Summary

Information Security Manager Network Security Engineer Cyber Security Consultant Security Architect

Confidential is a highly experienced, passionate, technically skilled, and seasoned cyber security leader with almost 20 years of real world hands on experience in all domains and disciplines servicing many different industries. During this time he has grown in his proven ability of protecting critical systems and data by aligning business and technology strategies through expert knowledge, strong communications skills, business acumen, creative problem solving, team building abilities, and leadership skills. As an accomplished and versatile leader, he has a proven ability to analyze and communicate business and security-related concepts to a broad range of management, both technical and non-technical, in an articulate and persuasive manner.

Professional Experience

Confidential

Multinational professional services firm headquartered in Confidential. It was the third largest professional services firm in the world by aggregated revenue in 2012 and is one of the Big Four audit firms. EY operates as a network of member firms with 175,000 employees and more than 700 offices in over 150 countries.

Manager

• Senior member of the Cyber Threat Management CTM team within the global Financial Services Organization Advisory practice responsible for the development and execution of a great variety of cyber security engagements. Duties included: Consulting clients, conducting C-level client presentations on cyber threats, delivering highly technical and mature work products, maintaining engagement economics and direction, drafting and presenting proposals and detailed RFP responses, researching advanced cyber engineering solutions, while managing the simultaneous delivery of multiple security engagements.
• Lead a cyber-security audit of one of the largest equities market operators in the U.S. assessing production trading and corporate computing environments to discover vulnerabilities, assess current countermeasures, and make recommendation for improvement.
• Consulted a Top 10 New York bank on the secure infrastructure design and controls for a large Hadoop Big Data environment and a full path encryption solution for high value transactional web applications
• Successfully led an Incident Response IR engagement for a global manufacturer to remove a severe malware infestation that had compromised the internal network and was affecting production systems
• Performed an encryption strategy engagement for one of the largest investment management companies in the world with over 1Trillion under management. This included a current state cryptography assessment, future state design, detailed risk weighting and scoring, specific engineering recommendations, and a roadmap for implementation
• Executed a maturity and benchmark assessment of the cyber security program of a large multi-national publically traded manufacturing company located in Ohio
• Provided application security architecture engineering services for a major data processing initiative for one of the largest mortgage processors in the country
• Conducted a Cyber Threat Management CTM audit for a Japanese bank with branch offices in Tokyo and New York
• Executed a security assessment of 60 firewalls located around the globe for one of the largest publicly traded investment management firms in the world headquartered in N.Y.C.
• Identified and drove an increase of billable work by networking and pursuing a integration of cyber security offerings into our IT Audit advisory engagements significantly increasing resource utilization

Confidential

The bank is a 20 billion dollar regional bank with over 340 branch locations across 5 states. The company offers consumer, retail and international banking services, as well as brokerage, investment, trust, and mortgage services throughout the Gulf South.

Information Security Manager

• Vice President and manager responsible for all aspects of the Information Security program reporting to the Director of Corporate Security. Acting in the role of Chief Information Security Officer CISO with two V.P. level managers and 14 analyst direct reports.
• Primarily responsible for program management, application and technology reviews, risk assessments, policies and procedures, guidelines, security architecture, security operations, systems design, intrusion detection, incident response, penetration testing, vulnerability assessments, regulatory compliance GLBA, SOX, PCI, etc , Records Information Management RIM , and implementation of administrative, protective, corrective, detective, and compensating technical controls.
• Responsible for capital planning, budget management expenditures, tactical strategic planning, and the development and reporting of KRI KPI metrics to management to include the annual Board of Directors report.
• Developed, managed, and lead a team of 16, highly skilled, experienced, and certified Cyber Security Specialists responsible for program execution, security operations and monitoring, risk assessments, architecture, and compliance verifications.
• Responsible for the security management and protection of hundreds of applications, over 1,000 network and VoIP nodes, vendor connections, IBM Mainframe access, IBM Power System access, over 6,000 desktops, and over 1100 servers in a large VM ESX environment across multiple data centers.
• Lead the successful merger of technology and security systems during integration efforts between two multi-billion dollar regional banks. This included security interfaces, personnel and processes, and the merging of access rights across multiple platforms and systems.
• Managed the security architecture, design, implementation, and support of the core systems replacement project. A 70 MM project to migrate away from IBM Mainframe core processing system to a new IBM iSeries Jack Henry solution. This included hundreds of associated distributed systems encompassing all bank functions and the mapping of new security credentials and application roles.
• Implemented several large enterprise-level projects such as: SIEM, e-mail encryption, GLBA Risk Assessment, Intrusion Detection System IDS , McAfee IPS systems, web filtering gateways, Juniper firewalls, vulnerability management systems, removable media protection, laptop encryption, RSA Adaptive Authentication for online channels, etc
• Drove the security design and implementation of the new SOA infrastructure. This included the hardening, configuration, and support of IBM DataPower XML firewalls to provide AAA, XML transformations, and web application firewalling WAF services in a highly available Websphere ESB environment.
• Collaborated with multiple LOB directors to establish the bank's Bring Your Own Device BYOD policy and the technical infrastructure to support corporate applications on iPad and Android tablets.
• Managed the provisioning and termination of user access, security administration of hundreds of mission critical and highly sensitive applications, security reviews, regulatory compliance, intrusion detection, incident response, and internal personnel investigations
• Responsible for contract review and approval of all ASPs, BPOs, Cloud Infrastructure, and partner organizations to ensure proper administrative controls and security language for all new technology contracts and service providers.
• International experience conducting onsite security risk assessment of an outsourced financial service provider's facilities in New Delhi, India.
• Data Governance Committee member: This is a Senior Vice President level committee responsible for evaluating and approving business line requirements, policy procedures, for data access and role definitions.
• Enterprise Risk Management Committee member: This is an Executive level committee for evaluating and initiating programs to mitigate risk. The Chief Risk Officer chairs the meetings and reports to the CEO.

