Proven information security leader with success in guiding implementation of leading - edge technology solutions while balancing security initiatives to risks, business operations and innovations. Specialties include server engineering, systems architecture, configuration management, and systems administration with extensive experience healthcare, financial, cloud computing, and software development industries.
Assessment and Risk Management
Risk / Compliance Assessment
Change Control Board Director
ISO 27001 COBIT ITIL
PCI - DSS HIPAA HITECH SOXEMPLOYMENT HISTORY:
Confidential, Princeton, NJ
- Developed Information Security Management System (ISMS) based on ISO270012 framework for cloud - based Active Directory and EHR solution.
- Developed and Implemented Information Security Policies and Procedures
- Implemented Change Management system with change verification
- Coordinated and validate periodic 3rd party vulnerability and penetration testing
- Reduced non-staff IT costs by 25% while maintaining key metrics through VMware virtualization, application rationalization, legacy system retirement, and SAN storage consolidation.
- Implemented periodic review of access controls
- Work with sales team on pre-sales and post-sales customer security evaluations
- Facilitated SSAE 16 SOC 2 security audit.
- Perform control mapping from COBIT, ISO27000
- Perform company-wide risk assessment
- Developed Security Auditing and Policy controls for Clients with, 000 users
- Lead engineer for company-wide risk and exposure assessment and audit.
- Developed Server, Workstation, Appliance, Network Syslog control system SQL/HTML/ASPX
- Implemented a new operating system deployment scheme for all new windows workstations using PXE boot and Slipstream which reduced time to deploy workstations by 20%
Confidential, Baltimore, MD
Security and VMWare Engineer
- Developed VMware Vsphere High - Availability system for multi datacenter, redundant environments for systems supporting EZPass and toll management.
- Developed and Implemented VMWare hosting environment with security and access control policy
- Architected, support and implement web application for Transportation Security Authority .Net and Java with Oracle and SQL database.
- Successfully re-architected key components of the Network Architecture including DNS increasing both reliability and security for systems monitoring application.
Confidential, Pennington, NJ
Systems and Security Analyst
- Diagnose and resolve production Wealth Management systems performance and issues
- Perform forensic investigation and analysis using Custom trace tools NetIQ, Wireshark and Team Quest
- Architected and maintained Microsoft server system. IIS, Exchange, SQL, VMWare
Confidential, Pasadena, CA/ Silver Spring, MD
Production IT Manager
- Manager/Supervisor for thirty FTE s and Contractors
- SME in Server Systems and Information Security.
- Manage, document, and report escalation incidents to Executives and Business Partners
- Troubleshoot and report Citrix/Wintel issues with Citrix and Microsoft providers
- IT Project manager and implementation support SME
- VMware installation performance and Risk Assessments
- Delivered reporting of IR s and PR s to the problem management meetings (CAB)
- Project reporting support advisor for production releases - Citrix related