IT security Manager for large healthcare organization encompassing 100,000 employees in 18 states. Responsible for:
• Managing team responsible for developing Enterprise IT security Policy
• Developing strategy to identify and secure over 500,000 medical devices
- IT Security Manager at Catholic Health Initiatives
- Managing Consultant at BKD, LLP
- Senior Cyber Security Engineer at U.S. DEPARTMENT OF DEFENSE - U.S. Army Central Command (USARCENT)
- Deputy Director of Security at ITT SYSTEMS - Camp Arifjan
11 months at this Job
- Masters of Business Administration - Business Administration
- Bachelor of Science - Business Management
• Responsible to act as an interface between the strategic and process-based activities and the work of the technology focused team members of the organization. Translate the IT risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting.
• Coordinate the IT organizations technical activities to implement and manage security infrastructure and to provide regular status and service level metrics to management.
• Align priorities and plans with key business objectives and work with business and IT stakeholders to balance real-world risks with business drivers such as speed, agility, flexibility and performance.
• Prioritize work efforts, balancing operational tasks with longer-term strategic security efforts. Vendor relationship management - ensuring that services levels and obligations are met.
• Support the security and compliance needs of the company while leading business thinking and operational execution on defending the organization from cyber threats and securing digital information. Ensure compliance and security, supporting delivery of the business strategy.
- IT Security Manager at Krisp Kreme Doughnuts
- Senior Manager / Global Team Leader at HCL Technologies
- Service Manager at Volvo IT North America
- Lead Software Systems Engineer at Volvo IT North America
4 months at this Job
- BA in Mass Communications - Mass Communications
Effective management of all of our VMWARE servers and administer the Macola ERP System.
• Coordinate all local and remote sites including Indiana, California and Florida.
• Responsible for all the IT initiatives, from WIFI, ATT MPLS, VPN Tunnels, Security Cameras with phone apps.
• Manage all website and security needs with the use of Sophos Firewall and Anti-Virus.
• Handle over 100 end users.
• Oversee all of the security for our network, intrusion detection and prevention.
• Protect Ransomware endpoint.
• Hands-on experience leading all stages of system development efforts, including requirements definition, design, architecture, testing, and support.
• Outstanding project and program leader; able to coordinate and direct all phases of project-based efforts while managing, motivating, and guiding teams.
• Security, firewall, encryption, remote access, solutions.
• Penetration Testing of our systems and remote systems abroad using Kali Linux and such tools as BBQSQL BED cisco-auditing-tool cisco-global-exploiter cisco-ocs cisco-torch copy-router-config Doona DotDotPwn HexorBase jSQL Injection Lynis Nmap ohrwurm openvas Oscanner Powerfuzzer sfuzz SidGuesser SIPArmyKnife sqlmap Sqlninja sqlsus THC-IPV6 tnscmd10g unix-privesc-check Yersinia Handle all website and security needs using Armitage Backdoor Factory BeEF cisco-auditing-tool cisco-global-exploiter cisco-ocs cisco-torch Commix crackle exploitdb jboss-autopwn Linux Exploit Suggester Maltego Teeth Metasploit Framework MSFPC RouterSploit SET ShellNoob sqlmap THC-IPV6 Yersinia
• Run all local and remote sites including Indiana, California and Florida.
• In charge of all the IT initiatives, from WIFI, ATT MPLS, VPN Tunnels, Security
• Cameras with phone apps.
• Sophos Firewall and Anti-Virus.
• Manages over 100 end users.
• Controls all of the security for our network, intrusion detection and prevention.
• Ransomware end point protection.
• Expertise in the managed of systems with VMware server farms and voice/ data IP networks Excels at providing comprehensive secure network design, systems analysis, and full SDLC Hands-on experience leading all stages of system development efforts, including requirements definition, design, architecture, testing, and support Outstanding project and program leader; able to coordinate and direct all phases of project-based efforts while managing, motivating, and guiding teams SECURITY, FIREWALL, ENCRYPTION, REMOTE ACCESS, SOLUTIONS, Active Directory, Service Desk
- Senior IT Security Manager at Ameri-Companies Corporation
- IT Consultant Project Migration Manager to new EMR Athena from Nextgen at Palm Beach Orthopedic Institute, Beach Gardens
- IT Consultant Project Migration Manager at iPhone, Android and iPads
- IT Systems Administrator Long Term Contract at VMware server farms and voice/data IP networks
2 years at this Job
- Bachelor of Science in Information Systems Computer Forensics Cyber Security - Information Systems Computer Forensics Cyber Security
- Associate of Applied Science - Computer Science
Manage GSuite Domain (along with folder permissions or any IT related issues) for the Company along with Badging for contractors on contract. Managing the Local Area Network along with any network related outages and or upgrades. SME with Active Directory to maintain users having access and being put in correct OUs. Maintain Key fob phone and laptop access. Order all office supplies along with maintaining all equipment Servers/Printers/Wireless/VoIP. Go through Company Credit Cards to approve or dispute charges. Maintain Auto Insurance for the Vehicles used in the field along with driver list. Manage all of Company Leases with Vendors and Property Management. Control access to IDS Keri Doors Key Fobs and security Cameras. Help with new employee Onboarding and employee Offboarding. Assist FSO to be DSS compliant and having an accurate account for the Cage Code.
