SUMMARY:

• Mark Lee is a IT Security professional with 15+ years of experience in diverse IT Technologies; emphasizing identity, access, authorization management, risk assessment while enforcing security best practices of NIST, HIPAA, FISMA and FDA standards; ensuring confidentiality, integrity and availability of corporate assets.
• He has extensive knowledge of IT: Application Hardening, OSI model, TCP/IP, Networking protocols/ports Active Directory, Databases, Malware Vulnerability, Threat analysis…
• Performed Information Security related consulting to project teams i.e. Epic Healthcare Electronic Medical Records, Sunquest Lab Information Systems, Philips Radiology Picture, Archiving, and Communication (PACS) Administration.
• He has 4 years experience in the configuration of RAID oriented Storage Area Network (SAN)’s and has configured clustered HA Application and Database Servers.
• Assured Data Archiving and Integrity by automation of SAN backups. Experienced with the SNMP SAN management protocol.
• He a passion for CyberSecurity and a commitment to lifelong learning evidenced by achieving the Master certificates in Project Management and Cyber Security from Villanova University; and achievement of SIEM and Security + certifications
• Conducted security evaluations, development of security categorization.
• Responded to incident investigations to detect and respond to threats.
• Supported Bayer’s Identity and Access controls utilizing SAP’s Identity and Management System (IAM) for User Authorization, Authentication and Auditing; Conducted Security Audit sessions within the Bayer Laboratory Systems.
• Certified as a Splunk’s Security information and Event Management ( SIEM) User. Certified to support threat detection and security incident response through the real - time collection and historical analysis of security events. CompTIA Security+
• He is a motivated self-starter and committed to corporate compliance to Security.

PROFESSIONAL EXPERIENCE:

Sr. IT Systems Analyst

Confidential, Woonsocket, RI

• Having a strong background in, or understanding of, Information Security Policy and The HITRUST (Health Information Trust Alliance) controls, I have facilitated Confidential ’s Enterprise Policy and Procedure review; ensured CVS Health’s alignment with 533 HiTRUST controls across 19 Domains or Assessment categories.
• Facilitated the CVS Health organization achieve the implementation and certification of the HITRUST Common Security Framework (CSF) version 9.1 Level 3. This comprehensive and certifiable security framework was deployed by CVS Health and their business associates to efficiently achieve regulatory compliance and risk management.
• Collaborated with Business Process Owners to document evidence of compliance to the HITRUST recognized standards and regulatory requirements from NIST, HIPAA/HITECH, ISO 27001, PCI DSS, COBIT;completed according to SOC 2 criteria, achieving successful security framework certification at CVS Health.
• Tracked Policy and Procedure (P&P)Gaps and tracked P&P Gap Remediation ; updating post P&P Remediation scores appropriately.
• Reviewed and updated Policies, Standards &Procedures in CVS Health’s Document and Management Library (P&P Portal)

Sr. Systems Analyst - Security (Consultant)

Confidential, Cleveland, TN

• Facilitated and managed Bayer’s IT Systems policy for Data Integrity Initiatives and gap analysis and remediation through systems security evaluations, periodic reviews for risk assessment and management.
• Participated in preparation for FDA and internal audits coordinating analysis-ensuring compliance with Federal laws, NIST and industry best practices.
• Communicated with Network Engineers, Lab management and Industry vendors developing policies and procedures ensuring security confidentiality, availability and integrity (CIA) to mitigate risks of unauthorized access to systems, networks, and data in use and archived data.
• Supported Identity and Access controls utilizing SAP’s Identity and Management System (IAM) for User Authorization, Authentication and Auditing.
• Developed concise documentation for Bayer’s IT system security training programs; ensuring consistency in application of cybersecurity initiatives.
• Prepared and uploaded documented processes, work instructions and action plan to SharePoint sites ensuring knowledge share.
• Secured Lab’s data confidentiality, integrity by providing authorization to secure network shares.
• Ensured Disaster Recovery via System Redundancy and monitored daily backups.
• Reviewed security audit and Event Viewer logs ensuring data ‘s CIA.
• Provided discretionary access through granting of Role Based access.
• Performed Discretionary Access Control file access.
• Experienced working with endpoint security platforms such as (anti-virus, encryption systems, Data Lost Prevention, network firewalls, identity and access management, IPS, two factor authentication, vulnerability management, file integrity monitoring, and patch management.

Sr. Systems Analyst - Security

Confidential, Houston, TX.

• Health Care Go-Live support: Security, AMB, SER & Data Courier
• Utilized the Data Courier ‘s Epic Content Management for record migration
• Provisioned Microsoft’s Active Directory account properties of employee accounts ensuring authentication and authorization
• Extensive EMP and SER build experience provisioning/de-provisioning
• Resolved all EMP and SER record issues in the POC, MST, through PRD environments;

Confidential

Sr. Systems Analyst - Security,

• Go-Live support: Security, AMB, SER & Data Courier
• Executed Chronicles queries/ad hoc reporting
• Manipulated Excel Import spreadsheets to import/update data
• Built and updated EMP, SER demographics in Text and Hyperspace for active, inactive records i.e. referring providers, EpicCare link, Administrators, background users
• Reviewed National Provider Databases for DEA#, NPI# to create SER

Sr. Systems Analyst - Security

Confidential, Houston, TX

• Evaluated, migrated and linked the Provider SER template to the EMP Record in PRD
• Utilized the Data Courier ‘s Epic Content Management for record migration
• Created audit reports on audit enabled items to track security changes
• Implemented Epic functionality by attaching multi linked templates
• Created Multi linked and Sub templates
• Created Security Administration Procedures, forms and documentation
• Coordinated security-related activities/meetings across application and compliance teams to design system-level access

Sr. Systems Analyst - Security

Confidential, Boston, MA

• Data Couriered multiple databases INI’s to Epic environments to support build activity.
• Provided Network System Administration creating Active Directory accounts for LDAP
• Supported login Lab, Personalization Labs and Conversion labs
• Resolved Service Now Tasks, and Epic access requests
• Built new contacts when updating demographics
• Deactivated EMP by removing templates, status and InBasket messaging
• Generated Citrix access to grant Epic Hyperspace, Epic Text access

Confidential

Sr. Systems Analyst

• Facilitated multiple successful roll-outs /go lives with Epic 2014 in PRD env
• Lead the Epic Security Workgroup in building of Epic Security records
• Confirmed EPIC training completion and assessment in Healthstream system.
• Assessed/ Created the Citrix Active Directory properties of employee accounts to provision them.
• Conducted log-in labs and access validation sessions to confirm accurate provisioning

Confidential

Sr. Systems Analyst

• Administered security access to the SQ Lab Information System (LIS), CLM, Co Pathology suite of Lab functions.
• Administered the Cache Database and monitored SAN daily backups
• Maintained interfaces for ADT, Lab results, Orders; resolved hung transactions.
• Managed the SQ LAB 7.2 upgrade; assembled LO INC reference guides for LO INC install.
• Maintained Lab Fax server using Passport2000, Printer Servers & Application Cluster.
• Participated Integrated and Functional Testing for (Clinical Apps), STAR (ADT) upgrades
• Configured the wireless MC70, MC75 Handhelds and paired printers for Phlebotomy.
• Supported the Abbott Glucose Point of Care app via maintenance of Sybase InterfaceLinux and Windows NT platforms