Ten years strong Information Security Program Management experience within Investment Banking industry. Skilled in identification of risk remediation areas. Adept at presenting security metrics in meaningful fashion to identify areas of potential risk. Quickly grasps project objectives and adopts new skills accordingly. Outstanding communication skills.
- Incident Management
Programming Language:†Perl, HTML, CSS, Basic, Pascal, Java, Scheme, Prolog, UNIX k-shell, C/C++, Expect, Windows batch scripting
Applications:†Firewalls (Cisco & PIX), ISS Internet Security Scanner, Encase 6.0, nMap, Nessus, AppDetective, WebInspect, Paros, Wireshark, Ethereal, Tripwire, Valicert Secure Transport Server/Clients, Novell Sentinel, Crystal Reports, What’s Up, Nessus, Safend, Top Secret, Tanable Security Center, ScriptLogic Security Tools, McAfee IntruShield.
Operating Systems:†Windows 95/98/NT/2000/XP, UNIX 2.10, Linux
†Confidential, New York, NY 2009 to Present
Consultant/Information Security Analyst
Confidential., Whippany, NJ 1999 to 2008
- Deployed various security monitoring and enforcement tools in the network in order to prevent data leakage.
- Developed process and electronic forms for common Information Security tasks, in order to streamline request workflows.
Information Security Analyst
- Managed annual vulnerability assessment of Internet facing applications which resulted in timely identification and resolution of security vulnerabilities.
- Developed and implemented live, radical changes to encrypted e-mail feature in Internet file transfer application within extremely tight deadline. Changes were completed on time and functioning successfully.
- Evaluated and deployed desktop surveillance product for logging activity of consultants dealing with sensitive information. Project completed within timeframe.
- Developed, recorded and maintained monthly security metrics and presented at monthly staff meeting.
- Maintained Tripwire policies for Window and UNIX environments. Worked closely with system administrators to determine most efficient policy.
- Participated in IT Security Review process for several technologies within firm. Assessed risk of these technologies and recommended action for implementation.
- Evaluated and deployed instant messaging logging software for capturing Internet chat logs of broker/client communication.
- Provided user assistance for security tools and techniques. Resulting in greater user technical understanding and efficiency.
- Coordinated and managed emergency desk coverage in DR site for clients affected by 9/11.
- Conducted and facilitated the collection of data for security and legal investigations. Responded to security incidents and determined proper course of action.
- Supervised audit remediation activity on annual basis to comply with SOX policies. Passed all audits satisfactorily.
BS Computer Science
CompTIA Security+ certification received 2009