| | | 20,000+ Fresh Resumes Monthly | |
|
|
| | Related Resumes Software Engineer Project Management Coralville, IA Project Manager Business Process Cedar Rapids, IA Call Center Project Management Waterloo, IA Customer Service Project Management Cedar Rapids, IA Project Manager Management Dunkerton, IA Director IT, BI Analyst, Project Manager Cedar Rapids, IA Senior Python Developer - Atlanta, GA Fairfield, IA |
|
Click here or scroll down to respond to this candidateCandidate's Name
SAFe Certified CSM, PSM 1&2 PMI-PMP/ACP PCIP Security+ (ISC)2 CISSP, CCSP, SSCP, CCJim brings 20+ years of security project management experience including audits, certifications, implementations, and migrations in enterprise environments. He led the successful implementation of Zscaler for a global ag company on a very tight timeline, as well as several PCI certifications, CyberArk implementations, and NIST review/gap analysis. Jim is a problem-solving project manager with years of experience in solving project issues. Jim is fully trained and can project manage in Waterfall, Agile Scrum/coach, Gira/Confluence, SAFe.SKILLSAgile/Scrum (certified), Waterfall, hybridSAFe SPC6 can teach/sponsor.SDLCGap assessments, Audits, PCIM&A projectsMS Project/Project ServerJira, Confluence, Excel, VisioTeams, SharePointServiceNow, RemedyMentoring/LeadershipClient and Vendor ManagementScrum/ SAFe CoachCERTIFICATIONSSecurityPCIP: Payment Card Industry - ProfessionalCompTIA: Security +(ISC)2 Certifications: Cloud Migration, Zero Trust for Identity: Strategies and Leadership to Protect Businesses, preparing for a Zero Trust Initiative, Zero Trust Architecture in the CloudCISSP (ISC)2CC (ISC)2 Certified in Cyber SecuritySSCP (ISC)2 Systems Security Certified PractitionerCCSP (ISC)2 Certified Cloud Security Professional, Training Complete, Exam scheduled.Project ManagementPMI - PMP WaterfallPMI - ACP ScrumPSM 1 (Professional Scrum Master) Scrum.orgPSM II (Advanced Professional Scrum Master 2) Scrum.orgCSM (Certified Scrum Master) Scrum AllianceSAFe - SPC 6.0SAFe Certified Scrum Master 6.0SAFe - Advanced Certified Scrum Master 6.0SAFe - Product Owner/Product Manager 6.0SAFe - Release Train Engineer 6.0SAFe - SA 6.0:EXPERIENCESCS, Stone Consulting Services, Inc. Dec 2023 PresentContractor per hourWhile completing several ISC certifications (CC, SSCP) and gaining additional knowledge in cloud migrations and zero trust certificates, provided paid consulting services and project management within a variety of industries. Some paid contractor projects include:Advised as a contractor - companies on how to pass a PCI ROC (Report on Compliance) did this for a Commercial Services Contracting Company, a Las Vegas Casino, and an InfoSec Company.Advised as a contractor -a distribution company on how to pass a PCI SAQ (Self Assess Questionnaire).Advised as a contractor - an InfoSec company as to how to bid on a Zero Trust implementation, did training sessions on what zero trust implementation would look like, and spoke to the company the Service Contractor was doing a Zero trust bid for.Advised as a contractor - a Healthcare company on creating a secure zone for a PII and PHI data and controls for egress and Ingress security policies.oDiscussed with the staff, the pros and cons of moving the information to the cloud.oAdvised what cloud services are the right fit for their needs.oDiscussed best migration practices and proper risk management for the situation, and proper strategies.Discussed with their IT staff what is the correct way to implement a Zero Trust environment in the cloud.oAssessed current and past situations they experience in the cloud environment and provided solutions to implement a Zero trust.oDiscussed changes in SDLC from internal Datacenter vs. Cloud SDLC, and how to insert Security into their SDLC process in the cloud.For each PCI engagement, reviewed the new PCI DSS 4.0 what has changed and how it affects the client, as well as the process for passing a ROC, and dealing with the independent QSA.Medical Sabbatical December 2021-December 2023Time off for medical reasons.While rehabbing Jim took many classes to become certified in Agile and SAFe.Corteva Jun 2021 Nov 2021Security Project Manager - Zscaler ImplementationTested and implemented Zscaler product in entire company.Project managed deployment to all desktops in the organization.Worked with contractor Zscaler PM to coordinate the Corteva Zscaler team for daily 2-a-day meetings. Maintained notes and to-do lists. Drove tasks to completion.Solved multiple project problems.Coordinated with several Corteva datacenters and Corteva Datacenter Managers around the world to manage the implement the Zscaler product in different time zones and different countries.Verizon to Accenture briefing and hand over datacenter support project.Worked with Accenture project manager to coordinate our combined activities to get Accenture familiar with Corteva datacenters. Resolved many disputes between organizations and kept the project moving forward. We ended the project on time.Worked on getting both sides, Corteva and Accenture, back together as they disagreed regarding monies owed and stopped working on the project before I was assigned. I was able to resolve the monies issue and got the project back on track and plotted a course to finish with a very tight schedule on time.Caseys Dec 2020 Jun 2021Transformation Consultant Buckys transformationWorked with Buckys resource to coordinate activities.Resolved all actions needed to make Buckys transition to Caseys.Created a project plan that would list all the activities to complete a transition and have us finish on time.Corteva Jun 2019 Dec 2020Sr Project Manager - SQL Optimization Projects (CTAS)Migrated Dev, SIT, UAT environments from full SQL licenses to Free Dev SQL licenses. 