EXECUTIVE SUMMARY:

Technically skilled IT Security Professional with a consistent record of driving projects to successful completion. Recognized as architect of scalable and user - friendly greener technology platform that supported rapid growth. Provide pragmatic leadership, excellent peer relations, disciplined budgeter and creative strategist.

CORE COMPETENCIES:

IT\Cyber\Physical Security, Security Assurance, Asset Protection, IT Governance, Disaster Recovery; Business Continuity, Risk Assessments & Management; Business Intelligence, Green IT, Business Process Redesign, Budget Management; Strategic Planning, Organizational and Strategy Development, Leadership Decision Support and People, Product, Program and Project Management.

TECHNICAL SKILLS:

Security Tools\Software: WhiteHat, Qualys, Veracode, Mobile Iron, Netwrix, OpenDNS, Symantec Endpoint Protection, Tenable Security Center, Solar wind, Skybox, Zixmail, ADT Pulse, ACS Brivo, Penetration Testing, Vulnerability Scanning, OWASP ZAP, WPScan, W3AF, Kali tools, Burpsuite, NetSuite, ISO 27001, SSAE-16 SOC-1/2, HIPAA-HITECH audit, Service Core, ServiceNow, HP Service Center, Remedy, Heat, Visio. HR hire/terminations, access cards, alarm system, CCTV, Security awareness training program, CIS CSC, Security Incidents, (BC/DR) exercises, NIST Cybersecurity Framework, and Cisco Security Agent, RAS SecurID, Application Security, Wireless Security, Nagios, Nmap, Securina, Nessus, MBSA, Wireshark, Net Cat, Anti-Spam, Antivirus, Firewall, Anti Spyware, IDS/IPS, Proxy and Patch Management, Veritas Backup Exec, GFI, KVM, Fluke and LAN Analyzer.

Cloud Computing: Office 365, Service Now, SharePoint, Email, Web Communications, and Timesheet. (Saas, PaaS, IaaS)

Platform/OS/Networking: Windows, Novell, Linux, Confidential Server, Wireless LANS / Routers, Cable/DSL/DS3/T1/T3/TLS, Cisco Switches, Cisco Routers, VPN, Terminal Server, Cluster Server, Citrix, VMware, Firewall - Sonicwall/NetScreen/Checkpoint.

Hardware: Dell, HP and IBM server/ Intel and AMD and Switch, Router, HP & Xerox MFP, CISCO wireless Router, VOIP, Electric Blackboard, Moving Message Board, Leak Detection system and Polycom & IP Video Camera.

Handheld devices: IPad, iPhone, Android, GPS, HP Jornada Handheld PC and Compaq IPAQ Pocket PCs, Blackberry.

PROFESSIONAL EXPERIENCE:

Confidential

Global Information Security Analyst, NY, New York

Responsibilities:

• Participated in strategy, Software Architected, design, and implementation of key security initiatives within the organization.
• Performed ISO 27001 Information Security Management System supporting processes including Security assurance activities
• Performed risk assessments, audit, assets, testing and implementing firm s business continuity and disaster recovery plans.
• Supported and operated central logging and alerting systems (SIEM Type), Penetration Testing, Vulnerability management process including operational security duties and tasks. (Identifying new vulnerabilities, research and analysis and response).
• In - depth penetration testing of external applications and discover possible gaps through use threat model, behavior analysis.
• Performed day-to-day physical and logical security systems tasks CCTV, access control, intrusion, and notifications as well as supported other departments with customer-driven security related inquiries and business with security questionnaires.
• Provided deep-dive application vulnerability assessment through a comprehensive testing process, identifying weaknesses.
• Executed risk-based assessments of the company's vendor s complete new and existing assessments on vendors and 3rd parties.
• Participated in third party information risk assessment process improvement evaluate and Identify technology risks at third parties.
• Performed risk assessments using methodology; identify, document and communicate control deficiencies in business processes.
• Represented for vendor assessments, risks, controls, negotiation, and status of posture for current and new vendors.
• Prepared for and provided support for external and internal quarterly auditing and compliance programs (such as SSAE-16, ISO
• 27001, SOC- 1/ SOC-2, HIPAA--HITECH and customer initiated audits) also, member of CERT.
• Established & enforced companywide Security Policy, Procedure, Standard and investigate document of Security Incident report.
• Oversaw the development, deployment, and management of the firm's cybersecurity technology and physical security controls.
• Presented regular security reports and guidance to executive management on the state of the firm's cybersecurity initiatives trends.
• Conducted research, recommend and evaluate new technologies, software, products, services, and procurement reduce cost efforts.
• Supported IT Ops groups with security guidance for systems and enhance corporate Information Security Training program.

