SUMMARY

• 20 Plus Years large MIS, Operations, Security, Policy, Privacy, Compliance, Disaster & Risk Mitigation, Support, Project Implementation, Asset Management, and Helpdesk, Document Control.
• 19 Years Information System Security and business continuity experience, VPN/Remote Access, Installation, Encryption, Virus detection/prevention, Network Installation/Configuration/Contingency, Disaster Recover Planning, Incident Response & Risk Assessment
• 14 Years Unix/Linux Administration
• 9 Years Staff management, training, development and evaluation
• 13 Years IT Hardware Staging, Installation, Support, Change Management, Infrastructure/UPS PM, documentation
• 10 Years Level 3 Core Network Administration, Architecture, VPN/Remote Access, Installation, Encryption, Virus detection/prevention, Network Metrics, Net Backups, Production Quality Assurance, IDS, Proactive Network 24/7 Real Time Monitoring and LAN/WAN management
• 18 Years Cross Platform, Endpoint Protection Platforms, network, Infrastructure, distributed computing, Tier 1 - 3 Security Tools, Helpdesk, Enterprise Data Center Operations experience and Software Development Quality Assurance and Release Management
• 12 Years Life-Cycle Management & Production Scheduling, Vendor Service Level Agreement (SLA) d Strategic Business Partner Management
• Dynamic Business Relationship Builder, Team Builder, Team Member & exceptional ability to work in dynamic, unstructured and cross platform environments
• Proactive methodology with excellent technical, analysis, negotiation, writing, and interpersonal skills
• Business, Legal and Operational compliance mapping expert
• Innovative and visionary Project Manager, product developer, business relation builder, coordinator, developer & hands-on technical engineer with an excellent Ability to work both in a tactical and strategic setting
• 12 Years Standards Development and Compliance Analysis expertise as well as physical Data Center Security and Infrastructure
• 10 Years Compliance experience with SOX, HIPPA, GLBA, COBIT, FFIEC, PCI, FDA,COSO, FISMA, CA SB1386, EU, ISO 9000, etc, polices, procedures and technical controls
• 20 years Security Awareness, Incident Management & Planning

TECHNICAL SKILLS

SOME HARDWARE PLATFORMS: Nokia Voyager, Nokia IPSO, F5, Catalyst 2900, 5000, 600, 3548, 6509, 7200, LS1010, CS1100, Alton, Net Appliance NetCache, PIX, Nokia 5200 VPN, Norton(Backup Exec, NetBackup, Gost, Enterprise/Endpoint Protection), Apache Web Server, Silicon Graphics, DEC/VAX, RAS, NT Workstation, Rack Space Management, Sun Servers & Workstations (, Lx, IPX, Ultra 2, Ultra 5, Ultra 10, Ultra 60,Ultra Sparck II, E420R, E3500, E4500-E10,000), Compaq (M370, DL360, ML770, P8500, Storage), Dell {CERT (Notebook, Docking, Desktops, Servers), BSI (Blade Server, Display & Power Supply), Acer, IBM (Notebooks, Desktops, Servers, Mainframes, VSAM, DASD,etc), HP (Lp1000-9000K), Toshiba, T1/OC3/OC12/ATM/TSDN, Fast Ethernet-Gigabit Ethernet(Cards, Transceivers, Hubs & Switches, Converters, Repeaters), Linksys (Network Adapters), Data General, Intel, HP-UX, Digital, Allied Telesyn (Switches, Converters, Extenders, Hubs) FIDDI, 10/100 base T, Tx, Fx, Hubs, Fiber(Single & Multimode), Coax & Twinax (BNC,CATV,N,TNC & Twinax), Avaya PBX Connectors (RJ45, RJ11, RJ-Modular, D-sub, USB, BNC, AUI, Thick & Thin Ethernet), Network(Crimping, stripping & Extraction) Tools, general voice-over-IP phone systems, issues Big Brother, F5, UTP/VGA/SVGA Video Splitters & Switches, KVM Extenders & Switches, Micron Interlan (Bridges, Transceivers), Cray (J90, XMP, YMP, C90), UPS (Battery, Diesel, Solar), Packard Bell, SGI, Allied Telesyn, Intergraph, Gould/ Uncore, UPS & Ncube, RS6000, Fluke (Multimeter, Probes, Scopemeter and cablemeter), Tone Generators, APC, Black Box, S8700, S8300, G700, Tektronix, Xerox, PBX, MUX, BUS, RING, STAR, Point to Point transmitters, Patch Panels, Data Cabinets, Racks & Rack Mounting, Environment Monitors-, Fire suppression and Security Systems, Access Systems (Biometric, digital, analog, etc) UPS(Notebook UPS to Motor Generators, Chillers, Compressors, Diesel Engine),Network Power Requirements, Climate(Air Handlers), Etc

