SUMMARY:

• Consistently delivering on project goals and timelines
• Directs, maintains, and implements controls and procedures to protect information systems and networks.
• Provides functional expertise on all aspects of security, integrity, and privacy of corporate data resources.

COMPETENCIES:

• Configuring Identity Management Solutions
• Tools & Policies - Management / Changes / Upgrades
• Technical Project Design Guidance
• Identity Management Tools - Evaluate / Plan / Implement
• Quality Assurance (QA) Testing
• Information Security Compliance (SOX, GLBA)
• Disaster Recovery Scripting & Processes
• Coordinating Resources & Projects

TECHNICAL SKILLS:

Languages: VBScript, Visual Basic 6, HTML, SQL, XML, WQL Windows Batch/Command Scripting

Web Services: XML, XML Schema

Internet: HTTP, SSL, XHTML, TCP/IP, SFTP, Private Key Encryption (PKE)

Windows NT4 through 2008 Servers, Hyper: Text Application (HTA), Internet Information Services (IIS), Active Directory

Security Models: Windows File System Security (NTFS)/Common Internet File System (CIFS), IIS Security, Windows Server Share Security, Active Directory Security

Tools: Quest Reporter, Change Auditor for Active Directory (CAAD), MS Visual Studio 6, Notepad++, MS Office, Active Roles Server (ARS)

PROFESSIONAL EXPERIENCE:

Confidential, Riverside, RI

Information Security / Active Directory Security Engineer

Responsibilities:

• Maintained data security model for multiple high visibility projects, ensuring Federal regulatory compliance.
• Built-out security model that provisioned access to entire Citrix Server environment; closed out Federal Regulator audit issue of too many users had local Administrator-level access.
• Identified, raised and resolved significant security issue on simultaneous project roll-outs that avoided major $ loss, risk/fraud/hacking exposure, regulatory fines, and reputation hit. Created isolated VLAN that separated in-branch, debit card creation from remote loan application processing; achieved by working with Network Engineering.
• Developed means of provisioning Administrator and User access to all Windows servers; provided means of determining access by user object, throughout organization.
• Facilitated migration of user home directory folders across Windows servers to NetApp servers including implementing Confidential Security for preventing cross-access of user data while allowing automated processes and support.
• Created and maintained generic service accounts, per Federal regulations, for automated processes across Windows Active Directory environment.
• Provided reports for Confidential Share and Folder Permissions, Active Directory Group Reports, Active Directory Group Ownership Reports, and Server Access Reports to internal business lines.
• Built and maintained Hypertext Application (HTA) tools and VBScripts to standardize changes to Active Directory for various project implementations, and to troubleshoot Active Directories’ issues.

Confidential, Westborough, MA

Windows Scripting Engineer

Responsibilities:

• Identified and resolved issues with scripting exceeding 2-hour nightly connection window, resulting in failed updates and POS inoperability across 2,500 locations; achieved ability to run hardening processes within limits.
• Developed VBScripts supporting hardening of Windows operating system on retail-level registers (Windows XP Embedded) and register controller (Windows Server 2003); met Corporate Security standards and Payment Card Industry (PCI) compliance and project and Quality Assurance (QA) deadlines.
• Coded scripts from Gold Disk & Rapid7 scan results of operating sys.
• Changed System Registry, Group Policy, Confidential Access Control Lists (ACLs) and Discretionary Access Control Lists (DACLs) for auditing Confidential file system and registry.
• Reduced an existing script 74%, from 2,252 lines, by employing functions /subroutines for repeated code blocks and removing redundant code; establishing standard functions /subroutines for scripts and sped-up script development time.
• Established standard Windows Script File (WSF) skeleton script and standard functions and subroutines ( Confidential Toolbox.vbs) that Windows Script File utilized at execution; resulted in decreased development time for new scripts, easier to read scripts, and greater stability at execution.
• Developed setup script for deploying MS Excel application to ~500 stores with script automatically populating information and initiating data import process to complete setup, significantly decreasing deployment costs.

Confidential, Providence, RI

Lead On-Site / Senior Windows Engineer

Responsibilities:

• Ran and maintained all Windows servers in Finance and HQ domains.
• Coordinated integration and support of cross-business applications with Confidential Engineers.
• Responsible for and mentored 4 engineers.
• Managed on-call rotation
• Scanned, applied, and reported status of current patch level of servers using Shavlik’s HFNetChk.
• Oversaw disaster recovery testing for Financial and other business units.
• Refreshed servers approaching end-of-life to newer hardware and migrated to Confidential datacenter.
• Wrote VBScripts to pull information and perform Admin tasks from Windows Management instrumentation (WMI), Active Directory Services Interface (ADSI), and Lightweight Directory Access Protocol (LDAP).
• Created internal knowledge base using Apache HTTP Server, PHP, MySQL, and PHPBB for rebuilding knowledge after high turnover at Textron, after outsourcing to Confidential in 2005.

Confidential, Providence, RI

Windows Server Engineer

Responsibilities:

• Wrote program that minimized data loss when limited UPS (Uninterruptable Power Supply) was triggered and for managing application updates / upgrades.
• Commands remotely shutdown datacenter servers, in specific order and rapid succession, by issuing WMI and offered 3 selection modes - currently on-line servers, selected servers, and all servers.
• Developed Logon VBScript enforced by Group Policy object in Active Directory, by collaborating with Desktop Engineering.
• Script removed unauthorized local Admin accounts/groups and allowed global password reset, locally.
• Developed website on Apache using PHP and MySQL, provided central repository for critical info about each Windows server; data populated using Windows Management Instrumentation (WMI) and a discovery VBScript.

Confidential, Providence, RI

Windows Server Engineer

Responsibilities:

• Physically relocated servers within datacenter which facilitated power distribution and cooling system load.
• Oversaw, ran, and maintained issues with servers in Finance and HQ domains.