PROFILE:

15 years professional experience, comprehensive certifications including ISO 27001 Certified Lead Auditor.

WORK EXPERIENCE:

Confidential

Professional Services Consultant

Responsibilities:

• Risk Assessment of financial systems based on NIST (A) as well as ISO27001
• Vulnerability assessment with Confidential Appscan, Qualys, & Nessus.
• Risk Assessment & Gap Analysis for North America Remote Connections
• Security Operation Center Architect for HSBC North America Operations
• Adherence to FISMA standards, using NIST SP as a basis for developing a security plan and ISO 27001 as a rough Compliance guideline.
• Conducted risk assessment of Pace Makers for St Jude Medical in CA.
• Audited internal systems supported Pace Makers for Safe Harbour compliance.
• Administration & Installation of Palo Alto Firewalls
• Juniper Netscreen and SRX Administration via NSM
• Firewall rule pruning and Ticket management via Tufin Secure Change/Track
• Penetration testing for firewalls for risk assessment using Appscan and Metasploit
• Implementation of Fireeye, Imperva WAF, and Sourcefire IDS 5.3
• Administration of the following SIEMs: Qradar, RSA SA, and Log Logic
• Risk Assessment & Gap Analysis for North America Remote Connection
• Security Operation Center Architect for HSBC North America Operations
• Checkpoint Provider - 1 training
• Implementation of Imperva platform for online trading verification and monitoring
• Administration of Sourcefire IDS 5.3
• Installation and Administration of Tufin, FireEye, Cisco WAPs, and Juniper SSL solution for BYOD environment
• Conversion of Cisco ASA to Palo Alto and Provider-1
• Adherence to FISMA standards, using NIST SP as a basis for developing a security plan and ISO 27001 as a rough Compliance guideline.

Confidential

Security Engineer

Responsibilities:

• Administration of F5, Snort, Imperva, ASA, Juniper SRX and CP R77 Platforms.
• Conversion of firewalls from Cisco ASA 9.1 < - > Juniper SRX 12.1 and Checkpoint R77/75 < --> Both ASA and SRX
• Supporting customer complaints and requirements for VPNs, remote access, connectivity concerns... in real time.

Confidential

Designated Security Engineer & Team Leader

Responsibilities:

• Led a team of 4 Security engineers to implement security solutions for US gov compliant to NIST
• Required to provide continuous analysis of emerging threats to US gov agencies.
• Conducted Risk Assessments on Financial clients' databases focusing on potential personal information leakage
• Conducted vulnerability assessments with Confidential Inspect and Qualys
• Creating reports for PCI-DSS compliance
• Monitoring Remote Checkpoint 75, Juniper, and Cisco ASA Firewalls within MSS Environment
• Technical Implementation of Checkpoint upgrade projects from R65 to R75 and from Cisco PIX/ASA to Checkpoint R75.30/40 for financial and government customers.
• Designing a new Checkpoint Provider-1 Installation domestically for US only customers.
• Provider -1 administration over 500 sites as part of a team.
• F5 LTM administration over 200 customer sites and applications.
• Rule Base Optimization and Pruning Using Tufin with Checkpoint FW-1, Cisco ASA and Juniper SRX Series Firewalls.
• Designing Imperva and Checkpoint Enterprise solutions for Web Applications, mainly for large online companies.
• Installing and configuring new Sourcefire IDSs for remote monitoring
• Administrating Blue Coat Proxy Servers and troubleshooting connectivity
• Designing and documenting custom IDS Signatures
• Documenting new application firewalling change proposals
• Issued Audit Reports for from F5 Load Balancers for ISO27001 Compliance programs within financial institutions.
• Creating reports for PCI-DSS compliance
• Active engagement with IT team to proactively provide solutions
• Monitoring Oracle and SQL Database & User Activity
• Documenting new application firewalling change proposals
• Administration and troubleshooting of Certificates on servers
• Designing integration solutions with Web Application Firewalls and traditional Cisco AXA and Checkpoint FW-1 Architectures.

Confidential

Project Manager

Responsibilities:

• Used Tufin Secure Track for Firewall Management
• Administered Checkpoint FW-1 on Crossbeam X80-S Platform, Provider-1, Juniper Netscreen andSRX Series Devices, Cisco ASA, and Bluecoat Proxy Servers.
• Used Remedy as the ticketing system
• Responsible for rule creation, traffic verification, rule pruning, troubleshooting, and configuration.

Confidential

Intrusion Detection System Administrator

Responsibilities:

• Implementation of Sourcefire IDS on Crossbeam X80-S Platform.
• Administration of Arc-Sight
• Administration of Tripwire HIDS
• Checkpoint FW-1 Administrator/
• Was solely responsible for Web Application Security for over 50 online applications using F5 Load Balancers and Imperva Web Application Firewalls.
• Installed certificates, maintained online encryption standards, revoked certificates as necessary
• Collaborated with the following vendors for planning purposes: Microsoft, Cisco, Confidential, Confidential, Juniper, Imperva, Groundwork, Red Hat and others.
• Worked with facilities team to ensure proper distribution of servers within racks for the purpose of power and load distribution.

