PROFESSIONAL PROFILE

IT Security Manager / Sr. IT Security Leader and Professional

An experienced IT Security Leader with broad knowledge and expertise in corporate security who is known for delivering effective solutions. A dedicated and well-rounded IT business partner experienced in providing proactive IT security leadership as well as a history of contributing to bottom-line company objectives. Leverages both technical and business acumen to architect and implement secure business processes, infrastructure, applications, and networks globally. Motivated and hands-on team player and leader, who maintains an authoritative presence in all areas of security compliance, design, implementation, and infrastructure technical support. Resourceful, proactive, and results driven problem-solver with exceptional interpersonal and communication talents.

Selected Achievements

• Led 6M project for worldwide security compliance initiative identified goals and problem architected implemented the solution and set the security standards for the initiative in collaboration with Altria CIO and CISO.
• Selected from a group of worldwide leaders to manage the Altria Compliance Service and Process received an award from the CIO for the implementation, leadership, and overall contribution to the business.
• Reduced business operating costs by delivering and supporting security technology that provided Altria secure Internet Access for business partners and allowed Altria web applications to book over 100M in business orders annually.
• Architected, implemented and supported the infrastructure at AT T / IBM Global Network for Fortune 100 financial and business clients to provide secure e-Commerce and support of the clients' business objectives.
• Led, developed and supported corporate financial applications SDLC at IBM and managed an internal security program.

Areas of Expertise and Qualification Highlights

• IT Security Operations and Compliance s Organizational Leadership s Security Consulting
• Data Center Security Management s Business Planning s Computer Forensics
• Application and Security Architecture s Process Engineering s Vulnerability Assessment
• Security Policy, Standards and Procedures s Project Management s Network Security
• Windows, UNIX, AS400 Mainframe s ISO27000 / ITIL / ISC2 / ISACA s Firewalls / AV / IDS
• Regulations and Security Frameworks s Encryption, VPN, IPSec, SSL, DLP s Risk Management

PROFESSIONAL SUMMARY

Confidential

• Responsible security configuration for SIEM events. Provided incident handling process and documentation for use in the bank. Interface with outsourced SOC for monitoring, configuration, testing and incidents.
• Established vulnerability scanning process and reporting procedures. Integrated scan results with macro programs for management reporting
• Established summary KPI indexes and reporting for security related reporting. Established DLP monitoring, reporting and procedures for email based activity. The technologies included GFI LANguard, SecureVue, and Altiris.
• Created internal phishing program and awareness, including actual phishing emails and testing.

Confidential

• Responsible for all core and critical application program to update the applications and infrastructure, to comply with federal regulations and critical infrastructure policies. This included enhancements and updated to security policy, using best practices to protect personnel information, planning and program implementation. Worked with multiple project managers and teams to design and plan improvements mandated by the FED. The technologies included web application firewalls, database encryption, data masking, two factor authentication and data loss prevention.
• Improving processes and procedures to verify security, including ethical hacking, penetration tests and source code controls.
• Strengthened the separation between production and development environments to prevent data loss and limit exposure to unauthorized personnel.

Confidential

• Responsible for all aspects of IT Security team, including: Risk and Vulnerability Management Program, security policies and standards, perimeter and internal network system security event logging Q1 Labs, SIEM and incident management, AV McAfee and Microsoft , hard drive encryption McAfee and Microsoft , and Mobile Device Management Mobile Iron . Led POC testing for new and updated security technologies, to include data masking, DB and hard drive encryption, multi-factor authentication and upgrades to end point protection.
• Direct the vendor providing perimeter network security functions, which include firewalls Juniper and Checkpoint , web proxy servers Bluecoat , IDS Juniper , VPN Juniper , remote access and spam filtering. Reviewed and audited proxy server settings and firewall rules and alerts. As part of the change control process, reviewed and approved all firewall and proxy server setting change requests, prior to vendor implementation. Worked with vendor to specify updated perimeter security features, which included proactive security monitoring, malware detection and filtering, using Bluecoat devices. Used PCI and ISO27000 framework to shape and develop internal policies and standards.
• Security Subject Matter Expert, responsible for worldwide security activities, including internal consulting and the recommending and implementation of new security technologies, and security awareness with business unit staffs. Led security efforts for large business project to proactively maintain the security, confidentiality and integrity of business information.
• Lead IT Security Program for the enterprise, based on ISO27000 standards and direct worldwide activities and program to include remediation and adherence to policies and standards. Implemented ongoing vulnerability and policy assessment program, using Qualys to proactively identify vulnerabilities within the systems and applications. Developed active directory group policy objects to enforce standards and best practices. Developed KPIs for security controls to report and manage security. Worked with worldwide IT organizations for security management, incident response and the overall improvement of our security procedures, in a matrixed support organization including network, administration, and operations.

Confidential

• Lead and direct all security and compliance activities and projects in US Data Centers provided worldwide compliance support for Kraft using ITIL processes. Provided security consultation for internal projects and new security technologies, with a business focus.
• Subject Matter Expert for security compliance and security services for Altria headquarters and operating companies.
• Established and authored global server and mainframe baseline standards supported and collaborate with Altria CISO, CIO and internal / external auditors to ensure security / compliance for Windows, UNIX and AS/400. This used CIS, ISO, and federal guidelines, such as NIST and SOX as a basis for best practices.
• Coordinated worldwide implementation of security compliance process, software, and tools authored the RFP to select tools, and managed the evaluation / investigation / selection process. Led the 6M implementation project to establish baseline security standards and policy for end point security compliance and security event monitoring, using NetIQ Security Manager.
• SME for security infrastructure operations, to include firewalls, IDS, AV, web proxy servers Microsoft and Bluecoat , e-mail and spam filtering, and proxies.
• Monitor and provide proactive security assessments of environment, including reporting, remediation, and alerts, which improved audit readiness by providing security expertise for internal projects for Windows, UNIX and iSeries.
• Supervise vendors and third parties conducting independent assessment of Data Center security.
• Directed and provided technical security support and design, including intrusion detection and monitoring for internal Internet and business partner connectivity, including incident handling and forensic investigations.

Confidential

Recruited by the VP Operating Unit of a new business venture, Crossmar Worldwide E-Commerce, to lead 100 contractors who were responsible for the Software Development Life Cycle SDLC and integration activities.

Confidential

• Architected, led and provided security services for financial organizations, including troubleshooting hardware, software, and client configurations / upgrades held responsibility for effectiveness of departmental deliverables, personnel, and service levels. The security SME for services included firewalls, AV, VPN, IDS/IPS, OS, DNS and network design and architecture.
• Leveraged technical and business acumen to design / implement custom firewalls and security solutions supporting business goals and customer requirements. Considered and aware of industry frameworks and standards, such as PCI, SOX, federal, HIPPA, and NIST recommendations.
• Hands-on and supervised, as the technical lead for staff and provided security device support and UNIX and Windows administration. Support and administration of the custom services designed and built for clients.

Confidential

• Played key role as Project Manager and technical lead for the technical design, development, and implementation of network support applications.
• Designed, implemented, and supported client / server application that effectively captured billing transaction records. Provided business metrics and service levels to management and customers by developing and supporting an Intranet Web Server.