SUMMARY:

• Strategic level Information Technology Professional wif broad - based experience in system architecture/administration.
• Risk Management, Cyber security, SIEM, IDR, EDR, Digital IT audit / compliance and CVE threat / vulnerability management.

PROFESSIONAL EXPERIENCE:

Confidential, Jersey City, NJ

Digital IT Auditor, Cyber Security Architect, Program Manager

Responsibilities:

• Plan and implement cybersecurity projects involving UiPath RPA, AWS Lambda, API, AppSync, EC2, Kubernetes and other robotics, container and repeatable task technology.
• Plan and execute SIEM tools and methods, orchestration integration wif Rapid 7 Connect and Tufin products, Rapid 7 vulnerability management, threat remediation, IDR incident detection response, EDR endpoint detection response, Amazon AWS Cloud security, vendor risk vetting assessments, penetration testing, web application and mobile technology vulnerabilities.
• Web Spider, Metasploit to support cybersecurity and SIEM efforts in a 38 EDR endpoint worldwide decentralized network. Perform scheduled, adhoc scans and penetration tests.
• Leading an orchestration project involving use-cases, plug-ins and UBA user behavior analytics.
• Alternated vulnerability scanning and analysis wif Tenable Nessus, Beyond Trust Retina-US Navy Tricare, Beyond Trust PAM, Tripwire Enterprise, IBM Guardium, Qualys, Wireshark, Insight AppSec, InsightVM, Insight IDR EDR, Metasploit, Aqua container scanning, Aircrack-ng, NMAP and others.
• Define, decide upon and direct IT security efforts wif SIEM tools including IBM Qradar and threat vulnerability management efforts, remediation wif key Vendors, internal Application development, producing IDS/IPS metrics using EDR Cisco AMP, Cisco ESA, Insight Rapid 7 VM, Venati, Amazon AWS cloud, API, Lambda, AppSync as well as MS Azure cloud services.
• Define PaaS and SaaS bid proposals and contracts to perform active IT security operations, 24/7 Logrhythm event log monitoring and response, Tanium EDR endpoint security, Identity Access Management IAM and other cybersecurity solutions.
• Administrator-level duties include: Qradar IDS/IPS, Splunk-Cloud, Tripwire Enterprise, Solarwinds, Azure AD, Amazon AWS API, Cisco AMP, Cisco ESA, Symantec Endpoint security, McAfee EPO Enterprise, Symantec Enterprise anti-virus and Cyberark ver 9.0.
• Performed recent upgrades on SIEM Qradar to include better functionality in reports and metrics reporting.
• Helped to author and define a new Application Development Cybersecurity Plan referencing OWASP, PCI-DSS, ISO/IEC 27001, NIST 800-53. Using tools: Burpsuite, IBM AppScan, Insight AppSec, Webspider, Metasploit, Kali Linux Nmap and Veracode.
• Provided Strategic Management wif expedient metrics on intrusion prevention success ratio, malicious emails, patch effectiveness ratio and malware remediation plans.
• Earned the authority to Identify cybersecurity trends and analysis for strategic global operations.
• Authored and built a comprehensive vetting process for a Vendor Risk Program which included standards: NIST 800-53, ISO/IEC 27001, 27018, SOC2, SOC3 and SSAE-16.
• Research and debate modern methodologies to secure corporate assets involving standards:
• Help to identify, act and close common vulnerabilities and exceptions CVE threats and vulnerabilities wif various scanning tools based upon contract and enclave.
• Actively reference and manage IT Security, Identity Management Access Controls, IAM, PDR design requirements, Service Now CMDB, JIRA CMDB, CyberArk, Syslog, and content filtering firewalls wif WebSense, Palo Alto, Juniper, Checkpoint and Bluecoat Proxy SG firewalls.
• Administer and support Beyond Trust wif activities involving password vault, elevated privileged access mgt., identity access mgt., HSM hardware security manager and tanium EP.
• Work wif team to perform hands-on work wif UiPath RPA robotic process administration, UI Path robotics, EC2, Kubernetes, load-balancers and firewalls.
• Cybersecurity study on Autonomous Haul projects, and audited vendor providing PaaS and SaaS.
• Built queries and reports for Tenable Nessus, Rapid 7 VM CVE scans.
• Perform analysis wif existing Juniper, Cisco and Meraki firewalls via Firewall Assurance Network Topology and Administration. Edited scripts; Java, Java Scripts, and Python.
• Security engineer assigned to work to halp build RPA Robotics Process Automation system intended to speed transactions via UI Path robotics vendor, hived SQL server farms, virtual machines, orchestrators, load balancers and dedicated VPN tunnels wif a repeatable process.
• Enforced the separation of duties wifin Business Units: Strategic Management, Production Environment, Application development, Network operations, Internal audit and Cybersecurity.
• Work to establish Cybersecurity methodology and processes to include SDLC, AGILE / SCRUM.
• Active hands-on cybersecurity operations wifin SIEM tools - Qradar, FireEye, Bit9 Carbonblack, CoreImpact and CISCO App Dynamics.
• Implemented security services wif multiple entities involving Security Portal management involving Amazon Web Services AWS, Amazon AMI, AppSync, Lambda, MS Azure wif Oracle.
• Utilized Bit9 Carbonblack endpoint security, Syslog DTLS.
• Experimenting wif robotics to assist in security reporting, UEBA, SCADA controls and design Amazon AMI machine images and AppSync.
• Subject Matter Expert SME involving audits and governance involving CJIS, NERC, FERC, CIPv6, v7, FFIEC, NIST 800-53, GLBA, PCI/DSS, ISO/IEC 27001, 27018, HIPAA, DISA/STIGS,
• Cybersecurity: Author and develop Policy, Standards and Procedure statements to mirror cybersecurity initiatives and existing IT operations. Evaluation of proposed SAP R3 documentation system. Writing specs for Treasury SCADA application study.

