➢ Promoted to Information Security Manager during Cloud Platform company merger. Implemented ISMS (ISO27001) and EU GDPR programs to reduce organizational risks.
➢ Aligned information security program with company objectives. Implemented process controls and led employee awareness training to strengthen company security.
➢ Clarified information security requirements and designed risk assessments to reduce the possibility of asset-related and vendor-related risks.
- Information Security Manager/Implementer at On Line Computing
- Chief Financial Officer at Cloud Platform Ltd
- Finance Manager/Consultant at On Line Computing
- Accounting Manager, EMEA at CNN
2 years, 5 months at this Job
- B.B.A. - Finance
Information Security Manager
• Conduct Information Technology Audits
• Review Existing Policies for Revision
• Create New Polices
• Conduct Risk Assessments
• Part of University Disaster Recover Team
• Budget Planning
• Create and Maintain Server and Network Backup Strategy
• HIPAA Officer
• Conduct Information Technology Audits
• Cyber Forensics/Investigations
• Palo Alto Firewall Management
• Palo Alto Traps (anti-mailware) Management
Information Security Manager
- Information Security Manager at University of Puget Sound
- IT Directory, Manager of Healthcare Informatics, and HIPAA Security Officer at Medical Network One
- Inernal IT Manager at gloStream, Inc
- IT Technical Support Specialist/Network Admin at Lapeer County Bank and Trust Co
2 years, 5 months at this Job
- Master of Business Administration - Accounting for Decision Makers
- Bachelor of Science - Cyber Defense
- Associate of Computer Science - Microsoft Software
Contractor) Governance, Risk, and Compliance (GRC) Advisory: Performed in the capacity of a third party Information Security Manager for the Metropolitan Washington Airport Authority (MWAA). The Airport Authority is responsible for the management, operation, and capital improvement of two airports in the Washington metropolitan area, Reagan National (DCA) and Washington Dulles International (IAD) Airports. These airports provide domestic and international air service to over 45 million passengers for the mid- Atlantic region and also manages the Dulles Toll Road (DTR). http://www.mwaa.com Responsibilities included conducting a comprehensive cyber-security governance analysis and compliance assessment of all current Airport Authority's IT enterprise governance, digital security risk management, and compliance management policies and directives. This scope of work involved analysis resulting in recommendations for risk management policies and controls which will conform to the blended information security frameworks for developing, implementing, monitoring and improving IT governance and digital security risk management practices. The responsibilities also included high-level technical writing support for policies, procedures and strategic digital risk management plans consistent with the gap analysis and IT governance standards recommendation(s) based on frameworks that include COBIT (Control Objectives for Information and Related Technologies), NIST 800:53(National Institute of Standards and Technology for Information Security, PMBOK (Project Management Body of Knowledge for project management and ITIL (Information Technology Infrastructure Library) and ISO 27002 for service delivery. The final delivery mandate included the production of a comprehensive governance and risk policy compendium regarding the overall analysis, recommendations with new/updated policies and IT risk management standards upon which respective policies were derived. Developed information security strategy plan and performed assessments.
- Information Security Manager at Ex Nihilo Management, LLC
- Consultant at Kaiser Permanente
- Sr. Cyber Security Specialist at SyZyGyRiskSciences
- Cyber Security Solutions Architect (Consultant) at Intelligent Systems Services, LLC
1 year, 5 months at this Job
- Masters of Science - Business Administration
- Bachelor of Science
- Bachelor of Arts
- Associate of Arts - Education
- Associate of Science A.S. - Technology Science
- Information Security Manager at Nelnet, Inc
- Adjunct Professor at Community College of Aurora
- Information Security Engineer at Nelnet, Inc
- Information Security Officer at Intrado Inc
1 year at this Job
- Bachelor of Science - Informa on Technology
Provide strategic direction in information systems and technology for an industrial laundry services company with
150+ users in two locations, serving over 3,500 accounts in the pharmaceutical, retail, distribution, and hospitality
industries. Accountabilities: IT security, project management, procurement, contract management, programming
security and control policies, cloud services integration, training and coaching, and corporate meetings
participation. Lead a team of three direct reports and multiple service providers. Total budget: $800K.
