SUMMARY:

• Dynamic Security Leader with an MBA in Technology Management with 20 years of experience in the Information Technology and Information Security
• Successful in all aspects of leadership, from strategic thinking to tactical execution; team building, over - delivery of goals, and business alignment, and budgeting.
• Industry Experience includes financial, medical, manufacturing, technology, and NY State & NY City Government
• Hands on experience defending high profile clients against threat actors such as LulzSec and Anonymous as a leading member of the SOC Team, and indirectly managing Managed Security Service Providers “MSSP” SOC staff.
• Confidential is an Information Security Leader with experience in Cyber Security, Threat Intelligence, Vulnerability Management, Risk, Application Security, Building Information Security
• In the last ten years he worked full time and consulted for high profile NY State & New York City agencies in the public sector, as well as financial clients.

INFORMATION SECURITY SKILLS:

Cyber Security: Response, Vulnerability Management and Architecture, Application Security Assessments, SDLC, Penetration Testing Tools - metasploit, hands on experience defending against high profile DDoS attacks and architecting solutions to withstand such attacks, as well as Application Security, RISK, writing security policies and procedures, and building strong information security programs aligned with business goals.

Application Security Tools: IBM Appscan, Qualys WAS.

Member of the Application Security: OWASP NY/NJ Chapter, regularly attend and keep on top of al Confidential and Hacker events.

EXPERIENCE:

Confidential, Jersey City, NJ

Information Security Technical PM/Consultant

Responsibilities:

• Improvement of existing SOCKS & Firewall Control Processes, and leading vendor selection process for quality control study - SOW, RFP process
• Leading Cyber Security FAST Projects as Technical PM (Configuration Management, Detection of unauthorized access/software, connections)
• FFIEC & NY DFS compliance
• Conducting studies on data migration to the public/hybrid cloud - AWS & Azure and building Information Security Controls around the deployment to meet Regulatory Compliance Reqs
• Advising on maturing existing Vulnerability Management Program along with other vendors - enriching data and Risk Based Approach, along with moving into authenticated scanning and recommendations on KPI/KRIs for Reports
• Reporting to C-level Executive Staff - CISO & PMO.
• Researching SOC Automation, Threat Intel, AI, and maturing the existing SOC Operations

Confidential, Jersey City, NJ

VP Information Security

Responsibilities:

• Leading Vulnerability Management & Policy Compliance for BNP North America, reporting to NA CISO
• Leading Special Projects - Information Security Assessments for Merger & Acquisitions, researching Cyber Security Products for Fusion Center SOC, enhancing Cyber Security Threat Intel & Global SOC capabilities and response.
• Leading SWIFT Security Project - hardening SWIFT infrastructure, identifying security gaps, working closely with senior leadership and various stakeholders to improve SWIFT Payment Systems security.
• Conducting Application & Network Security Assessments, mapping FFIEC framework to existing controls, and conducting gap analysis.
• Coordinating our third party Penetration Testing for BNP North America
• Cyber Security Incident Response Coordination for IHC
• Creating several SOPs for Intermediary Holding Company “IHC”, for Incident Response & Vulnerability Management, which comprises of Bank of the West, First Hawaiian Bank, & Confidential .

Confidential, New York City, NY

Cyber Security Architect / Application Security Program Manager

Responsibilities:

• Architect the first Application Security Program for Confidential .
• Conduct presentations for Application Developers and Confidential Team, and present strategy, framework, and the risk assessment forms, and receive a buy-in from upper mgmt.
• Compare the leading products for SAST and DAST such as Veracode, IBM Appscan, HP Webinspect, Contrast, and Checkmarx, and make the product selection with the given budget for 2015.
• Assess the existing infrastructure, conduct Risk Assessments, and be the lead for Application Security on all the IT Projects.
• Serve as a backup on RSA DLP and Mcafee DLP security incidents and investigations.
• Replacement of Mcafee Foundstone Vulnerability Management product with Qualys VM & Qualys Policy Compliance in Q3 of 2015
• Write technical documents such as Risk Assessments, operating run books for the Confidential Team.
• Responsible for writing, updating security policies, and standards.

Confidential, New York City, NY

Cyber Security Consultant / Infosec Advisor

Responsibilities:

• Primary responsibility is Application Security Accreditation & Architecture for the one of the NYC Apps to be taken to the cloud in Windows Azure.
• Oversee tuning of the barracuda Web Application Firewall “ Confidential ”, security controls, etc.
• Performing IBM APPScans of the app code and working with developers to remediate any application vulnerability, specifically the OWASP TOP 10.
• Reviewing the proposals for new code releases with business analysts and writing security requirements and recommendations.
• Conducting Cyber Security Awareness programs - posters, monthly email newsletters, and training employees.
• Conducting physical audits of our vendors who are managing the IT operations of remote locations in several boroughs that collect information from clients.
• Making sure if any PPSI information that is collected is secured. The audits include physical security assessments, network assessments, operation controls, etc., controls, procedures, as well as BCP & DR, and physical security.
• Responsible for a Vulnerability Management Program - utilizing Mcafee Foundstone Scanners.
• Making sure remediation is done in a timely manner by the wintel team and running weekly reports to assess security risks.

