SUMMARY:

• Information Security Management Consulting Architecture Design and Review. IT Infrastructure Design and Support. Project Management. Leadership. Team Building.
• A current CISSP, Over sixteen years of Information Security, IT, Technical Project Management, Senior/Lead Technical Network Engineer, Intrusion Analysis, Public Key Infrastructure (PKI) and IT Architectural experiences. Strong proficiency in Security Solutions Design, PKI, Technical Project Management, IT Operations Recommend Leading Practices, Technical Management, and State and Federal Regulatory requirements (GRC Risk Remediation).
• Extensive information security management experiences driving near and remote security resources to project timelines, improving delivery cycles and prudently expanding budgetary requirements across a multi - national global enterprise. Delivering decisive execution of high visibility security project requirements while improving immediate team cross-functional capabilities. Created inter-operational technical working efforts between departmental units to address globally affecting technical security issues. Internal and external client interface duties, provided technical architecture design review, network solution development, infrastructure discovery, review and documentation, road-mapped recommendations through an organized technical assessment built from business drivers. Provided insight to network remediation of technical and environmental controls, assisted clients to meet or exceed industry leading practices and regulatory compliance (HIPAA, SOX, PCI DSS). Implemented Cisco ASA security and remote access services, routing, switching, BYOD and mobility designs. Supporting a hands-on approach and a ‘roll-up-your-sleeves’ manager of technologies. Extensive writing and documentation of recommendations and results. Project management skill sets (design, implementation, review and documentation for enterprise-wide solutions). Innovative uses of technology to efficiently solve complex enterprise-wide business requirements. Providing professional team skill set development (hard skills and soft skills).

PROFESSIONAL EXPERIENCE:

Confidential, El Segundo, CA

Information Security Consultant

Responsibilities:

• Responsible for security risk remediation of a recently acquired manufacturing company, integration of IT Security processes, technical controls and security standards across the acquired enterprise environment.
• Performed a full network security infrastructure and services assessment and gap analysis and then designed remediation efforts across multiple functional areas for the Megabrands IT integration effort (including cloud infrastructure components). Oversaw many remediation effort areas within the Mega infrastructure. Performed internal and external vulnerability scans against Megabrands IT infrastructure to determine the fit for connection to Mattel networks.
• On site, insightful thought and technical leadership in multiple technical disciplines to resolve highly complex, high visibility issues.
• Oversaw an enterprise global upgrade and filtering remediation efforts of WebSense Triton Manager
• Identified a critical failure of the Cisco Access Control System’s as-built architecture. Redesigned and proposed remediation options to senior management; implementation of options; oversaw project efforts and report on timeline, budgetary requirements.
• Evaluated options for an existing neglected PKI solution for process and remediation of roles critical to PKI management in the Mattel environment. Designed several use-cases for internal usage as an access-control simplification effort. Integrated authentication components of enterprise AirWatch into the PKI. Built operational processes for issuance, review, inventory, replacement and revocation.
• Designed automated AirWatch authentication integration to Mattel PKI to automate issuance of internally signed s with AirWatch protected mobile applications.
• Performed discovery and gap analysis on existing web-app firewall requirements for business critical e-commerce sites. Write up of use cases for replacement of WAF with F5 appliances functions. Evaluated remediation efforts and presented options to management.
• Led network security firewall remediation efforts across PCI DSS 3.0 remediation within a highly constrained timeline. Proposed technical options to risk remediation and implemented management’s selected options.
• Oversaw the remediation of enterprise-wide monitoring and alerting solution, SumoLogic. Invited the vendor into the offices to better interoperate with the internal technical business teams and engineering staff. Facilitated improvements in solution use and vendor trust across departmental lines.
• Managed the integration of FireMon firewall monitoring to identify and address excessive firewall rule complexity within the enterprise. In process of building additional processes to simplify and add consistency to rule changes within firewalls enterprise wide.
• Identified investigated and proposed a proof of concept for a two form factor (2FA) authentication solution enterprise wide. Identified the existing 2FA systems limitations and process issues causing client dissatisfaction. Performed an overall financial comparison of the proposed system to existing favoring the new system when all areas were considered.

