SUMMARY:

To attain a position in which my twenty - eight years of diversified IT and managerial experience, cumulative information security / cyber security specialization, network design and architecture skills, and IT project / program management experience would be utilized to its maximum potential.

SKILLS:

Wide knowledge of business administration, personal computers, networks, peripherals, and software packages including:

SOFTWARE: Cisco Security Device Mgr MS Windows NT 4.0 - 2012 BMC Patrol MS Outlook MS Windows 9.x, XP, 7, 8, 10 MS Office ’95 - 2016 Ghost Support MagiMS Exchange 5.X - 2016 Visio RealSecure 5.0 Checkpoint Firewall Health Trio Netsupport Intuit Track-It QuickBooks

HARDWARE: Cisco routers - 2500, 2600, 2800, 3600, 7200, 7500 series Cisco switches - 2900, 4000, 5000, 6500 series Nortel & Juniper Routers 3 Com switches HP Netserver LH 4 & Netserver Pro, Blade Servers Cubix servers NetApp SAN devices Cisco Pix & ASA Firewalls

BUSINESS SKILLS: Entrepreneurial skills including business management, budgeting, project management, financial forecasting, project planning, and PCI / HIPAA / HITECH / ISO auditing, Disaster Recovery & Business Continuity Planning, design, implementation, maintenance, and testing. Information security, IT security, and cyber security skills including (GRC) governance, risk management, compliance, and BMIS. Experienced with many infosec frameworks and standards: ITAR, FISMA, ISO 27001, DIACAP, DoDI, HITRUST, FedRAMP, MARSe, SOC 1 (type 1 & 2), SOC 2 (type 1 & 2), NIST RMF 800 series, BS 7799, ISO 17799, PCI-DSS 2.0 - 3.2.

PROFESSIONAL EXPERIENCE:

Confidential

Information Security Manager / Information Security Consultant

Responsibilities:

• PCI-DSS / HIPAA / HITECH / SOC 1&2 / ISO 27001 auditing and compliance, implementation and maintenance
• WISP (Written Information Security Plan) creation, implementation, and maintenance
• National data center colocation information security plan design and coordination
• Served as chairman of ISMS (Information Security Management System) steering committee
• Product management and development for biometric devices, mantraps, and access control systems
• Performed risk analysis, risk assessment, and BIA (Business Impact Analysis) for senior leadership teams
• National travel for information security consultation on a per site basis, per contract term
• Compliance, certification, and governance management, renewals, internal auditing
• Market analysis to identification competitors, target markets, and respective customers
• Development of company value propositions and communicating certification value to the customer
• Worked with executives to create cost modeling and strategic pricing based on company mission and goals
• Identified and capitalized on emerging markets such as IOT and DCIM (Data Center Infrastructure Management)
• Assured regulatory requirements were met in all areas of information security
• Created information security roadmaps to guide organizations from conception all the way to realization
• Worked hand in hand with Chief Marketing Officer to establish continual customer communications
• Consulted with internal IT and network engineering teams to develop company-wide cybersecurity posture
• Coordinated with sales teams to create customer communications and presentations
• Network Infrastructure Design/Architecture and engineering from the ground up for enterprise application
• Data Center / Network Operations Center architecture and engineering for DR/BCP and ongoing/planned operations
• Developed various Information Systems Security Programs for Fortune 1000 companies
• Directed internal audit testing and documentation, plus administration of risk assessments and remediation
• IT governance including directing teams of 12 network engineers and network security administrators
• Designed policies, procedures, projects, and programs to protect enterprise assets from internal and external threats
• Researched emerging threats in the areas of ransomware and phishing attacks and proactively set up defenses
• 100% safe and secure rating - never had a data breach which in charge of information security
• Worked with C-Suite executives to reduce the overall operational risk of the organization
• Conducted information security awareness training, developed FAQs, blogs, web posts, and related materials
• Created and directed incident response teams to proactively deter anticipated attacks
• Communicated complicated security concepts to nontechnical employees to strengthen the overall security posture
• Mapped information security requirements of ISO 27001 and PCI-DSS to internal policies and procedures
• Obtained and maintained several information security certifications, designations, and advanced degrees
• Facilitated Infosec and cybersecurity governance through leveraged collaboration with other departments
• Defined security strategies and established metrics for complete measurement and reporting of overall security
• Mentored junior members in the information security field and created training programs and curriculum
• Performed internal compliance auditing while also interfacing with external auditors during company re-certifications
• Worked closely with other technical experts to continually strengthen the overall security program through best practices
• Addressed unique needs to protect identify theft, personal health information (PHI), mobile devices, etc.
• Kept abreast of security incidents and gleaned lessons learned to further improve the company security posture
• Provided leadership, direction, and guidance to Information Technology and Network Engineering teams
• Enterprise network engineering duties utilizing various networking protocols (EIGRP, OSPF, BGP, MPLS)
• Project development, planning, and management of cabling and hardware/software implementation teams
• Human resources allocation, delegation, and supervision of technical projects and initiatives
• Developed, implemented, and conducted training on an enterprise-wide Data Classification Program
• Enterprise consulting, and IT project engineering including installation and configuration of Cisco routers and switches
• Created and maintained IS policies and procedures for several Network Operations Centers
• Developed, implemented, and enforced Information Security Management policies and procedures
• Implemented Intrusion Detection and Intrusion Prevention Systems and Services
• Program and budget management of complex, enterprise wide technical projects
• LAN/WAN engineering and administration - internet security (Cisco PIX, ASA, Checkpoint FW-1, VPN Tunneling)
• Developed strategic objectives and business plans and provided leadership training for staff of network engineers
• Implemented Cisco Security Manager along with various Cisco Routers and Switches
• Disaster Recovery and Business Continuity Planning, design, implementation, maintenance, and testing.
• Resource planning for simultaneous projects through extensive program and project management
• Developed, implemented, and directed enterprise architecture strategies
• Served as project manager liaison between network engineering and network architecture/design teams
• Produced SSAA documents and, DIACAP, DITSCAP, NIST 800 series input for ongoing and planned programs
• Help desk planning, development, implementation, and production
• Business plan development, SWOT analysis, and strategic ROI planning

