- Information Security subject matter expert, influencer, and thought leader providing leadership and guidance for global strategic, tactical and operational initiatives.
- IT Risk Management IT Security Infrastructure IT Security Architecture IT Security Policy IT Governance IT Project Management IT Consultant IT Governance Network Security Systems Security Application Security Penetration Testing Computer Forensics Network Forensics HISP RSA Archer eGRC ISSA ISACA ISC2
- 15 years of Information Technology 10 years of Information Security 6 years of Information Risk 5 years of Leadership Experience
Senior Information Security Engineer
- Information security and IT risk functional and thought leader.
- Lead and manage information security and risk related initiatives enterprise wide.
- Design enterprise security architecture and infrastructure.
- Develop and implement information security risk assessment framework and strategic roadmap.
- Develop and lead information security awareness program.
- Develop and implement risk assessment process.
- Develop and implement application security process.
- Develop security policies, standards, processes, and procedures.
- Project and team lead.
- Design and implement RSA Archer eGRC solution.
Senior Information Security Assessment Analyst
- Security Assessment Analyst Team Lead responsible for the overall efficiency and effectiveness of the security assessment team by creating procedures, engagement templates, mentoring, interviewing and training employees.
- Assessed Risk and Security posture of IS programs, IS policies, IS procedures, Regulatory Compliance, IT systems, applications, logical, infrastructure, mobile, endpoint, windows and IT infrastructures.
Information Security Architect
- Evaluated, tested, designed and audited security of applications, architecture and infrastructure off all businesses i.e. GE Energy, Aviation and Transportation against recommended security practices.
- Aligned industry specific compliance and framework requirements with the appropriate business. U.S. export control, SCADA, CIP, ISO 27001, NIST, PCI, SOX, FISMA
Risk Management Engineer
- Assessed the risk level for all company assets, present findings and recommendations for remediation.
- Managed Intrusion Detection Systems ISS, Snort , Firewall Pix , Anti-virus, Email and Web filtering Bluecoats, FrontBridge , computer forensics, e-Discovery, and policy writing. HIPAA, PCI, SOX, GLBA, and FISMA
Security Threat Analyst
- Performed monitoring and management of Intrusion Detection Systems IDS and Firewall systems.
- Manage IT, network and security operations. SOX, PCI, ISO 27001, NIST