SUMMARY:

Accomplished Information Security Risk, Compliance, and Governance leader with a strong technical background and a solid track record of success in leading information security and business transformation projects, to include IT Audits.

PROFESSIONAL EXPERIENCE:

Confidential, Charlotte, NC

Consultant Sr Cybersecurity Architect

Responsibilities:

• Chair cybersecurity architectural reviews for all incoming new and existing projects thru the ISDLC.
• SME for O365 Cloud Migration to Azure and multiple business migrations to AWS.
• Perform gap analysis of all projects against established widely accepted information security best practices and against existing Confidential Information security policies.
• Provide consultation to business teams during the RFP engagement process of third party vendors.
• Design and Implementation of appropriate controls to mitigate identified risks.
• Assessment of existing risk appetite for those projects that require some form of risk acceptance, exceptions and waivers and communication of these through the highest levels of executive leadership.
• Review of high visibility and large implementation projects such as the Confidential CSOC, PII data encryption project sanctioned by the Duke board of directors.
• Proficiency with NERC CIP, FISMA HIGH, COBIT, PCI, ISO 17779/270013/3100/ 270 02 - 13, NIST 800, SCADA, OT Architectures.
• Developed centralized risk management processes and governance.
• Cloud assessments and migrations to include Microsoft Azure, Amazon web services.
• Applications developed within the year include:
• Database monitoring tool SecureSphere.
• Data encryption tool HPE Voltage.
• VPN and MDM tool Netmotion.
• VPN MDM solution AirWatch
• Call recording software for PCI compliance Verint.

Confidential, Bentonville, AR

GRC Auditor

Responsibilities:

• Create, plan, schedule and manage various and diverse risk-based IT and operational audits for domestic and international business units with C-Suite executives.
• Provided security leadership for cloud migration services such to include Hardoop and other Cloud initiatives
• Engage senior leadership for escalations and reviews; dotted line reporting to C-level executives.
• Broad business approach by serving as a bridge, provisioning information flow between the differing business units of the enterprise, an advocate of security awareness training.
• Liaise cross functionally with Infrastructure, and Operating teams to assess and identify technical, compliance and legal risks within each domain.
• Instrumental in the development of a risk centric annual audit plan utilizing the audit risk model consisting of over 225 auditable entities.
• Conduct business, third party and supplier vendor calls to determine the vendor’s level of risk by conducting questionnaire or onsite reviews of their information security program utilizing a number of different frameworks such as ISO 2 700 01-15, COBIT, knowledge of regulatory requirements and industry standards such as HIPAA, HITRUST, SOX, PCI, GLBA, NIST.
• Advanced knowledge of Information Security and Auditing trends, competitive edge activities and advanced products, processes, and service such as the eGRC tool (RSA Archer).
• Risk management and analysis professional that provides timely requirements within all phases of the Information Systems Development Lifecycle.
• Provide consultations for new network architectural designs to identify and contain emerging threat trends.
• Create the required documentation for both qualitative and quantitative assessment of risk.
• Provide guidance and consultations on the mitigation of identified vulnerabilities by proffering solutions.
• Track status of vulnerabilities through accurate metrics reporting.
• Responsible for a group of IS auditors that spans PCI assessments, NIST, SOX, HIPAA and internal security audits, and third party vendor management.
• Provided advisory services on enterprise projects and assisted in creating enterprise level security policies and standards, as well as development of the enterprise security awareness training program. Additionally, was instrumental in development of guidelines associated with systems and development, secure coding and network perimeter device security.
• Prep the organization for the annual PCI assessments as well as drove remediation for identified vulnerabilities.
• Developed white papers and best practices document to assist management in improving control implementations. Most notably, white papers on Business Continuity &
• Resilience, Mobile Banking & Security, Sensitive Data Masking and Secure Software
• Development Practices, Secure VLAN Implementations, and VoIP Security, Mobile endpoint security.