Confidential, Tolland, CT

Regional Lead

Responsibilities:

• Performed on site operational information security support to enterprise, responding to and resolving numerous incidents.
• Evaluated enterprise information security tools portfolio (including DLP, MDM, Log centralization, security boundary toolsets, and change notification solutions). Provided recommendations that joined operational monitoring systems into risk mitigation monitoring and reporting solutions. Alleviated several issues with sustainability of tools operation and portfolio complexity.
• Designed and socialized a risk mitigation strategy for enterprise that mitigated data retention, data classification and categorization issues which exceeded managerial expectations and alleviated legal and regulatory pressures for critical data retention.
• Provided insight to network remediation of environmental controls, helping clients to meet or exceed recommended practices and regulatory compliance (e.g., HIPAA, GLBA, SOX, PCI DSS).
• Performed an ISO27002 security assessment against a merging company’s data centers and security practices.
• Implemented Intrusion Prevention Services (IPS) solution and services for a San Diego bio-science client.
• Performed targeted external vulnerability assessment and manually validated results; performed in-depth information security policy review for a San Francisco based law firm.
• Assessed evaluated and recommended wireless network environment solution to a hospital system in Los Angeles.
• Conducted change and project management projects (design, plan, implementation, review and documentation for enterprise-wide solutions). Proposed innovative uses of technology to efficiently solve complex enterprise-wide business requirements.

Confidential, Los Angeles, CA

Network Design Architect Consultant

Responsibilities:

• Developing technical services and brand support to a newly created line of business
• Interact with Enterprise leadership on a business-requirements evaluation
• Develop scopes of work, design plan(s) for large network environments, estimates of effort (margin support), evaluating business value per engagement
• Collaborative work environment with several lines of technology are involved with efforts (DC, storage, virtualization, network, VDI, access control) and supporting their effort whether staffing support or design participation
• Propose high-level design efforts to business leadership, whether wired or wireless networks, supporting business requirement, offering viable options, analysis
• Assess environments via interview, analysis or review for meeting business requirements, validating technical business decisions for end clients.
• Network design contributor to application onboarding to a cloud services solution offering
• Peer review of (and participating in a peer review process) for assessment efforts of evaluated environments
• Document and report on these environments, supporting management’s business requirement objectives.
• Network design, plan and implement configurations for ARC Richmond, VA -- hands-on configuration of Cisco ASA5510, 3500, 3700 series Cisco switches, WLC2504, APs (3500 series, 1400 series)
• End to end design of scalable network for Live Oak Bank in Wilmington NC, Cisco 2921NG routing, ASA 5510x, Cat4500x core, Cat 2960S, WLC2500, Cisco Identity Services Engine - This is a fully redundant, highly resilient network, multi-homed, many VLANs, and pre-designed the bank’s next generation of building infrastructure (power management, cooling, equipment templates, connectivity, access controls for BYOD and guests).
• Assessed and evaluated Emmanuel Community College in Boston for all web and cloud-based applications for an SSO requirement delivering a set of best practice recommendations, a practical roadmap with technical implementation recommendations.

Confidential, CA

Network Design Architect Consultant

Responsibilities:

• Extremely complex worldwide enterprise network. Highly diverse and specialized requirements for each business unit (there are many BUs). Primarily Cisco environment with thousands of active elements and hundreds of locations.
• Providing financial analysis of each technical recommendation as well as a complete cycle management for implementation.
• Equipment designs consisted of Cisco large scale routing, switching, load balancing (Riverbed), NAS through Isilon/EMC, high resilience designs
• Managing multiple outside vendor relationships with internal end-user client expectations
• Gathering technical requirements as well as business constraints as parameters of project limitations.
• Managing timelines, resource allocations (when needed) and providing technical escalation expedites when required.
• Documentation of “as-built” and proposed network design solutions.
• Managing financial year impact per project (as-built vs. proposed, year to year)
• A thorough understanding of right-sizing solutions. A complete understanding of economy of effort and efficiencies gained (and traded) with technology implementations.
• Thinking outside of the box, ‘Hands-on’ and architecture experience with many areas of expertise.

Confidential, CA

Independent Technology Consulting

Responsibilities:

• Business Continuity and Disaster Recovery live performance best practices gap analysis, network and system evaluation and associated in depth review of findings for Fortune 1000 vitamin company
• Disaster Recovery Solution architecture design development and assessment of alternatives for Fortune 2000 Energy company
• Regulatory compliance reporting systems redesign, gap analysis, project planning, priorities assessment, and scope development for Fortune 100 news company
• Consulting and Speaking opportunities to train executives and leadership about IP protection, best security practices, and regulatory compliance requirements and relevance to audience’s risk mitigation strategy, best IT technology services mapped against best IT information security practices
• Broad and deep level of Cisco Systems Routing and switching. Significant work on Cisco IOS product sets, including CME, CUE (Voice over IP services), Catalyst layer 2 and layer3 switching, Cisco ASA 5500 series security appliances, WLC equipment. I have extensive experience with the Cisco post-sales support mechanisms (TAC, website, documented solutions, etc), and thousands of hours of hands-on coding with Cisco IOS to correct or modify configurations.
• Microsoft Server solutions, Windows 2008, Windows 2003 and many versions. Supported Active Directory in enterprise level organizations (from an audit/assessment level) as well as overseen AD from an InfoSec perspective. I understand the use of the tool suite in an identity management and access control requirement, managing day two support.
• Knowledgeable with Citrix XenServer virtualization software. Experience with delivery of solutions (hands-on, validation, architecture) based on leading virtualization practices, essential to delivering effective, efficient resilient solutions in the server infrastructure space.
• Hands-on and architecture experience with SAN technologies from Dell Equalogic, Isolon (EMC) tool sets.
• Recommended Disaster Recovery (DR) solutions (pre and post-sales) based on business needs, design implementation plans as well as needed underlying infrastructures.
• Critical Solution Guidance in Disaster Recovery project involving critical VoIP solutions and associated CRM solutions supporting client access. (Medium sized energy client, Security architecture, Process Design, and Recovery scripting).
• Designed and Implemented support requirements for SMB clients experiencing issues with file servers, backup solutions, client access modes.
• Provided world-class solutions expertise, design, architecture, guidance, and implementations services to SMB and Enterprise clients cost effectively and sized appropriately.
• Delivered Conceptual Design of fully integrated solutions, including solution management and monitoring, application resilience, technology implementation progression path.
• Concept Design to full cycle implementation of multi-organizational affecting solutions on budget and on schedule.
• A thorough understanding of right-sizing solutions. A complete understanding of economy of effort and efficiencies gained (and traded) with technology implementations.
• Delivered Solutions ranging from multiple wireless AP requirements, to security overlay efforts, CRM implementation consulting
• Server, workstation, laptop, network device support and maintenance (local and remote support services). Basic desktop support to full-scale enterprise disaster recovery planning and policies.

Confidential, Chantilly, VA

DoD/Civilian Technology Consulting, Design and Architecture, Pre-Sales Support

Responsibilities:

• Building primarily Cisco solutions for military installations in the Southern CA region.
• PreSales activities such as design and proposal of Cisco Unity/CallManager/CER, including all phones, servers, support to El Segundo AFB, Cisco UCS to Hospital Ft Irwin, Secure VDI to Base Ops, and others.
• Using tools such as NetFormx DesignXpert to augment a BoM or system configuration including all Cisco components and services.
• Provide onsite guidance and direction for network convergence, wireless at client’s location.
• Chalk Talk to every level of interest, from financial to technical to current IT support staff.

Confidential, El Segundo, CA

Enterprise Information Security Manager

Responsibilities:

• Oversight and key design review, infrastructure and solution design review and contribution
• Enterprise level influence over technology decisions based on security models supporting compliance and security best practices
• Regulatory compliance remediation efforts with Sarbanes-Oxley 404 Controls, PCI DSS1.0 controls, and HIPAA controls (not to mention GLBA and SB1386 assurance review). Responded to critical (material) control issues and developed working plans and creative approaches to remediate and offer out of the box compensating controls in critical business systems, which met the control’s intent. Assisted in driving changes to SDLC of critical application handling and management of change effort.
• Implemented Testing program for information security reporting and metrics of improvement.
• Implemented Archer Incident Management solution and reporting framework
• Implemented several testing servers infrastructure containing MS SQL, VM Ware Server, MS Server 2003, Nessus, AppDetective, WebInspect, CoreImpact, Archer SmartSuite and other testing/reporting tools. $700,000+ project
• Resolved SAP Enterprise Portal Architecture Security issues for partner portal. $4.3 million project
• Tested critical business solutions and presented results of tests to senior management for value proposition verification with immediate buy-in and approval for continued testing on in-scope systems.
• Reviewed and tested critical network infrastructure configurations, made change recommendations to management to improve compliance and security standpoints.
• Reviewed Overall Administration of Active Directory and made recommendations on improvement of security process (Segregation of duties, review of rights, change management and privilege escalation).
• Designed, architected, defined Siebel Field Services security and access control models which resolved a long term design issue and enabled over 11,200 non-employee service installers to enter order information online, wirelessly, and receive updated dispatch reports on demand. $14.8 million project
• Reviewed module by module all of DIRECTV.com website during a crucial framework replacement. $2.8 million project
• Designed, implemented and configured CA Network Forensics for internal network policy abuse detection across multiple data centers. Included an Active Directory Domain for Access by listed personnel only. $500,000 project.
• Determined best practices on partner connections via middleware and reviewed implementation efforts on ALL inbound connections from partners. $25-40 million projects
• Evaluating ISO 27002 for an Information Security Program Enterprise-wide. Complete review of standard revealed that it was not a clean fit for full implementation. ITIL Chosen in lieu.
• Senior management briefings, technology symposiums, innovative solution architectures gathering executive buy-in and improving confidence in technical directions for security models
• Managed Enterprise security inter-technology working team

