SUMMARY:

• I have been an IT professional for the past 20 years with the last 16+ years focusing on Information Security Management, Architecture, Engineering, Governance, Compliance, Risk Management, and Project Management.
• I have experience with many security frameworks that include, PCI DSS, ISO 27001 - 27002, CSC, NIST, CSF.
• My current goal is to find a rewarding position in the Information Security field that allows me to apply the experience I have acquired to strengthen the overall security posture for my employer.

PROFESSIONAL EXPERIENCE:

Confidential,Cherry Hill, NJ

Information Security Manager

Responsibilities:

• Performed security assessment of critical systems and applications to identify security gaps within the enterprise. Rated findings in terms of risk and potential impact to business and reported to senior management.
• Created and manage a risk register of potential business impacting security issues. Report findings and updates to senior management on a monthly basis or as needed.
• Re-architected DMZ to minimize risk and exposure to Pinnacle’s internet facing environments.
• Introduced and manage the Information Security Awareness program.
• Created and manage Pinnacle’s vulnerability management program.
• Migrated the existing email filtering solution to Proofpoint. Established policies to help prevent email spoofing and phishing of the domains Pinnacle owns. Enabled GEO blocking of unfriendly nations.
• Manage MSS provider relationship and their role.
• Implemented LogRhythm SIEM environment to monitor critical assets. Established rules to notify and alert applicable staff of predefined security events.
• Maintain an ongoing 5 year project roadmap including budget projections.
• Installed a Tipping Point IPS environment. Monitoring and blocking applicable traffic on several network segments.
• Implemented Cisco’s wireless intrusion prevention system. Monitoring for rogue AP spoofing attempts of Pinnacle’s wireless networks.
• Installed RSA SecurID. Using Risk Based Authentication and On-Demand Authentication schemes on several remote access portals.

Confidential,Philadelphia, PA

Senior Information Security Engineer

• Lead Confidential 's vulnerability management program.
• Participated in proof-of-concept of Amazon's Web Services (AWS) for Confidential .

Confidential,Leesburg, VA

Senior Information Security Engineer

• Managed Check Point firewalls running R71 through R75.46 on SPLAT and GAIA platforms. Managed the Check Point IPS, SSL Mobile Access, and IPSEC VPN blades.
• Managed the Blue Coat Proxy appliances and policies for approximately 15,000 users.
• Assisted in installing and managing QRadar SIEM environment.

Confidential,Bryn Mawr, PA

Information Security Manager

• Performed a security assessment of Aqua Confidential ’s IT infrastructure and created a project plan to implement needed security infrastructure and processes and controls. Created and prioritized Information Security department projects and roadmap and implemented additional infrastructure based on the level of risk and need.
• Performed ongoing gap analysis of business systems and processes to identify and strengthen any security weaknesses. Performed ongoing processes of identifying and eliminating legacy protocols and authentication processes, e.g., FTP, Telnet, HTTP.
• Managed and administered Aqua’s entire data security infrastructure, e.g., firewalls, IPS’s, proxies, RSA appliances, log management servers (SIEM), Anti-Virus, secure FTP server, and vulnerability management servers.
• Member of Aqua’s IT Steering Committee and Security Precautions Committee.
• Managed several security provider services for internal and external vulnerability assessments and penetration testing.
• Reduced Internet security threats by up to 75% by implementing an aggressive GEO 'block list' ACL on our border internet routers. This policy effectively blocks all rogue inbound internet traffic emanating outside of North Confidential .
• Purchased and installed clustered Juniper firewalls and management server.
• Implemented a multi-authentication environment using RSA SecurID appliances and tokens. Incorporated RSA tokens with Aqua’s Citrix Access Gateway environment for all remote users requiring remote access to Aqua’s data networks.
• Purchased and installed Rapid7 Nexpose vulnerability management server. Performed ongoing vulnerability assessments on critical infrastructure. Purchased Tenable’s Nessus plug-in subscriptions to provide vulnerability scanning of our public facing networks. Worked with business unit leaders/managers and IT staff to assist in the prioritization and remediation process.
• Installed multiple TippingPoint IPS devices to enhance perimeter security.
• Implemented ArcSight Express to monitor and react to threats and applicable security events.