Confidential, Mettawa, IL

Consultant Senior IT Security Architect Consultant

Responsibilities:

• Introduced new auditing tools for network security scanning (GFI LANguard), application vulnerability assessments (PAROS), network routers, firewall configurations and rule base analyzers for enhanced identification, reporting and remediation of vulnerabilities.
• Used and trained staff on tools such as Nessus, IBM AppScan, MS Baseline Analyzer and nCircle/Qualys to evaluate network and application security vulnerabilities.
• Lead auditor for enterprise wide data loss prevention (DLP) program, and multiple PCI initiatives. (Most notably, the enterprise Payment Application DSS track for enterprise wide secure software development practices. PCI firewall annual rules review.)
• Viewed as subject matter expert for software programming and application security including threat modeling.
• SME consultant for Cloud services.
• Introduced an application security audit program for assessing software security for critical online banking and transaction processing applications.
• Developed and utilized IT audit work programs and tools to review, assess and test information system controls and security at the various HSBC business units. Specific audit areas include Information Security & Privacy, Networks Security, IT Governance, Database Administration, Computer Operations, Systems & Development, Business Continuity / Disaster Recovery Planning, and Client Services.
• Utilized Audit Command Language (ACL) tool to perform data analytics on critical wire and ACH applications’ data. Identified data sets and fields from the data dictionary focusing on security, risk and compliance attributes.
• Developed and implemented an application review and assessment program for product/applications. Utilized data analytics techniques using ACL to perform control and security implementation validation.
• Developed and introduced actionable and achievable strategic initiatives for Corporate Audit surrounding external focus, business acumen, strategic agility and collaboration.
• Trained and prepared leaders ahead of regulatory (FFIEC) examinations and visits.
• Provided advisory services to business units in support for regulatory and client inquiries relating to audit, risk and compliance.
• Developed and enhanced existing audit reports by including metrics and graphical representation to innovatively reflect issues and risks to executive management and the audit committee.
• Developed and presented quarterly audit analysis reports for executive management focusing on emerging risks and trends supported by matrices for IT, Finance SOX, and SAS70 audits as well as regulatory examinations.
• Led special investigations and other Corporate Audit initiatives and special projects including internal fraud investigation.
• Demonstrated an advanced knowledge of information security and auditing trends, competitive edge activities and advanced products, processes and services.
• Demonstrated strength in problem solving, conflict management, staff development, team building, organizational leadership and relationship management.

Confidential, Lincolnshire, IL

Program Manager

Responsibilities:

• Managed Confidential third party TCS contract, to include MSA contract reviews, compliance and adherence, risk management and contract profitability.
• Provided evaluation of network security for offshore vendors seeking connectivity to the Confidential production data, HIPAA regulations and PCIDSS requirements.
• Responsible for maintaining the Information Security Policies and associated architectural documents that ensured compliance with internal and external drivers such as industry standards/trends and regulatory requirements and expectations.
• Established IPSEC tunnel with partnering firms, managing project tasks in multiple geographical locations worldwide including firewall exception rules.
• Provided architecture, design and support to Checkpoint firewall and Cisco Pix systems, Juniper and Blue Coat firewalls.
• Developed compensating controls within risk assessments.
• Responsible for SEIM such as ArcSight, IDS/IPS, vulnerability management, content management, virus mitigation, patch management.
• Database administration and security audits and analysis of MySql, Oracle, DB2, Intuit QB, Teradata and Sharepoint database systems.
• Experience utilizing Splunk for database parsing of Syslog servers,
• Software development life cycle.
• Sandbox, Clean room implementation,
• Incident response, disaster recovery.

Confidential, Chicago, IL

Sr. Network Engineer

Responsibilities:

• Provided enterprise network support to all 15 remote locations and the College HQ comprising over 250,000 students accounts and 15,000 College staff
• Responsible for architecture, design and support to Checkpoint firewall and Cisco Pix systems, Juniper and Blue Coat firewalls.
• Worked on load balancing enterprise application web servers via Netscaler appliances.
• Installed and configured Netscaler applications; also worked on the configuration of virtual servers, SSL offloads, rate-limiting, security certification via Verisign.
• Oversaw network monitoring via WhatsupGold, Kiwi, NetCrunch, HEAT, VMware.
• Planning: established policies that minimized the potential for infection.
• Detection: Correlated events across multiple platforms for accurate threat analysis
• Mitigation: Network and endpoints simultaneously eradicating viruses/worms.
• Prevention: Kept noncompliant or infected endpoints from connecting to the network.
• Provided 3rd tier escalation consultation to network managers and technicians of respective remote locations.
• Hardware: CHECKPOINT R55, R60 running on UNIX secure platform and HPHardware; also have experience running checkpoint on Nokia appliances, Checkpoint NG FP3.
• CISCO: Configuration, design, deployment, of hardware platforms 7200, 7507, 7606, 6506, 6509, 4912, 3550, 3548, 2950. Wireless Chantry, Netsclaer, DS3, OS3, Gigaman, RST, 802.1Q
• Software experience included: Nessus, Nmap, Bmc Patrol, Tivoli Desktop, Winscp, Kiwi Cattools, Netcrunch, WhatsupGold, Putty, Cisco Network Assistant, 3Com Network Supervisor,Websphere, Weblogic,
• Protocols: JBOSS, RIP, EIGRP, IGRP, IGP, MPLS, EGP, VLAN, Spanning tree protocol, VTP, Dot1q, ISL, DTP, HDLC, PPP, H320, H323,IEEE, DHCP, DNS, WINS, NTP, Frame relay, QoS, LDAP, LACP, VMWare
• Strong knowledge of QoS (quality of service) and DoS, as well as predictive modeling stress testing.
• VLAN configuration, network segmentation as well as bandwidth management.
• Considerable understanding of WAN base service including broadband, VPN service and
• Architecture, firewall service, Web Hosting/application service and Ecommerce.

