PROFESSIONAL SUMMARY:

• Highly accomplished Information Systems Security Professional with 18 years diversified experience serving as Information Protection Manager, Senior Information Systems Auditor, Senior Network Security Engineer and Senior Data Communications Engineer planning, scoping, managing, configuring and delivering timely high quality IT Infrastructure, Architecture, Information Systems and Application reviews, reports and project deliverables.
• Confidential 5yrs; Travelers (#106 Fortune 500) 7yrs; COCC & Cisco Security Partner 6yrs
• Responsible for all aspects of Information Systems Security reviews and approvals for business technology segments and functions to ensure the protection of information processed, transmitted and stored.
• Lead, direct and manage the risk appraisal and related corporate Information Protection functions for both line of business applications and enterprise architecture & infrastructure projects.
• Current Specialization in IT Architecture, Risk and Control, Cyber (under SecOps Leadership).
• Flexible and adaptive. Solves complex problems by thinking non - conventionally. Excels in decision making with incomplete information.
• Positive. Clear, concise, corporate customer mind set and focus. Fluent in up-stream, peer and subordinate communication required for team building and project success in a multi-national multi-segmented multi-cultural environment.
• Understands unique business unit motivators and effectively influences diverse corporate stakeholders bringing them to forum to achieve organizational goals while assuring compliance to US and international data privacy and security laws.
• Proficient with Risk & Control over large complex Highly Available corporate Network Architectures, Cisco Unified Computing System and Unified Contact Center Enterprise, Private and Public Cloud computing, Data Center Virtualization, Distributed and Mainframe SAN & Ethernet switching, IP networking, SAN & NAS Storage and Replication, DMZ Architecture, Design & Configuration, SSL & IPSec VPN, Nexus 10/40 Gig, Cisco ASA and Juniper SRX firewalls, Wireless Design & Security, Teradata SQL Administration Roles, Rights, Users, Privileges and Elevated Access Rights, more.

PROFESSIONAL EXPERIENCE:

Confidential

Information Protection Manager

Responsibilities:

• Lead and transition the Infrastructure Security Risk Assessments team process into a service-based model leveraging Agile for enterprise, line-of business specific and information security architecture design and planning.
• Identify design gaps and risks. Recommend security enhancements in design and tools including API firewall, network firewall, Privileged Access Management, PKI, Sandbox, Code Review, PAM, Data Security at rest, transit, memory and liaise with Engineers, Architects and Project Managers to accomplish security objectives.
• Identify and assess the severity and potential impact of risks and communicate to risk owner in a way that consistently drives fact-based that optimizes the trade-off between risk mitigation and business performance using a zero trust borderless hybrid cloud, multi data center, global environment.
• Partner with, leverage and challenge MSSPs (e.g. Fishtec/Tufin/NetBrain) in requirements gathering, design and implementation of DMZ service architecture for dual domestic (Windsor CT Lithia GA) Data Center DMZ environments built on HA Chassis Clustered Juniper 3600 and 3400 series SRX Firewall platforms.
• Modeling on the US Data Center standard I participated in the enterprise architecture currency effort to similarly design, build and migrate the EU Data Centers to Amsterdam/Scotland with alignment to GDPR.
• Information classification tied to the overarching Policy and Standard framework provide guidance on business requirements of data (information) and then segmentation requirements follow.
• Review design and build of architectural components (network, middleware, virtual, cloud, voice, mobile, hybrid).
• Experienced with global architectures ( Confidential, Travelers), dmz’s, complex compute, data center, virtual, containerized abstractions, cloud hybrid environments, interconnection points and methods to mitigate risk.
• Fluent in Enterprise Class Firewalls / Juniper JUNOS / Cisco ASA / IOS router and switch security
• Solid understanding of Enterprise Containerization and Microservices: Docker, Openshift/OpenStack, and
• Cloud Computing: Amazon Web Services Connect Direct & VPC’s, Microsoft Azure VNET, Equinex
• Guide the compliant deployment and change management process for enterprise use of Tufin Firewall Change Management platform.

Confidential

Information Protection Manager

Responsibilities:

• Contribute to the review and approval of IP security architecture/designs, plans, controls, processes, standards, policies and procedures to ensure alignment with IP standards and overall IP security strategy.
• Conduct security risk assessments and compliance audits, evaluate 3rd parties, hardware, firmware and software for possible impact on system security, and support investigation and resolution of security findings.
• Advise superiors on security effectiveness and recommend alternatives.
• Represent Information Security interests and requirements in contract negotiations, and interface with Legal, Privacy, Audit and Sourcing.
• Allocate appropriate resources to ensure projects are completed within committed time and budget in a fast paced, heavily multitasked environment.
• Participate in Enterprise Policy & Standards writing Confidential Enterprise Firewall, Router/Switch and Network Segmentation Standards while partnering with Network Security Engineers to assure appropriate base line configuration standards and procedures exist, are documented and are aligned to enterprise standards for international and US builds.

Confidential, Hartford, CT

Senior Information Systems Auditor Corporate Audit

Responsibilities:

• Meet regularly with business leaders to understand current business plans, key business initiatives and conduct periodic risk assessments to stay current in the identification of key and emerging business risks.
• Conduct audits over secure configuration of design of DMZ (Firewalls, Load Balancers, Routing and Switching) and Core Data Center Network Architecture (Z o/s, AS/400, CUCS, VMWare, RHEL, Windows) and Information System Security for Travelers and subsidiary business units.
• Identify any significant control weaknesses along with recommendations for Management to make the necessary improvements.
• Review audit results and plans with business leaders, obtained feedback on work completed, integrate input in future plans driving continuous improvement of the Audit process and building the customer relationship.
• Work with business leaders and SOX Compliance quarterly to facilitate validation of Sarbanes-Oxley key control s for IS Security, Network Engineering and Data Administration.
• Assess Management’s Risk Appraisal and Monitoring Plan by Essential Business Process, Operational Effectiveness and Compliance with Rules and Regulations.

Confidential, Glastonbury, CT

Senior Security Engineer

Responsibilities:

• Design and integrate Cisco Security Solutions into existing customer infrastructure.
• Focus on multi-context Cisco ASA Firewall configuration and deployment.