- Facilities/IT/Security Manager at National Capi
- Telecommunications Analyst/Communications Security Specialist/ GVS-C Controlling Authority at Bylight Professional IT Services
- VTC Technician at Serco Inc
- Network Administrator at General Dynamics IT / Federal Bureau of Investigation
1 year, 7 months at this Job
- Some college
2018 to Present Responsibilities/Roles: · Assist in evaluation of policy as it regards information security practices within the organization · Configure and deploy security tools within the Splunk SIEM framework · Evaluate contracts for specificity and ensure they meet the requirements of the organization · Monitor for malicious activity within the network · Evaluate vulnerabilities and determine patching cycle · Develop and create reports/alerts for Splunk dashboards · Conduct Splunk administrative duties · Assumed responsibilities for departing IT Security Manager · Convey security issues to executive level leadership · Create policy and documentation in a developing security program · Ensure certification for SOC II requirements · Complete auditing request by third party vendors · Provide explanation and evidence for HITRUST audit · Evaluate results from penetration tests · Look for new tools to improve the security of organization · Perform upgrades for security platforms within the organization · Primary point of contact for security related issues for the enterprise
- Security Engineer/(Interim) IT Security Manager at Triage Consulting Group
- Security Engineer at Triage Consulting Group
- Integrated Security Analyst Tier II at Greensky
- Integrated Security Analyst at Greensky
7 months at this Job
- Bachelor's in Computer Networks and Cyber Security - Computer Networks and Cyber Security
- Associate in Criminal Justice Homeland Security Focus - Criminal Justice Homeland Security
The IP and IT Security Manager responsible for the following:
● Understanding the needs and goals of the company and developing an appropriate security plans.
● Overseeing the operations of the enterprise's security solutions through management of the company's security analysts.
● Develop and execute an information security strategy and roadmap that provides continuous improvement in the overall security posture.
● The selection of appropriate security solutions, and oversight of any vulnerability audits and assessments.
● Evaluate IT threats and vulnerabilities to determine whether additional safeguards are needed for a wide range of IT security related areas including architectures, firewalls, electronic data traffic, and network access.
● Interface with peers in the Technical, IS and IT departments as well as with the leaders of the business units to both share the company security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
● Monitor and analyze security alerts / logs and information, and distribute to appropriate personnel.
● Follow IT and technical security incident response and escalation procedures to ensure timely and effective handling of all situations.
● Implement Virus, OS and Application patches as per industry Best Practices.
● Configure security devices and security infrastructure following management guidelines and technical specifications.
● Test proposed security configurations and changes. Conduct regular reviews and evaluation of IT Security controls following a standard based methodology.
● Ensure compliance with all IT Security policies, guidelines and procedures.
● Establish methods, criteria's and checklists that enables project to self-assessment of IT Security.
● Ensure the development, documentation, and presentation of IS security education, awareness, and training activities for facility management, IT and Technical personnel, users, and others, as appropriate.
● Manage operational security processes. Assess the security of vendor products and services.
● Address the security aspects of configuration management, contingency planning, and other operational processes.
- IP and IT Security Manager at Y-Telecom Company
- IT Manager at National Trading Company
- LAN & WAN Administrator at SpaceTel Yemen
- Network Instructor at General Telecommunication Institute
4 years, 3 months at this Job
- Certified Information Systems Security Professional
- Project Management Professional
- - management
- Masters - Dubai
- - LANs and WANs typically found
- B.Sc in Computer Engineering - SitesPower ⥀ Dubai
Directly reported to the Infrastructure Director with a dotted line relationship to the Chief Information Officer within an organization with 1.5 billion in revenue
● Top candidate for the position due to the unique blend of network infrastructure and cyber security
● Corporate leaders utilized my 15 years of network administration to strengthen the infrastructure with an emphasis on cyber security best practices
● Aligned business processes and enterprises risk management using ISO 31000 framework. Developed vendor risk assessment process.
● Utilized in-depth understanding of cyber security to educate the corporate leadership team and guide decision making related to the need for cyber security
● Partnered with executives, management, and a team of 40 staff members including network, infrastructure, system administrators to achieve company driven initiatives which improved the overall security posture and reduced the threat landscape
● Credentialed PCI DSS v3.2 ISA (Internal Security Assessor)- aligned organizational security posture meeting PCI DSS v3.2 credit card processing regulatory requirements.
● Leveraged experience as an Ethical Hacker to protect the organization from individuals seeking sensitive data such as credit card numbers, employee data and vendor data. Having the mindset of a hacker and "what would the hacker do" helped guide the organization with offensive security countermeasures and prevent breaches.