SOME SOFTWARE & POLICY PROFICIENCIES: VMware ESX, VMware Virtual Center, BEA Weblogic, Microsoft SharePoint, IBM WebSphere, IBM Netview, IBM Mainframe, IBM RS6000, S/3X NT4.0 & Server, Salesforce CRM suit, Orcale 9x-11, Orcale E-Business, SAP, Windows, Vista, BEA Weblogic, Antivirus, Novell Remedy (Cert. 1999 and 2001), Goldmine (Cert. 2003), Big Brother, NetIQ Vulnerability Manger, ConfigureSoft, Bindview bvControl, Nessus, Netcool (Cert.), NetQOS, ISS Safe Suite (Cert.), NetRanger (Cert.), NetSonar (Cert.), Sniffer Pro, Nokia (5200 VPN), P2P, F-Secure SSH, MSOffice 95/97/2000/XP, HP Openview Network Node Manager, Solar Winds, NeoTrace, CP FireWall-1 (Cert.), SATAN, OS2, Oracle (Not Cert DBA, Cisco PIX (Cert.), Cisco IDS, Cisco Secure ACS, TACACS, RADIUS, Cisco Works, Sun Solaris 2.4-7.8, OS/390, OS/400, OS/2, Client & Server, Mac OS, O/S Cisco IOS, IETF, Cisco QoS Visual Basic, VPN, PKI, People Soft, pcAnywhere, AIX, ACT4.0, Power Chute Plus, Palm OS, SoftID, SecureID, Optivity, Access, Raptor, OPSEC/SAP, Kane Security Monitor, SOP, Humming Bird Frame Maker, Delrina Form Flow, POSEC/SAP, Outlook 97/98/2000+, SQL, Netbeui, LLC, 8022.2, SMB, Cognos, ACT Adobe products, Informatica, Silicon Graphics, Crystal Reports, DEC/VAX, Data General, Norton Utilities, Microsoft Access, Power Point 2000, Microsoft Project, Microsoft CE-2k, Microsoft Excel, McAfee Anti-Virus, Visio 97-2000), Work Perfect, 7.0 DOS, Employee Appraiser 4.0, Calendar Creator 5.0, Managewise, Arc Serve for NT/Novell, Netscape, Lotus Notes, Softrack, MTRG, Target Vision-VOIP,3COM-VOIP, Verizon- VoiceWing, Alliance Phone, DIGI, Citrex Winframe, Microsoft Exchange, WebSense v5.0, SurfControl, NetScreen, Trend IMSS v3.5 IVR, CTI, Korn Shell Scripting, HIPPA Security Provisions, Gramm-Leach-Bliley Amendment, CAN-Spam Act, CA Online Privacy Act, EU Clinical Research Directive, EU Directive, Australia Privacy Amendment, UK Financial Services Authority, CA 1950, PIPEDA, CA SB 1386, COBIT, ISO17799, Etc

SOME SYSTEM PROFICIENCIES & PROTOCALS: UNIX (shell scripting & VI),Linux, AIX/ESA, AS400, GUI Interfaces, TCP/IP, UDP, Telnet, STP, OSPF, SOAP, RSVP, RIP, DHCP, SQL, DB2, DOS, Cisco QoS, FTP,NTP, RLOGIN, BGP, S/MIME, NAT, VOIP, VOI, SONET, RSA, ISO, NTP, Novell, NetBIOS, ICMP, IPX, PGP, IGRP, HTTP, HDLC, GTP, GSMP, HTML, MVS, TSO, JCL, JES2, VMS, DOC, C++, IOS, VSAM, CSP, CICS DNS, Bootp, etc.