Confidential, San Francisco, CA

Program Manager Information Security Architect, IT Auditor, GRC Risk SME

Responsibilities:

• Provided guidance, direction and oversight for 3rd party assessments, internal audit engagements, baseline security standards, delivery and remediation of IT security and compliance issues surrounding HIPAA, risk standards CMS compliance, PAN data, PCI-DSS ver. 3.2 compliance, FFIEC directives, NIST 800-53, Sarbanes-Oxley SOX, ISO/IEC 27001:2013, ISO/IEC JTC 1, NERC-CIP 007 R2, and DISA/STIGS data standards.
• Year End work completed on a 3-month contract assignment only.
• Performed Qradar IDS/IPS on reporting and metrics involving intrusion prevention, malicious emails blocked, percentage of assets patched.
• Worked Cyberark PAM privileged access management, Password Vault, IAM module.
• Defined risk management to perform root cause analysis, enterprise-wide governance risk compliance and dollar-value calculation of risk impact.
• Provided direction surrounding CyberArk IAM identity access manager, IDM application identity manager, EPV electronic password vault, PSM privileged session manager.
• Proficient wif Tripwire Enterprise, Proofpoint, Bit9, RedSeal, IBM QRadar, Core Impact, Carbon Black, FireEye, Tenable Nessus, InsightVM Rapid 7, Computer Associates Kerberos, Palo Alto, Juniper, Checkpoint, JIRA and Service now. Content
• Content filtering firewall analysis wif WebSense, Bluecoats, and Cisco Meraki.
• Worked to provide technical oversight involving SIEM, HSM, Venati, SCADA controls, UBA, and OWASP for application development.
• Supported IT Audit efforts via SOC2, SOC3, and Sarbanes Oxley testing, PCI-DSS 12.3, NERC-CIP, HIPAA, writing of controls, and remediation.

Confidential, Livermore, CA

Program Manager, IT Auditor and Risk SME

Responsibilities:

• Helped to manage governance risk compliance eGRC efforts in the business wif projects involving cybersecurity, NERC-CIP, vulnerability, threat assessment, risk posture, risk assessment, security architecture and Cybersecurity.
• Researched and administered ways to secure corporate IT assets involving security patching and application of baseline standards ISO / IEC 27001:2018, FFIEC, NIST 800-53, HIPAA 164.310, PMBOK, GLBA, SOX section 4.
• Provided direction for cybersecurity wifin a 1,100-user network involving threat posture, secure application development practices, gap analysis and risk posture.
• Security tools utilized: IBM QRadar, CyberArk, PAM privileged access management, Password Vault module, DLP data loss prevention, Skybox Platform wif Firewall, Network Assurance wif Threat and Vulnerability Controls, Splunk, Syslog DTLS, Tenable Nessus 6.7, SIEM, Java scripting, Nexpose Rapid 7, Tripwire Enterprise 8.5.0, FireEye, Bit9 Carbon Black, Kerberos, Sophia, RedSeal, Proofpoint, WebSense, UEBA, Palo Alto, Juniper, Checkpoint, Bluecoat Proxy firewalls, Wireshark analyzer and other tools for intrusion detection and SIEM efforts.
• Provided IT Audit and Information Security guidance through standards: CoBIT 5, COSO, DISA STIGs, NIST 800-53, PCI / DSS 3.2 compliance and SCADA.
• Authored Programs in risk avoidance, risk transfer, factor analysis of information risk FAIR, suspicious activity reports, technical writing of policies, security plans and intrusion detection.
• Proficient wif PGP, RedSeal, QRadar, CyberArk, Tripwire Enterprise, Nexpose Rapid 7, Nessus 6.7, Sophos AV, Proofpoint, Bluecoats, Bit9-Carbon Black, Snort, Splunk, Syslog, Scrum, Agile, SDLC, SIEM and Symantec Enterprise anti-virus.
• Provided IT Audit expertise involving Governance Risk Compliance GRC involving Capability Maturity Model CMM, ISO/IEC standards, OCTAVE, FAIR, TARA, OWASP top 10 controls, CoBit, NIST, FFIEC controls and Centers for Medicaid/Medicare CMS standards. Robotics study as it relates to Cybersecurity and SCADA controls and methods.

