SUMMARY:

Well rounded business professional with eighteen years progressive experience in MIS. Proven leader combining strong work ethic and genuine concern for others to inspire, motivate, and effect changes. Effectively work with stakeholders and end users to obtain the scope of the problems and find a solution.

TECHNICAL SKILLS:

HARDWARE: SUN ULTRA, Blade, HP - UNIX, Cisco Catalysts 7500, 6509/13, 7500, DELL Power Edge SERVER, IBM 3090

LANGUAGES: SQL, Cisco COS, IOS, UNIX Shell Scripts

OPERATING SYSTEMS: WINXP - 2003 Server and Workstation, SOLARIS, HP10.X, CITRIX, MS Terminal Server, Red Hat

SECURITY ASSESSMENT TOOLS: ISS vulnerability scanner, Foundscan Enterprise Security Scanner, Agilant Technologies SNIFFER, BlackIce, Symantec virus scanner, comp check scanner, Mac Afee Enterprise virus scanner, Retina security scanner, Netstumbler, Nessus Vulnerability Scanner, Big Brother network monitoring tool, Phone Swipe, John the Ripper, and Crack, forensic analysis tools Encase, Foundstone Technologies, Ethereal. Cisco Works, Concord Network Analyzer, Forensic Security Analyzer, Anti Spy tools, Symark Password Manager, Malware removal tools, Lava Soft scanner, Network Ice, CIS Benchmark and scoring tool, UNIX, Linux and Windows patch management, CSMARS, Websense Internet Content Filtering, IMPERVA, Aruba, Whitehat, and Qualys Vulnerability Scanner, Symantec Enterprise AV, Symantec End Point Protection, Network Access Control, Desktop Application Control, DLP tool sets.

FIREWALLS: Checkpoint, Juniper Net-screen ISG2000, CISCO 7500 Router (ACL), Linux Firewall

IDENTITY AND ACCESS MANAGEMENT: LDAP, AD, NIS

INTRUSION DETECTION SYSTEM: ISS Real Secure, ISS Proventia

REMOTE ACCESS AUTHORIZATION: VPN, VMware technologies, ForeScout NAC

ENCRYPTION: PGP mail and Disk, SSL, and RSA Secure ID, Point Sec laptop encryption, DB whole disk, network, file level, Symetric and Asymetric.

EMAIL FILTERING: Websense Content Filtering, Symantec, Sophos, McAfee Enterprise Anti Virus

SECURE FILE TRANSFER; FTP, SFTP, HTTPS:

PROJECT MANAGEMENT: Primavera Enterprise Manager, Borland Caliber for Risk Management.

VIEWING UTILITIES: Adobe Acrobat, Intravsion

SOFTWARE: Remedy, Service Now, Samba, Windows (UNIX), Microsoft Office XP, X-Windows 7

DATABASES: ORACLE SERVER 7.x-11i, CLEAR CASE, REMEDY, MS SQL Server, Clarity

STANDARDS: SDLC, IDLC, Security Development Life Cycle, ISO2700X, PCI-DSS, GLBA, SOX

KNOWLEDGE OF: Web services, ETL tools, data integration, document management, and/or service development (SOA) as they relate to information security

STRENGTHS:

• Tactical security solutions role where able to designing and figuring out how to meet security standards
• Telecomm, Mortgage, Financial, and retail Industry experience
• Application Migration experience
• Good relationship and management skills
• Flexibility and adaptability in the face of changing priorities
• Ability to evaluate and manage risk
• Ability to manage several unrelated efforts simultaneously
• Ability to negotiate resolutions of conflicting security and business objectives
• Strong understanding of information security concepts, threats, vulnerabilities, and controls
• Unquestionable integrity
• Teamwork orientation
• Demonstrated perspective and good judgment
• Willingness to assume responsibility

PROFESSIONAL EXPERIENCE:

Confidential, Dallas, TX

Sr. Information Security Architect

Responsibilities:

• Providing range of technical expertise to facilitate security solutions, design, risk assessment, compliance, technical reviews of various access (logical and physical, Cloud Security, Cloud implementations) to meet day to day business requirements, infrastructure security, application security, needs.
• Serving as Senior corporate information security architect in Confidential headquarter in Plano TX.
• Lead and designed RAC Cloud security models for transactional processing utilizing Amazon infrastructure.
• Provide leadership into how enterprise can implement policies that will secure enterprise information. Worked security staff, Risk and Compliance to ensure we have proper planning, implementation and testing processes to ensure security requirements are being adhered. Worked with Information
• Management Security staff helping educate users and admins on best practices and processes.
• In addition worked internal and external development teams, project management leadership and spent management organization to ensure that:
• Company assets are protected in a cost-efficient manner.
• Security is adequately implemented and socialized among the internal and external development and QA teams
• Security best practices are followed in order to maintain the company’s stated security posture throughout all phases of the development lifecycle, including all security requirements are met.
• Developed designs documentation public key infrastructures (PKIs), including use of certification authorities ( Confidential ) and digital signatures as well as hardware and software; adhering to industry standards.
• Researched security systems by evaluating network and security technologies; developing requirements for Amazon Cloud based solutions for transactional processing, local area networks (Internal and Cloud based LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices designed to meet network segmentation goals in a global enterprise environment.
• Facilitate the development and implementation of security procedures and measures to ensure that information security is tightly integrated into each phase of the relevant development and acquisition lifecycles and follows appropriate security policies.
• In coordination with various departments and the Sr. Director of the Security Office, define, design and implement security goals and requirements for all development, pre-production, and SaaS/IaaS/PaaS systems, project and processes including but not limited to: authentication, authorization, access control enforcements, transaction privacy, non-repudiation, intrusion detection and containment, audit proof of wholeness, and protected communication by utilizing appropriate technologies such as firewalls, VPN, logs, intrusion detection, password policy enforcement, physical access controls, software controls, etc. and assure that service requirements are continuously met during pre-production.
• Coordinate the security hand-off of all projects and releases as they are moved into production.
• Perform security testing and test case development to ensure that security requirements are met before work is released to production.
• Develop high quality architecture deliverables, conducts formal design reviews, and obtains approval from key stakeholders for various projects.
• Proactively driving ongoing risk mitigation; identifying security gaps; and evaluating and implementing enhancements.
• Identified design alternatives that satisfy the system and business requirements and presents pros and cons for each solution for business decision based on risk based methodology.
• Conduct third party security risk assessments to identify gaps based on corporate security policy, standards, and best practices. Reviewed third party SOW, MSA, and other contract documents. Provided information security recommendations to legal department based on policy and standards.
• Played an advisory role with application developers, software engineers, system administrators, database administrators, network engineers and offshore production support personnel acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Complete remediation activities and initiate actions to ensure that compliance and security gaps are successfully addressed.
• Lead and developed security design and architecture solutions on large enterprise projects.
• Work with Infrastructure, solution architecture teams to create technical security architecture integrating multi-tiered applications, databases, directory services, application servers, network infrastructure, and understanding security and dataflow within these components.
• Provides technical decisions on projects, program direction, and application modifications with director level authority to make changes to projects based on security requirements.
• Communicate with other members of the security team to keep senior leadership apprised of the risks and threat landscape. Offer recommendations on the best course of action to stay in line with budgets and resource.
• Partner with audit, privacy, legal, compliance and legal teams to ensure all projects meet regulatory compliance
• Act in an advisory role in application development and acquisition to assess security requirements and controls and to ensure that security controls are implemented as planned.
• Enhances security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
• Stay abreast of current technology, new technological advances and company standards
• Engage across IT and the business to ensure an understanding of the importance of information security to protect Confidential data and technology assets.
• Collaborated on critical IT projects to identify and document best practices with Confidential infrastructure teams and vendor applications and hardware to design secure architectures for their deployment.
• Performed gap analysis across the organization to identify and document risk and to identify unnecessary complexity in existing processes and procedures; work with IT and database and applications owners on mitigation.
• Research and recommend tools to help manage security analysis, process, and risk
• Determine security requirements by evaluating business strategies and requirements; research information security standards; conduct system security and vulnerability analyses and risk assessments
• Produced security and risk reports as needed. Ensure that security issues and risks identified are properly document, communicated, escalated and resolved.
• Maintains relationship with vendors, consultants, and appropriate agencies to ensure optimum service level and that the new systems and code are in full compliance with statutory and regulatory requirements

