Quantcast

Information Security Cross Functional Re...
Resumes | Register

Candidate Information
Name Available: Register for Free
Title Information Security Cross Functional
Target Location US-SC-Summerville
Email Available with paid plan
Phone Available with paid plan
20,000+ Fresh Resumes Monthly
    View Phone Numbers
    Receive Resume E-mail Alerts
    Post Jobs Free
    Link your Free Jobs Page
    ... and much more

Register on Jobvertise Free

Search 2 million Resumes
Keywords:
City or Zip:
Related Resumes
Click here or scroll down to respond to this candidate
Candidate's Name
Phone No: PHONE NUMBER AVAILABLEE-mail: EMAIL AVAILABLEExperienced Information Security Analyst15+ years of experience in delivering optimal results and business value in high growth environments.Detail oriented and performance driven professional with expertise in safeguarding the organization from IT threats and risks through effective operational and internal controls. Facilitate security governance and compliance with multiple frameworks. Conduct IT internal audits. Liaise with key stakeholders to deliver innovative solutions.Identify and secure opportunities that would influence the organizations growth. Drive personnel to perform in line with the firms business objectives during the transformational process. Stay abreast with emerging technologies. Proactive leader with excellent decision making, analytical, communication, problem solving and interpersonal skills.AREAS OF PROFICIENCYInformation SecurityWireless NetworkingNew Client IntegrationCost ReductionSecurity Policies and AuditScripting For NetworkCyber LawSecurity ControlsRisk Analysis/Security SurveysInformation Systems Threat AdministrationPhysical SecurityTraining & DevelopmentChange ManagementStrategic AlliancesFirewallsSecurity AwarenessSEIMDisaster RecoverySocial EngineeringRisk AnalysisIDSCross Functional CoordinationPrivacy & ComplianceDLPTECHNOLOGIESAWSCisco WirelessNew Client IntegrationVMWareWindows Operating SystemsScripting For NetworkBMC RemedyiOS & AndroidInformation Systems Threat AdministrationMicrosoft ExchangeLAN SweeperVPNWindows ServerLinuxVoIPSolarWindsLastPassCisco AnyConnectSymantec Endpoint ProtectionCERTIFICATIONSComp TIA Certified Technical Trainer (CTT+).Microsoft Certified Systems Administrator (MCSA).Microsoft Certified Technology Specialist (MCTS).Microsoft Certified Trainer (MCT).Comp TIA Security+ Certified.Comp TIA A+ Certified.ACADEMIC CREDENTIALSMaster of Information Assurance, University of Detroit Mercy.Bachelor of Information Technology and Security, Baker College, Auburn Hills, MI.KEY STRENGTHS AND ACHIEVEMENTSProven expertise in various system development methods. Possess in-depth knowledge of virtualization technologies and clinical application systems.Recommended new approaches, methods and technologies to facilitate the organizations transformation.I played a pivotal role in creating and implementing the Identity and Access Management (IAM) strategy. I collaborated with cross-functional teams to design, develop, and execute robust IAM frameworks to enhance security and streamline user access across the organization. My responsibilities included:1. **Strategy Development: ** Led the formulation of State Farm's IAM strategy, aligning it with business objectives and compliance requirements. Developed a comprehensive roadmap for identity lifecycle management, access controls, and authentication mechanisms.2. **Policy Design: ** Designed IAM policies and procedures, ensuring adherence to industry standards and best practices. Implemented role-based access control (RBAC) and least privilege principles to mitigate risks and maintain data confidentiality.3. **Technology Evaluation: ** Conducted thorough assessments of IAM technologies and solutions available in the market. Collaborated with IT teams to select and implement suitable tools for identity provisioning, single sign-on (SSO), multi-factor authentication (MFA), and privileged access management (PAM).4. **Collaborative Partnerships: ** Fostered strong partnerships with IT, security, and compliance teams to ensure seamless integration of IAM initiatives. Coordinated cross-functional workshops and training sessions to raise awareness and enhance understanding of IAM concepts.5. **Risk Mitigation: ** Implemented continuous monitoring and auditing processes to detect and address potential security vulnerabilities. Developed incident response plans and contributed to threat modeling exercises to proactively mitigate risks.Established structures and processes to plan and facilitate the orderly implementation of change.Big 10 experience in the Information Security and Controls fieldManaged online training initiatives with clients based across the US during my tenure at Care Tech Solutions.Implemented Computer Based Information Security Training (CBT) at Blue Cross Blue Shield of Michigan for all employees (over 10,000)Managed Security awareness events at Blue Cross Blue Shield of Michigan including a very successful Ice Cream Social Engineering event.Oversaw the training program at the Hospital for Special Surgery in New York during the transition to a new Service Desk Provider in 2013.Led the technical training process at Crittenton Hospital and Medical Center during the transformation from Novell GroupWise to Microsoft Outlook 2010.Instrumental in developing and presenting a statement as well as training for a service desk execution at a prominent