TECHNICAL SKILLS:

Platforms: AIX, AS/400, BeOS, BSDI, DG - UX, Digital UNIX/Alpha, DOS, FLUX OS, FreeBSD, GEMSOS, HP-UX, IRIX, Java, Linux, MacOS, MPE/iX, MVS, N/A, Net, NetBSD, Netware, OpenBSD, OpenNMS, OpenVMS, Os Independent, OS/2, OS/390, Propiatary Hardware, Python, RACF, SCO, SecureBSD, SINIX, Solaris, SunOS, UNIX, Unixware, VM, VMS, VSE, Windows 2000, Windows 3.x, Windows 95/98, Windows CE, Windows NT, Windows XP Security Tools:ISS (Provetia, Scanner, Real Secure), Cisco PIX, Cisco Routers, Cisco IDS, Checkpoint Firewall One, FTK Imager, Qualys, Tripwire, Archer GRC, Cybercop Scanner, Juniper Firewall.

PROFESSIONAL EXPERIENCE:

Confidential

SOC Analyst Sr. Advisor

Responsibilities:

• Eyes on glass monitoring and resolution of security incidents within established customer Service Level Agreements.
• Performing daily operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from Security Information Monitoring tools, network and host based intrusion detection systems, firewall logs, system logs (Unix & Windows), mainframes, midrange, applications and databases.
• Additional responsibilities will include performing documentation review and improvement, attending meetings as needed, serve front line response for troubleshooting low-level engineering issues as needed.
• Collaborate with Line of Business technical teams for issue resolution and mitigation.
• Communicate and escalate issues and incidents as required by context, process, or management.
• Specialize in network and log centric analysis.
• Use of IDS, IPS, and/or other signature matching technology

Confidential

Security Assessment Project Manager

Responsibilities:

• Support the initial development, implementation, and continuous improvement of the business unit’s risk assessment processes
• Support the evaluation of compliance with Corporate policies, regulations and contractual requirements
• Support the development and implementation of the business unit’s self-assessment of controls
• Support the Business Units in responding to customer requests and vendor assurance
• Coordinate with the Business Units and the Corporate functions in the event of any incidents or breaches
• Support and awareness efforts in the business units
• Review of company network diagrams in preparation for global PCI project, providing QSA insight and guidance
• Monitor business unit implementation of remediation measures
• Provide metrics and reporting

Confidential

Security Assessment Project Manager

Responsibilities:

• Analyze and Assess 254 applications for Security Compliance
• Manage ongoing infrastructure and network projects with Technical Services team
• Assess each department and office for compliance to Confidential policies regarding Data Security
• Hands on enterprise implementation and management of various security applications to include: Archer GRC, Tripwire, Credent, McAfee Security Suite, Confidential DLP, PGP, Rapid7
• Single point of contact for all Data Security Office for all transition related projects and status

Confidential

Senior Security Consultant

Responsibilities:

• HIDS (Host Intrusion Detection System) review
• Review and manage IBM Site Protector, IBM Proventia and IBM Real secure agents deployed through out the network environment.
• Review of current policies and configurations
• Generate daily status reports

Confidential

Senior Security Conultant/Technical Writer

Responsibilities:

• Review network diagrams and document hardware and software for Nevada HIX exchange system. Short term Network and application documentation and review project.

Confidential

Senior PCI QSA Auditor - (Consultant)

Responsibilities:

• PCI/QSA Security project consultant assisting client with Level 1 PCI DSS Assessment Project.
• Hands on with full PCI life cycle, Assessment, Plan, build, execute PCI compliance to include writing of ROC as sub contractor for PCI QSA Company.
• Assessing organization's compliance with the PCI data security standard by evaluating cardholder environments against the standards.
• Involved in engagements, assist in defining the scope of the cardholder environment, conducting fieldwork, work with other PCI assessment teams, discussing findings and observations with clients, preparing work papers to support the testing and validation performed, and preparing applicable deliverables.
• Client service assistance with advising client on best practices and assisting client in addressing routine issues to comply with the PCI data security standards.

Confidential

Senior Security Consultant PCI QSA (Consultant)

Responsibilities:

• Senior Security consulting responsible for performing vulnerability assessments and other consulting services. Providing consulting guidance on various information security compliance standards such as HIPAA, PCI DSS.
• Working with various levels of staff hands on with the full PCI life cycle, Assessment (GAP), Plan (remediation), build (Best of breed Products), execute (Implementation into operation) PCI compliance.

Confidential

PCI Project Manager/ Business Analyst (Consultant)

Responsibilities:

• Engaged as an IT compliance and security SME for a specialized consulting project team “targeted” to establish PCI compliance. I developed full project PCI compliance plan to include GAP assessment, and full remediation. I developed a web based PCI policy and compliance tracking site to include links to all supporting PCI required documents. I assisted in the development of all information security policies, procedures.
• Working with various levels of staff hands on with the full PCI life cycle, Assessment (GAP), Plan (remediation), build (Best of breed Products), execute (Implementation into operation) PCI compliance.

Confidential

HIPAA Project Manger/(Consultant)

Responsibilities:

• HIPAA Security Assessment Review, HIPAA, Conducted interviews, collected data, and perform security audits reviews, testing. Generated deliverable that included security analysis. Made security recommendations, adjustments and remediation plans for organizations. Worked with team members in developing an automated compliance solution using RSA Archer eGRC seeking to manage the lifecycle of corporate policies, assess and respond to risks, and report compliance with internal controls and regulatory requirements across your enterprise.

