SUMMARY:

Strategic level Information Technology Professional with broad - based experience in system design/administrationPMP program management, Cybersecurity, SIEM, IT audit / compliance and GRC risk assessment.

PROFESSIONAL EXPERIENCE:

Confidential, Dallas, TX

IT Security Engineer / Architect

Responsibilities:

• Define and direct efforts with SIEM and DLP data loss prevention within Security Operations methodologies and tools, PAM privileged access management, IAM identity access management of IT personnel, vendors and stakeholders in defining protective Cyberark and Cybersecurity controls. Worked with Skybox Cybersecurity platform involving Horizon and Attack Surface visualization. Helped to identify, take action and close Threats and Vulnerabilities with Skybox.
• Author SOWs statements of work, RFI requests for information, RFP request for product, PDR design review, pricing of contract, vendor selection and management collected within SalesForce application.
• Actively support PMI PBBOK Project Management involving hierarchy: Portfolios, Programs and Projects including IT security, IT Security, Identity Management Access Controls, IAM, PDR design requirements, Governance Risk Compliance GRC, CyberArk, Skybox Cybersecurity platforms, Splunk, Syslog DTLS, Tripwire, RedSeal work with PCI / DSS 3.2, WebSense, BlueCoat Proxy SG firewalls and McAfee Enterprise DLP data loss prevention. Administer and support CyberArk with activities involving password vault, elevated privileged accounts, identity access management, HSM hardware security manager and Thales nShield module.
• Establish and support as SME, Enterprise Governance and Risk Compliance EGRC work involving use cases within application eGRC Archer and proprietary Client risk management applications with scope of work including active Information Security operations, enforcement and definition of Policies, Identity Access Management IAM, Directory Services, Security Solutions.
• Work with team to perform drills with SIEM, Business Continuity Planning and Strategy / Road maps including lifecycle to stakeholders for Projects being analyzed.
• Work with application SkyBox Security involving attack surface visualization and analysis with existing Juniper, Cisco and Meraki firewalls via Firewall Assurance Network Topology and Administration. Helped to edit Java scripts.
• Security engineer assigned to work to build RPA Robotics Process Automation system intended to speed transactions via UI Path robotics vendor, hived SQL server farms, virtual machines, orchestrators, load balancers and dedicated VPN tunnels with a repeatable process.
• Compliance specialist established to enforce Data Security Standards including NIST 800-53, PCI DSS, SCADA, System acquisition, application development and maintenance, Vendor management and Legal Contractual Business processes.
• Volunteered to perform application development testing using Veracode, Risk IQ and static, dynamic and manual testing.
• Worked to establish Governance Risk Compliance baselines with multiple projects involving authoring information security policies for protecting Corporate information and systems in all forms and in all locations. Information security methodology and processes include SDLC, WATERFALL, AGILE, and SCRUM methodology. Applied AWS Cloud Elastic search, Kan ban and power user with SkyBox security services application,
• Active IT Security Operations include SIEM and Skybox threat / vulnerability tools: Qualys Enterprise, Web App Security, Compliance Monitoring and Continuous monitoring. Other tools actively used include FireEye, CoreImpact, McAfee DLP, Symantec Enterprise DLP and Splunk Cloud, Worked to implement Archer EGRC, Tripwire Enterprise, Bluecoat Proxy SG content filtering firewall, Cisco Routers, Juniper and Meraki firewalls and switches including load balancers.
• Helping to define the proper application of both AZURE and Confidential AWS Cloud services and offerings on projects including Cybersecurity, Active Directory and many projects.
• Meet daily with team members to work SCRUM and SPRINT guidance on key InfoSec projects at hand.
• Implemented security services with multiple entities involving Security Portal management involving Confidential Web Services AWS, Confidential AMI machine images, Scrum, Agile, IBM QRadar, Skybox Cybersecurity platforms, Splunk, Carbon Black endpoint security, Syslog DTLS, Tripwire Enterprise, UpGuard, Solarwinds, RedSeal, Tenable Nessus, SailPoint and Nexpose Rapid 7. Experimenting with robotics to assist in security reporting, UEBA and SCADA design.
• Subject Matter Expert SME involving audits and governance involving CJIS, NERC, FERC, CIPv6, v7, FFIEC, NIST 800-53, GLBA, PCI/DSS, ISO/IEC 9000, 27001,(2), DIARMF, HIPAA, DISA/STIGS, Cybersecurity and base-lining operations to meet business objectives and regulatory directives.
• Integrate Splunk Cloud, Storm, Skybox Cybersecurity, Carbon Black and Enterprise analytics along with CyberArk in performing data analysis in repository analysis that identifies intelligence for business operations, security, compliance and analytics.
• Establish and support as SME, Enterprise Governance and Risk Compliance EGRC work involving application eGRC Archer, risk management Control Self- Assessment, risk impact and root cause analysis.
• Cybersecurity: Author and develop Policy, Standards and Procedure statements to mirror cybersecurity initiatives and existing IT operations. Evaluation of proposed SAP R3 documentation system. Writing specs for a SCADA Robotics portal RPA and applications with Scrum, SDLC and Agile.
• Research and debate modern methodologies to harden and secure corporate assets involving security patching a review of standards ISO / IEC 27001:2013, FFIEC, NIST 800-53, CJIS, GSA ITAR req., DIARMF, HIPAA 164.310, GDPR, General Data Protection Regulations, UEBA, PMP PMBOK, GLBA, Sarbanes-Oxley section 4, SEC, GAAP, SAP ERP 6.0, NERC, FERC CIP, internal infrastructure and data from US Departments of Treasury, Education, and CMS. Worked to establish US Department of Defense DOD and ITAR certification requirements and DIARMF internal controls.
• Worked to baseline support and analysis for Confidential EC2 Elastic Compute Cloud web service within client IT operations.

