AREAS OF EXPERTISE:

• RACF
• Windows - NT, 2000, 2003
• 0S 390
• JCL
• TSO
• Active Directory Users & Computers
• All Microsoft Administrative Tools
• Microsoft Access
• DOS
• PeopleSoft
• Terminal Services
• Vanguard
• Alieta
• DB2
• Oracle
• UNIX-AIX
• Oracle Idenity Management System

• Hyena, Microsoft SQL, FrontPage, WebSphere,
• ISeries 570, BindView, Lawson, Novell,Softerra 3.5

EXPERIENCE:

Confidential, GREEN BAY, WI

Information Security Analyst

Responsibilities:

• Administer access via Oracle Identity Management System to include: OIM, ORM, OAM and OTM pieces.
• Write and create reports in SQL
• Administer access to Oracle Database accounts via Oracle Enterprise Management (OEM)
• Create new user ids for all new associates and contractors
• Administer access to internal applications
• Applications include: Active Directory, Unix, Mainframe(RACF), Checkpoint Firewall
• Internal Confidential applications: Cognos/Star, SumitWeb,
• Termination of all associates and contractors
• Process requests for transfers of all associates and contractors between Business Units or due to change in responsibilities
• Answer questions concerning access levels, access problems and password issues for all above applications.

Confidential, Oxford, NC

Internal SOX Audit

Responsibilities:

• Conducted a SOX audit of the IT General controls for Data Access. The controls included:
• Password resets - Procedural completeness, effectiveness and practice
• Data Owner approval, knowledge and evidence for requested changes
• Responsible for writing and producing reporting in SQL
• Use of System, Application and Firecall ids - procedural definition of use, password resets and scope of authority
• Creation and termination of individual accounts, internal and external
• System and application settings for password complexity, lockout and expiration
• Documentation, evidence, testing criteria and conclusions for the covered areas

Environment: Windows 2000/2003/XP, Active Directory, LDAP, CA-Unicenter, Oracle, Lotus Notes, AIX

Confidential, Chapel Hill, NC

Senior Security Analyst

Responsibilities:

• Implement, integrate, and support Confidential of NC’s infrastructure with a simplification of technical reports for Mainframe, Active Directory, ISeries and PowerMHS applications.
• Design, Develop, follow, and implement infrastructure security policies, standards and guidelines.
• Research new security technologies and industry standards / tools.
• Auditing/Investigation/Reporting
• Monitored Security reports and took appropriate action
• Updated Audit logs to reflect actions taken for each report
• Communicated with management to ensure proper action taken and proper access provided.

Environment: Windows 2000/2003/XP, Active Directory, LDAP, Top Secret, ISeries, Novell GroupWise, Peregrine

Confidential, Charlotte, NC

Information Security Analyst

Responsibilities:

• Performed a review of existing procedures and updated when appropriate
• Completed requests for access to any and all applications using the procedures
• Trouble shot access problems for applications
• Trained new analysts to ensure proper completion of access requests and problem resolution.

Environment: Windows 2000/2003/XP, Active Directory, LDAP, Novell, Novell 5.5 servers, RACF, MS Outlook, Peregrine, DB2/IMS, CICS, Siebel, PeopleSoft

Confidential, Charlotte, NC

Information Security Analyst

Responsibilities:

• Provided requested documentation for related SOX internal and external audits.
• Reviewed any new resource created to determine if the SOX designation was attributable.
• Developed, designed and implemented management reports to ensure proper review of SOX resources.
• Continually reviewed any related changes in State and Federal law for adjustments to the Sarbanes Oxley requirements.

Environment: RACF, Vanguard, Windows 2000/2003/XP NT, Active Directory, LDAP, IIS 6.0, NTLM V2.0, Kerberos, SSL, IMS/DB2, Lotus Notes, Hyena, Aelita, AIX, Solaris, Oracle, MQ Series Messaging, Websphere

Confidential, Charlotte, NC

Information Security Consultant

Responsibilities:

• Design feasible / reliable Active Directory for client requirements
• Active Directory Migration Consulting (Windows NT / Windows 2000 / 2003)
• High-Availability / High-Reliability Active Directory Solutions
• Provide Active Directory Authentication strategies / solutions
• OU / GPO Design & Implementation (including security strategies)
• Microsoft Active Directory Infrastructure Security Consulting/strategy
• Provide Enterprise wide load procedures and Desktop Deployment Strategy
• Design Web Servers / application servers
• Monitoring and Troubleshooting Active Directory Events and reporting counter-measures to ensure directory availability
• Research new Directory Services / security technologies and industry standards / tools.

Environment: Active Directory/LDAP, Windows NT and 2000 Servers, RACF, Vanguard, BOKS. PeopleSoft, XML, RSA Key Fobs.

Confidential, Charlotte, NC

Information Security Consultant

Responsibilities:

• Developed a plan that included the percentage of requests reviewed per analyst, the method of communication with the client and the reporting structure provided to management.
• A ten percent ratio was used at the beginning
• As the program began to show positive results, three more staff members were added
• The percentage of requests reviewed climbed to eighty percent
• The error rate went from fifteen percent to less than one percent
• The resulting savings in time allowed requests to be completed in a full day less than prior to the QA system implementation.

Environment: RACF, Lotus Notes, MS Access database.

Confidential, Charlotte, NC

Information Security Officer

Responsibilities:

• Researched current methods for securing remote access
• Selected the Secure-ID card system, which was eventually purchased by RSA
• Managed the creation of the necessary software and connections with the applicable applications and platforms
• Implemented the necessary internal tracking for budgeting and trouble-shooting
• Provided off-hours support of system ensuring proper access and system availability
• Member of CERT Team

Environment: RACF, Lotus Notes, Secure-ID, VAX-VM, Nortel.

Confidential, Tysons Corner, VA

Operations Officer

Responsibilities:

• Created and implemented a plan to convert the retained First American employees UserIds to new First Union UserIds
• Validated that all First American client accounts were converted without a loss of assets or access
• Assisted in merging the First American Disaster Recovery plan into the existing First Union Disaster Recovery plan

Environment: RACF, Lotus Notes, VAX-VM, Top Secret.