Confidential

Senior Security/ Business Analyst Project Manger (Consultant)

Responsibilities:

• PCI Security Assessment Review, PCI DSS, Conducted interviews, collected data, and perform security audits reviews, Scans and penetration testing. Generated deliverable that included security analysis. Made security recommendations, adjustments and remediation plans for organizations.
• Working with various levels of staff hands on with the full PCI life cycle, Assessment (GAP), Plan (remediation), build (Best of breed Products), execute (Implementation into operation) PCI compliance.

Confidential

Senior Security Project Manger (Consultant)

Responsibilities:

• Project manager for federal healthcare client deploying a Security Event Monitor Solution using NitroSecurity ESM,DBM,ISP solutions across large scale environment. Solution involved review of existing security architecture and deployment plan, making modifications and additions as required. Review of existing device deployment validating configurations and making corrections. Responsible for the development of complete Secure Operation Center documentation, Security Monitoring Policy, Security Monitoring Run Book, and Computer Incident Response Team Handbook.

Confidential

PCI DSS Senior Security Project Manger (Consultant)

Responsibilities:

• Project manager for PCI DSS pre compliance project providing guidance in preparation for a PCI security audit, performing GAP assessment, establishing security policies, and procedures preparing SAQ. Communicating weekly status to program managers, senior management and team members. Facilitate meetings and escalate when necessary Supporting compliance team reviewing several compliance policies to include, DIACAP, NIST, PCI, SOX, for all ongoing PCI activities to protect the confidentiality and integrity of Cisco for PCI Compliance standards. PCI Security Assessment Review, PCI DSS, Conducted interviews, collected data, and perform security audits reviews, Scans and penetration testing. Generated deliverables that included security analysis. Made security recommendations, adjustments and remediation plans for organizations.

Confidential

Senior Security Project Manger/ (Consultant)

Responsibilities:

• Implementation Manager of IBM Global Services located at client site and manage client engagement services and solutions implementation. Managing Server Refresh project for worldwide rollout of new hardware at client site. Managing IBM project team of 20+ personnel globally distributed (India, Brazil, US). And move new environments to steady state Also responsible for managing multiple sub projects, and build Multiple Customers: (The GAP, Confidential ) Project manager for PCI DSS pre compliance project providing guidance in preparation for a PCI security audit, performing GAP assessment, establishing security policies, and procedures. Communicating weekly status to program managers, senior management and team members.
• Actively involved with on-site Project Executive to provide delivery management status and to ensure customer satisfaction for -ability. Developed project plans and assumed responsibility for project profit and loss.
• Working with various levels of staff hands on with the full PCI life cycle, Assessment (GAP), Plan (remediation), build (Best of breed Products), execute (Implementation into operation) PCI compliance.

Confidential

Senior Security Project Manger/ Business Analyst (Consultant)

Responsibilities:

• Managed several projects for Confidential in several states, PCI DSS GAP pre compliance Assessment as security consultant, providing guidance in preparation to PCI security audit, performing GAP assessment, establishing security policies, and procedures, performed initial investigation into possible PCI security breach.

Confidential

Senior Security Project Manger/ Business Analyst (Consultant)

Responsibilities:

• Security Assessment
• PCI DSS, ISO, HIPAA, SOX, TG3
• Conducted interviews, collected data, and perform security audits.
• Generated deliverables that included security analysis.
• Made recommendations for organization security adjustments and recommendations.
• Conducted Security assessments for various platforms and Databases, collected data, and perform security audits.
• Conducted social engineering exercise to test physical security of facilities.
• Generated deliverables that included security analysis.
• Forensic Investigation
• Performed entire forensic investigation process
• Victim interviews, evidence collection and recovery
• Security Policy and Procedures Development
• Developed High Level Security Policy and procedures for various standards (ISO, PCI, HIPAA, TG3).

Confidential

Director of Information Security

Responsibilities:

• Establish the overall security profile and policies of the company.
• Writing and implementing security policies and SOP's. (HIPAA and ISO compliant)
• Performing security audits. (Physical and logical)
• Evaluating and responding to security incidents.
• Reviewing application security, data center security, IT security.
• Acting as a point of contact for privacy concerns. (HIPAA,ISO,SOX)

Confidential

Senior Network Security Consultant

Responsibilities:

• Tested new security designs, equipment and technical problem resolution.
• Consultant for customer security network designs.
• Utilize multiple vendors in multi vendor/carrier environments.
• Isolate and resolve network issues
• Accept escalations from tier-1 and tier-2 network system consultants and network security consultants.
• Consult with customers on security audits.
• Consulted on HIPAA policy development practices.
• Consult with customers on network security designs.
• Consult with customers on intrusion detection and penetration testing.

Confidential

Senior Network Security Developer/Consultant

Responsibilities:

• Assisted in development process of active security suite (Cybercop, Gauntlet Firewall, Monitor IDS)
• Traveled as spokes person for the active security suite speaking to large groups of CIO's and CEO's.
• Lectured on methods of protecting information from cyber terrorist attacks.
• Performed enterprise installations, setups and testing of various competitor products such as; Confidential, Checkpoint, Tripwire

Confidential

CEO / Senior Network Security Consultant

Responsibilities:

• Founder of information technology consulting firm.
• Developed sound business practices to assist in information technology security.
• Developed network design and management models for information technology.
• Managed several fortune 500 data centers during mainframe to LAN migration.
• Managed disaster recovery mirror data centers for fortune 500 corporations.
• Developed in house program for network engineers.
• Operating systems range from IBM ES 9000-AS400
• Developed disaster recover / contingency plans.

Confidential

Data Center Manager

Responsibilities:

• Responsible for implementing new applications and managing production data center.
• Developing production documentation and procedures for daily production batch processing.
• Manage and train data center operators on batch production.

Environment: IBM 3090, MVS/ESA, JES2, CICS, CA1, CA7, CA11, COBOL, IDMS.

.