SUMMARY

• Using my 10+ Years of Experience in IT Infrastructure, IT Security, & IT Risk I can look at the entire picture of security and not just be able to assess the what but also the why.
• My Objective is to protect information assets against threats and vulnerabilities, to which the organization’s attack surface may be exposed.
• Taken together, threats and vulnerabilities constitute information risk. Ensuring that security objectives are met, and risk mitigated will benefit an organization.
• 10+ years of experience in a combination of Risk Management, Information Security, and IT Roles & 4+ years managing/leading teams
• 5+ User Provisioning (AD/PAM/DRA/ARS/Applications - CyberArk/SailPoint/Okra)
• 5+ years working with Information Security GRC (Governance, Risk and Compliance)
• 5+ years in IT Security; Information Security, Systems/Network Administration, EUC, Active Directory, Azure AD/Microsoft Cloud, Network Security, Email Security (Symantec Email Security & Trend Micro - Cloud), DLP, SIEM, Identify Vulnerabilities, Intrusion Detection and Prevention, Incident Response, Encryption, Malware Prevention, ( Confidential ) Identity & Access Mgmt, Endpoint Security, (PAM) Privileged & Elevated Access Management, Firewalls, IDS/IPS, Wireless Security, Confidential, Configuration Management, Vulnerability Management (Nessus) and Incident Handling & Response
• 4+ years in Internal/External Audit, PCI/HIPPA, ITIL, Operational Risk Management & Enterprise Testing.
• 4+ years is SME Confidential, Application Security, & Vulnerability Testing
• Troubleshooting, and coordination of troubleshooting efforts with remote field resources
• Monitor, analyze, and respond to reports, systems, logs, and alerts for suspicious activity and conduct investigations or escalate as necessary
• Worked with Security Information Event Management (SIEM), Continuous Monitoring, Intrusion Detection/Prevention Systems (ID/PS), Network Traffic Analysis, Incident Response, Endpoint Security Systems, WLAN Monitoring
• Analyzing network infrastructure change requests and raising potential risk issues
• Analyze reported phishing links and suspicious attachments
• Perform assessments of systems to identify and remediate security threats and vulnerabilities
• Help establish a common risk management process including risk identification, analysis, decision-making, scoring, treatment planning, metrics, reporting and tracking.
• Knowledge and understanding of Information Security Frameworks, Agile lifecycle management, standards and best practices. (NIST)
• SME Confidential Systems and how they relate to governance, identity, lifecycle, and account management. (SailPoint)
• Support FLOD.SLOD. COSO assessments, audits and external reviews: Ensure robust engagements, respond to inquiries, provide walkthrough of program collaterals, collect evidence, provide research, maintain a record of presented collaterals, record issue and MRAs. And validate issue/gap remediation.
• Execute Technical Risk Assessments: Perform and document test plans, send engagement letters, populate test templates, conduct walkthroughs., Collect evidence, conduct testing, determine design and operating effectiveness of controls Document conclusions, review conclusions with systems owners, Report localized results, and calculate residual risk.
• Interacting with IT Management, Business and Risk Management teams across the Bank to discuss risk assessments/risk exposure to ensure accuracy and transparency across all key stakeholders
• Support Team objectives: Identify control objectives, Document references to standard control frameworks, recommend improvements in policy and controls objectives, identify controls, develop control test approaches, document control testing standard operating procedures (SOPs), Recommend control metrics and control adoption rates
• Providing subject matter expertise in IT Risk Management; leading trainings and awareness presentations
• Perform reporting of findings, issues resolution and management of findings; Report completion by control test, Analyze, control outcomes and gaps, analyze and report horizontal risks, perform root cause analysis, provide status reporting, creating findings, and monitor findings progress by key milestone.

