SENIOR IT SPECIALIST (CYBERSECURITY TEAM LEAD)
INTERNAL REVENUE SERVICE 04/2010-12/2018
Served as the Cyber Security Lead performed a variety of risk assessments on a wide range of IRS Applications.
Applied expert level knowledge of system administration and operations, virtualization technology design, application and management, agile software development methodologies, and industry-standard software development and deployment processes. Provided assistance and oversight for information systems operations activities supporting software development, testing, and deployment, including computer /communications administration and operations, data entry, data control, operations support, operating systems programming, and system security policy procedures.
• Provided security analysis on Windows and Linux systems, web servers, databases, and all newly proposed software through security assessments using vulnerability scanning tools, baseline software compliance checklists (e.g., STIGS and CIS), and NIST 800-53 control assessments throughout the life-cycle process. Handles work incidents, security escalations and identify risks. Establish relationships with member firms and find key contacts within IT functions, Risk Communities and client facing development teams.
• Appointed as the Service Leader for the Control Impact Assessment (CIA) and Security Risk Assessment (SRA) Services in Security. Led, coordinated, prioritized and assigned CIA's)and SRA's)to SAS Security Analysts. Trained new members of our team on how to conduct a CIA and SRA.
• Participated in many meetings and calls covering a wide range of security issues. Business units and Projects often seek my counsel on a wide range of security issues. My colleagues often consult me for advice and assistance with highly complex IT security issues and concerns.
• In 2015 as a part of the implementation of the Foreign Account Tax Compliance Act (FATCA) program, a new application was added to the Return Review Program (RRP) boundary. This was the FATCA Withholding and Refunds Service. The FATCA W&R Service validates Form 1042-S (Foreign Person's U.S. Source Income Subject to Withholding) and identifies cases of potential fraud for review. I performed a CIA on the potential security impact of adding the FATCA W&R Service to the RRP boundary.
• Received a 2015 Commissioner’s Award for my contribution to the successful implementation of the FATCA program.
• Led the Return Review Program (RRP) PROJECT. RRP was designed to be the replacement for the legacy Electronic Fraud Detection System (EFDS). Because of my knowledge of Linux, became the primary contact and Subject Matter Expert in Cyber for the RRP project.
• Served as the primary contact for RRP in Cyber Security and was considered an SME expert on LinuxSecurity and RRP.
• Served as a member of the Security Controls Assessment team. For a year I was a lead Tester for various applications during their SCA tests. As the Test Lead, directed IRS staff and contractors during each SCA. I coordinated and led meetings and teleconferences related to the testing process.
- IT Security Specialist at Internal Revenue Service
- Senior IT Specialist at Internal Revenue Service
at this Job
- Bachelor's - Economics
Security support specialist for PCI-DSS compliance involving documentation of evidence, collaborating with external QSA to remediate gaps, validating process controls, SAQ submission and continuous quarterly external vulnerability
• Created security awareness and training program in collaboration with HR Learning and Development Department. Also partnered with the Loss & Prevention Department for promoting a security culture at corporate and for the stores.
• Created the monthly security patch program and deployment process leveraging Microsoft SCCM and Tanium.
• Implemented IBM QRadar SIEM solution for analyzing situational awareness of the enterprise.
• Responsible for coordinating IT security related activities and on-going development of Information Security policies, standards, procedures and guidance.
• Security liaison for US in supporting Paris organization's global security initiatives on the Netskope and Tanium projects.
• Security lead for implementation and audit reporting leveraging Varonis Data Advantage privilege access management, Data Privilege for self-service data owner folder access provisioning and Data Alert for near real- time folder access violation alerting.
• Daily analysis of network events leveraging QRadar.
• Review Varonis weekly user folder access and schedule quarterly effective permissions review with department data owners. Schedule internal vulnerability scanning and remediation of critical assets.
• Coordinate monthly deployment of critical security patching of servers.