Confidential

S3 is a fortune 500 IT staffing company providing staff supplementation for medium to long-term engagements and consulting services with offices across North America and Europe.

Sr. Network Security Engineer

• Contracted to Whitney National Bank to provide network and security engineering services for their Strategic Technology Assessment and Relocation STAR project. The purpose of which was to relocate tech services outside of the New Orleans area after Hurricane Katrina, while providing high availability, redundancy, and contingency operations for all data services
• Designed and implemented Whitney National Banks' new datacenter infrastructure collocated at an AT T's Tier1 center in Dallas, TX. This includes the design of two secure core Cisco 6513s with the new sup 720 PFC III running in native mode. This facility supports banking and business services with over 250 Windows 2000/2003 VM servers as well as mainframe applications.
• Responsible for Tier III support of nationwide production MPLS, Frame Relay and IPSEC VPN networks running BGP and EIGRP.
• Designed secure architecture for new firewall/DMZ services for online banking, trusted systems, DNS, secure content management, and remote management utilizing SSH. This also included the hardening of routers and switches to conform to National Security Agency NSA guidelines.
• Redesigned AAA security services to provide better tracking of device access and configuration changes in a high availability structure.

Confidential

This was my own Information Technology firm specializing in Network Engineering, Information Security, and Application Development services.

Cyber Security Consultant

• Serviced a cutting-edge technology startup company out of California in the sales engineering and technical promotion of the next generation of secure IM and collaboration software.
• Continued to service military and civilian clients on networking, security, and programming assignments within the New Orleans area.
• Developed a Car Dealership's website to promote new and used cars and provide a management interface for dealer self-service utilizing ASP .Net, Javascript, and Flash. This allowed the dealer to post pictures of cars and to receive e-mails from potential customers.
• Responsible for business development and account management.

Confidential

Netco designs, implements and manages enterprise networks, including classified and mission critical networks that consist of large-scale routing and switching designs, secure wireless, Voice over IP and other leading technologies.

Sr. Network Engineer II

• Lead Engineer for the Marine Corps Reserve legacy and NCMI network headquartered in New Orleans, LA. This site has over 10,000 users across several hundred remote sites within the continental United States.
• Responsible for all aspects of routing and switching to include maintenance, troubleshooting, and design of a complete Cisco network.
• Redesigned and implemented a disaster recovery design to facilitate the failover of network services from New Orleans to a backup datacenter. This included the redesign and reconfiguration of unclassified and classified systems.
• Designed and implemented large scale complex NMCI and legacy network solutions involving Cisco 6500, 5500, 4500, 4000, 3524, and 3550 series switches.
• Detailed high level experience working with EIGRP, OSPF, and BGP routing protocols across the enterprise routing infrastructure.
• Worked closely with CCIE NOC engineers to troubleshoot and maintain global network issues affecting the enterprise.

Confidential

A full service e-consulting firm specializing in the entire range of high-tech strategy, consulting and implementation disciplines. DCSS services fortune 500 and global 100 clients with over 250 IT professionals in four branches - Houston, Atlanta, St. Louis and New Orleans.