Senior MIS & Data Center Manager

Confidential

Responsibilities:

• Network & Security Operations Center Management to include: 24x7x365 NSOC operations, Remote Network & Security Management, Network Security Monitoring, IDS management, Disaster Recovery, Contingency Planning, Application Hosting & Development
• Tactical and Strategic planning and support of enterprise environment
• Customer Sales Engineering & Development
• Security Operations Services to include: Computer Incident Response/ Management, Incident Collection and Analysis, Forensics Response Team Management & Analysis, Operational Security, Metrics Performance Analysis
• Corporate Communications Review, Risk Assessment & Mitigation
• Security Engineering & Integration to include: Infrastructure Security Design/Engineering, COMSEC Support
• Security Awareness Training
• Vulnerability Scanning and Security Controls Assessment, Log Management, Security Event Management, Access & Sign-on Management
• HR Planning & Employee Assessment
• Technology Assessment/Review, Selection and Acquisitions
• Sr. technical POC to government contract services & Enterprise Resource Planning (ERP)
• Vendor Service Level Agreement and Contract Management
• Sr. Manager of Helpdesk, Call Center Services and Support ( Call center, backup services, levels 1-3 support, Etc)

Senior Compliance Analyst

Confidential

Responsibilities:

• Sr. Analyst of custom and vendor security technology controls for automated compliance dashboard.
• Sr. Analyst of Policy, Procedure & Governance Management (FISMA, ITIL, HIPPA, GLBA, NERC/ FERC; Etc) and development
• Product Quality Assurance and Release Management for compliance software dashboards policy, procedures, frameworks and technical controls.
• Management of regulatory mapping of standards to regulatory policies, procedures and technical controls
• Point of contact for product vendor and partner business relations.
• Development and management of content product quality processes and distribution
• Support platform integration, engineering and project management.
• Customer/Post Sales services, end user product training, policy/content gap analysis and development of post implementation strategies.
• Operational Cost & Vendor SLA Analysis
• Analysis of technical control content for the construction of software queries (technical translations for control data)
• Co-development of multi vendor platform queries for integration into automated compliance assessment dashboard with the Sr. engineering team
• Management of consultants during dashboard product platform development and integration projects
• Sr. Level project management responsible for C&A, Product Evaluation, Testing, Security Assessment

Sr. Network Security Manager

Confidential

Responsibilities:

• Created cabinet level incident response team consisting of corporate communications, privacy, IT security, finance, HR-health, corporate security, General Council and other senior level staff to manage collectively cross functional incidents.
• Security Management of 30,000-workstation upgrade project - replacing systems that average 12 years old to new Intel based windows XP systems.
• Sarbanes Oxley gap analysis project - providing leadership with IT Audit in annual & quarterly compliance; and drive the establishment of expectations and goals for senior management and cross-functional international teams with internal control responsibilities
• Managed and hands on administration of corporate enterprise email and web filtering tools
• Content manager of operational controls for privacy, web content, email-achieved Spam overhead reduction of 93%
• Third Party Contract Management - modeling contract rules, data analysis of contract scenarios, comparative analysis of contracts, contract management workflow and administration
• Subject matter expert consult to Legal and Executive staff for areas of Privacy, Policy & Technology Controls
• Monitoring of high-risk asset performance, data & relational modeling and operational improvement
• Threat/Patch management program - team responsible for patch management assessment and deployment, security strategy and policy assessment/development, risk assessments of IT environments, network security testing and client/server hardening, diagnostic reviews on Microsoft platforms, Internet/extranet security
• Responsible for firewall architecture, web server security, VPN, application configuration, security, etc
• E-commerce security (PKI, EDI, etc), Intrusion Detection, Cyber Crime Incident Response and Forensics’.
• Identify and manage external vendors/consultants for IT Security business directive and strategy
• Technical operational consolidation, audit, feasibility studies and cost accountability producing $4.3 million cost savings through creation of dynamic provisioning application
• Analyzed and recommended options to reduce technical operational cost and improve functionality in the wide area backbone network access audit process. Annual cost saving of $3.2 million across IT business units
• Managed Security Exception Database for vendor/service provider security SLA compliance

Technical Manager

Confidential

Responsibilities:

• Responsible for Risk Management consulting, direction and POC.
• Responsible for auditing of FAA WAN Security Architecture.
• Senior project management and technical lead.
• Developed and implemented Incident Response and Contingency plan for FAA WAN.
• Responsible for development of knowledge management, mentor program, and tactical planning.
• Established Security Chain of Command and developed Security Response team for FAA GPS/TAC.
• Developed network policies and procedure for FAA compliance as part of homeland defense initiative.

