- Contribute to success by bringing my experience to the table in the technical & management domains and staying current by learning & improving my skills
- In - depth knowledge of Vulnerability management.
- In-depth knowledge of Qualys.
- In-depth knowledge of Certificate & Key management.
- In-depth knowledge of Content Delivery Network (CDN).
- In-depth knowledge of Identity and Access Management (IAG).
- In-depth knowledge of RBAC.
- In-depth knowledge of SailPoint Identity IQ.
- In-depth knowledge of CheckPoint Firewall and policy management.
- In-depth knowledge of Tufin (Firewall Policy Management system).
- In-depth knowledge of Mobile Device Management (MDM) and Bring Your Own Device (BYOD).
- In-depth knowledge of AirWatch.
- In-depth knowledge of Unicenter.
- In-depth knowledge of eTrust Identity Manager.
- In-depth knowledge of eTrust Single Sign On.
- In-depth knowledge of Access and Identity Management.
- In-depth knowledge of Active Directory.
- In-depth knowledge of Scripting with Probe.
- Intense knowledge of Identity Management (IDM).
- Intense knowledge of NetIQ IDM solution.
- Intensive knowledge of Information Systems design and management.
- Intensive knowledge of Project Management.
- In-depth knowledge of Banking systems as well as regulatory requirements.
- In-depth knowledge of the Telecommunication infrastructure for Internet via VSAT and wireless technologies.
- Solid understanding and experience in information system design and implementation.
- Technically proficient in MS Office, MS Project, Windows NT, Windows 2000, Windows XP, Windows 7, Novell Netware, SQLBASE, 4GL.
EMPLOYMENT HISTORY / PROFESSIONAL EXPERIENCE:
Confidential, Columbus, GA
Senior Vulnerability Remediation Engineer, LEAD
- Build the new Vulnerability Remediation team and define the priorities and objectives to fulfill.
- Define objectives Define roles Interview candidates Assign candidates to roles
- Put in place the initial processes of Vulnerability Remediation:
- Define vulnerability assessment process (internal and public feeds)
- Define vulnerability remediation testing process (patches, configuration modification, specific applications ... )
- Define patch deployment process (automated with SCCM, manual ...)
- Define reporting
- Build a solid relationship with the stake holders:
- Build liaison with the administrators Build vulnerability remediation awareness with the administrators Build liaison with the SCCM/patching team (desktop & server) Build liaison with key departments and functions Build liaison with the Qualys/Vulnerability Assessment team.
- Facilitate patching with vulnerability analysis (patchable and non-patchable)
- Work in attaining the goals defined for the first year
- Build a test lab Define targets and bring down our numbers bring down the low-hanging fruits (known easy patches) work on the vulnerabilities found on the perimeter systems work on vulnerabilities found on mission critical systems
Senior Information Security Engineer
- Key Management / HSM deployment
- Migration of SafeNet Key Secure servers from AWS to on-premises
- Building and configuration of SafeNet Key Secure server (150v)
- Building and configuration of SkyHigh Key Agent
- Connection to SalesForce for field level encryption
- Maintenance and fine-tuning of the system
- Resilient - Security Incident Management/ticketing system
- Building and configuration of Resilient platform
- Maintenance and fine-tuning of the platform
- Certificate Management
- Trust Protestion Platform management (SSL/TLS certificates & SSH Keys life cycle management, SHA-1 to SHA-256 migration, Certificate request process, Policy implementation, Auto-provisioning)
- Microsoft Internal CA
- Comodo Certificate Manager (Governance, Certificate LCM, Certificate deployment support)
- Symantec Certificate Manager (Governance, Certificate LCM, Certificate deployment support)
- Venafi POC.
- Discovery and documentation of certificates and owners (certificate inventory)
- Akamai (CDN) Relationship Management
- Managing the Akamai relationship
- Site configuration management
- Policy Management
- Change Control Management
- Security reviews and remediation
- Site optimization based on Akamai reviews
- Corporate Proxy Management
- Websense installation and maintenance
- Policy management
- Access request processing
- Alert management
- Managing the IAG (Identity and Access Governance) project - SailPoint IIQ solution
- Proof of Concept
- Due diligence
- Review of existing and design of new processes associated to the IAG process.
- Design, architecture and installation of SailPoint IIQ solution.
- Management and fine-tuning of SailPoint IIQ.
- Running access certifications for key SOX applications with SailPoint IIQ.
- Role mining exercise for branch level access
- Information Security key representative to the MDM - Confidential
- Proof of concept
- InfoSec success criteria review
- Compliance and security review
- Information Security key representative to DLP project
- Proof of concept
- InfoSec analysis of the solution
- Managing the Firewall monitoring and reporting process
- Building the firewall access request process
- Building the firewall access request review process
- Building the firewall report review process
- Defining the firewall reports from Tufin
- Contribution to the following:
- Risk assessment
- Risk review of projects and information security services evaluation
- Information Security general processes.
- Building processes and procedures for security controls deployed in the network.
- Access control review for all security controls
Confidential, Salt Lake City, UT
Information Security Engineer
- Design of roles and profiles based on standardized roles.
- Linking the eTrust Identity Manager to Active Directory for automated provisioning of users.
- Maintenance of roles and management of the provisioning system
- Installation of Single Sign On services
- Writing scripts for application single sign on.
- Designing role based and department based groups
- Designing and configuring Active Directory groups and rights based on profiles
- Lead project team. Develop security blueprint. Run the gap analyses between Confidential banking system and Management requirement/regulatory board.
- Advised management on IT orientation, IT projects and strategy, project problems and IT security. Interface between the technical team and management.
- Maintained the banking systems
- Managed the NOC (VSAT gateway and Wireless local loop, Customer Service)
- Services offered: broadband connection, IP telephony, Call termination, Enterprise VPN, IT systems.
- Managed the Service Engineers
- Designed communications systems
- Documented all procedures
- Wrote and advocated proposals
- Advised General Management on technical issues
Chief MIS Officer
- Managed the MIS department
- Ovation Client/Server Banking System running on a heterogeneous network composed of Novell Netware and Windows Server 2000 and DOS platform
- Developed / maintained /handled production of the Ovation banking system
- Wrote all procedures and trained both technical staff (system maintenance) and upper Management (EIS and analysis)
- Designed and generated reports required by the regulatory board using scripting to extract data and Probe C to program the reports.
- Managed the Computer Department (A team of 5 Technicians and Engineers)
- Developed software using Delphi
- Provided computer training
- Designed and implemented multiple information systems
- Managed the Telephony Department