• Restructured to achieve a fault-tolerant network: aligned systems and equipment, interfaced systems and strengthened cyber and physical security with the installation of 150 security cameras.
• Piloted multiple projects, some in-progress with immediate, medium and long-term impact. o Licensing: consolidation of servers and systems. Forecast: 15% savings. o Route Accounting migration for billing purposes. o Active Directory/Security/Exchange migration project. o Architecture and implementation of IIoT (Industrial Internet of Things). o VCenter/NetApp/HP/Cisco/Barracuda/Palo Alto environment optimization project. o Others: Security Awareness Plan; IAM & VPN access simplification; secure access for SCADA environments; Hyper convergence project (efficiency initiative).
• Contributed to improve the contingency plan with only one day offline after Hurricane Maria; led recovery projects that included data cable rewiring for 60% of the plant and reinstalling 75 IP security cameras.
• Switched the internet and Voice over IP (VoIP) provider for 17% in cost savings.
• Production initiative: gather data from plant equipment (washers, meters, etc.) to predict requirements and determine required resources by feeding EAM (Enterprise Asset Management) and productivity systems.
• Designed and proposed technology requirements for a potential business acquisition.
• Works closely with the Quality Assurance Manager to ensure that ISO 9001 IT processes and documentation are up to date for Cadillac Uniform's Certified Clean Room Service.
- IT/Information Security Manager at Cadillac Uniform & Linen Services, Bayamón, PR
- Sr. Network Engineer/Consultant at Networkers
- IT Manager at Universal Health Services/ HIMA San Pablo
- Sr. Technical Manager at SESCO
2 years, 5 months at this Job
- Bachelor of Science - Computational Mathematics
Responsible for the overall security of information for the company, its members, subsidiaries and joint ventures through the development, implementation, and maintenance of an effective information security program that addresses both physical and virtual exposures. Responsible for ensuring that all retail locations are compliant with PCI DSS standards. This includes maintaining configuration standards for all PC hardware, firewall configurations, network segmentation, and standardizing user practices. Responsible for all planning and coordination of internal and external network vulnerability scanning and penetration testing. Manage and maintain physical electronic access control systems. Manage and maintain security cameras and associated network hardware. Manage Sophos cloud-based endpoint and server protection and control, Proofpoint email protection, email fraud defense, and cloud application security. Co-Manage AlienVault USM appliance with MSSP. Responsible for creating and implementing an enterprise wide information security education and awareness program.
Responsible for the overall security of information for the company, its members, subsidiaries and joint ventures through the development, implementation, and maintenance of an effective information security program that addresses both physical and virtual exposures.
Responsible for ensuring that all retail locations are compliant with PCI DSS standards. This includes maintaining configuration standards for all PC hardware, firewall configurations, network segmentation, and standardizing user practices.
Responsible for all planning and coordination of internal and external network vulnerability scanning and penetration testing.
Manage and maintain physical electronic access control systems.
Manage and maintain security cameras and associated network hardware.
Manage Sophos cloud-based endpoint and server protection and control, Proofpoint email protection, email fraud defense, and cloud application security.
Co-Manage AlienVault USM appliance with MSSP.
Responsible for creating and implementing an enterprise wide information security education and awareness program.
