It Security Consultant Resume
SUMMARY:
To obtain a position as IT SECURITY AND SYSTEMS ADMINISTRATOR and willing to grow vertically in the IT services industry.
TECHNICAL SKILLS:
Hardware / Operating System Platforms: IBM SYSTEM 370/390/MVS/VMS/CICS/VSAM/VTAM; AIX; IBM/38; AS/400 E&I SERIES 8260 Ethernet 40 - Port 10Base-T Module; TARGON UNIX C; SUN ULTRA SPARC T5240 SERVERS, PHILIPS PTS 6000, UNIX/LINUX/SUN SOLARIS 10; NOVELL, WINDOWS 9X/NT/XP/7/OS/370/390/400
Software/ Languages: Unix, C, C/C++, Java/J2EE, JavaScript, SOAP, MVC, ASP/.net, PGP, PHP, VB.NET, DHTML, HTML, XML, EDI, RPG, COBOL/CICS, Borland Delphi 5.0, Crystal Reports, Secure.Net Code, JCL, OCL,CL, DDS, SEU, SDA, CGI/API/GUI, Version 1.4 of Java 2 platform, J2EE 1.4, WebLogic, Struts Framework 1.2, Spring framework 1.2.5, JMS, XML, SOAP, IBM Rational, Shell scripting, MS SQL, PL/SQL, IBM/SQL, QUERY/400.
Databases: Oracle, Peoplesoft, SAP, MS/ACCESS, MS/SQL, IBM DB2, DBMS, IDMS, RDBMS, ODBC, JDBC.
EXPERIENCE:
IT Security Consultant
Confidential
Hardware & Software Environment: IBM z/OS V1R9.0 UNIX/MVS/AS400/CICS; SDK for z/OS, Java 2
Responsibilities:
- Understanding the technical business requirements and defining architecture - based solutions that align to the organization s overarching architectural strategy and the business unit s needs.
- Planning, designing, and leading enterprise security applications with the J2EE Platform, Java servlets, Java Server Pages, and Enterprise JavaBeans component models, as well as the JDBC API, Java Message Service API, and J2EE Connector Architecture. Responsible for security, deployment, transaction management, internationalization, and other important issues for today's applications and CICS Transaction Server for z/OS Version 3 provides an efficient and effective environment for applications that are written in COBOL, C/ C++, and Java.
- Proactively protect the integrity, confidentiality and availability of information by ensuring appropriate security controls are in existence and enforced.
- Assist in formalizing security policies and resource classification schemes; maintain and publish all information security standards, procedures, and guidelines, including monitoring and reviewing compliance procedures.
- Coordinates with IT team members, vendors, contractors and consultants to build and sustain a coordinated, meaningful security program in compliance to industries security standards.
- Conduct investigations and remediation of suspected information security incidents.
- Promote information security awareness programs, and recommending tools and improvement essential to IT security.
- Ensuring that the business unit s technology-driven needs are met.
- Evaluate and propose architecture, design and technology alternatives
- Propose recommendations to infuse new technology and serve as a resource for the Strategic Technology team in evaluating and proposing technical alternatives for resolving project issues
- Work within the team to research, analyze, and document recommended solutions
- Produce and obtain agreement on design specifications; clearly articulate to the client the pros/cons of evaluated solutions and be able to support recommendations
- Architect and design new solutions in conjunction with the EA team & process, as well as the development team.
- Engineer new code, work with and enhance existing code base
- Ensure architected solution is tightly integrated (technology stack, workflow, and data) with the existing solutions
- Design technology enhancements & improvements
- Collaborate with the IT Architecture and Integration team to review recommended solutions to ensure compatibility with IT s architecture strategy
Senior Security Administrator
Confidential, Silver Spring, MD
Environment: Sun Fire 880; Sun Ultra Sparc T5240; Sun Ray; IBM AIX, AS/400,Websphere; Windows XP Professional; UNIX C; 27 servers
Responsibilities:
- Primary responsible for implementing the security architecture for the Document Management Architecture (DMA) UNIX environment.