Confidential, Jersey City, NJ

IT Security Engineer

Responsibilities:

• Reviewing existing security architecture and make recommendations on improving security posture to protect the bank against Cyber Attacks and internal threats.
• Work closely with Confidential teams to assess the results of the automated appscans and vulnerability scans to make sure the WEB/APP/DB servers are setup in the correct tiers/zones, the servers are patched, the flow of traffic is correct and if there are any risks raised with unsecure protocols, they’re addressed prior to going in production.
• Working with Confidential Engineering, Application Teams, Governance/RISK, and Network Research Attack Teams, as well as Confidential Teams in protecting the bank and continuously monitoring the continuously changing cyber security threat landscape.
• Optimizing firewall policies, cleaning up existing policies, removing risky and duplicate rules.
• Performing firewall changes for global firewall requests on Checkpoint R65, R75.40, ASA/FWSM firewalls.

Confidential, Wayne, NJ & Dallas, Texas

Senior Security Consultant

Responsibilities:

• Brought onboard to improve and grow the existing cyber security posture and align Cyber Security with Business goals.
• Setup Security Metrics and monthly cyber security executive reports.
• Roll out MDM Airwatch mobile device management.
• Implementation of DLP and Websense Security Gateway
• Setup a Vulnerability Management Program along with Policies, Reporting, and Executive Dashboards.
• Work on creating a Forensics Team, setup a training for legal team, and research the tools such as “ENCASE” for the team, and work on investigations with the lawyers.
• PCI & HIPAA compliance, Cyber Security Incident Response Planning and monthly reporting, Security Awareness and International Travel Awareness.
• Reviewing audit findings, documenting risks, analyzing and recommending appropriate actions to reduce and or eliminate the security risks.
• Working closely with Application Security Team reviewing architecture of new applications, flow of data to make sure it does not violate our security policies in the n-tier layered architecture and follow SDLC.
• Reviewing existing security architecture and make recommendations on improving security posture to protect the company against internal and external threats, including physical security.

Confidential, New York, NY

Senior Project Manager

Responsibilities:

• Deployed and supported IT Security at the new MTA Agency Business Shared Services (BSC) a consolidated Peoplesoft environment for all MTA Agencies.
• Evaluated and affected the development of the technical security infrastructure.
• Assessed and recommended security technologies as well as support their integration into the networked environment.
• Collaborated and assisted in development of interagency security policies.
• PCI Compliance and Application Security initiatives.
• Weekly Change Management in accordance to ITIL Standards.
• Worked with IT SEC Vulnerability Management & Audited on conducting agency outreach & vulnerability prevention.
• Provided Support for all MTA Agencies with firewall changes, vpn access and troubleshooting.
• Managed RSA server, Nortel Contivity VPN, Checkpoint NGX65 running on Nokias, as well as firewall changes.
• Worked closely with Confidential & Telecom/ Confidential as well as other Confidential such as Confidential when supporting connectivity to Citynet Hosted network and Confidential applications.
• Implemented Algosec Solution to audit & improved performance on Checkpoint NGX firewalls by eliminating unnecessary, duplicate & risky rules.
• Audited the rules for PCI Compliance.

Confidential, Brooklyn, NY

Security Specialist / Firewall Engineer / Team Lead / On Call Manager

Responsibilities:

• Leading vpn migration projects for Confidential as part of our Security Portfolio Service offerings to other Confidential .
• Run automated IBM Appscans for Application Security Accreditation projects and review the accreditation documents as well as work with developers to address the security risks in the applications.
• Firewall changes on ASA, FWSM, Checkpoint R75 firewalls.
• Coordinating and leading support and new security requests between MTA Agencies and Confidential .
• Reviewing and analyzing IDS/IPS events for proventia sensors on the IBM ISS portal.
• Representing the Security Team in daily Change Meetings according to ITIL Standards.
• Site-Site VPN Tunnel support, troubleshooting on Checkpoint NGX platform & edge devices.
• Managing and Supporting Juniper SSL VPN Solution & creating custom sites for Confidential
• Working with vendors and evaluating security products.
• Running Reports and Analysis of Security Incidents using Qradar, Mazu, and Qualys.