SUMMARY

• Business - focused Information Technology professional with twenty years of management and technical project leadership experience in the financial industry, with over ten years focused on Information Security and Risk Management;
• Performance driven, goal oriented individual with demonstrated competence in the areas of information security governance, risk management & assessment, regulatory compliance, security awareness training, project management, secure application development, incident response and business continuity planning
• Collaborative leader with excellent communication and interpersonal skills. Effective at communicating the business benefits of complex technical projects to non-technical audiences at all levels of the organization;
• Strategic thinker with the ability to devise solutions that preserve profitability and facilitate business goals;
• Certified security professional with an understanding of business needs as well as technology risks. Able to represent the information security needs of the organization by highlighting the business benefits of the recommended security strategy;
• PCI DSS subject matter expert with hands-on experience preparing for and managing annual PCI audits by working with information technology and operations teams to achieve regulatory compliance.

TECHNICAL SKILLS

• ProSight
• Microsoft Project
• Word
• Excel
• Access
• PowerPoint
• Publisher
• Visio
• SDLC
• ACHHP (Atalla) Key Management
• DES Encryption
• BaseCamp
• TripWire
• GFI LanGuardGFI Event Manager
• Cisco VPN
• Cisco ASA
• Imperva WAF
• SafeNet (Ingrian)
• RSA SecurID sFTP
• TAL
• SQL

PROFESSIONAL EXPERIENCE

Confidential

Vice President, Information Security & Technology

Responsibilities:

• Manage resources to deliver secure business application solutions on a Microsoft .Net / SQL2005 platform including: cardholder web portal, client web portal, on-line processing for authorization and settlement of ATM and POS transactions, and enterprise applications necessary to manage 1.3 million cardholder accounts;
• Design and champion a corporate Information Security Program aligned with strategic business initiatives;
• Ensure compliance with regulations mandated by US Patriot Act, Bank Secrecy Act, Gramm-Leach-Bliley Act, and Payment Card Industry Data Security Standards;
• Administer an ongoing Information Technology Risk Assessment program that identifies information security vulnerabilities, threats and risks and recommend remediation action plan to address identified security weaknesses;
• Create, maintain and administer Disaster Recovery and Business Continuity plans;
• Recommend, implement, and perform ongoing administration of an effective Change Management process to realize high uptime performance of all critical systems, with minimal degraded system effect and high quality of change;
• Maintain an effective organizational security posture validated by network monitoring, quarterly penetration testing and annual security audits;
• Serve as the contact point for external auditors, government agencies, banking partners, and law enforcement regarding data security policies, regulations, security breaches and all other security matters.

Confidential

Co-founder / Executive Director

Responsibilities:

• Deliver effective presentations, both oral and written, outlining technology offerings to business partners as well as providing advice and guidance regarding best practices;
• Provide consultation support for IT projects by evaluating vulnerability and risk and developing appropriate plans to mitigate potential security weaknesses;
• Coordinate the integration of information security objectives with organizational projects and goals, ensuring cost effective proportionality in the application of information security controls while maintaining the highest standards of accessibility;
• Manage hardware and software vendor relationships to deliver cost-effective and risk adverse solutions;
• Ensure compliance with standard project management methodology (SDLC) by consistently applying the recognized project management processes, discipline and controls.

Confidential

Information Technology Manager

Responsibilities:

• Provide on-going training, coaching, and performance evaluations for team members as well as participating in the recruitment, interviewing and hiring process for personnel;
• Clarify business requirements, develop and manage project plans and budgets, track project milestones, deploy resources, and deliver diverse solutions with high quality, timeliness and cost efficiency;
• Utilize in-depth understanding of ISO 8583 messaging, telecommunication protocols, encryption and information security practices to design and implement fault tolerant payment processing solutions with a high degree of availability, confidentiality, and transaction integrity without compromising transaction speed.