IT consultant\Security Architect Resume

SUMMARY

Progressive leadership success in system oversight for high - growth organizations through innovation and drive.
A seasoned and enthusiastic IT professional with broad experience in the IT system lifecycle, project planning, software development, production release through application/hardware supports, datacenter management, and IT security.
Seeking opportunities that will allow me to assist other companies in achieving phenomenal growth and establishing a strong competitive industry position via my combined expertise.

AREAS OF EXPERTISE

PROFESSIONAL EXPERIENCE

IT consultant\Security Architect

Confidential

Responsibilities:

Direct report to CISO
Chair of Information Security Committee.
Manage\implement department’s Information security tools to safeguard highly sensitive medical information and ensure the availability of Georgia testing labs.
Designed, Implemented Microsoft Data loss Prevention (DLP) solution.
Responsible for vulnerability, patch management and security incident respond programs
Leading Federal (SSA) and state (CIS, HIPPA, third party) security assessments.
Implementation on NIST 800-53 v4 policies and procedures.
Upgraded company access right using multifactor authorization.
Contribution to statewide cyber insurance effort
Assist IT Operation on cloud migration.

Confidential

IT consultant\IT Project Manager

Responsibilities:

Managing projects for IT and Security Remediation department.
Implementing solutions on enterprise risk management and vulnerability remediation.
Working with Business owners on project milestones and KPI and KRI tracking.
Performed data warehouse mining, business logic and data QA
Working with PwC advisory team to design and implement Confidential IT governance future state.

Confidential

MANAGER, INFORMATION SECURITY

Responsibilities:

Elected to board of Confidential Change Management, Information Security Governance Committee.
Earned Authority to Operate (ATO) certification from administration of Federal Risk and Authorization Program (FedRAMP) for Confidential datacenters.
Completed SOC2 Type II certification and annual renewal for SaaS international datacenters.
Received certification and accreditation from U.S. Defense Information System Agency DISA STIG.
Performed hands-on support for a wide range of security technologies including, but not limited to: DLP, SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, security incident response tools
Strong technical acumen and experience in the areas of security requirements analysis, security architecture, security testing, security operations and maintenance and the security economics
Knowledge of applicable NIST, SOC 2, HIPAA, PCI and data privacy practices and laws