Network Manager

Confidential

Responsibilities:

• Team of 11 Network Engineers/Technologists - responsible for the design, development and installation of network, core network infrastructure monitoring architecture, VPN/remote monitoring, support environment, personal training, vendor product evaluation, purchase and asset management, software licensing, security policy, SOP’s and Staff
• SLA agreement model and establishment of Information Security best practices.
• Co-lead in development of Nokia global standards architecture model.
• Responsible for data modeling environment and qualitative / quantitative data analysis of data base environment.
• Responsible for change management documentation and delivery of, change request, escalation, tracking, resolution.
• Created and managed IP address inventory of 2,700 clients.
• Developed direction for SOC/NOC topology real time monitoring/Incident Response forensic investigations and contingency for Global Data Center.
• Instituted and directed SAP shared resources.
• Responsible for building upgrade, and installation/change management of network infrastructure, UPS. Ethernet, frame relay, ATM, SNMP, RMON, VPN, ISDN, SONET, DSL, voice networking, wireless networking, network/parameter security and performance tuning.
• Integration of diverse platform applications across multiple computing platforms, using Java-based Web technologies such as IBM’s Websphere Application Server(WAS), BEA Weblogic, NetApp and others for electronic business services.
• Instituted network performance and metrics/log analysis.
• Developed security, connectivity and network infrastructure for Nokia websites.
• Developed topology, cable management, naming convention, password management and change control/management.
• Completed Risk Assessment of the company information systems and prepared accreditation paperwork in preparation for accreditation visit by head quarters.
• Vendor Account Manager for hardware purchase, SLA, License, budget & asset management.
• Scheduled and conducted Network Penetration Tests and Vulnerability Scans in cross platform HW environment.
• Building management in raised floor environment of distributed and mainframe UPS systems

Senior Network Security Engineer/Project Manager

Confidential

Responsibilities:

• Updated company helpdesk escalation directive. Managed $4,300,000 budget for vendor POC for hardware purchase & asset management.
• Developed Network Strategy, NOC Network topology & Architecture, Drafted NOC Security Policy, Disaster Plan, Virus Detection, Internet Access, E-mail Policy, Audit, Escalation Procedures, FireWall-1, PIX, NetRanger, NetSonar, and ISS Security Scanner Standard Operating Procedures and Best Practices.
• Assisted sales team with Statement of Work agreements for NOC managed services.
• Established e-Business technology directions.
• Selected as Integration Team Member during the INS/ Confidential merger of Backbone Connectivity and DNS split. Reviewed Network Policies and Procedures.
• Initiated and implemented CERT team meetings companywide with near real time (CERT, AUSCERT, IETF) postings in all data centers
• Conducted Security Audit Review, Companywide implementation of PGP, and Vulnerability Scanning of Company Networks.
• Forged relationships with new and existing clients, executive management, vendors and sales teams.
• Developed training regimen for NOC staff and management to include technical training, security awareness, business forecasting, etc.
• Instituted IDS (NetRanger) monitoring, router authentication (Password Management), PeopleSoft Upgrade/Performance monitoring, network authentication (Password Management), and VPN Solutions (Aventail/Secure Remote/Shiva/SoftID). Developed Y2K compliancy Contingency Planning.
• Responsible for the day-to-day operations and management of systems and personnel
• Managed quarterly budget for purchase of peripherals and laptops provided to 1,700 regional engineers.
• Responsible for Purchase, operation, protection and management of all desktop computing equipment
• Instituted refurbishment & reissue program saving the company $1,800,000 annually.
• Cut discrepancy response time by 40 percent through establishment of regional suppliers.

Network/Unix Administrator/Security & Operations Shift Lead

Confidential

Responsibilities:

• Network and Unix Security Developed Policies, and technical procedures for Unix and Network Security operations.
• Supervised 3 Unix System Administrators and 6 operators using NT/Unix and Advanced Unix, 2 Network Technicians using LAN/WAN, PIX Firewall, Cisco IOS (Routers, Switches & Hubs), WheelGroups NetRanger IDS, Sun Servers, Cray, N-Cube and IBM Mainframes.
• Distributed Computing and Midrange/Mainframe, Storage, Telecom, etc.
• Functioned as second & third shift supervisor and point of contact at most powerful processing lab in the world at that time.
• Provided help desk resources and DR resolution for second & third shift systems personnel, clients and customers.
• Responsible for shift personnel training, progress evaluation, turnover, security, safety and emergency procedures.
• National Security Agency & Department of Defense Top Secret Security Clearance