SUMMARY:

• Results oriented and innovative Information Technology professional with an MS in Management Information Systems and BS in Business Administration.
• An effective Information Technology manager with experience in managing, auditing, and developing/securing large scale applications in the Telecommunication, Financial, Manufacturing, Insurance, Travel, and Energy industries.
• Proven outstanding track record for meeting goals and deadlines.
• Demonstrated strength in quickly understanding and handling complex technical and operational issues.

SKILLS & COMPETENCIES:

• Logical Data Modeling and Architecture
• Adaptable & Analytical Thinker
• IT Audit Framework - NIST, CIS, ISO, COBIT, ITIL
• Valued Team Leader and Member
• Project Management
• Achievement/Results Orientation
• Software Development Management
• Customer Service Orientation
• Information & Controls Assurance
• Impact and Influence
• Agile and Waterfall Methodologies
• Initiative
• Regulatory and IT Compliance
• Business Ethics
• Joint Application Design
• Problem Solving and Analysis
• IT Policies and Procedures Design
• Information Seeking
• Presentation and Communication
• Conceptual Thinking

PROFESSIONAL EXPERIENCE:

Confidential, Bloomfield, CT

Senior IT Security and Compliance Manager

Responsibilities:

• Design, develop and maintain Cyber security program across IT and the enterprise.
• Establish PMO practices for federated management of all projects and initiatives.
• Manage the enterprise Information Protection (IP) community program awareness, communications and learning program across all lines of business which includes global participants.
• Lead benchmarking strategy and execution for the enterprise which includes identifying appropriate industry relevant frameworks, internal and external assessment against frameworks, reporting of findings and integration of findings into the IP roadmap.
• Assimilate the Advanced Cyber Threat program into the integrated Information Protection portfolio.
• Conduct mission critical system security reviews to support products and ensure compliance with Confidential Information Protection (CIP) policies and standards.

Confidential, Confidential, CT

Senior IT Security and Compliance Manager

Responsibilities:

• Provided key input to risk based audit plan to determine the priorities of internal audit activities, consistent with the enterprise goals.
• Enhanced and developed new information technology policies related to cyber-security program and overseeing companywide efforts to identify and evaluate all critical systems with the focus on developing a security program based on risk profiles and data classification.
• Defined the risk factors to be assessed and the relationships among those factors, developing a risk scoring system by taking factors into consideration such as threat, vulnerability, impact, likelihood, and predisposing condition to determine levels of risk in enterprise systems, establishing a cumulative risk process to roll up several medium and lower-level risks into a higher-level risk.
• Led Cyber Security audit/assurance reviews to provide senior management with an independent assessment relating to the effectiveness of reviews to test the control environment and The Confidential Information Protection ( Confidential ) policies and procedures compliance.
• Performed audit/assurance reviews to identify IT related risks of the incident management process, configuration management and security of networks and servers, security management and awareness, business continuity management, change management, information security management, governance and management practices of both IT and the business units, and relationships with third parties.
• Led the information security and compliance programs that focused on End Point Security, Web and Application Hosting, File Integrity Monitoring, DMZ, Network Security, and active monitoring of configuration drift at the O/S (Unix and Windows) and middleware layer.
• Worked closely with information protection team to deploy variety of tools such as Damballa Network Security Checkup, Check Point Firewalls, Symantec End point Protection, Rapid 7 Nexpose. Loglogic based on defense in depth security principle.
• Evaluated Guardium for the data security platform, Confidential and Confidential for the Confidential, and Carbon Black for the file integrity monitoring.
• Established a continuous configuration monitoring program to check Windows and Linux O/S settings using ACL based on the security policies and industry best practices.
• Performed information technology general controls oversight and review to verify compliance with SOX provisions and professional standards.

Confidential, Confidential, CT

Senior IT Security and Compliance Auditor

Responsibilities:

• Performed IT General Control and Application Development audits which include performing walkthroughs, audit program design/creation, delegating and reviewing staff work and findings, and helping draft audit reports with lead.
• Performed special audits on high profile projects including assessing the company’s IT Governance policies, project management methodology, project management best practices, segregation of duties, intellectual property, fraud exposures, external data transfer mechanisms and policies for the sending and receiving, protecting of external customer privacy data based on state laws e.g. Confidential, Confidential, Confidential .
• Confidential as audit liaison between audit and assigned business units for all SOX 404 concerns and identifying and working with the units to implement controls for audit risks involved with major IT related changes taking place within their environment.

Confidential, Atlanta, GA

Senior Technical Project Manager

Responsibilities:

• Responsible for directing software development projects for all products related to Confidential .
• Led the pursuit and implementation of a Project Management Office engagement that assisted in the design and development of a $25m+ enterprise system.
• Coordinated with Internal Audit to ensure documentation of all processes is current and continually updated. Maintained testing plans for all identified business and IT key controls.
• Worked across business lines to review access to confidential data and facilitate security compliance across departments.
• Supported the Internal Audit plan and Sarbanes-Oxley assessments for Information Technology and business processes.
• Identified internal control weaknesses for various IT business processes, made recommendations for improvements and monitor remediation plans.
• Designed Enterprise Data Mart for Secondary Market and Treasury applications to support post closing operations.
• Identified and translated requirements into charter, service level agreement (SLA’s) and key performance indicator.

Confidential, Atlanta, GA

Senior Project Manager

Responsibilities:

• Led the IT team to design an integrated transportation and billing management system. This system is a corner stone in the Confidential trade direct initiative between United States Northern and Southern Border.
• Worked with Confidential contract carriers to define data requirements and shipment status updates through Confidential Visibility System.
• Worked with multiple carriers and Confidential executive visibility team to define the data requirements; organized, identified the needs for technical methodology (coding standards, naming conventions etc.) and end to end technical design.

Confidential, Atlanta, GA

Senior Project Manager

Responsibilities:

• Main responsibilities included defining system requirements for the Inventory Control System and Order Management System by conducting JAD sessions, performing Object Modeling using UML based on Confidential standards and analyzing enterprise systems for the interfaces.
• Also responsible for providing technical expertise to the Enterprise Data Model.

Confidential, Dallas, TX

Principal Consultant

Responsibilities:

• Worked as a consultant to provide technical expertise to Confidential clients such as Confidential, Central and Southwest Utilities, Confidential Insurance, Confidential of Ohio and Confidential Corporation.
• Developed the logical Data Model for various business systems.
• Responsible for all development stages including analysis, design, construction and all phases of testing.
• Worked with business users and subject matter experts to define and re-engineer the business processes.