● Developed an effective incident response plan involving malware, intrusion, unauthorized use and data breach improving the internal response time to cyber security incidents. SIEM logs and Cloud security safeguards were placed to alert the IT team in the event of an unauthorized access triggering the incident response plan and remediation.
● Development and management of an effective cybersecurity awareness training program through digital signage, phishing simulation, new hire orientation training and monthly IT newsletters promoting IT security. The effective training program reduced the organization risk score from 40% to 8% within 6 months.
● Provided threat modeling on the following domains: perimeter security, network security, endpoint security, application security, and data security.
● Development and implementation of enterprise patch management lifecycle for enterprise operating systems reducing the threat landscape using Microsoft System Center Management. A bird's eye view of the organization system state identified vulnerable application software.
● Integrated CIS (Center of Internet Security) cyber security benchmarks and controls strengthening the endpoint's security posture. Hardened systems decreased the ability for hackers to move laterally within the network.
● Implementation and management of enterprise application control, privilege management and application whitelisting gave the ability for end users to elevate permissions for software installation or execution on approved applications reducing helpdesk request.
● Advanced experience with enterprise level email solution configuration with Proofpoint Enterprise. Configurations were placed meeting email security best practices and reducing malicious email count.
● Performed penetration testing against internal and external networks using threat hunting tactics to located vulnerabilities or misconfigurations exposing systems to attack. Web servers were reviewed and tested with the OWASP.
● Identified effective alternative security solutions at minimal to zero cost to the business utilizing internal resources and services. Such solutions included enterprise encryption and password management
● Key player in enterprise disaster recovery planning, change management, and IT policy and procedures
- IT Security Manager at Blueline Rental
- Technology Services Manager at SHR/ Richfield -Hospitality
- Regional Information Technology Manager at The Right Step
- Information Technology Director at The Woodlands Preparatory School
1 year, 11 months at this Job
- Associate Degree - Computer Networking Systems Technology
• Developed, Created and Published company-wide InfoSec Policy
• Identified and implemented NIST and PCI frameworks
• Led GRC initiatives and PCI / GDPR gap assessments
• Established Incident Response Process and Procedures
• Evaluated Security tools for operational ingestion
• Managed vendor relationships
- IT Security Manager at GroupeSTAHL
- SOC Team Lead at Ascension Health
- SOC Team Lead at General Dynamics Land Systems
- Data Integrity Engineer at Volkswagen Group of America
5 months at this Job
- B.S. - Finance
Global Cybersecurity SME of Data Services -
• Engaging with four major businesses across the world to understand their sensitive contents and accordingly configure policy in DLP tool. I have configured around 30 DLP policies as per respective business requirement.
• Conduct Data at Rest (DAR) scanning on the infrastructure data for respective business cases, review incidents and provide SME guidance to the business. I used to review around 20 to 30 cases with more than a million incidents in each month.
• Leading DAR service team for Asia Pacific and Middle East countries. I have engaged with each countries regulatory contacts on cross-border data compliance, engaged with respective country's local IT teams for service access and appropriate data injection. Country Lead of Bangladesh Cybersecurity -
• Conduct Cybersecurity awareness sessions to local employees. So far, I have conducted around 40 awareness sessions to 1500 employees (including separate briefing for Exco members) across the bank.
• Oversee the Identity & Access management team for local systems.
• Conduct application security risk assessment for local applications. So far, conducted around 20 assessments and worked with relevant IT team to embed compliance on around 70 high & medium issues.
• Coordinating with global security operations team for any local Cybersecurity incident remediation. I have worked with the global team on around 8 remedial actions in HSBC, after the Bangladesh Bank swift incident occurred in 2016
• Coordinating with global team on various Cybersecurity project implementation in country. Worked on 04 major projects including a Cybersecurity Maturity Improvement Program based on NIST framework.
• Conducting Risk and Control Assesment for local Cybersecurity.
• Coordinating with Auditors for any in-country audit on Cybersecurity. I have coordinated 7 audits includes internal and external auditors like KPMG, Bangladesh bank, HSBC internal global audit etc.
• Conducting 3rd party security risk (TPSR) review for local vendors. I have conducted TPSR for 10 local vendors.
- IT Security Manager at HSBC
- Officer, Client Services, IT at HSBC
- IT Associate at HSBC
- Customer Support Engineer at Augere Wireless Broadband Bangladesh Ltd.
4 years, 3 months at this Job
- BS - Electronic and Telecommunication Engineering
- High school or equivalent - Science
Protect the confidentiality, integrity, and availability of company data, client information, intellectual property, and employee data that has been entrusted to McGregor and Associates.
- IT SECURITY MANAGER at McGregor and Associates
- IT Director at Gallagher
- IT SECURITY MANAGER at DIMENSION DATA
- SECURITY MANAGER at DIMENSION DATA
1 year, 2 months at this Job
- Master of Science - Information Technology
- Bachelor of Science - Information Technology
- Bachelor of Science - Computer Science
- Associate of Science - Information Technology