Security Compliance Auditor Resume

PROFESSIONAL EXPERIENCE

Confidential

Security Compliance Auditor

Responsibilities:

Familiar with HIPPA, NIST, PCI - DSS, ISO27001, SOX and IBM internal security documents (GSD331, ITCS104)
Strong familiarity with the IBM BigFix (Formerly known as IEM Endpoint Manager) for compliance checking and patch management.
Build automated configurations using developer provided fixlet code to customize security settings in; Windows (2003, 2008, 2012, 2016), AIX (5.3, 6.1, 7.x), Linux (multiple versions), Solaris, HMC, VIO and VMWare ESXi servers. Configurations are also built for middleware such as Apache Tomcat, Citrix, DB2, SQL, SSH and SUDO.
Provide immediate response to changing threat landscape through emergency patch verification scanning and reporting to account teams.
Conduct review and analyses of customer security documents to provide clarity for automation to reduce manual checking.
Compile customer settings and automation into a single document, outlining required manual checks and processes for the systems administration teams.
Receive technical feedback from systems administration teams on tool capabilities to improve automation, provide feedback to development team.
Schedule and host multi-team compliance meetings to review security documentation and to recommend changes pertaining to new threats.
Conduct follow up remediation and documentation on compliance violations with account teams and tracking of violation reports.

Confidential

TADDM Team

Responsibilities:

Managed an internal engagement project team to develop accounts from engagement to steady state, customized to the customer environment frequently prioritizing multiple concurrent projects.
Provided asset management database to customers through CMDB to multiple dashboard implementations such as Service Now and Maximo.
Design, Architect, Implement, and Configure discoveries for TADDM.
Met with external stake holders (internal executives and external customers) to determine scope of work, deliverable timeline and checkpoints.
Routinely coordinated with OS support teams, middleware support teams, firewall teams, and global security representatives to discuss the program requirements and expected deliverables.
Frequently coordinated customized reporting for change management, systems maintenance, research, and asset management from collected data.
Identify, develop departmental internal reviews, metrics and reporting for the stake holders (I.E. Percentage of environment online, levels of data collection, etc.).
Created and revised a monitoring plan with remediation actions for non-responsive servers.
Conducted project closure meetings to determine pain points and review processes.
Constructed, tested and maintained ownership for global SUDO template for the TADDM tool outlining rights and privilege assigned for privileged service ID's used for scanning.

Confidential

IT Communications Supervisor

Responsibilities:

Conducted department budget analyses, developed project planning and monthly/yearly cost estimates.
Interviewed potential hires, provided direct oversite and review of performance to include written and verbal warnings when appropriate.
Dispatched service tickets through ITIL compliant system to control work flow.
Conducted forensic hard drive imaging with Norton Ghost for data retention under direction of the Department of Justice for investigations regarding military contract fraud.
Provided asset tracking for laptops and peripheral hardware through paper hand receipts, Maximo database and network discovery.
Maintained Windows 2008 servers, Active Directory and Exchange servers.
Responsible for installing LAN and WAN for distributed network using Motorola canopy modules, Cisco routers and switches.
Responded to and directed response to malware threats, removal, verification and restoration of services.
Installed and maintained fiber, Cat-5 and Cat-6 infrastructure.
Built base image templates for systems, implementing patches and corporate software package.
Familiar with Windows XP to 10, Redhat linux 6-7 and Mac OS.