Confidential

IT/Security Operations Manager Consultant, NY, New York

Responsibilities:

• Managed daily operations of IT Security, secure architecture and Risk, Business Continuity, Disaster Recovery, and Network.
• Conducted physical security assessment, gap analysis, vendor assessments, Mobile Security, and security awareness training.
• Performed risk assessments, audit, assets, facilities/psychical security, testing and implementing systems disaster recovery plans.
• Developed of Information Security Policy, Procedure, Standard, guidelines and report, notify and investigate of Security Incident.
• During Hurricane Sandy as precautionary measure to secure IT equipments and Backup Servers from flooded zone offices.
• Performed business impact analysis and recovery strategies/plan. Created Disaster Recovery plan and Business Continuity plan by utilizing Hot, Warm, and Cold sites for some external agencies.
• Took inventory of damaged IT equipments . Acted as emergency resource for multiple offices during and after storm .
• Managed IT purchasing equipment, application, vendor management and multiple projects with multiple field offices.
• Monitored/managed deployment of equipment s, warranty, inventory, service quality and reducing costs of day - to-day operations.
• Reengineered IT mobility, reducing cost by 50%, reducing printing cost by 30%, and reduced IT electricity cost by 20%.
• Conducted research, recommend and evaluate new technologies, products, services, and procurement and development efforts.
• Managed staff of 5and available on call 24/7.

Confidential

Systems and Security Administrator

Responsibilities:

• Administered & managed vulnerability assessment and patch management on Windows Servers, Workstations and laptops.
• Assigned space restrictions, created end user accounts, permissions, and access rights using Active Directory and Confidential .
• Administered physical card reader access\CCTV system, created end user accounts, permissions, and access rights perfect secure.
• Performed day - to-day / weekly maintenance of systems hardware, tape drives, and upgrade Firmware, Patches and Service Pack.
• Performed System forensic analysis, SPAM analysis, OS hardening and managed Enterprise endpoint Anti-Virus management.
• Administered Novell GroupWise server to create new users for email messaging system using NWAdmin or Confidential .
• Administered BlackBerry system, created user accounts, permissions, and access rights, device security using Confidential Manager.
• Created app packages via Wise Package Studio 4.5, test and deploy software packages/upgrade using LanDesk Management.

Confidential, New Rochelle, New York

System Engineer

Responsibilities:

• Responsible for all aspects of Networking, Computer & Windows 2000/NT 4 Servers functions within the college.
• Administered Servers, maintained daily backups and coordinating Backup library for maintaining the disaster recovery project.

Confidential

Network/Security Operations Center Supervisor, New York

Responsibilities:

• Responsible for every aspect of day - to-day operations of the Firm s global network, data center, and local area network infrastructure.
• Operated, and observed IT systems, Proxy, Firewall, IDS/IPS, spam, using automated monitoring tools, networks, data centersservers, OSs, applications, Blackberry, web, associated hardware equipment, physical security\CCTV system Confidential TempUPC faulty output and errors to ensure overall correct operation procedures of national and international multiple locations.
• Performed day-to-day / weekly maintenance of systems hardware, tape drives, and upgrade Firmware, Patches and Service Pack.
• Worked with on-call staff/management, vendors, or other appropriate contacts to resolve the situation as quickly as possible.
• Communicated production problems to affected users as appropriate. Ensure daily check off lists and turnover logs, daily Service and Status reports have been completed and communicate relevant information to following shifts.
• Performed system backups and recovery. Ensure tape management is followed onsite and offsite, daily, weekly, and monthly.