Having worked in the Information Security field for the last 10 years, I've quickly progressed from being a LAN admin providing a small business segment a fundamental Role Based Access Control program, to an Information Security Team Lead managing 13 Information Security Analysts/Consultants within 2 years. Having managed a team for 4 years, and building on more than 5 years of security project management, I was able to spearhead the design, planning, and automation of an application administration function. Doing so has provided the opportunity to forge relationships within the team, other IT departments, our business customers, vendors, and our external customers. Leading a project to consolidate administration structure of 350 administrators to 10 using a workflow and provisioning tool, I worked with and assigned tasks to four IT groups to make the project successful. I assisted in requirements, creation, modifications, and administration of 3 different Identity management solutions. I assisted in creating policy, standards, guidelines, and procedures for 6 years. Lead the integration of Role Based Access Control profiles for 15 platforms and 65 applications, completing each business segment as a deliverable. I am well versed in conducting internal audits and working with external auditors for compliance of regulations and internal policy on periodic basis. Created remediation plans for non-complying controls, processes, or procedures. I have been involved in external audits for companies directed at SOX, GLBA, HIPAA, and OCC. I assisted in the planning and implementation of a Federated Identity management system using our Web Access Management infrastructure as well as architecting a XML Gateway strategy.

Technically proficient with the following systems/technologies:

• NT
• AD
• LDAP integrations
• Novell
• DFS
• Safeword VPN
• Quest Reporter
• Tivoli Identity Manager
• Tivoli Federated Identity Manager

• Network Appliance's Net Cache

• Juniper SSL VPN

• Citrix

• NetIQ's Security Manager

• NetOP
• Sun Identity Manager
• Microsoft Sharepoint
• Tivoli Access Manager
• RBACx Sun Role Manager

Confidenital

• Manager of Identity and Access Management
• Achievements:
• Overhauled an Identity Management implementation to provide more a complete from hire to termination process for both employees and contractors
• Implemented an Enterprise Role Management solution to provide a means of managing, reviewing, and auditing users and roles
• Enhanced the intake process through integration of our Sun Role Manager with an ITIL application, providing business friendly terminology for the business to request and review
• Implemented and Integrated Web Services Security through an XML gateway
• Created an IAM framework to be incorporated into the Security Architecture for the company
• Mitigated a re-occurring issue infrastructure saving many hours of troubleshooting and problem resolution
• Assisted in the development and implementation of an Enterprise Directory strategy for LDAP authorizations to accommodate internal and external applications
• Trained department on the basics of LDAP compliant directories
• Assisted in the setup of a new Secure File Transfer product to provide service to both internal and external customers
• Participated in a Tivoli Identity Manager 5.0 Beta program with IBM to test and provide feedback and suggestions to the product developers
• Lead the project to upgrade our Tivoli Identity Manager to 5.0
• Lead the team to implement RBACx Sun Role Manager, a Role Management application
• Lead and participated in the implementation of Tivoli Federated Identity Manager
• Responsibilities:
• Serve as manager of the Identity and Access Management IAM team of 13 employees, by providing strategic direction on security configuration, auditing controls, and automated tools to improve security, efficiency, and effectiveness
• Provide technical direction and security recommendations for the IAM team
• Ensure that new systems and applications align with the IAM framework and security architecture
• Manage and maintain the Identity management solution to include the architecture for future utilization
• Manage security projects to improve the efficiencies and effectiveness of the IAM team
• Provide mentorship and training to team members
• Consult with our business customers on new/emerging systems to ensure compliance with policy and regulations
• Assist business customers with using the current and future workflow/provisioning systems for their needs
• Develop roadmaps for future enhancements to the security of the infrastructure and providing secure business efficiency tools
• Conduct reviews, create development plans, promotions, bonus, and salary adjustments