• Manage Symantec's endpoint protection process and coordinate remediation efforts with Helpdesk.
• Creation and renewal of server digital certificates.
• Daily updating of security dashboard.
• Manage workload of junior level security consultant.
• Manage email and web filters for Cisco IronPort ESA and WSA appliances.
- IT Security Specialist at Hermes Of Paris
- IT DESKTOP SUPPORT ANALYST at Fox News Chanel
- IT SYSTEM SECURITY/PROJECT MANAGER - NETWORK TECHNOLOGY INNOVATION at ENEL DISTRIBUTION
- IT SUPPORT/ SYSTEM SECURITY ANALYST at FOX NEWS CHANNEL
1 year, 7 months at this Job
- - SCIENCE INFORMATION TECHNOLOGY
Provides support service to customers and partner by responding to network security issues Performs preliminary analysis on network security incidents.
- IT Security Specialist (Intern) at Axxera Security Solutions
- Scan/Copy Operator at Elite Litigation Solutions
- Database Operator at Elite Litigation Solutions
4 months at this Job
- Bachelor of Science - Business Information Management
management, infrastructure/network security, and application security - Worked with developers to review secure design/implementation of new code or functionality for applications - Perform red team-like tests to help colleagues detect malicious activity and improve alerting in Splunk enterprise security - Building enterprise vulnerability management program from the ground up - Work as apart of an IT Security team but own multiple individual projects
- IT Security Specialist at Medical Mutual of Ohio
- Retail IT Analyst at Darice Inc
2 years, 4 months at this Job
- BSAS in Computer Information Systems - Computer Information Systems
Oversee security of the cloud infrastructure, serving as the main point of contact for investigating and resolving security-related issues. Develop threat and vulnerability management policies and manage SEM (security event management) system.
• Virtually eliminated threats from malware, advanced persistent threats and security breaches.
• Authored security architecture design documentation and standard operating procedures.
• Introduced use of security metrics to mitigate vulnerability by analysing historical threats, addressing risks/gaps/violations and implementing improved protocols.
• Trained end users on security processes, procedures and risks via the company's first security education program, which is being rolled out company wide.
• Planned, directed and coordinated network-related projects and multidisciplinary teams. Accomplished project goals on time, on budget and in alignment with corporate objectives.
• Developed and launched enterprise-wide software-distribution system delivering automated software updates remotely to all desktops and devices on the network.
• Founded and built internal helpdesk and trained technical staff to provide support to 1,500 users.
• Successfully installed more than 200 businesses which includes banks, government offices, public transport companies and retail stores with new software and hardware keeping security measures on devices.
• Completed projects maintaining company's SLA levels.
• Installation of relevant software and make sure it's working in desired order.
• Training customer on new systems and providing continuous support.
• Successfully directed the on-time, on-budget completion of company-wide upgrade to Windows 10
• Performed troubleshooting, repair, and maintenance of computer systems, hardware, peripherals, and telephony. Analysed system requirements to efficiently isolate and resolve a wide array of technical issues. Participated in large-scale upgrades and installations.
- IT Security Specialist at Fujitsu UK Ltd
- Data entry at DATA ANALYST DHL
- Project coordinator at SSP Ltd
- Team Leader at IBM Call Centre
2 years, 4 months at this Job
• Use EnCase Enterprise computer forensic software to collect, search, analyze, and produce electronically stored information (ESI) in support of litigation matters and corporate investigations
• Served as the SME for the entire lifecycle including requirements gathering, design, testing, and training of the Exterro Fusion Legal Hold and Project Management cloud solution
• Apply information security best practices with regard to chain of custody and articulate user responsibility for information governance & security compliance
• Participate in vendor/software resource selection process to ensure selection meets eDiscovery and compliance requirements
• Engages with Computer Security Incident Response Team (CSIRT) to respond and resolve security threats in the enterprise infrastructure and IT environment leveraging the NIST framework to mitigate risks
• Draft and implement standard operating procedures and maintain documentation library via SharePoint
• Other duties as described below Contract:
- IT Security Specialist at CNA Financial
- EDiscovery and Forensics Administrator at Volt Technical Services / CNA Financial Corporation
- Documentation and Communication Analyst at US Tech Solutions
- Adecco / The Pampered Chef at Adecco
3 years, 6 months at this Job
- Master of Science - Information Systems
- Bachelor of Arts - communication
Founded consulting company focused on IT security, compliance and audit preparation support. Current contracts' Task Orders include:
• Update and maintain monthly System Owner Performance Metrics and other cyber security identified reporting.