Confidential, Houston, TX

Program Manager Information Security Engineer, IT Auditor

Responsibilities:

• Provide guidance, direction and oversight for 3rd party assessments, internal audit engagements, baseline security standards, delivery and remediation of IT security and compliance issues surrounding HIPAA, risk standards CMS compliance, PAN data, PCI-DSS ver. 3.2 compliance, FFIEC directives, NIST 800-53, Sarbanes-Oxley SOX, ISO/IEC 27001:2013, ISO/IEC JTC 1, NERC-CIP 007 R2, and DISA/STIGS data standards.
• Performed Qradar, CA Unicenter, McAfee Enterprise exercises, DLP data loss prevention, PAM privileged access management, SIEM administration involving report migration, alerts,custom reports and malicious activities.
• Reconciled QRadar to avoid gaps and rogue equipment. Analysis of log sources and metric generation.
• Built relationship with IBM-QRadar, CyberArk, SailPoint and SIEM security vendors to avoid shortfalls in access management.
• Engaged in Risk Management to perform root cause analysis, TOGAF, OCTAVE, control self-assessment, enterprise Governance Risk Compliance eGRC and risk impact.
• Authored IT audit engagements, planned requirements, staffed auditors and scheduled work with stakeholders.
• Provided direction in the selection of an External Audit firm which performs attestation of our Authority to Operate ATO in the analysis of operations surrounding US Centers for Medicare & Medicaid services, PCI compliance, NIST, ISO/IEC and key points of compliance.
• Promoted to Point of Contact and Project Manager for change configuration management efforts surrounding production and test environments, protected health information PHI, HITRUST, MARS-E, data privacy and FFIEC compliance.
• SME surrounding tools: SCADA CyberArk IAM identity access manager, IDM application identity manager, EPV electronic password vault, PSM privileged session manager modules. Proficient with Tripwire Enterprise 8.5.2, IP 360, ProofPoint, Bit9, RedSeal, IBM QRadar, Core Impact, Skybox cybersecurity tools, Carbon Black, FireEye,Tenable Nessus, Nexpose Rapid 7, Computer Associates CMDB, WebSense, BlueCoat firewalls and Archer eGRC risk / compliance suite.
• Build relationships with vendors IBM-QRadar, Tripwire, Splunk, Syslog, Tenable Nessus to earn SME status.
• Asked to audit system administrator interviews, security patching, reviews of pharmaceutical business entities and reporting on controls testing and remediation surrounding data standards and Sarbanes-Oxley SOX, PCI compliance with IT Audits. Peer review performed on final output. SAP process control management and activities.
• Worked to provide technical oversight involving SIEM network and vulnerability configurations surrounding network administration, SCADA cybersecurity analytics, AIX, Linux RHEL 6, NMAP, trace routing and OWASP top 10.
• Authored an approach for HITRUST and FFIEC compliance involving CyberArk, QRadar report writing, Tripwire Enterprise, Scrum, Agile, SDLC, Skybox cybersecurity, Symantec Enterprise and Nexpose Rapid 7, Bit9, Core Impact and Sophos antivirus.
• Support corporate-level IT Audit efforts via SOX controls testing, PCI-DSS 12.3, NERC-CIP, HIPAA, Tripwire Enterprise, HITRUST audit program writing of controls, remediation, risk management elements, control self-assessment CSA, Enterprise Governance Risk Compliance.

