Serve as independent security consultant for small and mid-size clients by providing security assessments and customized security solutions.
• Handled incident response, containment and recovery for a Tax and Payroll services client. o Implemented security controls and Identity Access Management to manage role and access privilege in the network. o Managed the implementation of hardware and software replacement and third-party monitoring systems. o Developed information and security governance, security policies, standards and procedures.
• Conducted technology assessment and data management services for JAP, Inc. o Performed data inventory, data classification and data auditing. o Provided guidance for data retention and procedures for disposing and destruction for unneeded data.
- INFORMATION SECURITY CONSULTANT at
- CSO Evangelist at U.S and E.U
- Chief Security Officer at MERCHANT CUSTOMER EXCHANGE
- Information Security Consultant at TARGET CORPORATION
1 year, 5 months at this Job
- Master of Science in Information Technology & Security - Information Technology & Security
- Bachelor's Degree
• Perform risk assessment analyses for the Social Security Administration on various agency systems.
• Identify security authorization boundaries for systems being assessed.
• Prepare security assessment report and strategy; security categorization report by applying NIST 800-60, FIPS 199 documents and FedRAMP (Cloud).
• Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals.
• Develop and review current System Security Plans, system lifecycle support plans, and concept of operation of system plans.
• Perform independent assessment on the system using NIST 800-53 rev 4 security control baselines and complete a Security Assessment Report on the system to ensure appropriate safeguards are in place and guarantee the ongoing confidentiality, integrity, and availability of sensitive information.
• Conduct interviews with stakeholders and technical support staff to help determine procedures in place and being followed.
• Create deliverables such as the System Security Plan (SSP), BSM, CP, CMP, SAR, BIA documents for ATO.
• Review the Risk Assessment Report with stakeholders and recommend remediation
• Document security risks in Plan of Action and Milestones (POA&M) in CSAM and generate reports for various management levels.
- Information Security Consultant at ARTEMIS FEDERAL/ACCENTURE FOR SOCIAL SECURITY ADMINISTRATION
- Administrative Technician at HOWARD COUNTY GOVERNMENT
- Manager, Global Services at SOTHEBY'S INTERNATIONAL REALTY
11 months at this Job
- M.S. - Cybersecurity Technology
- B.A. - International Business
• Manage Information Security Program for multiple community banks including policies and Vendor Management
• Perform Information Technology Audits and provide findings and recommendations based on FFIEC guidelines and best practices
• Conduct risk assessments to determine acceptable risk levels for the enterprise and ensure the IT environments are adequately protected
• Oversee Business Continuity and Incident Response planning as well as the investigation of security breaches
• Work with banks on Information Security Awareness training and education
• Provide consultation on appropriate Segregation of Duties within and across application
- Information Security Consultant at Information Security Department
- Information Technology Specialist/Operations Department at FirstAtlantic Bank
- Vice President Operations/Operations Department at Tru Technology
- Vice President Information Technology/Operations Department at Florida Capital Bank
1 year, 9 months at this Job
- Master of Science in Information Technology - Information Security & Assurance
- Bachelor of Science in Information Technology & Information Security - Information Technology & Information Security
• Extensive knowledge in Tenable Security SC
• Experience in Performing vulnerabilty Assesment
• Experience in running vulnerabilty scans and compliance scan using NESSUS
• Experience in Server Decommission in Tenable security
• Performed Certification and Accreditation on servers(Assets)
• Performed CIS hardening with compliance standards on SAI 360
• Experience in Solar winds monitoring tool
• Experience with Excel spread sheet
• Great knowledge in Incident response
• Managed vulnerabilities with the aid of Nessus, Splunk, for vulnerability scanners to detect potential risk on a single or multiple asset across the enterprise network
• Applied appropriate information security control for federal information system based on NIST 800-53, FIPS 199, FIPS 200
• Analyzing vulnerability scanning using Disa Stig as a testing guide
• Monitoring And Analysing data with Splunk
• Visualisation and Created dashboard in Splunk
• Experience with Splunk components and Log Forwarding
• Experience with patch testing and patch management
• Experience with malwares and various cyber attacks(OWASP)
- Information Security Consultant at NIIT WEST BEND WI
- Cyber Security Analyst at Atius Tech Staffing
5 months at this Job
- Bachelor of Law and Minor - computer forensic
• Provide IT audit and regulatory examination portfolio management services and provide expertise in translating regulatory requirements into practical, workable plans.