Confidential

Information Security Manager / Senior Network Security Administrator

Responsibilities:

• Developed an entire information security program based on HIPAA and ISO 17799 regulations
• Managed a team of 2 junior network administrators, 6 computer technicians, and 4 telecom technicians
• Installation, configuration, and maintenance of production servers, routers, switches, firewalls, and hubs
• LAN/WAN engineering and administration - internet security (Cisco PIX, Checkpoint FW-1, VPN Tunneling)
• Network security, intrusion detection systems, and server performance monitoring
• Developed various SLAs for help desk, network systems, infrastructure, architecture/design projects
• Designed and implemented entire network and telecom infrastructure including capacity planning & design
• Handled all IT program and project management for 400+ users spread over 12 locations
• Enterprise network engineering duties utilizing various networking protocols (EIGRP, OSPF, BGP, MPLS)
• Implemented and supervised help desk team that designed, implemented, and maintained network and desktop operations
• Microsoft NT server and Exchange Server engineering and administration
• Project development, planning, and management of cabling and hardware/software implementation teams

Confidential

Information Security Consultant / Network Security Engineer

Responsibilities:

• Performed various projects for Compaq, Tampa Bay area businesses, and Orlando area businesses
• Developed various Information Systems Security Programs for local and web security applications
• Installation, configuration, and maintenance of production servers, routers, switches, firewalls, and hubs
• HIPAA / PCI - DSS auditing and compliance including implementation and maintenance of all requirements
• Network security, intrusion detection systems, and server monitoring
• Disaster Recovery, Business Continuity Planning, and Project management for enterprise operations

Confidential

Information Security Manager / Network Security Engineer

Responsibilities:

• Developed an Information Systems Security Program for 500 + users
• Managed 1 sr. network administrator, 2 jr. network administrator, 4 techs, 1 MS Exchange admin, 4 help desk
• Developed, Implemented, and conducted training on an enterprise-wide Data Classification Program
• Developed and served as Chairman of an Information Systems Security Management Forum
• Developed, implemented, and enforced Information Security Management policies and procedures
• Enterprise network engineering duties utilizing various networking protocols (RIP, EIGRP, OSPF, BGP, MPLS)
• Performed network engineering duties including LAN/WAN network security duties
• Configuration and maintenance of Cisco routers, switches, firewalls, and IDS for web security
• Developed and implemented 10-layer access control methodology model for use on all programs
• Developed and conducted monthly, quarterly, and yearly Information Security training

Confidential

Network Security Engineer / Information Security Consultant

Responsibilities:

• Installation, configuration, and maintenance of production servers, routers, switches, firewalls, and hubs
• Directed a team of 7 network engineers and various network security consultants
• Network security, intrusion detection systems, and server monitoring
• Aided in router and switch conversions during corporate reorganization
• Performed data analysis and network documentation duties for data center

Confidential

Network Security Engineer / Help Desk Manager

Responsibilities:

• Supervised help desk team that designed, implemented, and maintained network and desktop operations
• Microsoft NT server and Exchange Server engineering and administration
• Hardware/software installation and upgrades (Cisco, Checkpoint)
• PC technician duties including category 5 cabling (routing, terminating and testing)
• Hardware/ software inventory and daily, weekly, & monthly information systems reporting

Confidential

Network Security Engineer / Help Desk Manager

Responsibilities:

• HIPAA auditing and compliance including implementation and maintenance of all requirements
• LAN/WAN engineering and administration - internet, intranet, and extranet security (FW-1, IIS)
• Managed a team of 4 network administrators, 4 computer technicians, and 2 telecom technicians
• Network administration duties including on-site technical support for 300+ users
• Upgrading, installing, configuring, repairing and maintaining PCs, terminals, laser printers, routers, and hubs
• Phone / data cable routing, terminating and testing (Cat 3, 5, 5E)