Confidential, Miami, FL and San Francisco, CA

Program Manager - Information Security Engineer, IT Audit and Risk SME

Responsibilities:

• Required Public Trust security clearance with US Departments of Treasury, Education and Health and Human Services.
• Liaison to risk compliance efforts surrounding large financial institutions in order to support 3rd party assessments, risk management, information systems, vendor risk assessments, eGRC, business resiliency and cybersecurity risk.
• Helped to manage governance risk compliance eGRC efforts in key aspects of the business Portfolio involving program management LFBOs, FMIs and SSP projects involving cybersecurity, NERC-CIP, vulnerability, threat assessment efforts, risk posture, risk assessment, security architecture and key security tools.
• Developed Policy and Procedure statements to mirror cybersecurity initiatives as they relate to LFBOs, FMIs and SSPs.
• Research and debate modern methodologies to secure corporate IT assets involving security patching and application of baseline standards ISO / IEC 27001:2013, FFIEC, CJIS, NIST 800-53, GSA DIARMF and ITAR req., HIPAA 164.310, GDPR, PMP PMBOK, GLBA, Sarbanes-Oxley section 4, SEC, GAAP, SAP ERP 6.0, internal infrastructure and source data derived from US Departments of Treasury, Education, and Health and Human Services.
• Provided direction, support and maintenance for risk awareness and risk acceptance, where appropriate, within a 1,100 user network involving threat landscape, secure development practices, gap analysis and risk posture.
• Security tools utilized: IBM QRadar, Cyberark, PAM privileged access management, Password Vault module, DLP data loss prevention, Skybox Platform with Firewall, Network Assurance with Threat and Vulnerability Controls, Splunk, Syslog DTLS, Tenable Nessus 6.7, SIEM, Java scripting, Nexpose Rapid 7, Tripwire Enterprise 8.5.0, IP360, FireEye, Carbon Black, RedSeal, PGP, ProofPoint, WebSense, UEBA, BlueCoat Proxy content filter firewalls, Wireshark analyzer and other methods for cybersecurity, intrusion detection, security patching, SIEM efforts and proactive analysis of threats and vulnerabilities.
• Provided IT Audit and Information Security guidance through standards: CoBIT 5, COSO, ISO/IEC 27001:2013, DISA STIGs, NIST 800-53, PCI / DSS 3.2 compliance, SCADA, SharePoint, TOGAF, HITRUST 7 and SAP ERP with 4 pillars, provisioning, and access granting. Provided direction regarding SAP process control activities.
• Authored Programs in risk avoidance, risk transfer, factor analysis of information risk FAIR, suspicious activity reports, technical writing of policies and procedures, security plans, business continuity and intrusion detection efforts.
• Created Qradar and JIRA management reporting script algorithm used to highlight discrepancies between network inventory and critical security tool Qradar inventory. Analysis of log auto discovered items in QRadar to avoid duplication and the misinterpretation of log files.
• Cybersecurity, anti-malware, DLP efforts using ProofPoint, Sophos, McAfee Enterprise DLP and Symantec enterprise DLP and Skybox cybersecurity modules.
• Responsible for Information security on an 1,100 + user environment involving Active Directory, Linux RHEL 5, 6, Cisco and Juniper firewalls log analysis and network security appliances.
• Proficient with PGP, RedSeal, QRadar, CyberArk, Tripwire Enterprise, Nexpose Rapid 7, Nessus 6.7, Sophos AV, ProofPoint, BlueCoats, Bit9-Carbon Black, Snort, Splunk, Syslog, Scrum, Agile, SDLC, SIEM, Windows 10 security, Altiris ver. 8.
• Provide IT Audit expertise involving Governance Risk Compliance GRC involving Capability Maturity Model CMM, ISO/IEC standards, OCTAVE, FAIR, TARA, OWASP top 10 controls, CoBit, NIST, FFIEC controls and Centers for Medicaid/Medicare CMS standards. Robotics study as it relates to Cybersecurity and SCADA controls and methods.
• Led IT Audit efforts to facilitate a) findings b) recommendations c) risk remediation and ultimately passing US Government CMS reviews of Network security controls, compliance with SOX, GLBA, redundancy, application development involving SDLC, SOX sect. 4 internal controls assessments, CJIS directives, IT physical security of operations and co-location data center, IT management reporting structure and internal audit committee functions as well as future IT audit.
• As Project Manager, successfully communicated, via targeted meetings, to facilitate information flow between IT security teams, HR, IT operations in order to remediate compliance shortfalls in PCI compliance, SOC, SIEM and IT audits.