6 million in savings. SQL patching throughout the organization.Scrum Master: Agile re-write of application that reached its maximum ability with Access to a SQL based application. Used full agile planning and execution using Jira, Azure Dev Ops, Kanban boards and Trello.Federal Home Loan Bank of Des. Moines Sept 2018 Feb 2019NIST SMEWorked with IT teams to define NIST standards and determine how it fits in infrastructure.Conducted gap assessment meetings with infrastructure teams to get an estimate to where they are currently with implementing the standards.Created a tracking spreadsheet of totals reporting. Reported out to upper management with results.Dupont Pioneer Feb 2016 Aug 2018Migration Project Manager - Spin Project User MigrationProject Managed the migration of 12,500 users back from one domain.Worked with Microsoft on their migration portal to reverse the direction.Project Managed 100s of sites to prep and execute the migration.Modified the way the migration was conducted by working with the IT team to create a scripted process versus a manual process. Lowered defect rate and speeded up the migration process.Sands - Venetian Hotel Las Vegas Apr 2016 Dec 2016PCI Security Project ManagerA PCI initiative was already underway, but QSA (Qualified Security Auditor) had walked off the project. Met with QSA and resolve their differences.Set new expectations between the Sands and the QSA.Reviewed gap assessment and checked current requirement evidence locker. Identified short comings in the evidence and met with IT and technical writer. Discussed why evidence was insufficient and where evidence was needed to meet the 365 controls. Created a project plan to address remaining requirements needing to be satisfied. Conducted WebEx meetings with QSA and Sands to approve remaining requirements. Drove requirements to completion.To satisfy one PCI requirement, corporation first had to decide on which outside organization to follow. I discussed NIST, CIS, ISO, etc, and the pros and Cons of each to bring the Sands to a conclusion. Once the NIST outside security frameworks was decided on, the project had a framework to follow. All the 365 PCI controls were referenced back to NIST for clarity. Acted as requirement SME. Evidence first passed my inspection before it was presented to QSA. Developed IAMDupont Pioneer Oct 2014 Mar 2016Spin Project Manager User MigrationProject Managed the migration of 12,500 users from one domain to another and to lock down the security of domains.Project managed application moving from one domain to another.Project Managed 100s of sites to prep and execute the migration.Worked with IT to lock down the Active directory and not disrupt the project.Aetna Jan 2014 May 2014PCI Security Project Manager - PCI SME.Priority 1oIn a short time, prepared Aetna for a QSA audit.oConducted WebExs with Aetna staff and the PCI auditor.oConducted gap assessment with IT and the QSA.oCreated list of remediation work from WebEx assessments with auditor.oWorked with component owners to create project plan and deliverables for remediation work.oConducted regular meetings with component owners to check on progress of remediation work.oStood Archer back up in preparation for a PCI audit. Matched PCI controls to NIST controls.oAudited Aetnas international controls and make recommendations.oCreated process to remediate Aetnas vulnerability scan reports.oDeveloped IAMPriority 2 Worked on Aetnas NIST initiative.Allstate Mar 2014- Dec 2014PCI Security Project Manager - SME/PCIProject Managed new application installation and configuration of the CyberArk application.oCreated business requirements for an enterprise solution.oSized infrastructure to meet business requirements.oCreated cost estimate documentation.oManaged gating process.Worked with the CyberArk vendor on costs and deliverables and timing.oProjects managed included the standup of the infrastructure in 2 different datacenters, the installation of CyberArk to match business requirements, and safe creation for applications and components.oCreated slide deck on how to order a safe and held WebExs to demonstrate how to order a safe. Managed application ID and password upload into CyberArk.oCreated slide deck on how to use CyberArk safe and held WebExs on how to use the safe.oProject managed Component and Application Privileged ID and password upload into CyberArk. Project managed over 100 new CyberArk safes and uploading of privileged passwords on a tight timeline and completed on time.HIPS installation: Project managed installation of HIPS 8 on 1000 desktops across several call centers