• Develop, integrate and implement processes and procedures for client vulnerability management.
• Oversee and assist periodic vulnerability scans, remediating vulnerabilities, and reporting status to include system vulnerability scans, web application scans, foreign travel vulnerability scans (where required).
• Provide support to system testing consistent with NIST Special Publications (SP) 800 series IT security guidance.
• Provide subject matter expertise on FISMA/NIST, ISO/IEC 2700 and other compliance standards.
• Identify and fully document enterprise-wide and shared controls; provide consultation on risk assessment and POA&M development, metrics, and tracking.
• Support security and compliance processes; advise on weaknesses in documents, procedures, and techniques.
• Develop curricula to provide a common orientation to staff new to specific IT security roles.
- Owner/Senior IT Security Specialist at Nansemond Cyber, LLC
- Security Engineering Team Lead at DSD Laboratories Inc
- Office Automation Technician at U.S. Fish and Wildlife Service
1 month at this Job
- BS - Information Technology, Assurance and Security
- Diploma - Computer Information Systems
• Reviewed Information Security (GIS) controls across Bank of America's critical business processes to assess the information security landscape (people, process, technology and third-party domains).
• Address cyber risks across business processes and applications.
• Gathered and analyzed information to ensure they adhere with regulatory requirements, and GIS standards.
• Work with functional owners to develop plans to remediate assessment results.
• Communicate findings to stakeholders and business partners.
- IT Security Specialist IV at Bank of America
- IAM BUSINESS ANALYST at Bank of America
- BUSINESS/DATA ANALYST at Bank of America
- Business Analyst at Wells Fargo
3 months at this Job
- Certification in Managing IT Projects
- Masters Degree in Information Systems Management - Information Systems Management
- Bachelor of Science in Information Systems - Information Systems
Create;Modify;Inactivate HCM and Financial Security Profiles. Create eCommerce Supplier Profiles for submitting invoices;payments, etc. Create scripts and test upgraded processes in the PeopleSoft environment. Create and update PeopleSoft Procedural Manual; Supplier Users Manager and Procurement quick reference guides for end-users to use as reference materials when accessing the eProcurement platform. Dec. 2018 completed major upgrade to PeopleSoft Fluid environment - 9.2 (8.7 PUM) - Created new Security Manual displaying new fluid screens documenting the changes and how to navigate within the environment.
- IT Security Specialist at DMI/LochBridge
at this Job
- High school - Business Administration
Conduct Pre-Assessment phase for ATO packages to prepare clients for third party assessment.
● Develop Security Impact Analysis for client systems.
● Create & track POA&Ms for clients using findings to develop milestones/corrective actions for successful remediation.
● Input & manage data within Xacta system.
● Conduct meetings with the client to discuss client's material weaknesses identified in an audit to gain an understanding and develop mitigation strategies for the findings.
● Conduct GAP analysis.
● Responsible for developing continuing education trainings for colleagues.
● Update artifacts (i.e. System Security Plans, Contingency Plans, etc.) with appropriate information.
● Review and update implementation statements for clients.
● Review audit logs to track trends and/or vulnerabilities
- IT Security Specialist at DSA, McLane, VA
- IT Security Analyst at ICF
- Information Assurance Compliance Analyst at SIE Consulting Group
7 months at this Job
- Masters of Science - Project Management