PROFESSIONAL SUMMARY:

• A solutions - oriented hands-on IT Security Engineer with notable success as a Mainframe Confidential Security Subject Matter Expert.
• My overall experience includes Application Development, Security Administration, Risk assessment, Contingency Planning, Disaster Recovery testing and Audit Finding remediation.
• Responsible for reviewing security and identifying exposures for all new and existing applications, operating systems and interfaces. I review the controls over all network interfaces connecting to the mainframe as they apply to regulatory bodies, and Liaise with auditing entities to remediate findings
• Conduct security reviews over all applications and system resources to ensure administrative guidelines are being followed.
• I develop and run reports to identify out of compliance conditions such as user accounts exceeding established periods of inactivity and accounts inappropriately provisioned to privileged authority or data. I monitor SMF data to track activity of privileged users and attempts by unauthorized personal to access sensitive data or Confidential . I conduct periodic user and access recertification.
• Participate in corporate DR tests to ensure that all controls are maintained as required and use the opportunity to test any planned new controls without a worry of impacting normal processes..
• Provide 24 by 7 on call support for production issues. Open and process service desk and change tickets and am working to implement Endevor to control the SDLC process

SOFTWARE/UTILITIES/TOOLS:

Confidential Z/so 1.13, CA-Etrust, cleanup, CICS WEB Services, RRSF, TPX, COBOL, ASM, CICS, DB2, MQ, REXX, TSO, ISPF, UNIX Systems Services (USS), Hierarchical File System (HFS), MVS JCL and utilities, VANGUARD Product Suite, Websphere

EXPERIENCE:

Confidential

Information Security Engineer

Responsibilities:

• Served as project leader for all mainframe security efforts
• Serve as lead liaison to all Auditing Entities and regulators in developing and remediating findings, this includes SOX, DISA, NIST, IRS and HIPPA
• Deployed Confidential controls over network applications including TCPIP, SMTP, FTP, NDM, NJE and MQ
• Deployed controls over SDSF, Operator and Jes2 commands
• Recertified Hospital, Dental and Medical claims systems users and entitlements
• Eliminated 70,00 DISA findings through use of Vanguard Configuration Manager
• Consolidated the Confidential databases for our PPO and HMO environments into one, using Vanguard Administrator to rebuild profiles as required
• Activated Confidential UNIX controls(USS)
• Participated with the Hurricane Sandy recovery team to build new Data and disaster recovery centers
• Led Security efforts to separate Government Programs data from corporate
• Implemented Confidential controls for SAR/CA-view a report archive system
• Designed and deployed Confidential controls for Endeavor, a Change Management application
• Developed Confidential administrative tools for the help desk to use for various administrative tasks
• Working with network team to implement Sun Single Sign-on Solution
• Liaise with Third party Vendors and Legal in support of contact renewal and procurement of new software and services
• Tested and implemented Confidential controls for CA7 Server
• Provided security for CICS Host bridge and Omegamon applications
• Synchronized Confidential controls across all corporate environments
• Implemented started task security and eliminated the started task-id to ensure that all jobs ran with a user.
• Reviewed controls over CICS operator transactions and eliminated inappropriate access
• Recertified all account access to CICS, DB2, TSO Batch removing update access and replacing with Read or none
• Set up an access violations tracking process for logons and data
• Activated mixed case passwords
• Upgraded Confidential and Vanguard to version 1.13
• Provide coverage for Disaster Recovery tests ensuring that appropriate controls are maintained in a disaster
• Provide 24 x 7 production problem support
• Eliminated use of Confidential operations by replacing with an appropriate level of authority
• Provided training and tools for group administrators and the Support Desk
• To address Audit findings Implemented Confidential protect-all to ensure that all data was secured by default.

Confidential

Project Manager

Responsibilities:

• Instrumental in developing and implementing authorization and authentication controls over CICS WEB Services ensuring that the same high level that existed in the green screen environment was carried forward.
• Partnered with the Corporate IT outsourcer (IBM) to write the annual corporate controls agreement (GSD331).
• Led efforts to engineer a Corporate Entitlements review and Provisioning tool (Sun Identity Manager).
• Implemented and supported CA Etrust Cleanup, designed for monitoring and removing obsolete entitlements. This effort addressed an open entitlement audit issue and additionally reduced costs by enhancing the overall operating system performance and reducing storage.
• Spearheaded efforts to implement SSL encryption for all 3270 emulators to protect credentials and other sensitive data flowing between the Work Station and the mainframe.
• Managed efforts to maintain, support and install existing and new third party security software products such as Vanguard Administrator, CA-Examine and Etrust Cleanup.
• Liaised with the SOX auditors to develop controls and document evidence to re-mediate all issues
• Coordinated efforts to integrate and document corporate security policies, standards and procedures in accordance with ISO 17799, Sarbanes-Oxley and Federal Regulations. Performed Gap analysis to assess compliance across all Business Groups.

Confidential

Senior Engineer / Project Manager

Responsibilities:

• Installed, configured, tested, and implemented all new Confidential Security releases and new features.
• Member of the Computer Security Incident Response Team (CSIRT) charged with the responsibility of determining daily risk and remediating incidents. I was responsible for Mainframe related issues.
• Implemented and supported Vanguard Suite of Products a third party vender product that included Administrative, Automation, Incident Reporting, Intrusion detection, Remote access control and compliance related technologies.
• Managed efforts to test, document and implement the following Confidential controls and performance enhancement features:
• Application Index Mapping to improve performance of UNIX Systems Services entitlements checking
• Confidential Data sharing to improve Sysplex performance by storing Confidential information in the coupling facility.
• Designed a global RRSF network to allow Confidential command and password propagation across all LPARS.
• Developed a strategy to use Confidential to protect applications running under Websphere, and CICS.
• Installed the Confidential LDAP to allow distributed systems to use Confidential for authentication
• Advised on the development efforts of a new application designed to provision Confidential entitlements
• Designed and implemented a strategy for using Confidential to protect FTP commands by participant group
• Coordinated efforts to in-source security entitlements from NSCC and FICC subsidiaries.
• Implemented Confidential controls for MQ and Swiftnet

Confidential

Data Security Project Manager

Responsibilities:

• Project Managed efforts relating to implementation and support of security controls over Information Security assets.
• My responsibilities included installing and implementing new security tools and features for Confidential and other related products and designing automated solutions to replace manual administrative efforts.
• Managed the Data Security Operations Team with responsibilities that included the implementing an Information Security program, development of a Security plan, setting goals, maintaining a budget, remediation of audit points, training staff, advancing best practices, implementing and supporting access control software ( Confidential, TPX and VMSECURE), provisioning and entitling users, automating administrative processes.