Profile

Ten years strong Information Security Program Management experience within Investment Banking industry. Skilled in identification of risk remediation areas. Adept at presenting security metrics in meaningful fashion to identify areas of potential risk. Quickly grasps project objectives and adopts new skills accordingly. Outstanding communication skills.

Strengths Include

• Policy
• Process
• Procedure
• Metrics
• Monitoring
• Incident Management

Technical Skills

Programming Language: Perl, HTML, CSS, Basic, Pascal, Java, Scheme, Prolog, UNIX k-shell, C/C++, Expect, Windows batch scripting

Applications: Firewalls (Cisco & PIX), ISS Internet Security Scanner, Encase 6.0, nMap, Nessus, AppDetective, WebInspect, Paros, Wireshark, Ethereal, Tripwire, Valicert Secure Transport Server/Clients, Novell Sentinel, Crystal Reports, What’s Up, Nessus, Safend, Top Secret, Tanable Security Center, ScriptLogic Security Tools, McAfee IntruShield.

Operating Systems: Windows 95/98/NT/2000/XP, UNIX 2.10, Linux

Consultant/Information Security Analyst
Accomplishments:

• Deployed various security monitoring and enforcement tools in the network in order to prevent data leakage.
• Developed process and electronic forms for common Information Security tasks, in order to streamline request workflows.

Information Security Analyst
Selected Accomplishments:

• Managed annual vulnerability assessment of Internet facing applications which resulted in timely identification and resolution of security vulnerabilities.
• Developed and implemented live, radical changes to encrypted e-mail feature in Internet file transfer application within extremely tight deadline. Changes were completed on time and functioning successfully.
• Evaluated and deployed desktop surveillance product for logging activity of consultants dealing with sensitive information. Project completed within timeframe.
• Developed, recorded and maintained monthly security metrics and presented at monthly staff meeting.
• Maintained Tripwire policies for Window and UNIX environments. Worked closely with system administrators to determine most efficient policy.
• Participated in IT Security Review process for several technologies within firm. Assessed risk of these technologies and recommended action for implementation.
• Evaluated and deployed instant messaging logging software for capturing Internet chat logs of broker/client communication.
• Provided user assistance for security tools and techniques. Resulting in greater user technical understanding and efficiency.
• Coordinated and managed emergency desk coverage in DR site for clients affected by 9/11.
• Conducted and facilitated the collection of data for security and legal investigations. Responded to security incidents and determined proper course of action.
• Supervised audit remediation activity on annual basis to comply with SOX policies. Passed all audits satisfactorily.

BS Computer Science

CompTIA Security+ certification received 2009