- Information Security Manager at Alabama Farmers Cooperative
- Equipment Operator at Limestone Farmers Cooperative
- Ground Communications Technician at United State Marine corps
4 years, 10 months at this Job
- Master of Science - Information Systems Management
- Bachelor of Science - Liberal Studies
Lead, motivate and train staff, manage security operations activities and manage the Incident Response practice. Determine security requirements by evaluating business strategies and requirements; research information security standards; conduct system security reviews, vulnerability analysis and perform risk assessments. - Define, manage and lead the Incident Response practice - Develop risk assessment process of 3rd party security controls - Deploy & govern a global vulnerability management program - Responsible for network perimeter security solutions (Check Point firewalls, IPS, Sandboxing, Anti-Virus, etc ) - Establish global enterprise SIEM and manage SOC activities - Manage engineers and analysts
- Information Security Manager at Hallmark Cards
- Senior IT Security Specialist at Kimberly-Clark
- IT Security Engineer at Zimmer, Inc
- Consultant of computer technology at Bristol-Myers Squibb
5 years at this Job
- Bachelor's - Cyber security
• Performed qualitative security assessment to identify security gaps within the enterprise. Rated findings in terms of risk and potential impact to business and reported to senior management.
• Created a risk register of known and new IT security issues or gaps. Report updates to senior management on a monthly basis.
• Re-architected DMZ to minimize risk and exposure.
• Purchased and implemented Information Security Awareness program.
• Created and managed Pinnacle's vulnerability management program.
• Migrated ProofPoint email filtering gateway into full production.
• Manage MSS environment and relationship.
• Created 5 year project roadmap including budget projections.
• Performed POC of RSA MFA testing their Risk Based Authentication on remotely accessible devices used by Pinnacle's employees and vendors. Funds have been secured to purchase and implement this MFA solution in 2016 Q1.
• Secured funding and support for an on-premise SIEM to be installed and co-managed by a MSS for 2016 Q1.
- Information Security Manager at Pinnacle Foods Group
- Senior Information Security Engineer at Radian
- Contractor for (City of Philadelphia Department of Technology - Reporting to CISO) at Systegra Inc
- Information Security Manager at Aqua America, Inc
4 years, 5 months at this Job
- Some college
• Create all policies, standards, procedures, and roadmaps for the Information Security Program based around PCI DSS and SOX requirements, COBIT, ITIL, and NIST SP 800-53 frameworks
• Advise senior leadership on industry trends and cyberthreats
• Consult with General Counsel on laws, regulations, and compliance
• Conduct employee training and awareness programs related to Information Security
• Perform PCI DSS and SOX compliance audits, and prepare document filings for regulators
• Lead security incident and forensic investigations
• Advise DevOps teams on secure cloud implementations based on NIST SP 800-144
• Guide infrastructure teams on vulnerability, configuration management, and secure systems development lifecycle (SDLC)
• Evaluate and approve all new applications for production use
• Perform legal discovery and prepare chain of custody documentation for General Counsel
• Monitor the security posture of the environment using AlienVault OSSIM (SIEM), Netwrix Auditor, BetterCloud, Tenable Nessus (vulnerability scanning), and Amazon Web Services GuardDuty (SIEM)
• Manage endpoint protection and monitoring with Sophos Central
• Manage IAM and cloud access security (CASB) with Okta
• Prepare quarterly security posture reports for executive leadership
• Manage relationships with strategic vendors for independent audits including penetration testing
- Information Security Manager at Vroom
- Sr. Systems Administrator at Willbros Holdings
- Sr. Microsoft Engineer at American Express
- IT Support at Aero Propulsion Support Inc
1 year, 6 months at this Job
• Successfully implemented and managed the formal Information Security Management System (ISMS).
• Updated and created 10+ security policies to ensure our ISMS program are beyond industry standards.
• Created and managed the RFI response program, cutting our response time to customers from months to 2 weeks. Tools and Technologies used: Loopio, WAFs, TCP/IP, VPN, DLP
- Information Security Manager at DoubleDutch
- Security and Compliance Analyst at RevSpring
- Senior IT Internal Auditor at Symantec
- Information Security Manager at US Army
2 months at this Job
- BS - Applied Management
- AA - Social & Behavioral Sciences