• Coordinate various aspects of regulatory submissions, including developing and reviewing technical documents, developing and tracking submission timelines and managing the preparation of regulatory submissions to ensure compliance with regulation and guidelines.
• Develop effective management responses and remediation plans to ensure compliance deadlines are met and that residual risk is communicated and found acceptable by senior management.
• Evaluate effectiveness of information security control environment and orchestrate product evaluations of various security technologies to identify solutions for high-risk control deficiencies.
• Report adherence to internal policies and standards, NIST, pertinent laws and regulations to senior leadership.
- Information Security Consultant at BB&T
- Manager at SUMMUS GROUP
- Enterprise Data Platform Lead Program Manager at TIAA FINANCIAL SERVICES
- DataStage Program Manager at TIAA FINANCIAL SERVICES
10 months at this Job
- Bachelor of Science - Information Systems and Operations Management
• Design, configured and manage multiple Identity & Access Management solutions including SailPoint IIQ Governance 6.x/7.0, Federation Services for Single Sign-On (SSO), Azure Cloud solution and Microsoft Identity Manager.
• Implemented Microsoft Azure Active Directory (AAD) hybrid solution with Azure Password Hash synchronization and Single Sign-on to Azure AD/ O365 Tenancy for over 30,000 users.
• Manage Privileged Domain Service Account and Application Accounts in PIM Suite
• Implemented Azure Multi-Factor Authentication Server Farm with integration with Azure Application App Proxy
• Migrated User Objects from On-premise AD to AAD for leveraging Identity as a Service (IAAS) services.
• Implemented Global-Wide Microsoft Azure MFA User and Mobile Portal and integration of MFA solution with CyberArk PAS and BigIP F5 VPN for secure access.
• Implemented and manage CyberArk Enterprise Password Vault (EPV), Central Policy Manager (CPM), and Privileged Session Manager (PSM), accounts, Master Policies, safes, usages and Password Vault Web Access (PVWA) v9x/10.0x.
• Privileged Account Auto discovery and automatic password management in Vault
• SailPoint Identity IQ Governance implementation, installation & administration
• SailPoint Employee and Manager Security Audits & Access Review administration
• Schedule, monitor and IT Separation Of Duty (SOD) SOX processes in SailPoint IIQ
• Integration of SailPoint IIQ (7.0) with Active Directory and Relation databases via ODBC and application flat files including PeopleSoft, JD Edwards, SAP, and other financial Applications.
• Microsoft Windows Azure AD (WAAD) Tenant Setup with Azure AD Connect setup and configuration to synchronize on-premises AD Domain accounts to Azure AD Tenant to provide Identity as a service solution (IDAAS).
• Configured AAD Connect with Pass-Through Authentication and SSO with Microsoft ADFS servers on premises for authentication of Azure AD users in Azure AD Tenant
• Manage Hybrid Cloud Environment for WAAD and On Premises Active Directory on Azure Infrastructure as a Service Platform (IAAS).
• Maintain Bit9/Carbon Black environment in Visibility, Low, medium and high enforcement for all Domain Controllers.
• Integrate Cloud Azure MFA with VPN for Radius authentication with Office 365 Multitenant solution and Cloud Applications
• Standardized User attributes globally for over 35000 user objects in preparation for migration Azure AD Tenant and synchronization to 0365 Multi-tenant.
• Configure Microsoft Azure Multi Factor Authentication (MFA) integration with CyberArk EPV Solution (v9.8) across multiple Data Center Sites for High Availability and Disaster Recovery.
• Setup and Published Azure MFA Phone and Mobile Portal on Azure Application Proxy for access internally and externally on the Public Domain
• Identity & Access Management of User objects in Microsoft Identity Lifecycle Manager (ILM) and FIM 2010 R2, PeopleSoft and Active Directory domain
• Configure Management Agents (MA) in MIM 2016 to connect to PeopleSoft HRMS via MSSQL Relational Database Management System (RDBMS)
• Configure ILM MA and Microsoft AD to populate User accounts in metaverse directory
• Create and established custom automated scripts using PowerShell Cmdlets, VB .Net for routine AD Account management and Process Automation.
