- Results oriented visionary leader with an extensive background in diverse information systems and technologies, with expert skills in architecting, planning, scheduling, operations management, information systems security and compliance, disaster recovery and business continuity in a fast - paced and multi-tasking environment.
- Experienced in architecting and managing medium to large-scale networks and data centers serving IaaS, SaaS solutions as well as managing governance, risk and compliance in e-commerce environments.
- Possess in-depth knowledge of diverse business areas, incorporating Governance, Risk and Compliance.
- Strong leader, adept at motivating and harnessing the power of diverse teams to surpass business goals and client expectations with outstanding communication, interpersonal, organizational and presentation skills.
Operating Systems: Windows, Mac, Linux, Solaris, AIX.
Special Software: Kali-PWK, Qualys, Nexpose, Nessus, Perl, Tripwire, Splunk, Samhain, OpenDLP, TippingPoint, Wireshark, LAMP, IBM-TPC, IBM-SVC, Rally, Jira, PulseSecure VPN, F5-BigIP LTM.
Virtualization: IBM-PowerVM, Citrix-Xen, VMWare, Fusion.
DBMS: MS-SQL, MySqL, DB2, U2-UniVerse, Cassandra.
PROFESSIONAL E XPERIENCE:
Confidential, Irvine, CA
- Direct diverse operations teams in incorporating Security and Compliance in a 24x7 global e-commerce and back-office IaaS and SaaS environments.
- Prioritize and assign teams’ operational tasks and project work with focus on availability, performance and efficiency.
- Define, develop, deliver and update the enterprise-wide Information Technology Security & Compliance program.
- Schedule and lead IT Security strategies and Compliance efforts for PCI and SOC compliance.
- Provide guidance and counsel to the members of senior management teams, working closely with senior managers, product leaders, and the client community in defining objectives for security and compliance, and building cohesive relationships.
- Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies. Examine impacts of new technologies and architecture on the overall information security. Establish processes to review implementation of new technologies to ensure security and compliance.
- Create education and awareness programs and advise development and operations teams at all levels on security issues, best practices, and vulnerabilities.
- Develop a strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI, SOC, ISO9xxx and FISMA.
- Coordinate and track all information technology and security related audits including scope of audits, organizational units involved, timelines, auditing agencies and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation and advocacy on audit responses.
- Implement annual and long-term security and compliance goals, define security strategies, analyze metrics, reporting mechanisms and develop maturity models leading towards a roadmap for continual process improvements.
- Manage production operations within budgets and justify resource recruitments to senior leaders and finance partners.
- Successfully managed an ongoing PCI-DSS and SSAE-16/SOC-1 compliant operations since 2006, further establishing and enforcing security policies as appropriate, as well as network backup control and verification including disaster recovery and business continuity.
- Developed and Implemented Information Security Policies and Procedures, Implemented Change Management system with change verification. Coordinated and validate periodic 3rd party vulnerability and penetration testing.
- Collaborated with sales team on pre-sales and post-sales customer security evaluations.
- Frequently initiated and led architectural discussions, high-level planning and project implementation teams to align with the company’s current compliance needs and future security goals.
- Built company’s network operations center (NOC) from scratch. Hired, trained and developed the NOC team; provided software and hardware solutions to meet business needs as well as oversight on connectivity solutions for clients. Created and implemented a metric reporting and accountability structure.
- Successfully collaborated with development engineering teams in providing troubleshooting and technical expertise to resolve complex system issues. Incorporated secure code review practices, evaluated and implemented Veracode and SonarQube 3rd party Secure code review platforms.
- Developed internal security awareness training program for non-developers as well as developers to in corporate secure practices as BAU.
- Incorporated and led several security measures within the hosting data center to enhance system security, which contributed to achieving compliance certification with PCI-DSS, PA-DSS and SOC-1.
- Designed and developed multiple support tools for in-house and customer functions on LAMP architecture.
- Responsible for building a robust, secure and scalable payment processing solution for patrons leading to over Confidential 2 billion worth of transactions a year. Involved in migration process of moving payment gateways, tokenization as well as payment authentication functions, and also reviewing fraud detection and prevention solutions for patrons.
- Managed Data center expansion and extension of services offered to multiple co-location sites in and outside US and actively involved in reviewing and procurement of equipment for operations to support infrastructure power, virtualization and data storage solutions.
- Provided strategic roadmap for technical operations and product development and involved in forecasts and Confidential budget preparations to present along with VP to CFO/CEO.
- Possess strong hands-on and technical expertise in IDS/IPS, multi-factor authentication, and other Identity and Access management controls.
Confidential, San Jose, CA
- Provide client network and systems services.
- Independently set up, managed and administered the corporate mail and messaging system on Microsoft Exchange and merged multiple Exchange servers across the globe into one tree with more than 1000 mailboxes. These actions resulted in the integration of the messaging system company-wide, providing standardized system policies and support for all locations.
- Established directory synchronization between Exchange servers, resulting in improved messaging company-wide and standardized system policies and support for all locations.
- Set up, managed and administered the corporate website using Apache and Tomcat, which created a much more robust medium for the company’s web presence, as well as improved website functionality.
- Integrated the web server with a mail server for enabling improved online resume submission facility on the web server.
- Set up, managed and administered the firewall for restricted and secure access of the LAN from WAN and vice-versa.
- Set up voice over IP functionality using Micom products and Cisco routers to facilitate improved voice connectivity between branch offices worldwide.
- Served as System Administrator for the corporate network. Created back-up schemes by writing automated scripts on Solaris systems. Solved a void at the company of not having any system administration personnel by setting up automated scripts for backup, ensuring effective archival and fast retrieval of relevant data when required.
Network Systems Supervisor
- Administered and maintained the entire school campus network.
- Served as Project Manager for the revamping of the campus-wide infrastructure with an estimated budget of $150K.
- Set up, managed and administered the Confidential Netware 5.0 IP network with Zen Works and Border Manager in creating a client-server environment for effective network performance and productivity, instead of using peer-to-peer networking that was in place earlier.
- Reduced the cost of ownership of expensive software by using Zen Works to provide application availability from a single source, instead of procuring and loading software on individual workstations throughout the campus. With Border Manager, provided robust access control and secure remote access to campus housing.
- Set up, managed and administered the mail and messaging platform on GroupWise for 1000 nodes, enabling the integration of the messaging system campus-wide in providing standardized system policies and support for all users. Replaced peer-to-peer networking with a client-server environment for effective network performance and productivity.
- Established a remote access network for greater user convenience by enabling a modem pool and allowing users to dial in to the network using asynchronous ports on Cisco Access router 2500 series.
- Set up Confidential Application Launcher for users (students and teaching staff) to access applications required from the server without having to load them individually on their workstations, saving users a significant amount of time.