Confidential, Sherman Oaks, CA

Project Manager-IT Auditing Services /Network Infrastructure Consultant

Responsibilities:

• Audited network infrastructure in conjunction with assessing client’s regulatory and informational security compliance. Documented deficiencies and remediation steps as part of customer deliverables.
• Assisted, and wrote validation documentation for on-going monitoring of customer’s internal audit controls and control frameworks for network security systems.
• Utilized the COBiT Framework to facility the service delivery of IT audits for customers. Project managed several customer business process and procedure maturity assessments.
• Developed business solutions for client requirements cost and time effectively.
• Developed, participated and wrote extensive customer documentation related to the results of Tetra’s security and HIPAA audit results. Delivered formal presentations to Tetra’s customers to disseminate Tetra’s Audit findings and recommended remediation efforts.
• Developed Customer “recommended practices” for the implementation of wide-area ATM and SONET implementations.
• Projects included: QLogic Corp 404 Assessment, I-Flow 404 Assessment and Remediation, TV Guide SOX 404 Readiness Testing, Several other contributing efforts

Confidential, Los Angeles, CA

Sr. Sales Engineering-Consultant

Responsibilities:

• Providing Project Management Leadership and solutions support to Small/medium businesses requiring technical guidance
• Converging Voice and Data networks, Network Security, IPSec VPN Implementations.
• Design security assessment efforts
• Worked directly with customers to negotiate contracts, provide weekly status reports.
• Provided customer facing pre and post-sales support for customer implementations.
• Scoped, Design and developed project charter and official statement of work (SOW) for project planning and execution. SOW’s contained information such as the Project Schedule, resources, costs, and task interdependencies
• Conducted weekly project status report meetings with clients.
• Utilized MS-Project 2002 to plan and manage multiple concurrent customer projects.
• Developed customer Service Delivery SLA to ensure the quality of specific network service offerings. SLA’s included escalation procedures and internal notification process to ensure SLA compliance.
• Mentored Service Delivery technical staff.
• Assisted in the hands-on Implementation of various contracts. Technologies included Win2K, Win2K3 Active Directory Solutions for Access Control, Rights and Permissions, SonicWall appliances, CheckPoint NG, RedHat/Mandrake, Cisco routers and switches. F5 L4-7 app switches, Linux SAMBA servers, Linux SNORT/NTP servers, MySQL, WhatsUp Gold, MRTG, Lucent Switches, Extreme switches, terminal servers, Retina Security Scanner
• Preformed and coordinated customer IT audits based upon CobIT framework. Documented “gap-analysis” and evaluated the maturity of customer’s IT Polices and procedures.

Confidential

Consulting Systems Engineer

Responsibilities:

• Solutions expert with dial aggregation, concentration, Voice/Data dial offload (from voice networks), SIP/H323/VoATM/VoDSL/VoIP/GR303 and SS7 utilization to allow IP-Based equipment and technologies introduction
• Assisted $6-7 million dollars of sales revenue with design proofs, recommendations, and presentations that drew decision-maker approval
• Trained and coached field personnel on solutions.
• Provide my Subject Matter Expert for Voice/Dial Aggregation with presentations and Q/A sessions for field System Engineers.
• Member of the Service Provider Aggregation Virtual Team.
• Updated lectures, Verified contents and Reformat presentations for the Engineering field team.
• Infrastructure Support and Oversight, review and management
• Monitoring and Response to critical systems (Troubleshooting, escalations, Fault Reporting)
• Regulatory Compliance focus for Risk Management
• Building Information Security programs with ISO 27002 (formerly ISO 17799) standards
• Windows and Unix based servers, backup systems, SAN sub systems
• Routing, Switching, Firewalls, Load balancing (Primarily Cisco Systems)
• Developing technology requirements and organization focus strategies derived from business vision and customer needs.
• Assisting clients in taking a proactive focus in identifying and managing organizational, workflow and technology risks.
• Excellent presentation, oral and written communication skills.
• Comfortable with working, communicating and presenting to all levels of management, administrative and technical resources.
• Consultative Approach. Customer Value point Sales approach.
• Able to appropriately identify barriers or issues, communicate to the appropriate customer management, and recommend remediation efforts