SUMMARY

• Information Security professional experience in supporting businesses in Access Management, Compliance, Risk Management, Incident Management, Change Management and Sarbanes Oxley (SOX) Audit initiatives.
• Recognized for the ability to lead by example and efficiently resolve issues to deliver results.

TECHNICAL SKILLS

• McAfee/Safeboot
• Lotus Notes
• Courion Identity & Access Management
• Single Sign - On (SSO)
• Business Objects
• Compass
• SAP
• IBM RACF
• TSO
• ISPF
• ACF2
• TCP/IP
• Novell
• NT
• Active Directory
• Windows XP
• Windows Vista
• Windows 7
• Windows 10
• Excel
• SharePoint
• Word
• MS Project
• Peregrine
• Citrix
• BMC Remedy
• Archer
• Qualys

PROFESSIONAL EXPERIENCE

Confidential, Chicago, IL

Security Analyst

Responsibilities:

• Documented the scope of applications requiring data flow processes.
• Identified and evaluated applications risk for internal control improvement.
• Communicated project schedule to application managers and other stakeholders to accurately identify the information included in the dataflow.
• Worked with servers and applications including Tandem, VMS, iSeries, and UNIX with up to 7,000 ID’s.
• Responsible for identifying owners of bank applications
• Reviewed monthly reports of dormant/terminated accounts.
• Tracked and remediated applications with dormant/terminated accounts.
• Assisted lines of business (LOB) in developing process documents.

Confidential, Chicago, IL

Security Analyst

Responsibilities:

• Reviewed list of vulnerabilities and evaluated the severity using Common Vulnerability Scoring System (CVSS).
• Risk ranked the vulnerabilities according to their categories.
• Provided development team with ratings for upload to automate the process.
• Worked with over 3800 vulnerabilities and several National Institute of Standards and Technology (NIST) compliance standards.

Confidential, Chicago, IL

Data Security Analyst

Responsibilities:

• Responsible for provisioning/de-provisioning system access.
• Ensured proper and authorized access to data systems.
• Adhered to information security policies and procedures in granting access.
• Completed assigned project as scheduled.

Confidential, Chicago, IL

Security Analyst

Responsibilities:

• Contributed to establishing the Global Information Security Vulnerability Remediation Team.
• Responsible for reviewing security assessments for areas of risk as part of the GIS Vulnerability Remediation team.
• Reviewed evidence of vulnerabilities with stakeholders and third party vendors.
• Communicated with assessors during compliance review.
• Tracked and documented vulnerability identification, analysis and remediation activities until resolution.
• Provided recommendations on remediation efforts to application team.
• Performed gap and root cause analysis of assessments.

Confidential, Lincolnshire, IL

Information Security Administrator

Responsibilities:

• User account provisioning/de-provisioning and password management.
• Maintain users profile and access privileges in Active Directory.
• Assigned project to map and merged 20,000 user accounts.

Confidential, Chicago, IL

Information Security/Desktop Support

Responsibilities:

• Reviewed and recommended improvement for processes, policies and procedures.
• Assisted small businesses and home agencies in organizing their current setup and business practices.
• Provided Security Awareness Training.
• Provided level 2 desktop support.

Confidential, Elgin, IL

Security Analyst Lead

Responsibilities:

• Saved $125k by reviving Lotus Notes platform to manage system requests due to acquisition.
• Successfully coordinated and managed project to integrate 60 IT support staff into corporate Incident Management System.
• Managed project to liquidate IT assets for 1,400 employees due to acquisition.
• Managed and assisted in building for deployment (HP5750 workstations) $156k project impacting 240 employees.
• Managed IT inventory consisting of desktops, laptops and PDA devices.
• Assigned and managed tasks of Security Analysts and Desktop Technicians.
• Managed and administered access control for new and departing employees.
• Worked closely with developers during Project Life Cycle of new and upgraded applications to implement necessary security changes.
• Monitored and administered Johnson Control software for security access to Data Center and Facility.
• Conducted Sarbanes Oxley (SOX) audits and provided interface to internal and external auditors.
• Managed distribution of Grid cards for remote access authentication.
• Monitored incident management queue and tracked incident to closure.
• Provided Level 2 desktop support and training to end users.
• Reviewed and responded to security violations audit reports.

Confidential, Elgin, IL

Information Security Lead

Responsibilities:

• Managed Command Center during two intra state office relocations of 1400 employees while managing access control for users - Received Above and Beyond Award.
• Provided support for migrating the mainframe operations from Confidential to CSC/Blythewood Data Center due to acquisition.
• Held a leadership role in recommending implementation of appropriate access control to comply with security policies and standards.
• Conducted Sarbanes Oxley (SOX) and SAS70 audits for commission, life and annuity applications.
• Performed Risk Assessments, Control Self Assessments, Data Access Strategy and Recertification of confidential data per guidelines and checklist.
• Managed and administered Role Based Access Control (RBAC) for mainframe, web applications and electronic certificates.
• Performed vulnerability scans and tracking of unauthorized access to servers.
• Worked closely with developers during Project Life Cycle of new and upgraded applications to implement necessary security changes.
• Performed Quality Control testing for implementation of incident management and service request systems.
• Implemented and managed security awareness training program.
• Analyzed audit logs and resolved security issues relating to unauthorized activities.
• Monitored incident management queue and tracked incident to closure.
• 24/7 support for critical issues and Disaster Recovery.
• Provided Level 3 support for security issues.

Confidential, Schaumburg, IL

Senior Systems Id Administrator

Responsibilities:

• Managed mainframe computer operators transition from outsource firm saving $450,000 in consulting fee - received Above and Beyond Award.
• Managed and administered role based access control (RBAC) for mainframe, SAP, Novell, NT, web applications and electronic certificates.
• Assisted in implementation of Disaster Recovery plan.
• 24/7 support for critical security issues and Disaster Recovery.
• Administered call center VOIP Computer Telephony Integration (CTI) database server.
• Utilized Witness and Nice Log applications to manage call center metrics.
• Managed Peregrine Incident Management queue and responded within Service Level Agreements guidelines.
• Provided first call resolution and training to end users.