Experience Summary:

Technology Usage Summation:

• Information security policy development, writing and maintenance Security policy awareness and security threat awareness Risk assessment for business application including SAS - 70 reviews
• Utilized deployment, project management, team development
• Organized and lead project resources including outside vendors and contractors
• Accountable for budgetary planning and project control team development and leadership
• Vendor Security Management and vendor risk assessment
• ISO Standards COBIT, ITIL, for policy and controls
• FISMA and NIST guidance used for international project concern and development
• Project planning, implementation Security Operations Planning
• Disaster Recovery planning, development and implementation
• Set policy and standards for review by corporate leaders and federal auditors
• OTS FFIEC Guidelines and Audit requirement for Information security policy standards
• Maintained information security records for internal BRC and external FFIEC and OTS audits
• Developing, Implementing and maintaining security programs Auditing Accessing hacking tools and threat assessments
• Network Security and Active Directory Assessments Member of Incident Response Teams
• Providing 24 hours availability to the success of a project or resolution of a incident was required
• Provided training and documentation when developing new or changing standards

Summary Experience:

• Norton Antivirus Implementation Maintenance Unix Linux Cisco OS Firewalls ASP.NET Java Not programming MySQL IDS Implementation and Maintenance TCP/IP NIST-53 FISMA ISO-17799 ISO-27002 Firewall Domain security RAS IBM AS400 Wireless Networking including WPA WEP Hot Point public access C A ISO 1 002 Standards COBIT alignment ITIL organizational compliance FFIEC and OTS guidance
• Novell Netware 411 windows 9x/2000/XP Macintosh OS/2 IBM AIX IBM RS6000 VPN TCP/IP DHCP DNS GPO ACL frame relay Cisco Routers server NT4.0 2000 server 03 Server 2008 Office Server 2007 MOSS active directory server 2000 Active directory

Technologies Supported / Used:

Tripwire for servers Quest In trust, Bind view, Nessus, Net forensics Black Box People Soft Hyperion D B Remedy LANDesk AS400 Software Packaging MSI packages Win-install WRQ Reflections Bridge32 MS Project 98 2000 MSOffice 97 2000 XP 2003 MS Power point MS Fox Pro 6 9 Access 97 2000 XP MS Visio Excel DOS 3.14- 6.2 HP Openview MS Proxy server 1.0 and 2.0 Support Express Symantec NAV client and Server Oracle MVS Davox VERITAS Backup Exec Ghost Future POS SQL Server GroupWise Outlook MS Fox Pro FAS2000 metaframe, virtual server environment, VMware ESX 3.5, VMconverter, VMWare desktopWork Experience:

Confidential

Information Security Analyst

I worked as a security analyst

• Provide Risk registry maintenance and External vendor reviews using SOC1, SSAE16 reports.
• Performed internal process audits and access management.
• Worked with procurement to audit new external vendors, providing risk ratings in preparation of purchase.

Confidential

Self Employed Contractor

• Another large portion of the services that I performed was classroom instruction for technology classes that we offered I was responsible for planning classroom instructions according the subject and learning material. I would then provide instruction to clients based on the clients need.
• I worked a contract service provider and technology educational services provider. In this role, I performed many consultation services around application and security program implementation. I also provided consultation to clients so they could better become aware of various standards that may apply to the client's line of business. I also provided network configuration support or servers, workstations and databases as needed.
• Supported LAN/WAN networks for client networks
• Managed Third level and forth-level support using support express / LANDesk
• Developed security awareness programs reviewed IDS solutions for client use
• Provide client consultation for ISO 17799, ITIL, FISMA, NIST, HIPPA, SOX and GLB where needed
• Provided client consultation for FFIEC and OTS regulations for financial services
• Provide Network Solutions, Servers, workstations, etc. application solutions to meet the business needs.
• Maintained anti-virus programs Security programs for auditing, IDS software solutions Maintained security monitoring programs for client use

Network Engineer / Consultant

Confidential

• Migrated from Windows Server for multiple clients most of the time leading the projects.
• Exchange server migration / diagnostic and maintenance.
• Sold network hardware / Software and services based on client's needs.
• Project managed upgrades / migrations for all services sold to clients.
• Performed Network Security Audits for clients implemented security policies.
• Implemented and managed backup systems and virtual server systems as fail overs
• Trained new employees on how to care for each client's network based on help desk support processes
• Implemented help desk processes for new client and converted clients
• Worked on a 24/7 on call basis for each client that was part of the managed desktop systems
• Took care of any client request regarding technology services / hardware or software.