- Advising on security related issues.
- Responding within established timeliness to all Division of Telecommunication and Security Standards (DTSS) inquiries and reports.
- Maintaining all security related applications (i.e. eTrust, ePC, tripwire, etc.).
- Create, administer, and maintain all DMA user accounts in accordance with DMA and DTSS guidelines.
- Ensure that the DMA servers are in compliance with all DTSS regulations when feasible.
- Ensure frequent and open communication with the DMA system administrators so that both parties are up to date on the security of the DMA servers.
- Attend regularly scheduled DTSS and Solaris group meetings as well as audits and reviews.
- Prepare any necessary documents required/requested by DTSS.
Senior IT Enterprise Architect/Consultant
Confidential
Environment: IBM OS/390; Windows XP Professional; C++; EJB, J2EE; Oracle, JDBC with IBM Ethernet, 510 servers: IBM Client, Windows, UNIX, Linux, and Solaris servers
Responsibilities:
- Extensive project experience in Government, Financial Institutions, Retail, Manufacturing, Insurance, Commodity Trading and Consumer finance.
- Provided solution with J2EE using advanced features of Java including EJB, Java Beans, Java Server Pages (JSP), Servlets, Struts, JSP Tag Library (JSTL), JSF, and JDBC.
- Oversee a network of security directors and vendors who safeguard the organization's assets, intellectual property and computer systems, as well as the physical safety of the organization.
- Install, implement, configure, and monitor all servers with daily activity report and computer incident report.
- Identify protection goals, objectives and metrics consistent with organization strategic plan.
- Manage the development and implementation of global security policy, standards, guidelines and procedures to ensure ongoing maintenance of security. Physical protection responsibilities will include asset protection, workplace violence prevention, access control systems, video surveillance, and more. Information protection responsibilities will include network security architecture, network access and monitoring policies, employee education and awareness
- Maintain relationships with local, state and federal law enforcement and other related government agencies.
- Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
- Work with outside consultants as appropriate for independent security audits.
- Design, install, maintain and upgrade the enterprise s production databases.
- Provide technical expertise in the use of database technology. Accountable for the overall performance of the enterprise s database environment: Microsoft Access, Oracle Database, and IBM DB2.
- Work closely with clients, business analysts, systems programmers, and application developers to define and resolve information flow and content issues - --helping to transform business requirements into environment specific databases.
- Monitor and analyze performance metrics and allocate database resources to achieve optimum database performance.
- Solid knowledge of database administration, database monitoring and tuning, logical data modeling, and physical database development.
- Understand the principles, theories, practices and techniques of project management. Basic understanding of how the technology influences business strategic direction, enabling definition and integration of technical plans supporting the enterprise business functions and processes.
- Work on one or more projects as a project team member. Support one or more databases of low to medium complexity (complexity defined by database size, technology used, and system feeds and interfaces) with multiple concurrent users, ensuring control, integrity and accessibility of the data.
- Plan and design for the Disaster Recovery Planning (DRP).
- Ensuring alignment with the organization s overarching IT architecture and integration strategy, the Senior Technical Architect will work closely with that team but will report into the Chief IT Enterprise Architect and Vendor team responsible for the service and support of a specific business unit.
Senior IT Auditor Contractor
Confidential, Largo, Maryland
Environment: Sun Solaris; Microsoft XP Professional; Microsoft IIS; Active X
Responsibilities:
- Perform information systems audit work throughout the organization including security audits of complex computer applications, network, and the Confidential .
- Possess a working knowledge of the Organization: its business processes; policies and procedures; governance practices; and regulatory obligations as it relates to information systems.
- Demonstrate proficiency in applying information systems audit principles, skills and techniques in reviewing, penetration testing, and testing computer applications and information systems technology of varying complexity utilized by the independent IT auditor team from Confidential
- Apply internal control concepts in a wide variety of information technology processes and appropriately assess the exposures resulting from ineffective or missing control practices.