hospital in New Jersey.PROFESSIONAL WORK EXPERIENCEInformation Security Consultant, State Farm, March 2019 to PresentProviding security assistance to major business-related areas, projects, business solution delivery towers or initiatives primarily within Enterprise Technology that significantly utilizes security solutions and influences direction in the Security Sector.Focusing on identifying risk associated with business decisions through early interactions with business areas to recommend, document & design high level security solution blueprints for the delivery of secure business solutions.work with product owners, developers, and platform/technical security teams to apply the appropriate technical controls.Championing Information Security best practices, and leading by example, also providing a security presence.Identity & Access Control Analyst, State Farm, July 2018 to March 2019Supporting and testing end-to-end security controls and toolsDeveloping documentation and maintaining information security identity and access control strategiesApplying identity and access control concepts and practices in accordance with industry standardsEvaluating vendor solutions and costs and coordination on-going budget for vendor capabilitiesResearching emerging identity and access security topics, threats, capabilities and solution optionDeveloping and supporting the Identity and Access Management (IAM) strategySr. Bank Technical Analyst, Information Risk and Security Consultants, State FarmJuly 2017 to August 2018Consulted with business area and development teams to understand the business need, assessed risk to data and infrastructure assets.Designed security solutions (controls) to mitigate the risk.Followed State Farms information security policy, standards and industry best practices to ensure GLBA requirements and FFIEC guidance are met.oCreated new standards. Collaborated with the security policy owning teams to confirm the need, build the standard and secure Info Se officer sign off and implement the standard.Collaborated with Info Security, development and IT risk review teams to complete risk and info sec design reviews. Work with the support and development teams to build and implement the controls designed.Documented (including diagram) info sec risk assessments, which included inherent risk score, business and security requirements, info security solution design, list of controls, residual risk score.Shared (present/walkthrough) the assessment reports with business area risk owners (leader/AVP), company leadership team and risk review teams for awareness and formal sign off accepting the residual risk before implementation.Performed info sec risk assessments both at the vendor relationship level and at change/engagement level.Performed both pre-contract review and periodic review of vendors to ensure the risk is maintained within established threshold. Reviewed SOC 2 (SSAE 16) reports.Proof of concept of vendor product  Ensured the Info Security posture and controls meet Security Policy at State Farm.Managed findings on IT security vulnerabilities and gaps in business processes, by remediating, mitigating, or recommending acceptance or transfer the risk.oDesigned, developed and deployed a finding management process that helped in streamlining the management of findings that Bank info security owned  this also enabled reporting and closer tracking and ensure resolution to the finding.Owned/Managed the team SharePoint site thats primarily used to keep track of work assignments, store work papers, assessment reports and design documents.Provided security solutions for initiatives spanning across the full spectrum of business operations:oDeposits origination and servicing platform enhancements.oLoan origination application enhancements and migration.oLoan underwriting application deployment.oMortgage origination, underwriting and servicing application enhancements and migration to new version.oCredit Card origination application enhancements and new application deployment.oCredit Card underwriting and servicing enhancements.Security Controls Practitioner, Ford Motor Company, July 2016 to July 2017Security and Controls Professional responsible for a portfolio of applications, and associated infrastructure, ensuring IT Controls are appropriate based on risk and are documented in compliance with the Information Security Policy, working with the Business Owner and SupplierFacilitating communications with Vendors in identifying and documenting IT control.Consulting Security Control Processes to the application teams and application business owners.Facilitating communications with Operations and General Audit Office.Identify Operations-Identified Comments and Risk.Participate in Information Security presentations and events.Consult with Infrastructure teams and coordinate with Internal Control Coordinators for Application/Infrastructure Control Reviews and Risk Assessments (i.e., ACR/ICR/CIA rating).Provide support for audit process for the IT Operations, internal General Audit Office (GAO), and external audit parties. Facilitate the GAO Audit Information Request submission and interface with the audit team during all phases of the audit cycle including pre-planning, testing and formalizing identified gaps.Assist the IT Operations services groups with the audit comment remediation development actions and monitor sustainable closure of the audit comments.Provide guidance, direction