Confidential

Support Manager for IT Security Practices

Responsibilities:

• Taught Japanese Engineers how to perform MSSP activities based on Secure Works’ standards.
• Taught Japanese engineers concepts in code review and led team based code peer review for audit. Used OWASP, CERT C Secure Coding Standard from JPCERT, And ISO/IEC TS standards.
• Main languages where C/C++ C#.NET, PHP, Perl, Java and JavaScript.
• Vulnerability Assessment Tools used: Metasploit, Burp Suite, Netcat, Nessus, NMap, Backtrack, and Nikto.
• Main goal was to identify XSS and SQL injection attacks.
• Worked on improving Web Applications via the implementation of Web Application Firewalls, namely Imperva SecureSphere as well as additional code review and vulnerability testing.
• Main reason for testing to compliance to Japan’s Personal Information Protection Law whereby a risk assessment relative to information leakage was given. Reporting had to show correlation to ISO27001.
• Review of MySql Code and identifying where Parameterized statements and Stored Procedures could be better used in order to better mitigate Injection threats.
• Helped to create a Secure Software Development Lifecycle consulting service for Japanese customers.

Confidential

IT Financial Systems Auditor / Manager

Responsibilities:

• Sarbanes-Oxley auditor for financial companies
• Audting of Japan based US firms based on NIST framework, ISO27001 and BS7799.
• Project Leader for Control Self-Assessment, CSA, consulting for Life Insurance Company.
• Implementation of Splunk v.3 with PCS-DSS Compliance and Change Management
• Assisting the development of IT Security Awareness program
• Testing/Implementation & Architecture of new Security platforms for SoX, PC-DSS, and HIPAA compliance
• Identification of company processes for technical review, improvement, and implementation.
• Providing Risk Analysis & Remediation reports/solutions based on department needs and budget requirements.
• Communication between customer’s business units to understand their business requirements.
• IT Operational risk auditor for IT Controls for both domestic Japanese Insurance and Securities companies. Created Risk Control Matrixes as well as consulted on reporting line for security events.
• Completed SAS 70 Type II for Insurance and Finance Companies
• J-Sox Security Controls review leader for Nomura Securities. This included:
• Technical review of controls for encryption, IDS, firewall, vulnerability management, logging and endpoint monitoring.
• Audit of IT Systems for Operational and IT Risk Assessment
• Access Control assessment for Main Frames, Solaris, Sybase, Oracle and MySql systems
• Evaluation of Internal Controls improvement plan.
• SAP Security audit leader
• CISA, CISSP, CISM Instructor
• Responsible for developing IT Risk control methodology based on NIST Standards
• Assessed Application Risk for customers using risk assessment tools and methodology
• Created reports for application security incidents
• Assessed over 40 financial applications within 1 year focusing on access control, management, usage, recovery, and responsibilities.
• Performed Security Assessments on Financial Application Code running C# and Java

Confidential

Risk Consultant

Responsibilities:

• Advising on Global Security Threats and how to better prepare for them.
• Internal Employee risk assessment, HR hiring policies creation.
• System security/ Risk Assessment consulting for Confidential Separation
• Created specific security policies reflecting ISO 27001 principles

Confidential

IT Security Architect Consultant

Responsibilities:

• Developing system wide continuous security monitoring system to monitor security events.
• Designed IT operational Risk mitigation program by prototyping a Security Oriented Architecture using Java Messaging Service, Business Process Management, Intrusion Detection Systems and Network Monitoring.
• Worked in a team to create new global security policy in both English and Japanese based on ISO27001. Procedures were based on CoBIT and ITIL.
• ISO 27001 and SoX /JSoX Compliance instructor
• Created Incident Response standard and procedure and integrated this with BCP/DR Program.
• Worked closely with internal IT audit to address flagged issues and communicated company internal memos relating to emerging threats and how to proactively handle them.
• Advised on Broker travel to Pakistan, India, Dubai, & Egypt for personal security matters.
• Identified and solved www. Confidential -int.com hacking incident
• Successfully overhauled all Internet infrastructure systems for significant performance increases.
• Currently designing and implementing logging & management solutions for SOX requirements.

Confidential

Personal Information Protection Auditing

Responsibilities:

• Prepared answers to the FSA related to Singapore Data leakage incident.
• Audited Citibank’s Data Centers in Singapore and Hong Kong looking for areas where personal information leakage was possible.
• Developed Compliance Program for Data Centers based on Japan’s Financial Services Agency’s interpretation of the Personal Information Protection Law & BS7799:2-2002 at Confidential Japan. This included conducting an assessment Citibank’s corporate Customer Privacy Procedures and incorporating them into a new unique Japan specific Personal Information Protection program which resulted in Citibank’s eventual compliance with FSA requirements as well as improved information leakage mitigation procedures.
• Conducted over 3 weeks of training in Singapore and Hong Kong regarding Japan’s Financial Services Agency regulations and Japan’s Personal Information Protection Law best practices for Confidential Japan. Compared Japan’s Personal Information Protection Laws to local laws in Singapore and Hong Kong for better understanding.
• Participated in the creation of a new Privacy Policy for Confidential Japan which was compliant to Japan’s local laws while still respecting Citibank’s corporate privacy policies as well as business objectives. This policy included the description of a Privacy Officer’s roles and responsibilities for local Japan regulations.
• Published and completed new service level agreements compliant to the Financial Services Agency’s Interpretation of the Personal Information Protection Law for Data Centers outside of Japan for Confidential Japan.
• Initiated Risk Management procedures based on Personal Information Leakage Mitigation. Procedures included:
• Personal Information Collection Procedures
• Data Privacy Encryption Methods & American Encryption Export Law Compliance
• Personal Information Data Leakage Mitigation Techniques
• Personal Information Protection Audit Checklist Creation
• Personal Information Data Handling
• Access Control, Intrusion Detection & Incident Response
• Data Center CCTV monitoring for data centers in Singapore and Hong Kong.

Confidential

Project Manager

Responsibilities:

• Successfully moved the offices into the new Marunochi Building
• Consolidated Asset Management
• Implemented Data Center Security policies
• Consulted on Japan’s Personal Information Protection laws relative to European Privacy laws.

Confidential

IT Security Project Manager, Support Analyst

Responsibilities:

• Administration of F5 Load Balancers remotely for large enterprise customers.
• Administration of Blue Coat proxies using various modules including anti-virus support, content management, security application and SIEM integration.
• Administration of F5 load balancers along with Cisco devices, Checkpoint FW-1 and P-1.
• Vast experience with Imperva used as an application proxy to secure financial transactions and sensitive web applications.
• Installed and monitored Checkpoint FW-1, VSX, Provider-1 Devices globally. Versions ranged from 2000 to R-70.
• Troubleshot complex technical issues related to Checkpoint connectivity as well as SPLAT
• Connected Checkpoint devices to SIEMs such as ArcSight & LogLogic.
• Worked to design, implement, troubleshoot and document large scale network solutions as lead technical network engineer based on customer requirements. In these roles I was both project manager and level 3 engineer as well as support manager as needed.
• Administered daily Checkpoint FW-1 in HA configuration.
• Log Analysis, Interpretation, Response, and Investigation.
• Implementing and troubleshooting patch compliance for customers requesting managed services.
• Customer support for explanations regarding technology, services, pricing & implementation.

Confidential

IT Security Engineer

Responsibilities:

• Administered Tufin as a Firewall rule base administration tool
• Designed a comprehensive security monitoring solution for both Confidential Group in 8 different countries each
• Installed LogLogic Database centrally in Tokyo and 8 LogLogic child servers throughout Asia Pacific
• Collected data via ODBC for SQL & Oracle Databases, Syslog for endpoints, and LEA for Checkpoint Firewalls.
• Implemented the Security Monitoring solution to meet ITIL based Key Performance Indicators
• Led Project Management team of over 30 engineers based on PMP principles
• Taught 1 week course on security principles for security monitoring based on SANS principles.
• Personally documented and configured ISS Proventia, Cisco Routers, FW-1 R55 - R63 LEA data and Nokia IPSO devices to be integrated with central SIEM for centralized security monitoring and reporting. Nokia devices involved were from 380 and 720 series.
• Implemented MPLS & VPN connectivity solutions for remote connectivity using Juniper & Cisco Routers and SSL & IPSec:AES technologies.
• Implemented Region wide vulnerability scanning solution based on Nessus. Included Configuration Change Check and Patch Management technologies as well.

Confidential

BS7799/ISMS Consultant

Responsibilities:

• Consolidated various enterprise security policies into an integrated
• Reduced customer security non-compliance problems by conducting security audits on financial, data-processing, and back-office systems.
• Expanded worker productivity by implementing secure wireless LAN solution for Delivery Company using PKI, IPSec, and mandatory security roles.
• Eliminated E-mail viruses by implementing audit of Exchange Server, removing unnecessary services, integrating anti-virus applications, and conducting user awareness program.
• Reduced risk exposure for international companies by conducting Business Impact Analysis audits and then implementing Business Continuity Programs and Disaster Recovery Programs
• Reduced network traffic costs between remote sites and head quarters by implementing a MPLS/VPN solution within Japan.
• Reduced customer security non-compliance problems by conducting security audits on financial, data-processing, and back-office systems.
• Expanded worker productivity by implementing secure wireless LAN solution for Delivery Company using PKI, IPSec, and mandatory security roles.
• Eliminated E-mail viruses by implementing audit of Exchange Server, removing unnecessary services, integrating anti-virus applications, and conducting user awareness program.
• Reduced risk exposure for international companies by conducting Business Impact Analysis audits and then implementing Business Continuity Programs and Disaster Recovery Programs
• Reduced network traffic costs between remote sites and head quarters by implementing a MPLS/VPN solution within Japan.