Confidential, Dallas, TX

Information Security Architect/Consultant

Responsibilities:

• Served as Information Security Architect with limited supervision applying previous technical skills to recommend, implement, support, improve, and operate information security controls.
• Develop secure system and network architectures
• Assist other Teams in securing their architectures at the logical and physical levels.
• Supply expertise to management, business area and IT Teams in risk assessment as well as implement appropriate data security controls and monitoring principal accountabilities.
• Develop secure strategies and architecture
• Access, report on, and make recommendations regarding current and proposed architectures, strategies and systems.
• Support IT related projects as an information security SME and provide support throughout their lifecycle.
• Performed security checkpoint review, ensuring security requirements (standards) have been identified and adequate testing has been performed.
• Review systems and processes for compliance of Ally Bank-GMAC clients and suppliers.
• Provide information security assessment expertise for risk assessments.
• Participate in Global Information Security process and improvements.
• Continuously improve information security knowledge and skills.
• Provide thought leadership by identifying new information security threats, emerging technologies, and counter measures as assigned.
• Assist in responding to audits requests and issues.
• Assist in the development and implementation of information security-related policies, standards, baselines, and procedures.
• Provide information security expertise for third party risk management.
• Evaluate policy and standards exception requests and respond.

Confidential, Dallas, TX

Data & System Security Manager

Responsibilities:

• Senior security Analysts worked with business partners and IT technology to facilitate the development of secure technology solutions to meet business needs.
• Assessed, reported on and made recommendations regarding current and proposed architectures, strategies, and systems.
• Developed detailed IT security standards throughout enterprise.
• Supported IT-related projects as an information security subject matter expert, providing support throughout their life cycle.
• Performed security checkpoint reviews, ensuring security requirements have been identified and adequate testing performed.
• Reviewed systems and processes for compliance with Confidential information security standards.
• Provided information security expertise for risk assessments.
• Reviewed and updated existing policies.
• Lead multiple Enterprise security initiatives.
• Participated in Global information security process improvement.
• Developed secure strategies and architecture.
• Collaborated with various business partners such as privacy, and SOX and to update SDLC.
• Worked with developers and software engineers to abide by Software Development Life Cycle as well as Security Development Life Cycle.
• As an information security SME provided security guidance and supervised the Software Development Life Cycle revision.
• Worked with IT, Network, and System Architect to design and implement virtual environment for MSP and ASP users.
• Provided security expertise for risk assessments
• Participated in providing security guidance to in Global information security process improvements.
• Continuously improved information security knowledge and skill.
• Provided thought leadership by identifying new information security threats, emerging technologies, and counter measures.
• Assisted in responding to audit requests and issue
• Provided assistance in investigating and responding to information security incidents
• Responsible for evaluation and managing of security risk and threats.
• Successfully architected, designed and implemented various Enterprise information security software and tools.
• Participated in RFP/RFQ and vendor selection and led the security design of the deployment. Technologies included: Database security; Enterprise Encryption- application and whole disk, Authorization and Authentication systems such as two factor authentication, AD/LDAP, Cloud/Virtualization; Data Loss Prevention,;, IDS/IPS; Network Access Control; Security Incidents and Event Management; Web Application Firewalls; Host based controls; Application gateway security controls; Firewalls; Grading third party software vendors and vendor assessments in using Software Development Life Cycle as well as Security Development Life Cycle practices for weeding out security vulnerabilities as well as threats.
• As an information security lead I had cross functional responsibilities with HR, investigation, IT, security, and other departments as well as other business units
• Identified risk and developed solutions to enhance the infrastructure security posture.
• Instigated and tested multiple enterprise Proof of Concepts.
• Responsible for data security program to be implemented effectively.
• Followed up IT and development audit findings and contributed to for closing those findings.
• Drove and promoted best practices and security guidelines for various IT groups.
• As an information security SME provided security guidance for various IT and development teams to produce security best practices.
• Designed and implemented security monitoring and response processes, tools, and techniques.
• Identified and addressed sensitive potential security violations, performing appropriate information gathering before turning over to security investigator.
• Assessed risk of exposure to proprietary data through identification of weaknesses in platforms, access procedures, and forms of access to the organization data and access to technology and communication risks.
• Provided on the ground support to issues arising in the corporate & Regional offices.
• Provided expertise to the information Security Governance and Information Security Operations groups as appropriate on a broad spectrum of information security questions and issues.
• Provided guidance and information security lead on enterprise wide implementation of various technologies such Network Access Control, Application White-listing, Virtual Desktop for MSP environment, implementation best standards for Vmware, and LINUX.