Confidential, Tampa, FL

Technical Program Manager, Information Security, IT Audit/Risk SME

Responsibilities:

• Oversaw Active Directory Project involving 20 persons using PCI-DSS 12.3, Tripwire Enterprise, a risk management plan, analysis of risk for critical processes, risk probability and risk impact. Applied methodologies: OCTAVE, FAIR and TARA.
• Developed IT audit and risk mitigation strategies including the assignment of owner. Elicited key remediation actions.
• Monitor identified risks and IT audit issues with tools and teams. Assist critical incident response process with IT engineers and stakeholders. Escalate early to business owners to determine when to engage senior leadership.
• Establish and maintain strong relationships with business operations, technical operations, engineering and finance.
• Direct business processes, product requirements and overall enterprise impacts the project may have on the existing system infrastructure. Identify, confirm, and obtain participation from required cross-functional teams. Work with the other team members and Strategic Business Initiatives to do this effectively. Utilize CSIRT and use OWASP to baseline SIEM event trends and attack patterns and vectors. NERC-CIP 007 R2, DIARMF, SCADA cybersecurity, anti virus efforts with Symantec Enterprise, PAN data analysis, Confidential Web Services AWS cloud and Golang. SCADA Robotics study for future merger with Charter Communications and ultimate formation of SPECTRUM.
• Worked to define and scope CJIS, GSA and US DOD requirements for ITAR certification for several key clients involving secure telecommunication projects and DLP data loss prevention initiatives..
• Work with leadership to help identify and assist in making program trade-offs to balance scope, time, and costs.
• Develop and execute PMBOK defined and led project plans, with dependencies, milestones based on backlog, story points and velocity to establish reachable targets.
• Information security role in auditing Active Directory for remediation. Provide understanding and knowledge of Active Directory, Skybox Cybersecurity, Carbon Black, ProofPoint, QRadar, security patching initiatives, Confidential Web Services, Golang, Tripwire Enterprise,Tenable Nessus 6.7, Nexpose Rapid 7, Scrum, Agile, Splunk, Syslog, UEBA, SIEM and Skybox Platforms including Vulnerability Management, Threat Assessment and Change Management validation, Node.js Java scripting, SIEM CVE, security monitoring, Zachman and TOGAF. Apply key controls with risk assessment, remediation as well as internal audit best practices.
• SME to IBM QRadar and upgrades, FAQ knowledge and malicious activity reporting.
• Oversaw a 3000+ computer group a CAT 1 Network and the risk surrounding migration of the activities
• Created reports and coordinated remediation efforts. Qradar CyberArk PAM privileged access management, Password Vault, DLP data loss prevention, 9.2 beta tested platform for ID of privileged accounts, access control lists, audit trails and password history analysis. SAP ERP pillar analysis, provisioning and access granting, SAP process control assessments performed.
• Created and implemented a risk management plan. Identified project related risks and triggers; establish risk thresholds and contingency plans using OCTAVE, FAIR, TARA plans, refine estimates to create baseline resource plan.
• Provide oversight, updates, POA&Ms progress and management of appropriate processes and communication.

