SUMMARY:

• Information Security Analyst and Systems Administrator with more than 15 years of experience leading the development and support of IT solutions that improve business processes and security.
• Professional strengths include excellent analysis and integration, program management skills, a customer - focused work ethic, and active leadership of major technology-focused efforts.
• Currently seeking Administrator or Analyst position in systems security and/or compliance.
• Notable professional achievements as an IT Systems Administrator and Analyst
• Managed efforts to automate operational tasks, establish backups and business continuity, deploy and integrate new technologies, and achieve and maintain security standards compliance.
• Implemented advanced software and operating system configurations that improved the security, reliability, integration, and efficiency of computer systems.
• Improved purchasing practices and software selection processes, generating substantial cost and time savings via the reduction of onsite services.

TECHNICAL SKILLS:

OPERATING SYSTEMS: Windows Server 2008R2/2012/2012R2/2016, Windows 10/7/XP, Microsoft Azure, Amazon Web Services, Apple OSX, FreeBSD

NETWORKING: Local Area Network (LAN), Wide Area Network (WAN), TCP/IP, Cisco VPN, OpenVPN

SOFTWARE: Microsoft SQL Server (2008 R2, 2012, 2014), Microsoft IIS, Tripwire Enterprise, Tripwire Log Center, AlienVault, LogRhythm, AlertLogic IDS/WAF/Cloud Security Suite, Imperva WAF, Acunetix, Anti-Virus & Security Products, Microsoft Office, Acronis Backup & Recovery for Workstations and Servers

HARDWARE: Virtual Machines, Servers, Desktops, Laptops (Dell, Compaq, HP, IBM, Toshiba, Gateway)

PROFESSIONAL EXPERIENCE:

Confidential, CO

Information Security Analyst

Responsibilities:

• Worked as the primary contact responsible for enterprise application, system, and network security; monitored network and system device logs for security events; resolved security issues and remediated vulnerabilities, according to findings.
• Conducted penetration testing and vulnerability assessments, ensuring that the validation of endpoint security and patch management adhered to established methodologies and best practices.
• Ensured that all hardware, software, and firmware were properly updated, while also recommending and implementing upgrades and updates according to operational requirements.
• Developed system controls and policy frameworks to harden and validate devices according to NIST, CIS, NCUA, FFIEC, and GLBA standards.
• Created and communicated reports detailing security postures and devices; advised executive personnel on actions to remediate security-related issues throughout the enterprise.
• Developed and maintained a comprehensive knowledge base detailing emerging security trends, including information describing up-to-date attack methods, security vulnerabilities, and recommended methods for resolving security vulnerabilities.
• Improved security awareness by developing and delivering new training programs.

Confidential, Scottsdale, AZ

IT Security, Compliance, Systems, and Network Administrator

Responsibilities:

• Managed and completed PCI DSS v3.2 assessments, interfacing with PCI DSS QSAs (Qualified Security Assessors); established and maintained annual PCI DSS Level 1 compliance for six years.
• Developed and maintained all IT security and compliance policies, procedures, and training.
• Installed and configured IT security systems, including File Integrity Monitoring (FIM), Security Information and Event Management (SIEM), enterprise anti-virus, Web Application Firewalls (WAF), Intrusion Detection Systems (IDS), and centralized administration tools.
• Deployed and configured Windows servers, Active Directory, database clusters, and local area and cloud networks. Managed initial setup and two migrations of the company’s PCI DSS environment.
• Configured and automated backup, update, and maintenance procedures, which improved system uptime and reliability.
• Performed vulnerability assessments and scans, remediated locally-stored PCI data, and implemented security hardening standards, configuration reviews, and compensating controls for PCI compliance.
• Implemented efficient modular and integrated solutions throughout the IT infrastructure; coordinated and managed the implementation of third-party security software and services.

Confidential, Phoenix, AZ

IT Manager

Responsibilities:

• Led the delivery of IT implementation and support services, providing expert direction, strategic development, management, and leadership during the fulfillment of IT objectives.
• Conducted reviews of proposed technologies, analyzed and documented system evaluations, and used findings to develop, test, and deploy new IT solutions and strategies; achieved improved enterprise technology architectures.
• Communicated with project participants and stakeholders throughout technology-driven initiatives, ensuring efficient business care and communication during the completion of IT projects.
• Negotiated vendor agreements and managed vendors responsible for implementing and servicing door security/access card systems, telephone systems, and A/V equipment.
• Developed standardized processes for system backups, data retention, database maintenance, PC imaging and deployment, security, and configuration procedures.
• Deployed and maintained all PC, server, applications, and network infrastructure.