Confidential, Consultant Chicago, IL

Field Service Analyst

Responsibilities:

• Provided technical support to trade shows, conventions and seminars at the McCormick Place, Navy Pier.
• Responsible for:
• Configuration of terminal servers, dumb terminals, muxes, SCO boxes and wireless systems for trade show operations;
• Tradeshow database management;
• Wireless connectivity support for the EXPO;
• Network and desktop monitoring.

Confidential, Crete, IL

Network Administrator

Responsibilities:

• Supervised an IT team of 10 technicians, responsible for evaluating members of the IT, technical training, documentation, change management, project management as well as all procedures.
• Responsible for budget management and implementation as well as communication with outside vendors.
• Worked on:
• Checkpoint, Raptor and Cisco pix firewall configuration and testing, network projects;
• Architecture documentation Anexys, RSA /ACE installation administration and troubleshooting;
• Installation, configuration and enhancement of IIS, Apache and Netscape enterprise servers.
• Responsible for planning and recommending network hardware, network management software and architecture.
• Approved and modified network design, architecture and network security, design and in corporation of firewalls.
• Repeatedly demonstrated proficiency in the use of:
• Network monitoring tools, capacity utilization, troubleshooting procedures; knowledge and application of SNMP based monitoring tools;
• TNG unicenter, HP Openview, BMC Patrol, Cisco works;
• Total network security, integrity and performance issues;
• Strong knowledge and experience with PC’s, LAN topologies (Both Ethernet and Token Ring), routers, hubs, terminal servers, firewall applications, Windows 2000, Cisco 3725, 2600, 7000, Citrix Metaframe, Cisco, Sonicwall, Cisco Pix, Novell 5.0, 6.0, Apache 2.0,Exchange, Outlook 2000, 2002 Office 2000, Win XP.

Confidential, Chicago, IL

Network Engineer

Responsibilities:

• Supported internet infrastructure of 12000 guest rooms, 500 ballrooms of the Marriott franchise in the midwestern region of the United States with revenues over $8,000,000 in 2001 fiscal year.
• Technical support provided:
• Microsoft Exchange 2000, 2002, Outlook, office 2000, monitoring, troubleshooting, optimization of lotus notes, Implementation of Microsoft Windows 2000 Advance Server, XP, Novell NetWare and NDS, Active directory design and troubleshooting.
• Cluster Server installation and management.
• Server hardware analysis (Compaq, Dell, HP and IBM).
• NIX, Windows NT4/2000 integration and support.
• Backup software applications: Veritas; Arc server and Backup Exe Installation.
• Programming experience with Lucent, Definity, PBX and Audix voicemail systems and website support.
• Configuration of Poly-Com hardware.
• Experienced performing punch downs, cabling RJ11 and RJ45, and fiber optics with 110 blocks using tone generators and other telecomm troubleshooting tools.
• Administered EMC, Tape backup and DNS.
• Configuration of VPN, LDAP and Terminal server.
• Managed remote test access and protocol analysis equipment as well as remotely control premise equipment.

Confidential, Chicago, IL

Consultant Network system Administrator

Responsibilities:

• End to end monitoring and problem resolution & providing 24/7 availability of networks.
• Installation, maintenance, troubleshooting various customers LAN/WAN.
• Facilitated training in new and existing technologies Installation, configuration, and
• Administration RDBMS (Oracle and SQL).
• Installation, configuration, and administration of Storage Area Network, Sun Solaris Installation, configuration, and administration of Checkpoint/Nokia firewall.
• Installation, configuration and management of Cisco MLS switches, routers and load