PROFESSIONAL SUMMARY

Over 13 years of experience in the Information Technology industry and about 10 years of experience working with Law Enforcement Systems pertaining to Oracle applications, IT security, controls, Information systems management, audit and project implementation. My strength is centered on my ability to conduct readiness assessments, evaluate results, and present findings in a logical and easy-to-understand manner. I have been involved in project life cycle and several short and long term engagements. I possess the skills to quickly adapt to any environment. I am able to organize, prioritize, and meet tight deadlines. I have working knowledge of web application security grid, setting and maintaining the resources, compliance, procedures, policies and programs. I have been instrumental in creating audits and organization reports to upper management. I have broad understanding of most operating systems, databases, networking techniques, programming knowledge, servers and high level understanding of overall IT structure of an organization.

OBJECTIVE

Apply technology to align with business strategy to achieve the corporate goals using my diverse IT background.

PROFESSIONAL EXPERIENCE

IT Security, Compliance Risk Management Analyst

Confidential

• Initiated and led IT risk management for the IT department.
• Performed PCI DSS HIPAA audit, tracked and prioritized the vulnerabilities.
• Implemented controls ISO 27001-5 to mitigate IT risks and developed metrics.
• Provided guidance to the stakeholders to identify, address and remediate IT risks.
• Updated and implemented of IT Security Policy IT Best practices thought out the organization.
• Monitored QualysGuardPCI vulnerabilities and worked with various teams for remediation.
• Tracked DLP Data Loss Prevention vulnerabilities and coordinated with various teams for the remediation.
• Made recommendations for the improvement of hardware and software solutions.
• Performed troubleshooting, tested for quality assurance and analyzed systems as needed.
• Coordinated with risk partners to inform and planning for the vulnerabilities.
• Prepared and managed weekly status reports on IT vulnerabilities for the IT management.
• Determined the presence of the application vulnerability. Plan and executed the remediation strategy.
• Provided secure application guidelines to the application development team.
• Managed application access via RBAC Role based access management .
• Worked with vulnerability management tools performed remediation to minimize the IT risk.
• Tracked Active Directory, Email security ProofPoint , antivirus Sophos vulnerabilities, and managed remediation process.

Lead System Administrator / Team Lead

Confidential

• Worked with IT Risk management and addressed remediation.
• As a team member, review and revised IT Security policy.
• Monitored system performance logs and tracked vulnerabilities.
• Monitored and managed Antivirus Console and Qualys vulnerabilities.
• Special focus on GLBA vulnerabilities and remediation process for the applications.
• Applied ISO controls and created control gap.
• Participated systems administration planning, testing, and implementation meetings with the in house and outside vendors.
• Coordinated with IT Risk partners and stake holder for the vulnerability management.
• Participated in for the Data Leakage prevention DLP vulnerabilities management process.

Senior Systems Administrator

Confidential

• Worked with systems vulnerabilities, created log management systems.
• Performed application security access management and user authorizations review.
• Enhanced users, accounts and permissions management system. RBAC
• Worked with a team to provided input on updated IT Security Policy.
• Prepared GLBA compliance report for the application access management.
• Performed data analysis to identify data integrity issues, rendered systems solutions proposals.
• Provided deployment assistance SDLC , JAD sessions, IT solution evaluations.
• Provided training on new systems, bug tracking and reporting mechanism.
• Assisted other Security Administrators with the implementation of security controls in new and existing applications and systems.
• Involvement in the design phase of corporate/divisional security enhancement projects.
• Participated in the business impact analysis, risk assessments for new systems, testing and reporting.

Sr. Application Security Administrator IT Security Group

Confidential

• Role based permissions RBAC and access handling on all systems resources.
• Oracle Access Management OIM , Web Access Management WAM and Single Sign on SSO .
• Managed day to day user access requests for granting / revoking access on various systems of the police department applications and other web resources.
• User Access Management Audit, Reporting and aligning with Business rules.
• User account management, password management, user profile management.
• Data analysis for business intelligence BI for decision making by upper command.
• High level Helpdesk support on various occasions for law enforcement users city wide.
• Training Police staff on various database technologies and applications.
• Complex SQL and PL/SQL codes/ queries and report generation Crystal Reports .
• Remote and wireless resource management VPN for the law enforcement systems.
• Information system security policy and procedures.
• Audit and compliances tracking on the various systems used by the department.
• Joint application design JAD session and system development session SDLC .
• Newly developed software test, automated / manual testing of applications.
• Created automated programs to compliment technologies used by law enforce.
• Operational support of the law enforcement applications.
• Research Development R D on various law enforcement cutting edge technologies.
• Systems and database security and designing of security modules.
• Physical security management of Police HQ via computerized security system CCTV SimplexGrinnell .
• Worked with the mainframe systems to provide support.
• Y2K readiness for the law enforcement systems.

Confidential

• Successfully accomplished the task as a senior team member to migrate mainframe to client server system of Chicago Police Department for the compliance of Y2K readiness. Worked on various tasks of the project such as networking, servers, databases etc.
• Lead the team in a project to replace the Police Officer's identification systems with a modern state of the art system to provide a detailed computerized identification for the law enforcement.
• Designed and implemented security modules for the web based law enforcement software applications for the Chicago Police. Improved the system and network security based on my recommendations.
• Over 500 different law enforcement agencies profiles were created from all over the USA , created agency administrators and delegated them with second level admin access in order for them to allow related law enforcement users to tap into Chicago Police Department IT resources remotely and securely to share the vital data and information for fight crime on city, state and federal level.

Information Technology Consultant

Confidential

One of the team lead in Windows NT migration projects for Motorola Inc. at Libertyville.USA

Network Coordinator, I/T Specialist

Confidential

Responsible for complete support of IT infrastructure.

University Computer Lab Assistant, Summer Intern

Confidential

Shift in charge at the university technology lab.