Confidential, Dallas, TX

Network Security Engineer

Responsibilities:

• Performed LAN, DMZ, and internet facing security scanning of mission critical devices on corporate and guest network for potential vulnerabilities, malicious programs and recommended appropriate actions.
• Reviewed and recommended secure system configuration for workstations and laptops, and provided security recommendations.
• Served as an Architect, designed and created documents and process flow for implementation and configuration of Data Loss Prevention.
• Designed best practices for implementation of DLP in conjunction with network administration team.
• Involved with senior executive level management and system administration teams in effecting a seamless DLP implementation.
• Conducted risk assessment of current computing environment and recommend actions in order to reduce the risk of loss to confidential data.
• Performed Enterprise Antivirus scanning and updates for corporate devices.

Confidential, Plano, TX

Information Security Consultant

Responsibilities:

• Architected and designed Confidential policies and procedures for Perot System customers.
• Collaborated with subject matter experts (SME) to define security audit processes and procedures as well as tools.
• Served as subject matter expert supporting program manager office in defining, designing and implementing various projects such as Internet Content Filtering, Secure System Configuration for various Operating Systems and Confidential for event logs correlation for information security purposes from various sources such as UNIX SYSLOG, event viewers, IDS, firewall, IPS, and applications.

Confidential, Ft. Worth, TX

Responsibilities:

• Architected, designed and implemented Symantec Endpoint protection.
• Interfaced with Security Operations ensuring all architected implementations were appropriately assessed and able to be supported
• Knowledge of standards, security controls, information technology and information security
• Led number of successful Enterprise security initiatives.
• As an SME participated in successful development and implementation of information security related policies, standards, baselines and procedures.
• Provided information security expertise for third party risk management.
• Designed and implemented Intrusion Detection and Intrusion Prevention systems.
• Evaluated policies, standard, and exception requests.
• Conducted risk assessment of entire infrastructure.
• Evaluated and managed risk.
• Provided security guidance to new application and platform.
• Defined and developed information security processes.
• Implemented and configured information security tools.
• Conducted threat assessments.
• Mentored users on information security concepts, threats, vulnerabilities and controls.
• Negotiated resolutions of conflicting security and business objectives.
• Conducted technical assessments of risks, threats and vulnerabilities related to new and existing information systems.
• Conducted monitoring, measuring, testing, and reporting on the effectiveness and efficiency of information security controls and compliance with information security policies.
• Ensured adherence to company policy.
• Collaborated with Security Operation teams to ensure the new security architecture are appropriately assessed and able to be supported.
• Designed and architected with senior level management from various engineering, HR, IS, physical and global security teams to implement DLP tools sets for monitoring data in motion and at rest.
• Managed IT security compliance
• Managed all remediation and mitigation of security vulnerabilities whether within production as well as developments and labs.
• Conducted information security awareness for present and new employees.
• Participated in Architectural Review Board providing security guidance on new implementations.
• Managed the security Confidential Ft Worth Data Centers.
• Oversaw technical roadmap and provided input to product roadmap.
• Conducted RISK assessment as needed.
• Managed security audits--mainly GLBH, SOX, and PCI for Confidential sales offices and remote locations.
• Created process and policies for DLP incidents based on Confidential global policies.
• Conducted security audit and compliance on GLBH, ISO 17799/27001 , SOX, and PCI policies and procedures.
• Assisted IT Security Operations in audit and secure configuration of network/information security technology platforms, in accordance with Confidential Standard Operating Procedures and ISO17799 policies.
• Maintained detailed documentation of technical requirements, technical and security architecture, and application security features.
• Monitored and analyzed system security activity for suspected intrusion attempts, abnormal system activity and potential security breaches.
• Audited and enforced compliance with policies and standards.
• Investigated security incidents and coordinated incident response measures with Confidential Information Protection Services.
• Defined security requirements to support the business and technical requirements.
• Reviewed and recommended secure IT architecture, application design and provided security recommendations.
• Provided support to IT Operations in risk assessment, penetration testing, and implementation of security
• Conducted application and software security scanning of all devices and critical systems on the network for potential vulnerabilities, malicious programs and recommended appropriate actions, including checks for War-dialing.
• Gathered security intelligence information regarding threats towards IT resources and priorities, advised and acted accordingly.
• Conducted application security scanning using tools such as webscan and appscan during SDLC phases of application developments.
• Participated and provided guidance to applications development teams in various phases of SDLC
• Provided self inspection security guidance to Systems and Network Administrators.
• Conducted inspection and auditing of all network closets, and computer rooms for environmental health and safety inspections.
• Acquired knowledge and understanding of work activities and applied knowledge to improve processes effectively.
• Designed and implemented two pair of HA firewalls between corporate network and engineering labs.
• Provided technical support as a Fort Worth network administration for Confidential MSPG
• Configured various ports, supported all network routers and switches, administration of firewall ACL’s between corporate network, various engineering and developmental labs.
• Troubleshot network bandwidth issues related to DoS.
• Evaluated, tested, installed, recommended, and configured various networking software and hardware.

Confidential

System Engineer

Responsibilities:

• Provided technical and software expertise as member of Senior Software Administration and Application Support, Application Security, Engineering third level support for Confidential ’s Engineering Computing.
• Worked with application development teams to follow Software Development Security Standards.
• Served as a liaison between application support engineering, Clear Case support, UNIX system administration, and Network Management teams.
• Support of critical of UNIX engineering applications tools, UNIX Security, Distributed Servers, mission critical systems and Oracle DBA, and patch management supports.
• System and applications troubleshooting, performance monitoring, tuning, installed locally or RAID Storage and NIS (soft and hard mount).
• Managed Confidential license Manager, modified of various wrapper files, License upgrades, assigning new IP addresses, backup support for UNIX helpdesk, installation, configuration of Oracle Enterprise Server database 7.3.4 - 8.1.7 , volume/sizing, file structures, backup, UNIX clients and application connectivity to Oracle Server.
• Conducted testing, documentation, and purchase proposals included (hardware and software).
• Had frequent interaction with third party technology vendors.
• Designed and Implementation of strategic projects such as installation and configuration Lanier printer copier for Ft Worth UNIX engineer community, cross platform access, and roll-out of Enterprise Program Management tool for Confidential Fort Worth.
• Nominated cross platform champion through Confidential Messaging Systems for implementation and roll-out of NCD WinFrame 1.7 and Microsoft Terminal Server.
• Served in a steering committee and as an advisor on various projects, coordinated connectivity issues between Fort Worth, Singapore, China, U.K, Chandler, Chicago and Boynton.
• Provided project management and occasional leadership across functional teams, and developing new tools and processes for engineering community.
• Tested, developed system documentation, worked with Network support to implement routers, switches and created a secure computing environment.