PROFESSIONAL EXPERIENCE

VP, SENIOR Information security ANALYST

Confidential, Dallas, Texas

Responsibilities:

• I am responsible for developing and managing Information Systems Confidential security, including disaster recovery, Confidential, PAM, database protection, CyberArk, and software development areas within the Framework around Technology, Confidential, Application, and Information Security. I am responsible for strategic plan development, ensuring proper scope and coverage, and credibly challenging business partners in order to provide quality results that improve business practices. I am also responsible for managing project communications / reporting to leadership and manage a broad range of professional relationships and key contacts across the enterprise.

VP, system/data security SpecialisT

Confidential, Addison, texas

Responsibilities:

• The Confidential Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide Confidential exercise program.
• As a Lead System/Data Security Analyst, I was responsible for providing operational and procedural support to provision and maintain Access for employees across the Enterprise, including Applications (SailPoint), Windows, Midrange, and Mainframe platforms.
• A risk-oriented perspective is required, along with the ability to support BAU processes and maintenance of Enterprise Access platforms. Systems Administration supporting Cloud Administration, Confidential, & PAM Including CyberArk Administrator & tools such as (PIM).

IT Field tech/systems administrator

Confidential, Frisco, Texas

Responsibilities:

• Accepted a short-term contract to work with rollout and purchasing of a new company.
• Was full Lead Field support for over 20+ locations and helped migrate all users to windows 10 and new hardware. In addition, assisted in O365 rollout and Asset Management.

Windows Server Administrator

Confidential, Denton, Texas

Responsibilities:

• As Lead Administrator my responsibility was to provision, installation/configuration, patching, operation, and maintenance of systems hardware and software and related infrastructure of over 10k servers.
• Heavy active directory, dhcp/ipam, dns, asset management, remote server monitoring and server commissioning/decommissioning.

Information Security Analyst

Confidential, Carrollton, Texas

Responsibilities:

• As a team lead my responsibilities were to ensure that the company’s system infrastructure, critical data, and processes are monitored with high security and compliance standards.
• Additionally, I was responsible for data loss prevention, ongoing monitoring (detection, response, and recovery), and assisting in the execution and fulfillment of vulnerability and penetration testing processing and assessments.
• Helped design and deploy Netwrix and SailPoint on enterprise level.

Systems Administrator

Confidential, Plano, TExas

Responsibilities:

• As a lead administrator it was my job to mentor/train/coach all IT Employees from Helpdesk to Engineers.
• In my role it is my responsibility to ensure all end-users systems and servers are running at maximum up time and that the performance, resources and security of those system that I manage meet the needs of our employees.

MAC/Desktop Technician

Confidential, Coppell, TEXAS

Responsibilities:

• I was responsible for the support of Confidential 's staff. My primarily focus is on the systems maintenance and problem resolution for all users.
• Everything from end user support to Apple and Printer Management

IT Business Support Specialist

Confidential, Detroit, Michigan

Responsibilities:

• Under general supervision, plans and coordinates activities that support end user application of enterprise information technology security systems and ensures their effective and efficient use in the conduct of City business and risk operations in accordance with system standards.

Support Specialist II

Confidential, Farmington hills, Michigan

Responsibilities:

• I was a key player in the support team for security operations where we support several clients. Our main client being Trott & Trott Law Firm

Infrastructure Desktop Support Tech II

Confidential, Phoenix, Arizona

Responsibilities:

• I was a key player in the support team and systems security for both Infrastructure and Desktop support.
• I took on many key roles as SME and continually provided support to all users

IT Support Analyst II

Confidential, Glendale, Arizona

Responsibilities:

• I was an integral part of Confidential 's IT Service Center.
• The primary responsibility of the role is to provide front line, call center help desk support, service, and solutions for Confidential corporate and project personnel worldwide.

Desktop Support Specialist II

Confidential, Gilbert, Arizona

Responsibilities:

• I was the single point of contact for application, hardware, network, and telephone question, requests, and incidents.
• The principal purpose was to provide TIER 2 specialist assisting customers with software and hardware questions and problems.
• In addition, I was responsible for the repair and installation of all desktops, printers and peripherals in stock, network and remote access connectivity