IT Security Risk Management
Creating Secured Environments/Reducing Total Cost of Ownership
- A solution oriented Information Technology Security Professional with strategic and technical project leadership experience optimizing productivity in multi-vendor platform/application environments. Diverse technical and policy expertise encompasses strong security, VPN, intrusion detection and network administration, risk management, mitigation, and problem resolution skills.
- Technology Development Relationship Cultivation Customer Service
- IT Strategy Development Business Analysis Resource Development
IT Security Technology Risk Management
- Local Information Security Officer responsible for supporting local IT management as well as the CS IT Risk
- governance team through mandating the implementation of IT Risk and Security controls as defined through
- global, regional and local policies and standards. Responsible for gathering information necessary for risk
- assessments. Gather information concerning third-party vulnerability and penetration testing. Receipt of
- metrics and reporting requests. Receipt of formalized query associated to a given project. Reviewing initial
- submissions for exceptions to Information Security policies and standards. Working with legal and compliance
- representatives to identify and comply with legal regulatory compliance needs related to IT risk and security.
- Receiving requests for information by the internal audit divisions. Conducting and assisting America's branch
- Office representatives in performing security assessments and remediation activities travel includes
- North, Central, and South America regions. Also serving as the Americas contact on the Credit Suisse
- Global Information Practice Group Board. Responsibilities also include management of all US branches and
- Local Information Security Officers including Canada, Mexico, South America and the Caribbean.
IT Security Consultant
- Served as the SME to assist in identifying and implementing required policies and procedures in an
- pharmaceutical IS organization for SOX compliance. Tasks include change control, configuration management,
- security management, auditing technical controls, identity management, and implementation of Sarbanes Oxley.
- Hands on experience with the following technologies:
- Windows 2003, Frontbridge, Bluecoat Proxy, Checkpoint, F5 Firepass, Cyfin Reporter, VPN, Nagios,
- Nessus, Ntop, Wireshark, Netterrogator, Active Directory, Postini, LogLogix, Elcomsoft Audit Software
- Sawmill, Qualysguard.
- Network Engineer Stf/Project Manager/Senior Security Engineer-Security Clearance
- Under Lockheed Martin, managed and troubleshooted technologies such as site to site VPN.
- Served as the Lead Engineer/Project Manager for the SSL VPN and Cisco Clean Access project, which involved overseeing, coordinating, and implementing a security solution to meet the customer's needs. Also performed configuration and testing of the network design for accuracy and scalability.
- Designed and planned network communications systems. Provided specifications and detailed schematics for network architecture. Provided specific detailed information for hardware and software selection, implementation techniques and tools for the most efficient solution to meet business needs, including present and future capacity requirements.
- Under Northrop Grumman, managed firewall technologies such as Cisco Pix, Juniper SSL VPN, Whale
- Communications SSL VPN and Radius. Managed and designed architecture such as Radius, PKI, Cisco VPN, and wireless architecture. Performed risk assessments/risk management, project management and testing on new technology. Well versed in network security and writing technical documentation. Served as top tier of support for USPS VPN. Adhered to the technical and audit controls enforced by the Office of Inspector General.
- Windows, Pix Firewalls, Microsoft Exchange, ACS, Microsoft Radius,
- Microsoft PPTP, Proxy, Juniper Netscreen, PKI, Cisco ACS, Cisco ASA, Cisco
- Concentrators, Sun Solaris, Cisco SSL VPN,
Information Security Administrator/Project Manager
- Managed highly responsive security/network/system administration environment. Installed, configured,
- implemented, deployed and monitored intrusion detection/security/ancillary hardware and software in
- production environment. Migrated, installed, and secured application programs adhering to established and
- published security policies and audit guidelines enabling rapid productivity. Resolved time-critical situations
- utilizing extensive trouble-shooting experience/skills providing a baseline for customer service/satisfaction targets. Developed and implemented security policies to help the organization conform to standards.
- Implemented technical, administrative, and physical controls. Performed ISO risk analysis and management on controls.
- IIS 5, Sarbanes-Oxley, Hippa, Windows 2000, Exchange 2000, Network Appliance NAS Solution, Design Exchange 2000, Windows 2000 Certificate Server, Thawte Certificates, PIX Firewall, Cisco Routers and Switches, Internet Security Systems ISS , Snort, Nessus, Remedy, and Dual-Boot Windows 2000/Linux, Secured applications using various technical controls.
- Established support systems to monitor and manage network alarms, system performance, and traffic issues to ensure effective communication maintained between in-flight aircraft and the FAA radio control tower. Successfully resolved critical issues through responsive monitoring, reporting, researching and documenting of critical alarm conditions. Escalated issues, as appropriate, insuring field personnel were dispatched.
- Fiber Optic, FM Single Side-Band, Digital Radio, Environmental Alarms in accordance with FAANCC Operational Procedures and Guidelines.
- Technologies include: Microsoft Word, Windows 95/98, NT 4.0, X.25, TCP/IP, Sun Solaris, Novell, Newbridge, Switches, T1's, OC3's, DS0's, DS3's, Channel Banks, Unix, SONET, and Routers.
Chemist/SAP Database Operator
Developed, implemented and approved formulas adhering to project timelines/requirements. Project technical management and online support for customer account requests utilizing SAP. Created, implemented and managed SAP database maintenance.