- An Experienced Information Security Professional with a wide range of technical capabilities and significant experience with system, user, and application security. Member of the Security compliance team which identified enterprise - wide vulnerabilities related to virus updates, server security, user account misalignments and other scenarios which may compromise the systems. Involved with the creation and implementation of security health review audits. Participated in security tasks related to application deployment, monitoring, and user awareness. Created a user access system which insured the creation of audit trails and reduced processing time with increased accuracy. Created and processed metrics identifying risks related to misaligned user and system accounts on SAP and Active Directory networks. 10+ year’s information security experience.
- Policy creation and implementation.
- Internal audits and risk reviews.
- Created workflow of access requests.
- Designed secure directory structures.
- Handled Incident response.
- Provided security training and awareness
- Audit Compliance and preserved audit trails.
- Mitigation of orphaned or expired accounts.
- Analyzed security impacts of new processes/applications.
Confidential, Glendale, CA
- Developed, designed, and implemented automated access request processing, increasing production realized at 300%.
- Compiled, verified, and prepared performance metrics for management reports.
- Wrote tools to create and automate security reports such as obsolete accounts and administrative group changes enterprise-wide.
- Reviewed user accounts and access on a monthly basis to ensure regulatory and corporate compliance.
Specialist Application Security
- Determined improperly assigned access and misaligned user accounts.
- Provided business justification and management approval for users that required high level access within North and South America.
- Worked with international markets to determine access requirements and analyze access issues.
- Ensured KPI goals were met by identifying non-compliant access and procedures by providing comparison reports of user’s access within SAP, HR, and Active Directory.
Specialist Application Security
- Rolled out new application and directory structures on servers and workstations.
- Provided access to external users and companies by working on thin client access to provide access to external users and companies.
- Created server security structures so that employees could only access data on a “need to know” basis by working with various departments.
- Discovered misuse of company resources by working with management and HR.
- Created and maintained server security for HR and Legal department.
- Served as Member of Security Incident Response team and have worked with law enforcement
Analyst Application SecurityConfidential
- Resolved any security related access problems by working with users and departments.
- Reviewed business-related e-mails and attachments that maybe phishing scams or malware.
- Audited security on Active Directory servers for user lockouts and improper access.
- Handled process of new user access and unfriendly terminations.
- Maintained thin client access and developed server security.
Multiple SAP Security Courses: Application Security, 940, 950, HR SAP Security. HR Security
Microsoft Training: Active Directory Security, Visual Studio, Access Database, VB Scripting and application development. LDAP and ADSI, Active Directory Security.
Various scripting languages: HTML, CSS, VB, PHP