Confidential, New Jersey and Miami, FL

Consulting Operation Owner, CTO, Program Manager, BASEL Accord Risk Program Manager

Responsibilities:

• In charge of 3 persons involving the Planning, Organization and Direction of small, medium and high value Financial Services, CMS governed Health Insurance Industry, Pharmaceutical and Manufacturing Client audits, business projects and risk assessments involving Project Management Body of Knowledge PMBOK / PMI standards, IT Audit internal controls, SCADA Cybersecurity, GLBA, SOX, HIPAA, HITRUST, UVBA, CSIRT, DIARMF, SIEM, CVE, NERC, FERC, CIPv3, application development and systems development life cycle SDLC.
• SME in Banking and Financial Services involving FFIEC, Federal Reserve, LFBOs, FMIs, SSPs Information Technology and Cybersecurity thus providing a reasonable assurance of security and compliance.
• Provided services to Financial Services Clients including BASAL Accord direction, IT governance, IT security awareness, IT environmental standards and Top-level policy direction involving operations and network infrastructure.
• Acting liaison to third party security risk management efforts with Health Insurance industry clients, manufacturing and distribution clients, their external vendors and internal audit teams. SME with Banking industry and with US DOD directives including GSA, DIACAP, DIARMF, ITAR, DISA / STIGS. Utilized SAS-70 (legacy) and SSAE-16 audits and reviews. Applied standards for internal controls with CJIS, GLBA, SOX 404, NIST 800-53, DIARMF, OCTAVE, FAIR, and referenced CoBIT 5 and COSO enterprise risk management.
• Defined and execute vulnerability risk assessments to include team selection, security scans, internal/external audits and OWASP top 10 incident response project planning, perform triage on McAfee SIEM events. Analysis of Skybox cybersecurity platform including Attack surface visualization and Threat / Vulnerability management. Worked with Splunk and Syslog security intelligence platform, Confidential Web Services, Golang, CyberArk Identity Access, Node.js Java scripting and Tripwire Enterprise.
• Provided support and administration of Qradar involving Service Level Arrangement SLA with IBM, functionality of reports, malicious activities and reconciliation to existing internal System inventories.
• Strategic level Authoring and execution of IT Security Policy, IT Security Manuals, ISSM Information System Security Manuals, backup BCP disaster plans, additional corporate-level policies and procedures as network systems evolve. Obtained board approval of all written documentation submitted.
• Active role in Information Security with POA&Ms, SCADA, FISMA, FFIEC, DIARMF, UVBA, ISO / IEC 27001, 27002.
• Secured and improved IT operations surrounding a FFIEC rework of corporate policies and procedures, BCP, application access controls, POA&Ms, eGRC, OWASP top ten, SSAE-16 audit compliance, SailPoint, SOX, PCI, CoBIT 5, and IT governance, security / risk assessments including OCTAVE and FAIR.
• Research current industry trends in threats, SIEM, CVE vulnerabilities, application design flaws and countermeasures. Performed Skybox cybersecurity administration involving change management, network topology and firewall analysis.
• Provided SAP process control assessments and engineering analysis.
• Performed SDLC development of application technical requirements, system design, quality assurance, user acceptance testing, and pre-production testing of distribution project analysis for operations using AIX UNIX LINUX tools.
• Lead strategy meetings for remediation audit findings and deliverables. Motivate staff to provide accurate and timely reports to ensure a reasonable assurance of security and compliance.
• Managed an inventory control project involving deliveries and product valued at over $500k for Advance Auto stores.
• Volunteered for new project administration duties to include building an IT Audit case, information gathering, access / exploitation, and reporting of findings with Tenable Nessus 5, ProofPoint, Qradar, IP360, Nexpose Rapid 7 and Tripwire Enterprise 3.x.
• Provide Client senior management with a documentation of SOX internal controls and the creation of action plans using POA&Ms, BCP disaster recovery, VISIO design, reporting of milestones reached and follow-up goals.
• Marketed existing Financial Services for Thrift Institutions and Banks to perform IT work involving SSAE-16, IT security assessments, Risk Assessment, FFIEC, FDIC, BASEL II Accord and SEC compliance.

