- Progressive leadership success in system oversight for high - growth organizations through innovation and drive.
- A seasoned and enthusiastic IT professional with broad experience in the IT system lifecycle, project planning, software development, production release through application/hardware supports, datacenter management, and IT security.
- Seeking opportunities that will allow me to assist other companies in achieving phenomenal growth and establishing a strong competitive industry position via my combined expertise.
AREAS OF EXPERTISE
- Security Compliance and Implementation
- Incident response and continuous monitoring
- Product Design and Expansion
- IT Lifecycle Management
- Organizational Development
- Project Planning
- Security Architecture design and implementation
- Team Building and Leadership
- Performance Optimization
- Continuous Process Improvement
- Datacenter Management
IT consultant\Security Architect
- Direct report to CISO
- Chair of Information Security Committee.
- Manage\implement department’s Information security tools to safeguard highly sensitive medical information and ensure the availability of Georgia testing labs.
- Designed, Implemented Microsoft Data loss Prevention (DLP) solution.
- Responsible for vulnerability, patch management and security incident respond programs
- Leading Federal (SSA) and state (CIS, HIPPA, third party) security assessments.
- Implementation on NIST 800-53 v4 policies and procedures.
- Upgraded company access right using multifactor authorization.
- Contribution to statewide cyber insurance effort
- Assist IT Operation on cloud migration.
IT consultant\IT Project Manager
- Managing projects for IT and Security Remediation department.
- Implementing solutions on enterprise risk management and vulnerability remediation.
- Working with Business owners on project milestones and KPI and KRI tracking.
- Performed data warehouse mining, business logic and data QA
- Working with PwC advisory team to design and implement Confidential IT governance future state.
MANAGER, INFORMATION SECURITY
- Elected to board of Confidential Change Management, Information Security Governance Committee.
- Earned Authority to Operate (ATO) certification from administration of Federal Risk and Authorization Program (FedRAMP) for Confidential datacenters.
- Completed SOC2 Type II certification and annual renewal for SaaS international datacenters.
- Received certification and accreditation from U.S. Defense Information System Agency DISA STIG.
- Performed hands-on support for a wide range of security technologies including, but not limited to: DLP, SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, security incident response tools
- Strong technical acumen and experience in the areas of security requirements analysis, security architecture, security testing, security operations and maintenance and the security economics
- Knowledge of applicable NIST, SOC 2, HIPAA, PCI and data privacy practices and laws