and consultation for the annual IT Systems Control Review Program.Assist with development of Business Continuity and Disaster Recovery plans (BC and DRP).Review and approve as required for infrastructure controls reviews, decommissioning documents, and Enterprise Host Protection Audit Systems (EHPAS) filtering requests.Participate or lead on-going global Infrastructure Security Controls process improvement initiatives.Provide metrics and Security Controls and Compliance status to management periodically.Information Security Governance, Risk & Performance Analyst, BCBSM, April 2015 to April 2016Information Security management consisting of policies, controls and processes.Conducting information Security training and awareness programsHosting new employee Information Security new orientation, groups of up to 100Hosting specialty awareness training for executives and specialty groups like legal and application developers, groups of up to 20Coordinate and host security awareness events across different BCBSM sitesDeveloped Information Security posters, advertisement and pamphlets to aid the awareness effort.Implement Computer Based Training across the enterprise as well as work with Corporate Requisition in the process of selecting vendor for Computer Based TrainingWork with many functional and business units: Enterprise Information Technology, Privacy & Security Compliance, Corporate & Financial Investigations, Corporate Compliance, Audit, Legal and others.Provide input into information security incident management, especially for risk treatment process.Perform cross-functional collaboration with the other members of the information security team to manage information security risk identification, mitigation and acceptance processes in coordination with security operations; risk planning, mitigation and remediation to address information security deficiencies.Communicate effectively regarding security, privacy, risk, and compliance to senior business leaders and fellow team members, report status and performance to operational and executive management.Performing vulnerability scans using tools like Qualys and Nessus and compiling reports for senior management.Data Loss Prevention - making sure that end users do not send sensitive or critical information outside the corporate network. This included data on the cloud, on the premises as well as mobile devices.Worked with Internal Audit, Executive Management and other departments to establish audits and reporting.Conduct security assessment of Companys network and computing architectureSecurity Analyst II /Technical Trainer, Care Tech Solutions Inc., Troy, MI, August 2006 to April 2015Vendor Risk Assessment with BMC systems on New Products, Product UpgradesLead regression testing efforts before and after vendor software upgrades to ensure functionality and compliance with HIPAA standards.Hands on with the implementation, configuration and maintenance and use of security software which included SolarWinds, LastPass, Symantec Endpoint Protection and Cisco AnyConnect.Working with several hospitals across the U.S. providing HIPAA and Security Awareness Training to hospital IT employees.Assisting with the development and implementation of Security PoliciesAssume responsibility for leading training initiatives. Mentor technical personnel to perform at an optimal level.Oversee field support and communications functions. Authorize security access request. Facilitate system software and hardware upgrades. Manage BMC Remedy System.Customer Service Representative, Audi of America, Rochester Hills, MI, August 2002 to August 2006Supported authorized dealers in resolving customers issues. Collaborated with field support personnel in devising solutions for technical issues affecting vehicles.OTHER WORK EXPERIENCECustomer Service Intern, GMAC Financial Services Auburn Hills, MI, June 2002 to August 2002.MEMBERSHIPActive member of the Information Systems Security Association (ISSA).SEMINAR ATTENDEDInternational Seminar on Cyber Security, De Montfort University, Leicester, United Kingdom, 2013.SUMMARYCandidate's Name  is an Information Security professional with more than 15 years in the Information Technology and Information Security fields. He has specialized knowledge in the field through both formal education and work experience. He graduated with an Information Security bachelors degree from Baker College and a masters degree in information Security at the University of Detroit Mercy. He is an experienced instructor and trainer with several years of experience. He has worked in the Information Technology industry with a special focus on healthcare. He has worked with several hospitals as well as health insurance providers and is familiar with laws, regulations and standards like HIPAA, HITECH and HITRUST. Michael holds several industry certifications and is continuously researching the latest trends in Information Technology and Information Security. Michael has a keen interest in topics concerning Social Engineering, which has been shown to be the leading cause of data breaches in the past year. When not working Michael enjoys spending time with his family and traveling. He has travelled to most of the states as well as to Europe and Africa.

Respond to this candidate
Your Message
Please type the code shown in the image:

Note: Responding to this resume will create an account on our partner site postjobfree.com
Register for Free on Jobvertise