• Setup, tested and managed MFA for Azure AD Tenant integration for Office 360 Cloud Users
• Active Directory Users & Computers (ADUC) OU architecture, design and administration
• Microsoft Active Directory Federation Service (ADFS 2.0/3.0) instance design and setup on Microsoft Windows Server 2008 R2 Enterprise server. Setup ADFS Server Farm for Development and Production to connect to Microsoft SQL 2014 DB instances.
• Configure LDAP Authentication and Authorization between ADFS (2.0 and 3.0) and Active Directory for Trust relations in Web SSO setup for federated Users.
• Configure and integrated Vendor based Cloud and SaaS applications in ADFS for SSO with SAML 2.0/3.0 and WS-federation.
• Seamlessly updated ADFS SSL, Token Encrypting and Decrypting certificates on Production and Development servers without any downtime to over 70,000+ users
• Deploy ADFS WAP & Federation Proxy Farm for HA on Production & Development environment
• Successfully migrated 20 SSO Application from Development to Production ADFS Farm.
• Coordinate, Test and publish Approved Applications via UAT in ADFS 2012 R2 Server Farm
• Microsoft ADFS Capacity Planning for High Availability and Redundancy across multiple Sites and Data Centers.
• Designed and implemented Enterprise Password Vaults including Thycotic Secret Server Suite Version 8.0.
• Scope and design network architecture for the implementation of Thycotic Secret Server Enterprise Password Vault solution and integration with LDAP and Radius.
• Manage Secrets on Windows and Unix Platforms and configuration of Privilege Manager for Windows using Secret Server
• Manage and administer ADFS Server Farm Test and Production instances with over 20 Application utilized by over 70,000+ Users.
• Manage and administer Splunk for monitoring an auditing user and object access on network
• Security Account and End User Access Control Administration
• Designed and implemented New ADFS 3.0 Web SSO Production, Stage and Development Farm environment running on Server 2012 R2
• Coordinated with Business Partners to migrate and setup Trust in ADFS for SAS applications to be migrated from ADFS 2.0 & 2.1 environment to 3.0 Environments.
• Designed, setup and configure Microsoft Azure AD Multi-Factor Authentication for internal and external SaaS application published on ADFS 3.0 Farm
• Leverage Microsoft Visual Studio to Build and Develop packages in .Net for Microsoft Identity Manager (MIM) metaverse extensions
• Development of .Net code for AD account automation in Microsoft Identity Life Cycle Management (ILM)
• Use Fiddler and HTTP Analyzer to analyze, troubleshoot and monitor Web SSO traffic
• Setup and establish SSO setups and trusts with Business customers using metadata information
- IT Information Security Consultant at US Executive Corporation
- IT Consultant Systems Engineer at Diebold
- IT Systems Integrator/ Systems Engineer at Dell Enterprise Delivery Team (EDT)
- IT Security Systems Engineer at SandRidge Energy
2 years at this Job
Information Security Consultant System Administrator Managed Service Provider Application Developer
Information Security Consultant
Managed Service Provider
- Information Security Consultant/Systems Administrator at Garnet River
- Web Administrator/Developer at Rensselaer-Schenectady Masonic District, F&AM, State of New York
- Subject Matter Expert (SME) at Capital Region BOCES
- Director of Accountability and Reporting/Academic Technology at Academic Technology
3 years at this Job
- Master's - Computer Information Systems
- Bachelor's - Computer Science
• Problem solver, security advisor, technical consultant, and Subject Matter Expert supporting a wide range of McAfee enterprise security products for DoD customers.
• Provided security architecture and best practices guidance, tier 4 engineering and research support, and lab testing of new software.
• Performed a holistic security assessment of the customers environment and provided recommendations for improving their overall security posture.
• Provided training and subject matter expertise in SOC environments on security methodologies and products including network intrusion detection/prevention systems (IDS/IPS), malware sandboxing technologies, SIEM tools (Splunk & McAfee), threat detection, network traffic blocking/mitigation, and incident reporting.