for network isolation.oCreated project plan for a very tight schedule, moved it through gating steps, managed the coordination and timing between the HIPS team and the call center teams, and completed project on time.Verint call recording with encompass.oProject managed the cleanup of old call records with credit card information. Created project plan. Acquired funding. Moved project through gating process. Managed the creation and timing of change tickets. Managed the schedule as to not interrupt production.oMoved thousands of production records to new NAS Filer without interruption to production on time. Cleaned records of credit card information and moved the clean records back to production.HelpdeskoProject managed new process for helpdesk to verify user on another end of the phone and the new process to use a random password generator.Reviewed and modified several groups for proper access rights, RBAC and adjusted.Project managed asset modifications to add several new flags for input components and new applications into CMDB. Documented current process flow with Visio work streams and documented new workflows that were needed.TrainingoProject managed training for developers, so they could pass the QSA interview regarding secure code development. All Developers passed the QSA interview, and all scored a 100.oDeveloped a repeatable training Program for secure code development.Project managed several complex password changes that involved SQL and multiple applications and completed on time. Discovered application developers were using the privileged usernames and passwords.oManaged the creation of change tickets. Coordinated between the SQL team and the application team. Changed the passwords and uploaded new passwords into CyberArk.Created a training library of Power Point slides for all the DSS 3.0 requirements to help the teams understand what requirements they own and what does the requirement mean to them and what evidence they will need to create to satisfy that requirement.Held WebEx training sessions for all the component and application teams to discuss what requirements they own and what evidence they need to create and when they will need to have it by.Filled in where needed on other tracks to help pass the QSA audit.State Farm Aug 2013 Dec 2013PCI Security Project Manager - PCI SMEWorked with application team (DC8) as they deployed the addition of Amex/Disc onto their websites as additional choices for customers to pay with credit card.Monitored and advised secure code development.Attended and represented application team in PERT meeting to achieve gate approval to move through their environments and into production on Dec 8th, 2013.Requested and analyzed vulnerability scans for new code both static and dynamic. Made recommendations on findings. Presented clean scans to PERT meetings for gate approval.Managed application teams PCI secure training achievement. Developed IAMAdvised present PERT team on PCI related issues that I have seen on other projects as they maintain their PCI ROC compliance.AIG Apr 2012- Dec 2013PCI Security Project Manager - SME/PCIDeveloped the InfoSec roles, responsibilities, and mission statement.Worked on Federal Readiness audit remediation and identified test procedures and test points for auditing.Wrote all policies, procedures, standards, and processes to comply with the PCI DSS. Worked with several teams including application, infrastructure, and security to design processes to satisfy the PCI DSS. All successfully approved by the QSA from Protiviti. Worked with the business side of the DSS to gain approval by QSA.PCI call center remediation. Identifying processes of all Call Center activities and remediating (changing) processes to meet the DSS requirements.Walked through their SDLC process and put security into the process with additional steps. They are now securing their code before it is put into production using a combination of manual review and App Scan by IBM. Their SDLC process now is PCI compliant.Managed Application Penetration testing for PCI QSAs approval. Pen tested several verticals and gathered results from scans and worked closely with IS/IT teams to remediate findings and rescanned to get passing results.Developed clients Vulnerability Management Process. Developed a process to assure quarterly vulnerability scans were conducted on time and remediation was conducted on time.Worked on SOX and PII compliance issues.Developed IAMPrior Roles Held:Liberty Mutual - PCI Security Project Manager ME/PCI - PCI DSS PM for Hosting Unix/Wintel TeamStarwood Hotels - PCI Security Project Manager SME/PCIITA Group Inc. - PCI Security Program Manager - PCI DSS CertificationAviva - PCI Security Project Manager - Network Security Audit RemediationWells Fargo Senior Project Manager - Datacenter infrastructure and application installationsPearson - Senior Project Manager (ITPM/Scrum Master/Architect) for major initiative.State of Iowa and Kaiser Permanente - Senior Project ManagerNorthrop Grumman-IT - Project ManagerTelePacific - Telecommunications CLEC - Director IS/ITAffordable Technology - Project Manager / Director of IS/ITNorthrop - Manager, IT/Technician B2 Bomber and SBIRS Projects. |
