Confidential

Technology Operations Analyst

Responsibilities:

• Proactively followed compliance guidelines in daily performance (e.g. HIPAA, PCI, ISO 27001, ITIL);
• Assisted IT teams in developing and maintaining appropriate procedural documentation to meet compliance standards.
• Utilized analytical and problem - solving skills to resolve discrepancies, while fulfilling database access requests (e.g. Identity Manager, Active Directory, EPV, RACF, Mainframe, Oracle, DB2, Datasets, Connect groups, Teradata, IBID, SQL, Sybase, RSAM, Vanguard reporting).
• Demonstrated multi-tasking ability by effectively prioritizing workload to meet team goals while utilizing Audit principles and associated compensating controls.
• Partnered with the team to drive automation opportunities reducing the number of steps to perform operations.

Confidential

Business Analyst/Security Analyst

Responsibilities:

• Business Analyst as part of several Agile project teams (comprised of Corporate HR, Project Managers, Developers, Testers, Application Technology Solutions, Applications Engineering, Quality and Regulatory, Line of Business-Stakeholders), tasked with gathering requirements;
• Conveying security controls in new and existing databases for migration to numerous applications.
• Streamlining of IT processes and systems between the divisions and plants.
• Managed several projects;
• Led a cross training effort between three divisions training counterparts on Confidential Nutrition’s Access Administration procedures.
• Identified opportunities for process improvement and participated in the development of security processes, applying best practices.
• Initiated the decommissioning of several databases from a local drive and oversaw the transition to UNIX.
• Applied legal and regulatory principles such as (PCI, PII, FTI, SOX, HIPAA, CFR21-11, ISO 27001&27002 and other IT compliance standards). while granting clients computer access to over 110 applications. Provided support for 13 domestic and six international plants closely working with their IT personnel.
• Granted clients system access daily (e.g. Identity Manager, ITSM-Service Now, EIDM-R, Active Directory, Data Warehouse, COGNOS, UNIX, LIMS, SharePoint, SAP, Lotus Notes, Microsoft Exchange & Lynx, RACF, Mainframe, EAP, Radius, Kerberos, OMVS/VM adding, removing, analyzing and splitting roles, and other systems), which allowed me to meet and exceeded departmental service level agreements for account provisioning, troubleshooting and remediation of issues.
• Analysis of logs and remediation of issues and security testing to verify that technical safeguards were functioning correctly.
• Worked with Auditors and compiled reports for audits.
• Identified opportunities for process improvement and participated in the development of security processes, applying best practices.
• Established and maintained critical working relationships with persons of all levels within the company for account access and problem resolution.
• Administered Annual System Access Recertification.
• Active contributor in Risk Management and Disaster Recovery.
• Compliant with HIPAA, SOX, ISO2001 & 2, SDLC policy and CFR-21-11 guidelines while processing requests for access to numerous applications.
• Demonstrated Lean Six Sigma skills daily to eliminate redundancy and duplication of work.
• Active contributor in Risk Management and Disaster Recovery.
• Successfully mentored Technicians and Jr. Level Associates on Information Security Processes.
• Proactively composed, updated and edited Information Security procedures.
• Demonstrated advanced problem solving, decision making and functional area knowledge.
• Met and exceeded Service Level Agreements for ticket remediation.
• Established and maintained critical working relationships with persons on all levels.
• Organized and trained a team of ten that assisted with the IT file purging process annually. Developed a system to properly organize and purge documents per record and retention policies.
• Organized and navigated Virtual Meetings and training.