SUMMARY

• IT Security/Cybersecurity Analyst, IT Infrastructure Auditor, Compliance Administrator, GRC, Internal IT Controls, Compliance, SOC2, PCI Compliance, IT Auditor, UNIX/Linux/Windows Sys Admin, IT Security Architect to ensure our IT Systems, Processes and Policies meet or exceed Regulatory and Customer Requirements as well as Industry Security Standards

PROFESSIONAL EXPERIENCE

IT Security Analyst

Confidential,NY

Responsibilities:

• Initiate and conduct scheduled Global Compliance Reviews as per Financial Industry Regulations
• Compile Baseline Security Levels (SOEs) and reconcile them with CIS’ and NIST’ Benchmarks

IT Security Analyst, IT Auditor

Confidential

Responsibilities:

• Provide directions and hands - on instructions to obtain IT Compliance. Verify IT Security, Management Control and IT Controls Compliance using various tools, such as LT Auditor+ by Blue Lance, Control Compliance Suite by Symantec, Power Shell, bash, GRC by Oracle
• Verify Audit Results from teh other Auditors; Validate Collected Evidences
• Maintain/Support (back-end) of teh main Business Apps based on IBM AIX-5.x, RedHat-5.x and Oracle. Compile Run Books
• Implement and manage Auditing, Security Policies and Procedures. Cyber Security
• Infrastructure Support, User Support; AD support, GPO Management, W10, Office’365

IT Security Analyst, Consultant

Confidential

Responsibilities:

• Configure, secure, and administer Linux and Windows systems on Amazon AWS, Digital Ocean, Azure and Rackspace cloud platforms for SMB clients (printdiecut, great.digital, …)
• Properly size and build Linux (Red Hat, CentOS, Debian) EC2 instances for web workloads
• Install and configure LAMP environment, WORDPRESS setup and maintenance
• Use Puppet to configure and maintain database, webserver, and file server roles for on-demand provisioned images
• Use Amazon CloudWatch on AWS to monitor and troubleshoot box infrastructure, along with standard UNIX monitoring tools (ps, iostat, du, sar, tcpdump, …)
• Create web and database log analytics using Splunk
• Configure OpenVPN tunneling between cloud infrastructure and locally hosted infrastructure
• Windows/Linux System Administration at teh client’s site. Infrastructure, Networking

IT Specialist North America—Chesapeake Pharmaceutical Packaging

Confidential

Responsibilities:

• Configure and install Unix/Linux/Windows/Macs servers; System/Security/Application Administration. Systems and Network Monitoring. IT Infrastructure Audits
• Software Development and Testing. Perform IT Internal Controls Audit across North America
• Configure and install Cisco R&S, WLC, AP, FW and appliances. Infrastructure Support LAN/MAN/WAN and monitoring (NTP server, SNMP poller, Nagios monitoring and alerting)
• IT Security, Internal Controls, IT Compliance; SOX Compliance. Perform and document annual SOX testing of IT General Controls in teh areas of Security, Change Management, Application and Data Access, and Monitoring Controls
• Manage application patches, data backup, security changes and network configurations across a heterogeneous environment of 16 RHEL and 24 Windows servers (Puppet)
• Develop tools and Python/shell/PowerShell scripts to monitor reliability and functionality of teh environment, tasks automation
• Configured and managed Asterisk PBX phone system, as well as Cisco Call Manager
• Collaborate with teh global team to resolve IT support cases
• Serve as sole database administrator for IBM Informix DB storing mission-critical ERP data
• Conduct annual IT Compliance Audits across North American Sites
• Develop and maintain accurate systems and network documentation (internal Wiki pages and Visio diagrams)

Accomplishments

Confidential NA

Responsibilities:

• Planned and supervised Fiber and CAT5e Ethernet cabling for 70,000 sqft combined production floor to 24 PLCs dat support industrial printing press equipment
• Configured vendor equipment (PLCs, PCs) using vendor-supplied documentation and built monitoring system for infrastructure using Nagios (via SNMP polling)
• Consolidated legacy physical Windows 2003 server environment to VMWare virtualized Windows 2008 R2 environment, reducing physical server count from 28 to 10
• Move P2V and V2V using VMWare Converter
• As per Customer’s Request installed trial Version of teh Websphere and use MQ

Directed Front Office

Confidential

Responsibilities:

• Designed regional datacenter infrastructure and laid out data cabinets and points of distribution throughout front office and shop floor equipment
• Orchestrated IT turnover from one location to another with no interruption in business operations
• Migrated Avaya Merlin PBX to Definity, tan to teh open source Asterisk system at Confidential, and moved from Definity to Cisco CME at multiple locations and saved $60,000 in implementation costs
• Researched and implemented WAN link using bonded T1 as a primary connection with Verizon FIOS as backup
• Upgraded ERP System from IBM AIX-3.x to 4.x, tan to teh 5.x, tan migrated from AIX to RHEL-4.x, tan to 5.x; Move to teh VMWare-4.1, tan upgraded to VMWare-5.x

Achieved Complete Sarbanes

Confidential

Responsibilities:

• Worked with auditors from Ernst & Young (E&Y), PwC and Deloitte to ensure SOX compliance
• Created procedures for ensuring segregation of duties in IT processes and change control systems
• Created procedures for ensuring segregation of duties in IT processes and change control systems
• Automated backup systems and ensured dat ensured dat logs were collected and retained according to SOX requirements
• Documented backup and disaster recovery procedures
• Created password policies and database change auditing systems
• Manage all IT equipment purchasing across All North American Sites 2013
• Negotiate with IT vendors for office desktop hardware and printing supply contracts
• Migrated and consolidated heterogeneous networking infrastructure to Cisco hardware with a support contract to lower operational burden

TECHNICAL SKILLS

• Install/Configure and Maintain Wintel, UNIX (AIX-5.x), Linux (RHEL/CentOS), HP-UX
• Strong understanding of various TCP/IP Protocols and Services
• Implement and manage auditing and security policies and procedures
• CISA, CCNA Certifications. ITIL, COBIT, CISM and CISSP Knowledge; Process Improvements. SOPs, GRC Audit Software/Tools
• Risks and Mitigations; Security Policy Development; SOC2, SOX, IT Compliance
• Recommend continuous improvements & streamlined processes
• Coordinate discussions to resolve concerns & assess risks and mitigations
• Support test conclusions with clear, appropriately referenced work paper documentation
• Identify key risks (actual and emerging) within IT processes and controls. BIA
• Support enterprise IT projects to optimize control structure and reduce risk
• Task Automation using Python, Bash, and Power Shell. Informix 4GL Programing
• Linux Systems Installation/Upgrade/Update using Puppet Labs, Chef, Ansible
• Data Center (NOC) Design/Management/Migration/Consolidation and Relocation
• Applications/DB Design/Management/Migration/Consolidation and Relocation
• System/Network/Security Monitoring Tools: Nagios, Solarwinds, Splunk, CloudWatch
• VPNs. Multi Point Dynamic VPN. HA Proxy
• Develop and maintain Backup and DR procedures. Test Restore. DRP/BCP
• AD Management; Auditing, Security Event Analysis; GPO Management
• Intrusion Detection/Prevention Systems (IDS/IPS) Data Loss Prevention (DLP)
• Database Administration (Informix/DB2, MySQL, Postgres, Sybase). SQL
• Front/Back Office Network Design, Cisco L2/L3 S&R Management, Firewalls, .Juniper Support. Traffic Engineering, Infrastructure Capacity Monitoring and Planning
• Advanced problem solving skills and teh ability to work collaboratively with other
• VMWare Support via vSphere Client; VMware Converter: P2V, V2V. Citrix Support
• Experience inSAN/NAS/DAS storage environments
• Operations Cost Control