SUMMARY:

• Information Security SME with risk focus; versatile IT thought leader experienced in building, deploying, operating, migrating, and securing Information Systems - Cloud, Hybrid and On-premise.
• Has enterprise vision and rich experience collaborating with global clientele with cultural diversity and various service models.
• Successful liaison with Government, Engineering, Banking and Non-Banking Transnational Financial clients, specializing in Confidential broad spectrum of technology areas delivering information security solutions.
• Seamlessly able to adapt, integrate and leverage diverse core competencies and known for the ability to turn around projects in the red and successfully deliver.
• Has strong communication and collaboration skills and is an excellent team player with Confidential pleasant disposition, cross cultural exposure and good people skills, having worked in 6 countries across 4 continents with large teams.

CORE COMPETENCIES:

• Cybersecurity Policies, Processes, Program, Governance, and Guidance.
• IT Risk Management Framework - NIST
• IT Security Audits and response, COBIT, ISO, CMM
• Federal IT security requirements, NIST-800 standards
• Developing IT Security Policy framework, DR, COOP, Implement controls, Assessments, USGCB, DISA-STIG compliance. Cloud Security, FEDRAMP, System of Records, CSAM.
• Sys Admin, DBA, Production Operations Support.
• Independent Third Party IV&V - Quality assurance for Information Assurance, Testing Management,
• Organizational IT Security & Strategy
• Data Quality, Performance Testing, Testing Automation, Stress Testing.
• Vendor Liaison and Outsourcing Management, Proposal Management
• Data Warehousing, Business Intelligence, Knowledge Services
• Project Management, PMBOK, and Technical Delivery
• Deployment, Complex Global Multi-Module, Multi-System Implementations and Systems Integration
• Financial IT and Compliance (FINRA/ Confidential -OATS etc.)
• Technology Migrations and Modernization
• Configuration/ Change/ Release Management
• PKI, IAM, Encryption of Data in transit and at rest, and related appliances and tools
• Database Management, Data and Database migrations. Planning
• Enterprise wide OS Migrations implemented Standard Operating Environment and Virtualization.
• Big Data, Data Analytics and Reporting, Data Quality, Data Warehousing, BI
• Enterprise Architecture, IT road-maps, SOA, EA - Architecture, FEA, TOGAF, DODAF
• Web Technology and e-Commerce
• CRM and Customer-Technology interfacing
• Business Requirements Analysis
• Cloud Technology/ Architecture, Virtualization
• Manage Software Development - SDLC, Agile SCRUM
• IT Infrastructure - Data-center Design, Management and migrations
• IT Operations Management - Voice, Data, Helpdesk.
• Information Security and Accreditation (SCAP, C& Confidential / Confidential & Confidential ), Risk Assessment, Controls.
• FISMA, FIPS, OMB, RMF, CDM, User Management security roles, CERT, Confidential Management.
• Azure and AWS Cloud - IaaS, PaaS for moderate availability
• Expertise with organizational mergers, developing best practices and roadmaps.

PROFESSIONAL EXPERIENCE:

Confidential

Information Security SME

Responsibilities:

• Independent information security SME advising two largest key Confidential mission areas comprising of 40% of total Confidential information systems, helping them maintain or move towards Confidential superior information security posture.
• Worked on launching Pilot project offering Confidential certified AZURE and AWS Cloud IaaS and PaaS. Standardization of suit of offerings and identification of controls for moderate availability.
• Management and Migration of NIST, Rev-3 and Rev-4 controls for low, moderate and high category systems for On-premise and Cloud solutions such as Azure, Appian, Salesforce, and AWS.
• Guided and supported Confidential Mission Areas on federal IT security requirements for the implementation of security controls and practices on an array of technical environments and applications
• Extensively worked on CSAM, IBM BigFix, CSAM, SIEM and IBM BigFix reports - canned and custom reporting.

Confidential

Responsibilities:

• Demonstrated strong effective communication skills writing white papers, preparation of briefings, privacy security program directives, regulations, and policies in advising senior management and counterparts.
• Participated in high profile meetings with senior executives, agencies, and offices in addition to developing relationships within the technical and business groups.
• Influence clients to successfully complete OMB mandates, and Data calls on time.
• Took initiative to implement SharePoint based solutions for streamlining day to day activities for the team

Confidential

Responsibilities:

• Managed multiple projects simultaneously and worked independently in Confidential changing business environment while being detail oriented and meeting deadlines.
• Improved communication methodologies to establish guidelines to resolve complex and intricate issues related to privacy compliance and governance regulations.
• Took initiative and participated in special projects and pilot projects to develop templates of processes that have been subsequently adopted organization wide.
• Pilot effort resulted in cutting down Confidential & Confidential cycle time by more than 35%.
• Developed expertise by taking initiative and proactive steps in organizational mergers and developed Best Practices and roadmaps that have been re-used successfully across the Confidential .
• Documented IT policies, plans, Cost Benefit Analyses (CBA), Risk Analyses and white papers and developed performance metrics.
• Provide implementation support, oversight and Track compliance to Business Process Procedures (BPP's), and Change Management, BPA for engaging 3rd Party Assessment Organizations.
• Influence clients to successfully complete OMB mandates, and Data calls on time.