Confidential, Tampa FL

Technical Program Manager, Information Security Architect

Responsibilities:

• Oversaw Active Directory Project involving 20 persons using PCI-DSS 12.3, Tripwire Enterprise, a risk management plan, analysis of risk for critical processes, risk probability and risk impact. Methodologies: OCTAVE, FAIR and TARA.
• Directed business processes, product requirements and utilized CSIRT and use OWASP to baseline SIEM event trends and attack patterns and vectors. NERC-CIP 007 R2, DIARMF, SCADA cybersecurity, anti-virus efforts wif Symantec Enterprise, PAN data analysis, Amazon Web Services AWS cloud, SCADA Robotics study for future merger wif Charter Communications and ultimate formation of SPECTRUM.
• Developed and executed PMBOK defined and led project plans, wif dependencies, milestones based on backlog, story points and velocity to establish reachable targets.
• Cybersecurity role wif Carbon Black, Proofpoint, QRadar, patch mgt., Amazon Web Services, Tripwire Enterprise, Tenable Nessus 6.7, Nexpose Rapid 7, Scrum, Agile, Splunk, Syslog, UEBA and Skybox Platforms including Threat and Vulnerability Management, SIEM CVE, Nexpose Rapid 7 scans and remediation.
• Oversaw a 3000+ computer group and a CAT 1 Network threat / vulnerability project.
• Coordinated remediation efforts. Qradar CyberArk PAM privileged access management, Password Vault, DLP data loss prevention, 9.2 beta tested platform for ID of privileged accounts, access control lists, audit trails and password analysis. SAP ERP pillar analysis, provisioning and access granting, SAP process control.
• Created and implemented a risk management plan. Identified project related risks and triggers.

Confidential, Naples, FL

Consulting Operation Owner

Responsibilities:

• In charge of 3 persons involving the Planning, Organization and Direction of small, medium and high value Financial Services, CMS governed Health Insurance Industry, Pharmaceutical audits.
• Point of contact for business projects and risk assessments involving Project Management Body of Knowledge PMBOK / PMI standards, IT Audit internal controls, SCADA Cybersecurity, GLBA, SOX, HIPAA, SIEM, CVE, NERC, FERC, CIPv3, application development.
• Subject Matter Expert to Banking and Financial Services involving Vendor Risk and Cybersecurity.
• Administered and improved Splunk and Syslog security intelligence platform, Amazon Web Services, Golang, CyberArk Identity Access, Node.js Java scripting, Tripwire Enterprise configuration management, Symantec Enterprise anti-virus and McAfee Enterprise EPO.
• Provided support and administration of Qradar involving Service Level Arrangement SLA wif IBM, functionality of reports, malicious activities and reconciliation to existing internal System inventories.
• Strategic level Authoring of Policy and Threats to the organization wif solid results for mitigation.
• Active role in Information Security wif POA&Ms, SCADA, FISMA, FFIEC, UVBA, ISO IEC 27001, 27018.
• Secured IT operations surrounding a FFIEC rework of application access controls, POA&Ms, eGRC, OWASP top ten, SSAE-16 audit compliance, Palo Alto, Checkpoint.
• Performed SDLC development of application technical requirements, system design, quality assurance, user acceptance testing, and testing of application analysis for operations using Amazon AWS Cognito and Lambda.
• Built an IT Audit case, information gathering, access / exploitation, and reporting of findings wif Tenable Nessus 5, Proofpoint, Qradar, Nexpose Rapid 7, Tripwire Enterprise.
• IT Auditor for Financial Services and Banks to perform IT work involving SSAE-16, IT security assessments, Risk Assessment, FFIEC, FDIC, BASEL II Accord and SEC compliance.

Confidentia

Vice President

Responsibilities:

• Oversaw 24-person team involving identifying risks, planning projects, managing milestones.
• BASEL II Accord principals utilized in key risk definitions.
• Addressed senior management involving Japanese FSA directives and US Banking policy.
• SME on Banking Operations in back office, middle office and front office.
• Identified potential risk impact regarding a key controls and mitigated a $30 million exposure.
• Provided ITIL v2, COBIT, FFIEC, FDIC, and OWASP project analysis for Bank Security enhancements.
• Wrote key controls and inputs for Business Impact Analysis BIA and BCP disaster recovery plan.
• Provided expert analysis involving ISO /IEC 27001, BASEL II accord, GLBA, SOX, FFIEC directives.
• Built PMBOK, NIST information quality, and ISACA COBIT standards into IT key controls.
• $1 million budget, oversaw 14 staff, made recommendations to halp direct IT operations.
• Manager oversaw 3 persons involving the Authoring of risk assessment plans and IT Audits.
• Frequently addressed boards of directors involving Information Security initiatives and IT operations.
• Created audit program for EDS - Hewlett Packard web banking application.
• Led over 200 IT-FFIEC, SAS70 and SSAE4302 audits for 60+ clients including service bureaus.
• Industry and SME wif NIST 800, CJIS, FDIC, FFIEC safety and soundness security and risk assessment.
• Promoted best practices referencing ISACA COBIT, ITIL, BASEL II, FFIEC, GAAP and OTS guidance.
• $500k budget, oversaw 3 staff.