SUMMARY

• Proven leadership ability, business acumen, people skills and strong technical background
• Keeps abreast of trends, developments and best practices in various industry verticals (intel, info science, security, and biometrics) via regular reports, updates, and communication with the world’s leading research firms
• Proven ability to swiftly assess business objectives, assign risk ratings, predict, forecast, make strategic recommendations, finalize, deliver and analyze, interpret and present metrics to senior leadership and company stakeholders
• Translates IT Risk requirements and business constraints into technical control requirements and specifications
• Experience managing workflows and data feeds within RSA Archer v5.5
• Proven ability to develop, grow, manage and measure Information Security and Privacy programs while promoting a culture of leadership, information assurance and compliance enterprise - wide.
• Technical SME with proven ability to define, implement, and maintain a comprehensive information security program, thorough understanding of IT/IS product and vendor marketplace, solid background configuring the functions and components necessary to perform complex digital network tasks.
• Experience managing and maintaining an Information Security program to comply with ISO 27001 standards

TECHNICAL SKILLS

• Skilled WAN/LAN Administrator
• TCP/IP & Networking Protocols
• Wireshark Packet Analysis
• VMware
• Linux/Windows System Administration
• Group Policy Management
• Log Analysis
• Active Directory
• Print Server Administration
• AWS
• Azure
• Office 365
• Linux
• MS DOS
• Mac OS X
• Windows 2K/7/8/10
• Windows Server 03/08/12/16
• PowerShell
• JavaScript
• CSS
• Python
• HTML5
• PHP
• SQL
• Linux Shell Scripting
• Windows Shell Scripting
• MS SQL Server Studio postgresql
• MongoDB

PROFESSIONAL EXPERIENCE

Confidential

IT Risk Management Consultant / Senior Security Team Lead Remote & On-site

Responsibilities:

• Developed technical-level procedural documentation for security practitioners (engineers and incident responders) servicing the firm’s GSA contracts.
• Developed and maintained library of technical procedure documentation as part of larger enterprise-wide effort to enhance capacity of firm’s information security service offerings and capabilities.
• Developed operational reference guide for information security practitioners and network engineers during breach response engagements.
• Performed managerial-, operational-, and technical-level risk assessments of client sites.
• Drafted and submitted documentation pursuant to regulatory requirements (FIPS 199) and in accordance with guidelines and standards (e.g. NIST SP 800-53 r4, NIST SP 800-30).

Confidential

Senior Information Security Advisor

Responsibilities:

• Developed strategic- and technical-level policy documentation for security practitioners and network engineers administering and managing the campus networks.
• Developed Policy and Procedural documentation in accordance with NIST SP 800-40 to establish a Patch and Vulnerability Management Program, communicate risks to enterprise IT operations, define a repeatable process for identifying vulnerabilities, document security patch status, and designate a Patch and Vulnerability Group (PVG) comprised of information security practitioners and information technology engineers.

Confidential

Senior Security Engineer

Responsibilities:

• Provided operational-level engineers with real-time technical guidance and incident response recovery recommendations for any and all major incidents, outages, service disruptions or loss of availability at USAA’s Global Financial Operations headquarters.
• Performed detailed “deep-dive” analysis using combination of network diagrams and map documentation, targeted questions to generate technical discussion and application of reverse-engineering TTPs (tactics, techniques, and procedures) to swiftly become valuable resource for digital network engineers
• Managed daily network availability operations to provide information assurance
• Independently monitored and responded to operational security issues related to network security systems
• Responded to between 10 - 20 conference calls and chat sessions on a daily basis between network, application, and professional service engineers
• Performed real-time root cause analysis by applying TTPs from digital network forensics investigation experience and incident response best practices to determine the control mechanism responsible for causing any incident, outage, service disruptions or any loss of availability
• Provided recovery recommendations to operational-level engineers and support staff using numerous operational-level tools.

Confidential

Information Security Officer

Responsibilities:

• Developed and maintained library of policies, standards, baselines, guidelines, and procedures as part of larger enterprise-wide effort to enhance security posture
• Coordinated Cloud Deployment of Governance, Risk, and Compliance Suite
• Installed and configured RSA SecOps (Security Operations Management) within the RSA Archer GRC Suite
• Installed and configured Archer RCF (RSA Connector Framework) to aggregate all actionable security alerts from Security Analytics
• Collaborated with RSA Professional Services Engineer and network engineering team to install and configure RSA Archer version 1.0
• Collaborated with RSA Professional Services Engineer and network engineering team to upgrade RSA Archer to version 1.1
• Delivered data-driven strategic risk-mitigation recommendations
• Utilized audit reports and findings as grounds for discussing measures to improve functional business processes by balancing considerations for security and ease of use
• Business process analysis and continuous improvement: Delivered multiple projects with stringent timelines for various business units as project manager and technical lead
• Led Audit Engagements: Collaborated closely with Federal Agencies (FRB, OCC, FDIC) to measure the maturity of the firm’s Information Security and Privacy Programs in accordance with Federal legislation and regulatory guidelines
• Led Compliance Reporting and Gap Analysis: Led team efforts to increase CIS Compliance score from 57% to 95% using IBM BigFix Tivoli Endpoint Manager Security and Compliance Analytics
• Conducted meetings with IT Platforms team to evaluate and prioritize the controls presented in CIS checklist
• Vendor Risk Management: Performed reviews of third-party vendors service providers and affiliate organizations as part of a larger enterprise risk management effort to measure, review, track, assess, and document organizational risk
• Application Security Assessments and Vendor Access Reviews to ensure the principle of least privilege was applied and that users access was promptly removed when access was no longer necessary
• Audited user access to 80+ applications semi-annually to meet regulatory guidelines and ensure principle of least privilege applied to all accounts
• Conducted meetings with Verizon sales and technical teams to successfully plan and implement third-party monitoring service for client’s IDS
• Collaborated with both third-party MSSP teams (Verizon & GMV) and Network Engineering team to remediate network security issues
• Penetration Testing: Planned penetration testing engagement with Confidential ’s professional services team as part of larger plan for enterprise risk management
• Tested enterprise network to measure susceptibility to attack; Produced, reviewed, and disseminated both executive and technical-level reports
• Threat Analysis: Undertaking complex research and analysis, at both strategic and tactical level, aimed at linking intrusion offences and identifying themes, trends and patterns to support a diverse range of operational activities
• Participated in weekly threat intelligence meetings with Financial Services Intelligence Sharing and Analysis Community (FS-ISAC) to keep abreast of threat vectors (e.g. drive-by-download, phishing), threat actors (nation-states, and APTs) targeting the financial services sector
• Identity Management and Access Control: Collaborated closely with Identity Management Administrator to manage user administration for the network, core banking applications, and 80+ applications
• Collaborated closely with Identity Management and Network Administrator to streamline user access provisioning by implementing RBAC (role-based access control)
• Performed user access entitlement reviews for 80+ applications semi-annually to meet regulatory guidelines and ensure principle of least privilege applied to all accounts
• Patch and Vulnerability Management: Independently developed proprietary system to swiftly reduce security vulnerabilities by introducing a two-phase approach for performing vulnerability scans, delivering vulnerability details to system owners via automated Microsoft Sharepoint workflows, and making delta comparisons to measure the efficacy of security patch deployment efforts
• Summarized lists of applicable vulnerabilities, categorized vulnerabilities by severity, and disseminated reports to IT Operations team members for remediation
• Created, Updated, and Disseminated Executive-Level Reports: Demonstrated ability to develop and manage senior-level relationships
• Synthesized large amounts of data to provide metrics and statistics for regular updates on state of Security Operations to stakeholders and C-level executives
• Analyzed technical reports for trends and statistics, created spreadsheets, and composed high-level explanatory slide presentations; delivered non-technical interpretations of graphs to senior leadership
• Composed Professional Correspondence: Assertively drafted technical directives and business correspondence to peer departments (e.g. Risk, Compliance, Fraud, Privacy, HR, IT) and groups (e.g. database/network/systems engineers, support staff) for collaborative initiatives
• FW Configuration and Management: Evaluated and Assessed emerging technologies and security controls to enhance process maturity and strengthen security posture
• Performed FW risk assessments to mitigate risks posed by inbound and outbound network connections (e.g. evaluating policies considered to be high risk with unencrypted/depreciated protocols, eliminating rules containing ‘any’ source/destination)
• Procured, Installed, Configured, Managed and Upgraded Network Security Monitoring Tools: Planned architecture improvements and network security monitoring platform implementations in collaborative meetings with network engineering teams; drafted Gantt Charts and Visio Diagrams for client data centers and COOP sites
• Generated reports from real-time snapshots and performed delta comparisons against reports from other sources (PowerShell, AD, Sophos FDE) to identify technical discrepancies (disabled/corrupt AD Computer Objects, unencrypted laptops, etc.)
• Conducted numerous requirements planning discussions with client’s IT strategy team and multiple vendor sales and engineering teams
• Collaborated closely with vendor professional services team and client’s network engineering team to perform installation of SIEM hardware at primary and backup data center sites
• Kept abreast of new developments, trends, and best practices for security controls via regular reports, updates, and communication with the world’s leading research firms, attending Information Technology/Security Conferences (e.g. FS-ISAC Summit)
• Attended numerous vendor presentations (in person, and via conference call/webex) to evaluate available security platforms, controls, and feature-sets
• Led IT Platforms team in development and implementation of enterprise-wide USB Blocking Policy and exceptions list
• Provided continuous Security Event Monitoring and support to ensure the smooth operation of enterprise network infrastructure
• Assertively and diligently created ServiceNow Requests for tier 1 and 2 support personnel to resolve identified technical issues