We provide IT Staff Augmentation Services!

Sr. It Security Program Manager Resume

Los Angeles, CaliforniA

SUMMARY:

A certified Sr. IT Project Manager / Consultant with 15 + years of combined experience in GRC, identity access management, cybersecurity, infrastructure, and enterprise - wide transformation projects.Expert knowledge in the areas of regulatory and compliance measures in PCI-DSS, GDPR, HIPAA, California Consumer Privacy Act, SOX, ISO 27001, COBIT, NIST cybersecurity guidelines. Experienced with global service delivery models and implementing security controls such as server and endpoint hardening, building, and expanding security operations center, SSO, Public Key Infrastructure, MFA and Confidential expansion.

SKILL HIGHLIGHTS:

  • Cyber Defense / Data Loss Prevention
  • SOC Build Out / IDS / IPS
  • MS Project / Smartsheets / Azure Dev Ops
  • Mergers & Acquisitions
  • Governance / Risk / Compliance
  • IAM Account Lifecycle
  • Splunk ES / Carbon Black / CyberArk
  • Integration / Transformation

PROFESSIONAL EXPERIENCE:

Confidential, Los Angeles, California

SR. IT SECURITY PROGRAM MANAGER

Responsibilities:

  • Created program / project plan focused on least privilege access, PAM tools deployment, improved hardware and asset management
  • Manage the program / project management plan to ensure it is updated in MS Teams, due dates are kept, manage and approve resource timecards, act as escalation point and remove blockers from the project teams
  • Created and facilitated security and compliance governance board / steering committee within Cyber to provide guidance and act as a change control board and escalation point
  • Manage complex communications between senior executive leaders, shared resources and decision makers within a global IT department
  • Conducted data gathering and analysis of servers, storage, network segments and platforms across all Confidential business towers which managed services has access
  • Creation of key artifacts within Smartsheets, project charters, communication plans, executive slide decks, meeting agendas- minutes, risk register, RACIs and process flow charts; delivery of senior level project presentations
  • Implement Confidential model for MSP resources, update control mechanisms for contractor off-boarding, document those improved controls and submit to cyber risk governance board for risk closure

Confidential, San Diego, California

SR. IT SECURITY PROGRAM MANAGER

Responsibilities:

  • Creation project charter, RAID log, program, project plan, communication plan and cutover plan for new acquired company RF360 with several global locations
  • Document end to end account lifecycle management uses cases for provisioning and de-provisioning FTEs and consultants
  • Work with Active Directory teams, Cyber Defense, Compliance, and HR for the creation of access and workflow models for Confidential
  • Work closely with developers in India OIM team to provide use cases with various attributes
  • Develop detailed plan for QA, integration testing, and smoke testing
  • Manage collaboration across global IT teams and business to throughout development and implementation
  • Coordinate all project planning and execution for Confidential platform Splunk ES
  • Work with Threat Hunting Team to develop a triage Confidential model for Carbon Black deployment

Confidential, Burbank, California

IT SECURITY PROJECT MANAGER

Responsibilities:

  • Creation of change control board / project governance policy and procedure
  • Lead a 25-member project team to remediate the QSA identified vulnerabilities
  • Document security requirements and create policies and procedures
  • Create current state and future state process diagrams
  • Manage operating and project financials of resources and assets
  • Ensure latest patches and updates are deployed and documented the process
  • Oversee the analysis of network ports and create action plan for network hardening.
  • Work with Tripwire vendor to setup PCI specific content filters, dashboards, and reporting
  • Managing data migration design, mapping rules, unit testing and integration testing

Confidential, Los Angeles, California

IT SECURITY PROGRAM MANAGER

Responsibilities:

  • Supported by the CISO, set up a governance, risk and compliance board to monitor the organizations risks and create a roadmap for SOC and Confidential expansion with 3rd party vendor Leidos.
  • Assessment of technical gaps in IAM programs with HR, AD teams, Exchange and Skype
  • Conducted analysis to identity and map legacy certificates to the appropriate server and owner to reissue certificates
  • Managed the review of all logs and reports of hosts, network traffic, firewall logs and IDS logs
  • Managed the configuration of the security center within MS Azure Active Directory for Splunk Add-on for incident reporting within Office365 by IP address
  • Updated and configure firewalls, anti-malware, and file integrity monitoring
  • Manage remote desktop security and risk by deploying jump box solution with GPO and two-factor
  • Deployed Symantec and Sophos endpoint protection on networked medical devices.
  • Documented networked asset physical attributes, applications & ports, contracts, scheduled vendor updates and patching information and migrated those assets / data to ServiceNow CMDB
  • Implemented User Behavior Analytics reporting module within Splunk