- Understand the financial, operational, and compliance risks which affect information systems design, modification and processing activities, demonstrate the ability to identify and appropriately dimension those risks, and formulate recommendations which are appropriate, practical and cost - effective.
- Prioritize work so resources are devoted to areas of highest risk. Consistently document relevant facts and information which support the work performed and conclusions drawn so other reviewers can follow the auditor's logic and methodology.
- Effectively evaluate audit results, weighing the relevancy, accuracy, and perspective of conclusions against the accumulated audit evidence.
- Be effective in communicating audit results, both verbally and in writing, so they are persuasive, placed in the appropriate context, and understood by the recipient.
- Be able to complete work with limited instructions, yet know when to seek guidance from supervising staff when circumstances warrant.
- Design, install, maintain and upgrade the enterprise s production databases.
- Provide technical expertise in the use of database technology. Accountable for the overall performance of the enterprise s database environment.
- Work closely with clients, business analysts, systems programmers, and application developers to define and resolve information flow and content issues---helping to transform business requirements into environment specific databases.
- Monitor and analyze performance metrics and allocate database resources to achieve optimum database performance.
- Solid knowledge of database administration, database monitoring and tuning, logical data modeling, and physical database development.
- Understand the principles, theories, practices and techniques of project management. Basic understanding of how the technology influences business strategic direction, enabling definition and integration of technical plans supporting the enterprise business functions and processes.
- Work on one or more projects as a project team member. Support one or more databases of low to medium complexity (complexity defined by database size, technology used, and system feeds and interfaces) with multiple concurrent users, ensuring control, integrity and accessibility of the data.
Director of Information Technology
Confidential, Baltimore, Maryland
Environment: ; IBM AS/400; RPG/400;JAVA, J2EE, JAVA API, JSP, EJB, EIS, JDBC; Visual Basic.NET; SQL Server; Oracle; Microsoft IIS, Active X, Windows Server 2003; eTrust, IBM Content Management; AdPro, Axis Video
Responsibilities:
- Apply an expert knowledge of computing and networking platforms, protocols, operations, applications development, database management systems, and information security to ensure that corporate IT and financial management systems scale to meet business demand.
- Direct technical staff and a 1.2 million budget to provide all IT operational services for the corporation, including 7x24x 365 network security on-call, system and database administration, data center operations, Helpdesk services, and applications development. This operation services over 500 employees worldwide supported on an IBM AS/400 environment.
- Supervise budgeting and financial systems and processes for the corporation. Oversight functions include budget, accounts payable, accounts receivable, and general ledger.
- Manage database and applications requirements analysis, design, development, deployment, maintenance, support, and tuning for mission critical applications databases that provide financial, networking, and information security functions. Define Database Management Systems (DBMS) storage, CPU, and transaction requirements and implement effective security and access controls, backup and recovery procedures, and performance and capacity monitoring.
- Advise senior executive management including the Chairman and Board of Directors on corporate IT policies, procedures, and strategies. Lead the evaluation of corporate IT mission, goals, plans, programs, and business processes. Develop and report on short and long-range plans and establish enterprise wide data policies and standards. Establish effective strategies for information security, disaster recovery planning, and continuity of operations.
- Serve as a facilitator with internal business partners, external consultants, and vendors to define and implement effective business strategies.
- Evaluate and recommend new technologies with applications to the Confidential IT environment. Serve as the chief enterprise architect and lead project manager for all IT development projects. Supervise a staff of 18 systems administrators, help desk specialists, application developers, technicians, and accountants. Manage hiring, tasking, coaching and development, and career development to ensure the retention of top quality employees.
- Develop, implement and manage the overall enterprise processes for technical and physical risk management and associated architecture.
- Develop and implement policies, standards and guidelines related to personnel, facilities and data security, disaster recovery and business continuity.
