We provide IT Staff Augmentation Services!

Senior Security Analyst Resume

4.00/5 (Submit Your Rating)

SUMMARY:

Highly accomplished, results - driven senior security professional with over 18 years of management and hands-on IT Security experience with the ability to combine technical expertise with business requirements to produce innovated solutions to complex problems.

EXPERTISE HIGHLIGHTS:

  • IT Risk Management and Mitigation
  • Regulatory Compliance and Standards
  • Strategic Technology Planning
  • Identity and Access Management
  • IT and Business Analysis
  • Infrastructure Design and Implementation
  • Network Support
  • Major Software/Systems Implementations
  • Incident Reporting and Response
  • Network Security Design and Implementation
  • IT Security Management

TECHNICAL SKILLS:

Systems: Windows, 2000, 2003, 2008, Active Directory, SCCM, Proofpoint, Zscaler, Checkpoint firewalls, Checkpoint Mobile Access Blade, IBM ISS IPS, McAfee IPS, Imperva Web Application Firewalls, IBM Tivoli, CA Siteminder, CA Identity Manager, RSA Envision, RSA Archer GRC tool, Modulo GRC, McAfee EPO, Qualys

PROFESSIONAL EXPERIENCE:

Confidential

Senior Security Analyst

Responsibilities:

  • Developed a three year strategic plan for information security to meet regulatory and company requirements.
  • Established IT security policies, practices, and procedures based on industry best practices as well as HIPAA and PCI regulations.
  • Implemented a vulnerability management program utilizing Qualys to automate vulnerability scanning and reporting.
  • Developed a change management process to align with ITIL best practices.
  • Instrumental in architecting, implementing and supporting Zscalers cloud based proxy to provide content filtering and threat detection for all outbound internet traffic.
  • Supported, configured and tuned Drayer Physical Therapy Institute’s Proofpoint implementation to provide email security.

Confidential

IT Security Consultant

Responsibilities:

  • Worked with the enterprise architecture team to in corporate an IT risk assessment process within The Hershey Company’s project lifecycle.
  • Designed, implemented and supported The Hershey Company’s IT Risk Management framework based on different industry guidelines to provide an understanding of risks associated with vendors, products, and various projects.
  • Assessed Modulo GRC tool in order to identify the core functionality and how The Hershey Company can utilize it within its IT Risk Management framework.
  • Supported a SANS Top Twenty assessment utilizing Modulo.
  • Actively participated in corporate PCI compliance initiatives and assessments.
  • Worked on numerous cloud provider security assessments to identify security gaps within their offerings.
  • Developed a repeatable account review process to meet Sarbanes Oxley audit regulations.
  • Supported The Hershey Company’s Blue Coat Proxy SG implementation, providing troubleshooting and configuration assistance.
  • Supported multiple Checkpoint firewalls which include the design and implementation of new hardware, upgrading existing firewalls to R77.20, and rule base configuration.
  • Responsible for reviewing, identifying gaps, writing and updating all IT security policies.

Confidential, Harrisburg, PA

Chief Information Security Officer

Responsibilities:

  • Worked as the lead security design architect for all security solutions to ensure proper security controls were in place to meet state and federal regulations.
  • Established an IT Security Section within the Department of Public Welfare. Created and managed five different units to focus on various aspects of IT Security to include an IT Security Audit and Compliance, Identity Access Management, IT Security Infrastructure, Network Security and IT Risk Management Units.
  • Provide guidance and direction on all areas of application security throughout the SDLC process and mapped them back to business objectives.
  • Deployed Blue Coat Proxy SG appliances to support content filtering and proxy services to over 18,000 users.
  • Installed and maintained Blue Coat Reporter to provide metrics on internet usage and to provide individual internet usage reports.
  • Successfully managed the first implementation of an automated user provisioning system within the Commonwealth using IBM Tivoli to provide better customer service in regards to on-boarding and de-provisioning of user accounts and application access.
  • Created Incident Response Policy and Procedure to include notification based on various federal and state regulations/laws, investigation and forensic process while also ensuring the proper mitigation plans was established and completed.
  • Served as subject matter expert for multiple department and commonwealth wide RFPs.
  • C oordinated all external audits by third parties audit groups and reported all findings and mitigation strategies to appropriate business areas.
  • Instrumental in the architecting, implementing and the administration of RSA’s SIEM product Envision to correlate security logs from over 1000 devices which provided reports and alerts based on certain thresholds established by department and federal regulations.
  • Lead network security architect for Welfare, Insurance, Aging’s network to include Checkpoint Firewalls, VPN solutions, Intrusion Prevention Systems, Imperva Web Application Firewalls and Blue Coat Proxy/Content Filtering Devices.
  • Provided KPIs showing number of authentications and authorizations for the department’s critical applications by incorporating CA Siteminder logs into RSA Envision.
  • Provided monthly virus and compliance reports utilizing McAfee ePolicy Orchestrator (EPO).

Confidential, Harrisburg, PA

Network/Security Engineer

Responsibilities:

  • Re-designed the Department of Public Welfare’s network to provide proper Network Security ensuring that the departments IT assets are secure.
  • Managed multiple network security devices such as, Checkpoint Firewalls and ISS IPSs.
  • Installed and upgraded multiple Blue Coat proxy devices to provide internet access and content filtering.
  • Configured, installed and deployed a SSL VPN to provide remote access to departments resources.
  • Served as the department’s representative on the commonwealths security domain team ran by the Governor’s office.

Confidential, Mechanicsburg, PA

Network Engineer

Responsibilities:

  • Migrated all Department of Public Welfares business partners to a business partner DMZ to properly secure the Departments network and resources.
  • Designed, installed, and supported Department of Public Welfare’s Checkpoint firewalls and Blue Coat Proxy devices.
  • Transitioned the Pacses (Pennsylvania Automated Child Support Enforcement Network) to its own private network to meet federally mandated requirements.
  • Troubleshoot tier 3 application, network, and platform issues.
  • Project managed the creation of the Child Care Information System network to each Pennsylvania County to provide access to critical resources within the department.
  • Upgraded the LAN/WAN infrastructure that supported the department’s network.
  • Designed, installed, and supported Department of Public Welfare’s Checkpoint firewalls.
  • Implemented Blue Coat proxy devices to migrate content filtering from Websense running on Checkpoint firewalls.

We'd love your feedback!