Confidential, Oakland, California

IT PROJECT MANAGER

Responsibilities:

  • Worked with Soarian Financials Cerner analysts to develop all required technical documentation for design documents, updating the hospital charge master service catalog, rebuilding the physician cost center mapping
  • Developed and present detailed MS project plan, sub-project plan, Issues Log, weekly Executive Summary and update SharePoint with all relevant project artifacts
  • Coordinated the efforts of system Unit Testing, Integration Testing and Remediation
  • Vendor management of Experian Health ensuring successful and time sensitive EDI & ERA enrollment and conducting claims testing
  • Designed, build, test, deploy and validate interfaces and obtain sign off from internal customers.
  • Created and manage pre-go live activities: business and patient communications, training on new processes, sign off on contingency plans
  • Created and oversee post-go live processes: End-User support, training the Help Desk-Production Support
  • Created Post Go-Live test strategy, obtain all required approvals as per RACI, closed the project 9/1/17
  • Manage and report defects, risks and constraints and make provide solutions and alternatives

Confidential, Burbank, California

SR. IT PROGRAM MANAGER, Application Support and Operations

Responsibilities:

  • Planned and scheduled the execution of Red Team penetration testing on Confidential E-Commerce network servers and operating systems
  • Analyzed penetration test results and engage with Business Unit Leaders, ISO, Compliance, server facility manager, and relevant vendors to develop program scope and individual project plans
  • Conducted a gap analysis of systems; encryption, logging multi-factor policy creation
  • Worked with data center facilities manager ensure security is factored into the installation and configuration of hardware, virtual hosts, and applications in ServiceNow
  • Led technical teams to evaluate, select, install and configure hardware/ software for PII data masking on DEV, QA, and Prod servers
  • Deployment of two factor authentications on virtual jump server for Confidential point of sale devices compliance to PII updates
  • Managed network vulnerability and threat management projects in application and OS log monitoring, root cause analysis, alert triage and incident response
  • Coordinated the efforts of Red Team in pen tests on e-Commerce platform and servers

Confidential, Los Angeles, California

SR. IT PROJECT MANAGER, Enterprise Infrastructure & IT Security

Responsibilities:

  • Responsible for project kick-off meetings, meeting minutes, agendas, templates, documented test strategy, implement plan, and maintenance of SharePoint
  • Managed application enhancement to manage the compliance with updated CMS regulations.
  • Identify, track and report issues, risks, and defects with green, yellow, and red status
  • Ensured QA and UAT defects were reported and remediated timely
  • Budget and resource management - Add / Remove resources to the project plan, approve work hours, track vendor hours, report if project health and within budget
  • Completed federal compliance / application upgrade project
  • Completed SOX compliance project working with Confidential and Confidential & Confidential within $650,000 budget
  • Completed $750,000 IT security project installing Carbon Black Confer Confidential malware protection software on desktops and laptops throughout the organization
  • Completed $900,000 infrastructure project installing critical new load balancers in central data center

Confidential, Los Angeles, California

SR. IT PROJECT MANAGER, Information Security

Responsibilities:

  • Created proof of concept, charter, FRD, TRD, and BRD, risk register, for routing, encryption, Confidential / online payments, mobile pay, and POS interfaces and security
  • Created formal P&P, Fraud, Disaster Recovery, Business Continuity, Data Breach-Customer Notification Plan
  • Met regularly with CIO and other executive stakeholders to create a cohesive strategy for the use of Confidential across the enterprise
  • Coordinate the efforts the TriZetto, Infosys developers, EDI Operations team to perform patches, updates, analyze and triage member PHI data files
  • Managed EDI functions and file formats X12 transactions, HL7, HIPAA 5010 8371, 999, 277 CA
  • Held daily scrum sessions Plan Benefit Operations, Medical Management, development team and Confidential vendor to perform system enhancement in multiple agile project

Hire Now