SUMMARY:

• Technically sophisticated PCI - DSS consulting professional with solid history of implementing, managing, and supporting PCI initiatives of all sizes and scopes. Comprehensive knowledge and history of success of guiding organizations through PCI security compliance while establishing sustainable paths to keeping companies in PCI programs moving forward.
• Skilled trainer and project leader; able to direct multiple tasks effectively and readily master innovative software, hardware, and tools.
• Security Analysis /Extensive IT Project Management / Risk Management / User and Support / Security Implementation/ Infrastructure Upgrade Planning and Implementation / Troubleshooting & Issue Resolution / Security s

TECHNICAL SKILLS:

Platforms: Windows, Linux Ubuntu, Series I, DB2, VMWare, MS SQL

Tools: NIST Harding Standards, VMWare, Cygwin, CRM, EDI, ERP, Antivirus, VPN, Firewall, Intrusion Prevention Systems (IPS), Host Intrusion Prevention Systems (HIPS), Transmission Control Protocol/Internet Protocol (TCP/IP), DOS/Powershell Scripting, Payment Card Industry Data Security Standard (PCI DSS), Citrix, Spiceworks, Splunk, Host Tracker, Windows Server Update Services (WSUS), Symantec End-Point Manager, ARCHER, NNT Change Tracker, Pingdom, KnowBe4, Netwirx, ManageEngine, NetCrunch, Websense, Wireshark, Nessus, Qualys, Windows, Active Directory, Windows Group Policy, iSeries, Cognos, SAP, SQL, Lotus Domino/Notes, Cloud Applications/Infrastructure, Cloud Computing, Active Directory, Microsoft Office Suite, Oracle and Siebel

Hardware: Wireless networks (WAN), Local Area Networks (LAN), Wireless LAN, (WLAN), Dell, Gateway, IBM, Series I, Cisco, Cisco Aeronet (Long Range Wireless)

PROFESSIONAL EXPERIENCE:

Confidential

Responsibilities:

• Performing daily duties in the consulting practice
• Managing assigned consulting engagements
• Ensuring customer compliance attainment; ongoing compliance maintenance
• Deep knowledge of various compliance standards
• Pleasant disposition / demeanor
• Confidence without the attitude
• Alignment with company vision of helping others
• Applying personality, communication, and grammar skills
• Working cohesively with a diverse group of people
• Strong organizational skills
• Working independently, providing consistent forward progress reports
• Working in a secure, compliant organization
• Home office setting conducive to being on client calls without interruption

Confidential

Responsibilities:

• Responsible for spearheading security organization. Performing audits of current security measures, identifying area of improvement, and creating corrective action plans.
• Selection of, and Implementation of Security Infrastructure from the ground up, including ManageEngine, KnowBe4 and Netwirx security solutions.
• Completes tasks designed to ensure security of the organization's systems and information assets.
• Protects against unauthorized access, modification, or destruction and develops IT security policies and standards.
• Works with end users to determine needs of individual departments. Identifies vulnerabilities in current network and systems.
• Develops and implements a comprehensive plan to secure network and systems.
• Monitors network and computer usage to ensure compliance with security policies.
• Keeps up to date with developments in IT security standards and threats.
• Performs or oversees penetration tests to identify any gaps and formulates a relevant corrective action plan.
• Collaborates with management and the Technology Services department to improve security.

  Develops information security awareness and programs, works with other departments to present them to faculty, staff, and students, and participates in local, regional, and national awareness and events, as appropriate.

• Directs an ongoing, proactive risk assessment program for all new and existing systems.

  Communicates risks and recommendations to mitigate risks to the senior administration by communicating in non-technical terms so decisions can be made to ensure the security of information systems and information.

• Drives all ongoing activities related to the development, implementation, and maintenance of the SAGE Centers information security policies and procedures.
• Identifies, evaluates and documents security incidents to determine response needed.

  Coordinates and communicates responses, including computer security incident response teams (CSIRT), when systems are breached, and the integrity of data is compromised.

Confidential

Responsibilities:

• Completes gap analysis and remediation of Chevron internal compliance controls for the following technologies: Windows O/S, IIS, Symantec End Point Manager and Anti-Virus, VMware, MS SQL, etc..
• Administering Windows OS, VMware (ESXi VSphere) and Active Directory, Azure, Ansible, ARCHER
• Technical writing - completing review of and update any needed documentation for: internal processes, system diagrams, user guide, and system administrator’s guide.
• Assisting and ensuring compliance of all internal Chevron audit controls
• Completing review of existing compliance exceptions and create new exceptions as needed.
• Assist with review and maintenance of documentation for hardware and software applications
• Act as work stream leader
• Evaluate alternatives and provides feedback on recommend solutions
• Review and edit requirements, specifications, business processes and recommendations related to proposed solutions
• Develops documentation to support server staging process
• Contributes to process improvement activities
• Completes tasks and sets priorities without supervision
• Effectively facilitates meetings with project team members.

Confidential

Responsibilities:

• Developed diverse background while building comprehensive expertise creating the ability to apply skills and knowledge to many types of diverse projects.
• Created network of vendor and client relationships utilizing client facing and communication skills.
• Spearheaded multiple highly successful projects highlighting PCI, systems assessment, infrastructure upgrade and design, and client .

Confidential

Responsibilities:

• Collaborated with a team to completely overhaul company-wide infrastructure.
• Assessed company data storage needs and formulated upgrade strategy including data migration.
• Leveraged expertise of policy and procedure to assist in ISO .