Confidenital

Information Security Consultant II

• Achievements:
• Assisted in a new Identity Management system Sun Identity Manager to replace the current in-house built system
• Reviewed, audited, and recommended structural changes to the companies Active Directory implementation to be more streamlined, secure, and flexible for the organizations business needs
• Created a request/provisioning process for Local Workstation Administrative Rights by using a Notes database and Perl code
• Handled security incidents from identification, to remediation recommendations, and implementation of any mitigation required, all while providing progress reports to management
• Provided an analysis and recommendation for reporting/auditing tools with all required documentation of cost/benefits and ROI documentations that is saving the company over 300,000.00 per year
• Assumed subject matter expert for a host menu system that provides an access point to approximately 60 applications within a subsystem and 30 applications/functions on the main system
• Assisted in creating a privileged entitlement review process within a 3 month window with little resources for development
• Assisted in the VPN migration by recommending and reviewing the authentication scheme, encryption evaluations, and managed the account migration efforts.
• Responsibilities:
• Serve as team lead of the Distributed Systems team by providing strategic direction on security configuration, auditing controls, and automated tools to improve security, efficiency, and effectiveness, provide forecasting of projects, and assisted in budget forecasting
• Provide technical direction and security recommendations for areas of responsibility Wintel systems, UNIX, LDAP Directories, Remote Access solutions, Applications
• Provide solutions for audit findings on any of the systems of responsibility
• Provide input on baselines for systems of responsibility
• Recommend, implement, and transition operations support of new technology or streamlined processes/procedures
• Consult with business segments on new/merging systems to ensure compliance with policy and regulations
• Assist business segments with using the current and future workflow/provisioning systems for their needs
• Obtain audit information for entitlement reviews on systems/platforms of responsibility approx 1800 servers, 35 Windows domains, 2 SunOne Directories

Confidenital

Information Security Consultant II

• Achievements:
• Served as technical team lead for 3 years. Providing technical direction, work assignments, project management, reviews, training and development plans for the team. Also, managed the training budget, hiring of team members, resource planning for my team, and assisted with budget forecasting.
• Assisted in the requirements, logic, and testing for a corporate workflow/access request system that is used to request access and provide back user information based on an add, change, or delete request. Through this we've been able to achieve users' access setup, change of access, or deletion within 3 business days or better for more than 6 platforms and 63 applications.
• Created requirements and logic for the automation code that is used to complete the requests on all of the platforms that my team is responsible for by using the access request system and thus providing 5 hr turn around on requests that come through the request system. This reduced the number of technicians required to support the corporation by 15 full time employees and increased efficiencies with our company.
• Centralized LAN administration for 55,000 users and reduced the administrative over head by streamlining and standardizing the basic administrative tasks. Novell 4.x 5.x, NT, and AD
• Modified an existing centralized Intranet web application LDAP directory structure and standards to provide a flexible, secure, and robust authentication source that is easily used by application developers to implement new applications authentication and authorization levels with applications.
• Lead the Active Directory migration for the security department. I created the Active Directory Windows 2003 security standards for US Bank. Security Access Profiles, Distributed File Systems, Directory Structure, logon script structure, share and NTFS permissions
• Lead the creation of Security Access Profiles for each business line in the corporation for my team's systems of responsibility
• Responsibilities:
• Supervised a team of 13 technicians that maintain security and auditing, perform daily administrative tasks and solved trouble tickets for NT, Novell 3.x, 4.x, and 5.x, AD 2003 , an LDAP directory for internal web applications 63 apps , an LDAP directory for external web applications 15 apps , Neoterris clientless VPN, Cisco client/concentrator VPN with a Safe word radius server, a NetOp server for remote controlling desktops and servers, World Com ISP accounts, Net Cache proxy appliance, and 3 externally hosted systems for the user population of US Bank 55,000 users
• Provide technical direction and assist with technical issues for my team on the platforms/systems I am responsible for
• Interview, recommend hire candidates and deliver reviews to the team members with the manager of the group
• Prepare reports on major projects, Service Level Agreement accomplishments, and any pending issues with projects or production systems
• Managed the training budget and requests for the Distributed group
• Assisted in staff planning/forecasts for projects and on-going needs

Confidenital

LAN Administrator

• Achievements:
• Assisted with the development of the access request system.
• Created the Security Access Profiles for the Direct Marketing and Sales Department.
• Migrated the desktops from Windows 3.1.1 to Windows NT workstation.
• Created, maintained, and deployed workstation images for the different functions within the department.

Responsibilities:

• Requesting access for 350 users
• Administering 350 users and their access on Novell 3.x/4.x/5.x
• Maintaining service packs, hot fixes, and virus updates on all workstations
• Rolling out or upgrading software on all workstations
• Troubleshooting issues with software or hardware

Confidenital

Administrative Assistant

• Achievements:
• Created a database that provided a weekly call volume forecasting for telemarketing campaigns for US Bank and set trends as real call volume data came in.
• Enhanced and maintained a database for all projects and programs for all of the credit cards campaigns for US Bank which improved the departments reporting capabilities for the campaigns.

Responsibilities:

• Prepared weekly and monthly reports based on the projects and the call volumes/sales that were produced
• Ensured all data was updated in a timely fashion by all managers
• Reviewed budget data on projects for integrity.