Confidential

Responsibilities:

• Provided guidance on full ATO, Confidential & Confidential and POA&M life cycle based on RMF - NIST Risk Management Framework to Federal Information Systems.
• Took initiative in cleaning up Inter System Connections and delayed SORN POA&Ms. Resulting in 50% reduction in expired ISAs in one year and 75% reduction in delayed SORN POA&Ms over one year.
• Worked with agencies for vulnerability ( Confidential ) mitigation and tracked successful closure
• Worked with agencies through life cycle of penetration testing and weakness resolution
• Track and manage POA&Ms resulting from penetration testing

Confidential

CTO / Lead IT Architect / Chief Solutions Officer

Responsibilities:

• Managed organizational IT strategy and Business Strategy, Information Security (IS) Risk and Governance, standards, IT Operations including Helpdesk support, and solutions. ISO 9001 and CMMI Level 3 project documentation.
• Aligned and implemented industry’s best IT practices. ITSM/ITIL Framework.
• Understand and implement / provide oversight for policy and procedures for our Federal/State/Local government projects.
• Managed product, tools and testing labs
• Manage onsite and remote teams. Mentoring team members.
• Designed “best value” technology solutions for RFP responses.
• Identifying and analyzing security risks, developing and presenting findings and recommendations to IT and cyber security managers for client projects, and provide IV&V services as independent Third Party.
• Provide and drive project management adhering to PMBOK methodology.
• Provide enterprise architecture and transformation, business development, and partnership, vendor Liaison efforts.

Confidential, Washington, DC

Project Manager

Responsibilities:

• Developed architecture for the development of Confidential web-based information system for work force analytics and related human capital management functionalities fully compliant with the OMB mandates, FISMA/NIST-800 guidelines and wrote related documentation.
• Developed Architecture solution for executive dashboard for Confidential, developed EA repository using IBM-System Architect.
• Supported management for architecture review board and technology review board.
• Requirements analysis and best practice for EA and CM.
• Worked on SCAP and C& Confidential documentation for information security . Liaison with ISSO and engineering teams for review of CSAM reports and implement risk remedial measures based on risk management framework NIST .
• Liaison with Information Systems Security Office (ISSO) in implementing Confidential secure solution to safeguard PII (Personally Identifiable Information) data. Identifying and analyzing security risks, developing and presenting findings and recommendations to IT and cyber security managers, liaison to secure ATO for systems and websites.
• Business Continuity and Disaster Recovery planning and drills.
• Provide enterprise architecture, solutions architecture, collaboration social services & solutions delivery, data quality, Quality assurance and testing, provide IV&V services as independent Third Party, Executive status dashboard, and program management support - followed PMBOK framework.
• Interaction with senior executive management - and relationship management with respect to projects, initiatives and status.
• Aligned the configuration management effort with the Enterprise Architecture business objective, made the department the first to be compliant for EA effort.
• Took initiative to pilot new/emerging technologies: successful pilot for cloud-based collaboration solution for project management - Confidential first at Confidential .
• Managed testing (QA) - end-to-end testing cycle - Manual testing, test case development, and Automatic testing.
• Solution and provider Identification for business needs - software, hardware, strategic aspects.
• Successfully rolled out Remedy for CM and CMDB. Change Management, Release Management, and Configuration Management - There were historically stalled initiatives.
• Mentoring team members.

Confidential, Baltimore, MD

Management Consultant

Responsibilities:

• Supported CIO and Deputy CIO of Maryland Confidential (MD-DHR) on an IV & V contract to develop frameworks for implementation of ITIL, architecture review board, disaster recovery, continuity of business, technology migration and wrote the framework for implementing the Information Security (IS) Risk and Governance.
• Developed framework and policies for social media networking and information systems security to meet the OMB/IRS guidelines. Provided the framework for remediation and IRS audit response. Implementation of Federal mandated IT security control standards and guidelines. Track, monitor, and report on the Authorization to Operate (ATO) status for systems and applications.

Confidential, NY

AIS FIX Engineer

Responsibilities:

• Provided analysis/integration, information security, business continuity, support FIX protocol-based order management systems, and implementation.
• Confidential black box electronic equities order execution engine - real-time matching algorithms execute trades within the best bid/offer of the primary market for Pan-European listed stocks. System analysis, Integration and migration activity.
• Setup Confidential standardized process and implement business continuity for over 30 mission critical servers of various flavors of Unix/Linux. Implement Kerberos for SEC compliance.
• Customized monitoring for Tibco RVD and RVRD processes using an in-house monitoring technology/tool. Automation of the Order Routing Connection testing process.
• Automated job scheduling from UNIX shell scripts to Confidential JILs. Performed QA and managed DevOps and testing team in Manila, VMWare (virtualization).

Confidential

Solutions Architecture, Operations Management

Responsibilities:

• Lead Confidential Technology Solutions Architecture Initiative, build tools for in-house operations performance improvement, better Monitoring, Tracking and Control, and Web Based tools for Electronic Execution Managers and Traders for back office usage and compliance reports.
• Responsible for Leading the Standardization and implementation of Confidential Real-time feed generation system for Back office processing for settlements.
• Ensure on real-time basis that Integration with other systems is seamless and transparent, MQ Messaging for interface with main frames and back office systems.
• Involved in Business Continuity Planning, Disaster recovery. Continual check of Controls and ensure compliance with the risk and process framework.
• Implement Confidential host of Alerts ranging from -Highly critical- to -For Information- categories, Automate report generation.
• Study, Plan and develop Confidential methodology and technical and project plan documentation to implement Migration and Standardization on some of the Specialized Equity Trading Hardware.
• Manage the Projects for implementation of the above process for North and South American Regions.
• Manage Order Management and routing systems, Institutional Broker Audit trail reporting process for Confidential (OATS).