Security/Network Systems Consultant

• Senior Security Consultant responsible for execution and continual development of the organization's Cyber Security practice. Engaged in security projects, proposal writing, and training of team members.
• Performed a Network Security assessment for a large telecommunications company. This included network penetration testing, vulnerability assessments, and ethical hacking testing and remediation.
• Designed and implemented a Checkpoint NG firewall and several HIDS and NIDS systems along policy and procedure to mitigate vulnerabilities.
• Experienced with a wide range of computer security hardware, software and technologies including: ISS, Snort, CyberCop, Nessus, Netranger, Saint updated Satan , Nmap, N-Stealth, Brutus, Achiles, Checkpoint, Pix, Raptor, SSL, VPN, PKI, Digital Certificates, Cryptography, sniffers, Tcpdump, and NetIQ's Security Analyzer and Security Manager.
• Served as Network Manager of a complex MAN environment for a large metropolitan school district. Responsible for day to day operation, maintenance, security, incident response, and support of 135 remote T-1 frame relay connected sites, with approximately 350 Intel based servers, 300 Cisco routers, 2000 Cisco switches and nearly 15,000 desktops.
• Designed and implemented an emergency enterprise-wide security architecture redesign to combat compromised hosts and Nimda virus infections. This included the deployment of Panda Antivirus Software to 260 servers and 15,000 workstations. Wrote batch and VB scripts to automate the process of uninstalling existing antivirus software.
• Administered, configured, and audited two redundant Cisco Secure Pix 520 Firewalls and a Cisco AS5300 remote access server to provide secure Internet, VPN, and RAS services.
• Migrated two Cisco Pix firewall system to a Check Point Firewall-1/VPN-1 server while maintaining a highly available and robust network security solution for 7,000 users.
• Extensive knowledge in installation, management, and configuration of Cisco 7500/3800/3600/2600/2500/1600/1700/700 series routers, Cisco Catalyst 6500/8500/5500/2900/1900 series switches, 3COM SuperStacks, and other network and telecommunications equipment.
• Designed and managed a project to deploy a 1,500 access point 802.11b WLAN, utilizing Cisco AP-350 and BR350 devices to provide a robust, scalable and secure enterprise-level wireless infrastructure utilizing LEAP 802.1X and Cisco Secure
• Planned and installed a Volera web caching server, running XSTOP software, to increase internet security, response time, and content filtering capabilities for 12,000 users.
• Collaborated on and initiated an enterprise-level design and migration of a multi-domain Windows NT 4.0 environment to a single-forest Windows 2000 Active Directory structure for a large client site with 133 remote locations, 300 servers, and over 6000 users. The implementation included migration of Exchange 5.5 to Exchange 2000 while maintaining a global address book between the two organizations.
• Designed and implemented a two-tier, clustered, enterprise-level Exchange 5.5 messaging infrastructure to provide a fault-tolerant, robust, secure, and scalable e-mail system to support 15,000 Outlook and web-mail users.
• Assisted in the enterprise-wide implementation of a dual Cisco SN5420 clustered Storage Area Router which is being used to route iSCSI packets to a newly deployed SAN in order to consolidate customer data.
• Administered two redundant Cisco Call Manager servers and two fully meshed Cisco 6513 switches to provide data services to 15,000 users and VoIP services to 400 Cisco 7960 phones.
• Skilled in software development using C, C , Java, and Visual Basic.

Confidential

A leading global security company whose 120,000 employees provide innovative systems, products, and solutions in aerospace, electronics, information systems, shipbuilding and technical services to government and commercial customers worldwide

NT Systems Administrator

• Responsible for configuration and administration of 92 NT servers, 2000 workstations with 2100 users, with 21 trusted domains, and 6 WAM links.
• Manager of a team of six Network Technicians in the field for Network and software related problems.
• Responsible for administrating: NT 4.0, Exchange 5.5 servers, SMS 1.2 2.0, IIS 4.0, Netscape Proxy server 3.5, Netscape Web Server using SSL Certificates for secure web transactions, Radius Server, Concord Network Health SNMP server, WINS, DNS, RAS and DHCP as well as a variety of other software products.
• Managed a wide range of computer systems, modems, Cisco routers, switches, ISDN, Frame Relay, Ethernet and Token Ring NIC cards and cabling, TCP/IP, PPP, PPTP, VPN, and other network protocols. Configured static routing tables and RIP, IGRP. Responsible for Network administration and upgrades.
• Responsible for writing administrative scripts for software rollouts on Server/workstation performance and security tuning.
• Team Lead for Y2K research, testing, and upgrades for all workstation and servers to ensure total compliance by corporate deadline which insured our 100 success on rollover.
• Assisted in the design and implementation of the networks resource reallocations and disaster recovery plans employing Arcserve and IBM ADSM backup solutions.
• Upgraded SMS 1.2 servers to SMS 2.0 for help desk support teams and total cost of ownership reports.
• Key personnel in creating NT user accounts as well as Solaris AutoCAD accounts for design and structural engineers. Helped bridged UNIX and NT usage.

Confidential

The smallest but most lethal branch of the United States Armed Forces

Information Systems Coordinator

• Non-Commission officer in charge of the entire network and communications infrastructure for a Marine Air Support Squadron.
• Head Network Administrator for my unit as well as consultant for other units.
• Installed, configured, and maintained both Banyan Vines and Windows NT 4.0 Local Area network servers, network printers, and associated software.
• Supervised the Vines to NT migration for my unit. Received a Secret Security Clearance for working on classified command and control systems.
• Installed, configured, and upgraded Token Ring, Fast Ethernet and a variety of network and hardware computer systems.
• Accomplished in DOS, Windows NT/95/3.11, PC Anywhere, Lotus Smart Suite, Office 97, Exchange, and a variety of other programs. Responsible for training users in system operations, maintaining records, preparing reports and conducting correspondence relative to information systems and projects.
• Discharged honorably at the rank of SGT/E-5 with several awards and commendations.

Aviation Radio Technician/Supervisor

• Managed the emplacement, calibration, operation and maintenance of mobile communications shelters containing HF, VHF, UHF, and encryption equipment.
• Directly supervised the daily performance of ten electronics maintenance technicians.
• Enforced standards through supervision and positive interpersonal communications. Recognized for outstanding technical competence in electronics repair and component replacement.