Information Security Management
Provide mostappropriate andcost-effective security measures to protect sensitive information and prevent financial and reputational damage.
- Over 16 years of experience in Information Technology with the past 10 years focused on Cyber Security.
- Expertise in regulatory compliance HIPAA, PCI DSS, FISMA, and ISO 27001.
- Skilled leader, team-builder and executive-level manager with strong people and organizational skills.
Areas of Expertise
| || || |
| || || |
| || || |
- Provide support and advice to a cyber-security team in a broad range of areas, such as: insider threat management, cloud security, mobile security, identity and access management IAM , system/network security, and policy and procedures.
- Provide recommendations on how to navigate the many complexities of PCI and HIPAA compliance.
- Successfully designed and developed Self-Assessment IT Audit Tool.
- Reviewed vulnerability and penetration scan results and converted them into corporate action plan.
- Led an initiative to streamline and strengthen information Xerox's security framework, focusing on protecting the data, while still allowing access for the users from any device or location needed by the organization.
Senior Information Security Analyst
- Responsible for supporting the architecture, implementation, and ongoing maintenance of the information security program and ensuring the confidentiality, integrity, and availability of all corporate assets.
- Spearheaded design and development of new network designin accordance with industry standards and PCI requirements to reduce scope of PCI footprint.
- Successfully completed gap analysis and developed a comprehensive and prioritized remediation plan.
- Collaborated with Legal, Audit and Compliance Department to respond to Audit findings for full remediation of identified gaps.
- Provide subject matter expertise with regard to applicable regulations such as PCI and information security best practice throughout all phases of corporate projects.
- Managed and developed risk assessments against a contract driven vendor relationship and presented the result to executive team.