Network Administrator Contract

Confidential

• Migrated from Windows Server, connecting 2 remote sites to the WAN
• Moved from Exchange 2003 to Exchange on a VMware Virtual server running server
• Migrated 1 company exchange store and created two more mail stores for other dot coms
• Migrated servers to VMware ESX 3.5 server and managed them with VMware virtual center
• Upgraded client workstations and applications as the migration proceeded
• Introduced new help desk software. Setup the software and trained user how to use and maintain it
• Move SharePoint services 2.0 to version 3.0 and to a new SharePoint server.
• Migrated SharePoint 3.0 to Office Server 2007 MOSS
• Installed separate SQL 2005 server to support MOSS server
• Migrated Dynamics Great Plains accounting to new server physical server and SQL 2005
• Installed and configured backup Exec for smaller LTO2 tape backup system
• Installed BDR system to off-site storage and disaster recovery rapid recovery virtual servers
• Installed various asset management tools and user monitoring tools
• Created information technology policies for the human resources department
• Installed laboratory electronic scale systems, Gas Chromatograph systems FOSS and Ohaus scales
• Maintained Delta V factory production automated control systems for plant production

Information Security Analyst

Confidential

• Review, Maintain Bank and physical security policies, controls and implementation
• Perform quarterly, monthly, and annual security audits on vendor services and DR plans
• Maintain compliance with FFIEC, OTS, Sarbanes Oxley, GLB, security compliance
• BRC planning member of disaster recovery planning, testing and first contact team
• ISO 1 Standards COBIT, ITIL, for policy and controls
• FISMA and NIST guidance used for international project concerns and development
• Project research and planning through to final implementation of projects
• Audit security logs to ensure compliance with, prevailing security policy
• Directed NVA scanning ensuring proper network security measures are addressed
• Created new audit programs and policies to align with ISO 1 002 sections where applicable
• Security application review, pilot testing, implementation some examples are: Anti-virus solutions, Active directory access and data steward reviews application risk assessment and SLA considerations
• Member of disaster recovery and incident response plan testing and implementation team for the bank
• Developed awareness via intranet monthly articles, email bulletins and short classes when needed
• Active directory, SQL access reviews Security monitoring and audit program implementation

Medical Software Support Engineer

Confidential

• Provided Technical support for users and owners of medical EMR software
• Performed security setups maintained compliance with HIPPA and ISO 17799 regulations
• Setup data exchanges with other software packages via the HL7 Standards
• Trained customers on interface usages, setup, and navigation
• Answered questions in regards to network setup
• Showed caring for customers to ensure timely responses and satisfaction
• Used Remote connectivity software to access and control users systems for support

Enterprise Configuration Systems Engineer

Confidential

• Configured and supported LAN/WAN systems and desktop PCs and software Managed deployments of systems and security programs for remote branch offices
• Performed software packaging, scripting and application deployment, documentation
• Performed analysis, tested and debugged programs, security controls standards
• Application project implementation alignment with ISO 17799, ITIL FISMA, NIST
• Security policy review Hacking tools and security awareness programs
• Project organization, resolution, resource gathering Workstation support and deployment
• Security monitoring, anti-virus solutions management SQL and Oracle user management
• Negotiated contracts and pricing with vendors for project purchase. Responsible for complete project life cycle technical planning and SLA with vendor
• Member of incident response team BRC internal audit advisor disaster recovery planning