Confidential, New York, NY

Vice President and Bank Officer, BASEL Accord Risk Program Manager

Responsibilities:

• Vice President in charge of 24 persons involving identifying risks that exist, planning projects, managing milestones.
• BASEL II Accord principles utilized in key risk definitions.
• Addressed board of directors and senior management involving Japanese FSA directives and US Fed directives.
• Defined and led risk assessments involving control self-assessment, corporate risk posture, root cause analysis and key risk indicators.
• Implemented risk impact and worked OCTAVE and FAIR risk methodologies.
• SME on Banking Operations in back office, middle office and front office.
• Utilized a mature Project Management Office and PMBOK in assessing SDLC procedures for critical capital markets application.
• Identified potential risk impact regarding a key IT risk component and mitigated a $30 million exposure.
• Provided ITIL v2, COBIT, FFIEC, FDIC, and OWASP project best practices analysis for network enhancements.
• Wrote key controls and inputs for annual Business Impact Analysis BIA and BCP disaster recovery plan.
• Provided expert analysis involving ISO /IEC 27001, BASEL II accord, GLBA, SOX, FFIEC directives.
• Directed 14 person staff in a corporate governance project utilizing risk, FFIEC and Japanese FSA principles.
• Built project management PMBOK, NIST information quality, and ISACA COBIT standards into IT key controls.
• Highlighted IT risk to effectively mitigate issues in IT network infrastructure, and SDLC/systems development teams.

Confidential, Pine Brook, NJ

IT Manager, IT Auditor

Responsibilities:

• Manager in charge of 3 persons involving the Authoring of risk assessment plans and IT Audits.
• Created and proposed client IT security plans, risk assessments and internal control reviews for Banking and Financial services clients.
• Frequently addressed boards of directors involving Information Security initiatives and IT internal operations.
• Created audit program for EDS - Confidential web banking application. Improved security audit programs with audit engagement team involving LFBOs, FMIs, SSPs, CJIS, GAAP, GLBA, SOX, SEC, GSA and utilized 3rd party consultants and sought senior partner approval. Became a sought after SME to the Banking and thrift industry on IT operations and risk assessments
• Led over 200 IT-FFIEC, SAS70 and SSAE4302 audits for 60+ clients including service bureaus and co-location firms.
• Audited third party critical security applications such as Top Secret, AS/400, DASD, IBM 7 series mainframes, Win2k, and Win2k3 distributed operations.
• Industry reference and SME with NIST 800, CJIS, FDIC, FFIEC safety and soundness security controls audits and risk assessment reviews.
• Lead hands-on technical manager in supporting a 100 user network involving Novell Netware 5x, Windows Server 2003, MS Exchange server, TCP/IP, DNS, POP accounts, Backup Exec, ProSeries Tax, Go Systems Tax, Quick Books Pro, Peach tree Accounting.
• Tally IAVA security metrics and report to staff and management existing security concerns and requirements.
• Participated in network penetration testing and BCP disaster recovery drills.
• Provided corporate level business guidance regarding IT operations, IT governance, internal controls and audit findings.
• Promoted best practices referencing ISACA COBIT, ITIL, BASEL II, FFIEC, GAAP and OTS guidance.

Confidential, New York, NY

Senior Network Administrator

Responsibilities:

• Coordinated IT system administration for a leading pharmaceutical medical advertising agency with multiple locations.
• Negotiated BCP recovery contracts with hot-site, warm-site and cold-site disaster recovery vendors.
• Performed annual Business Impact Analysis BIA and risk assessment within a co-location network.
• Oversaw 2 major system upgrades and corporate relocation project in midst of lengthy company sale to Confidential .
• Built help desk to aid Apple ANS, PC/LAN Novell-NT server, Network Administration, Linus and Unix systems.