- Oversee the continuous monitoring and protection of facilities, personnel and data processing resources. Evaluate suspected security breaches and recommend corrective actions. Negotiate and manage service-level agreements (SLAs) with outside suppliers of protective services or data hosting. Serve as the enterprise focal point for computer security incident response planning, execution and awareness.
- Define, identify and classify critical information assets, assess threats and vulnerabilities regarding those assets and implement safeguard recommendations. Define, identify and classify critical facilities (such as office towers and data centers), assess threats and vulnerabilities regarding those assets and implement safeguard recommendations.
- Assist internal audit department in the development of appropriate criteria needed to assess the compliance of security standards by new and existing personnel, applications, IT infrastructure and physical facilities. Establish and monitor formal certification programs regarding enterprise security standards relating to the planned acquisition and/or procurement of new applications, technologies or facilities.
- Assist in the review of new facilities, applications and/or technology environments during the development or acquisitions process to (1) ensure compliance with corporate security policies and directions and (2) assist in the overall integration process.
- Oversee the development and be the enterprise champion of a corporate security awareness-training program.
- Design, install, maintain and upgrade the enterprise’s production databases, administer and monitor all IBM client servers, UNIX, Linux, and Solaris servers.
- Provide technical expertise in the use of database technology. Accountable for the overall performance of the enterprise’s database environment: Microsoft Access, IBM DB2, and Oracle database.
- Work closely with clients, business analysts, systems programmers, and application developers to define and resolve information flow and content issues---helping to transform business requirements into environment specific databases.
- Monitor and analyze performance metrics and allocate database resources to achieve optimum database performance.
- Perform additional job duties as required. Solid knowledge of database administration, database monitoring and tuning, logical data modeling, and physical database development.
- Understand the principles, theories, practices and techniques of project management. Basic understanding of how the technology influences business strategic direction, enabling definition and integration of technical plans supporting the enterprise business functions and processes.
- Work on one or more projects as a project team member. Support one or more databases of low to medium complexity (complexity defined by database size, technology used, and system feeds and interfaces) with multiple concurrent users, ensuring control, integrity and accessibility of the data.
Senior Programmer Analyst/Software Developer
Confidential, Hunt Valley, MD
Environment: IBM AS/400; RPGIII, RPGILE, RPG/400; IBM Content Management; Crystal Reports; Borland Delphi 5.0; IBM DB2, J2EE, JavaScript; Microsoft Access; Visual Basic/RPG; IBM JAVA/RPG400.
Responsibilities:
- Managed the Information Systems Department for Confidential a property management corporation controlling extensive commercial and residential properties
- Supervised a team of 5 developers tasked to design, develop, and support custom property and financial management systems for the corporation.
- Served as the lead application developer for database-driven business systems.
- Utilized a variety of code development, web, and database modeling tools to design, review, code, and test applications.
- Identified data resource requirements and designed database access and security standards, backup procedures, and performance metrics. Led design reviews and developed technical design, code, training, and user documentation for software products.
- Provided system and database administration for central financial and property management systems.
- Managed all change control and reporting functions.
- Performed code support and maintenance for database throughout the corporation.
- Analyzed key data integration issues, tracked and resolved data issues, and provided direct user support to every level of personnel.
- Evaluated and recommended new technologies with application to the data management needs of the company. Identified software and database functions that could be streamlined, improved, or standardized.
- Developed security management strategies to ensure the integrity of corporate data resources.
- Over a three-year period, converted corporate administrative functions to a paperless process that utilized LAN/WAN, and AirLAN capabilities to integrate various offices.
- Redesigned Accounts Payable, Accounts Receivable, and General Ledger functions to utilize a central INVOICE system that significantly reduced overall manpower requirements and streamlined processing. Applied business process engineering concepts to evaluate and redesign supporting business processes.
- Designed and developed the Hotel Commercial Property System, which provided property management functions for the Data Systems Division.
- This application tracked all hotels, townhouses, apartments, mini-storages, and commercial properties managed by the company.