• Utilized SIEM tools (Splunk & McAfee), IDS/IPS sensors, threat intelligence feeds, and malware sandboxing technologies to hunt for malicious network activity, perform packet analysis, sensor tuning, and malware triage.
- Sr. Information Security Consultant at McAfee
- Systems Engineer at Booz Allen Hamilton
5 years, 7 months at this Job
- Bachelor's - Information Technology
Established strategic directions, leadership, alignment and accountability for activities across multiple Product Lines globally.
• Planned managed seamless relocation of 3 data centers Implementation a Disaster Recovery/Business Continuity.
• Conduct business impact analysis (BIA), risk analysis and dependency analysis for all the business critical Manage the execution and completion of all disaster recovery test activities.
• Serve as the key IT liaison to the business continuity management team, ensuring that IT technologies and processes support all key availability requirements.
• Manage a team of 15 SME's distributed across the world.
• Proven ability to implement new systems while sun-setting legacy systems, with accurate risk/reward analysis.
• Creative and timely resolution of complex Systems issues across multiple environments
• Manage the Installations include physical Firewall configurations utilizing Cisco ASA 5505 up to Cisco 5540 Checkpoint 4000 and 5000 and Fiber and Cat 6 Cabling implementation.
• Developed and directs all networking safeguards reducing the risk of breaches while protecting sensitive internal and external client information
• Led the deployment of Cloud and Virtualization related Projects across multiple sites and business units.
• Responsible for managing nationwide teams implementing Identity and Access Management and security solutions.
• Managing vendor's security compliance and audits complying with internal framework and processes.
• Exceeded productivity objectives by introducing more efficient processes, restructuring staff schedule, and improving client SLAs.
• Managed information security projects, including planning and deployment of new processes and technologies in areas of intrusion detection and response, deployment and management of authentication tokens and VPNs, and vulnerability assessment and remediation practices.
• Provided guidance and coordination with other corporate groups on approaches, solutions and best practices in governance, information risk management
- Manager of Information Security / Consultant at Comcast
- Director of Information Application Security / PMO at Holtzbrinck MacMillan Publishing Group
- Senior Project Manager / Consultant at AIG
- Project Manager, Data Center Migration / Consultant at NYU Langone Medical Center
3 years, 9 months at this Job
- BS - Computer Science
• Develop and oversee security design and implementation for several projects from the planning phase through implementation.
• Based on business requirement s, design and implement cloud-native architectures (AWS and Azure) to align with company policies and with appropriate security controls present.
• Conduct Cloud security Analysis of Office 365 and Microsoft Azure. This includes Micorsoft Cloud solutions such as MCAS, InTune, PIM, Sharepoint, exchange, AIP, ATP and Exchange Online Protection.
• Advice the business partners on State Farm's Enterprise Information Security Policy and assist them in filing for any exceptions to the policy when they are not in compliance. Explain mitigating security controls that are in place or under development for the project. Ensure compliance with government regulations to include, but not limited to, HIPAA and GLBA.
• Evaluate multiple third party vendors and their applications. This includes Vendor Security Posture Assessments (VSPA), SSAE 16s, SAS 70s, reviewing security policies, business continuity and disaster recovery plans, and physical and operational security of the vendors.
• Support proof of concept and production deployment of cloud solutions and others solutions on Internal cloud (IAAS) platform including infrastructure such as Docker, IBM Websphere application server, Tomcat /Apache server.
• Design and develop cloud specific policies and procedures ex: o365 Tenant Management, SIEM using on premise Qradar, Conditional access, data protection (DLP).
• Identify and remediate application security vulnerabilities using Dynamic analysis (DAST), static analysis (SAST) and open-source testing tool such as IBM Appscan, Checkmarx, Sonatype
• Design security in Salesforce by developing user roles, profiles, security settings, access levels using permission sets.
• Implemented SAML based SSO for authentication for users logging on to Salesforce.
- Information Security Consultant at State Farm Insurance
- Application Security and SIEM Implementation at State Farm Insurance
- Information Security Analyst at State Farm Insurance
- Business Application Security at State Farm Insurance
9 years, 1 month at this Job
- B.E - Electronics