| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name , CISSPStreet Address
Mobile: PHONE NUMBER AVAILABLEEMAIL AVAILABLECYBER SECURITY ENGINEERSkilled Senior Information Security Engineer and Architect with extensive 29-year analytical background in information security risk management and systems security engineering, including recognized service in the banking, financial services, State Government and IT services. Numerous successes with detailed risk analysis and vulnerability management program implementations. Excels in ISO/IEC 27001/2, NIST Risk Management Framework based security risk assessments for technology deployments, ranging from web-enabled e-business applications to proprietary portal network architectures.Professional CertificationsCISSP - Certified Information System Security Professional[Expired] GCFA - GIAC Certified Forensics Analyst [2007 - 2021][Expired] GREM - GIAC Reverse Engineering Malware [2005 - 2021][Expired] GCUX - GIAC Certified UNIX Security Administrator [2005 2018]MCSE - Microsoft Certified Systems Engineer Windows 2000MCDBA - Microsoft Certified Database Administrator SQL Server 2000LEADERSHIPCore Competencies: Information Security Program Management, Security Operations Team Leadership, Enterprise Security Risk Management, Secure Enterprise Architecture & Design, Critical Incident Response and Forensic Recovery, Information Security Program Management, Security Operations, Security Engineering, Security AssessmentsPROFESSIONAL EXPERIENCEDenver Health and Hospital Authority, Denver, Colorado 03/2023 09/2023CYBER SECURITY CONSULTANTHelped with onboarding new employees, contractors and studentsPerformed threat hunting activities including malware attacks, phishing emails, and forensic research on log anomaliesGap Analysis helped determine cyber security related needs, assessed coverage by existing tool sets, with recommendations on needed functionality (Learned all 18 Security tools)Worked with several cloud-based security/endpoint management toolsSexing Technologies Genetics, Navasota, Texas 07/2021 04/2022CYBER SECURITY CONSULTANTInterim Cyber Security Manager to maintain needed day to day cyber security operationsPerformed threat hunting activities including malware attacks, phishing emails, and forensic research on log anomaliesPerformed Firewall policy audits, including Web Application Firewall monitoring and maintenanceIntrusion Prevention System (IPS) rules check and monitoringGap Analysis helped determine cyber security related needs, assessed coverage by existing tool sets, with recommendations on needed functionalityCollaborated / Communicated with Stakeholders and the Chief Administrative Officer for the company regarding incidents and project requirements, status and resultsAdvised on implementation of NIST SP800-53/53A in to Risk Assessment process in the EnterpriseWorked with several cloud-based security/endpoint management toolsHelped with design and architecture of network projects to support core businessAchievementsPerformed cyber security consulting role during third party vendor pen testing and discussions on coverage for the Center for Internet Security (CIS) Critical Security Controls for version 7.1 and 8Provided cyber security research to answer upper management and C-Suite concerns and considerationsTaught security awareness regarding the companies valuable herd management data and the need to legally protect it, not just with security controlsAPEX Systems, Inc. at the Texas Department of State Health Services, Austin, Texas 07/2010 06/2021INFORMATION SECURITY ENGINEERPerformed information security related tasks under the general direction of the Information Security Officer and in coordination with the Security Team and Information Technology staffAnalyzed agency information security policy, standards, guidelines, plans, and procedures for network and system securityResponsible for working individually and collaboratively to achieve cost-effective, timely, successful completion of team goals, objectives, projects and assignmentsPerformed advanced computer systems security analysis work regarding forensics, email phishing, threat hunting, malware attacks, and incident response.Performed technical risk assessments and reviews of new and existing applications and systems, including data center physical security and environment, to include NIST SP800-53/63A controls into assessment process and ensuring Regulatory Compliance (Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Trust Alliance (HITRUST Common Security Framework (CSF)))Analyzed information and systems security requirements for Proof of Concept/Value engagements, RFOs, and security architecture documents.Collaborated / Communicated with Stakeholders and CISO for the Agency regarding incidents and project requirements, status, and resultsEvaluated and recommend action on testing and certification of software and hardware upgradesReported on work products for customers and higher managementAchievementsHelped build process for performing risk assessments, including developing a C & A program integrated into the processCompleted risk assessments for systems, 108 systems, containing PII and ePHIBuilt core servers for PKI infrastructure with PGP Universal Servers, a requirement for use of Veterans Affairs (VA) and Center for Disease Control and Prevention (CDC) Cancer Registry dataGuaranty Bank, Austin, Texas 10/2003 04/2010SENIOR INFORMATION SECURITY ENGINEERLed Security Response Team and coordinated incident management activitiesArchitected antivirus system for 8,600 workstations and 1,300 servers and developed associated policies, procedures and documentationDesigned enterprise security architecture requirements and worked with various key stakeholders to gain consensusPerformed forensic preservation of sensitive information for litigations as directed by General CounselIdentified threats to sensitive information or private customer data and recommended mitigating actionLed Security Response Team and coordinated incident management activitiesResponsible for Firewall maintenanceArchitected and administrated Information Security Servers for Information Security Risk Management DepartmentDatabase Administrator for various security systemsPerformed security engineering analysis for all infrastructure and application deployments, incorporating NIST SP800-53/53A controlsCollaborated / Communicated with Stakeholders and CISO of the Bank regarding incidents and Project requirements, status, and resultsEscalation Point for information assurance teamConducted training and evaluation of risk management staffAchievementsKey member of the infrastructure transformation team as Guaranty Banks parent company was divided into three separate companies. Each managed application/device was duplicated for other lines of businessDesigned and implemented IronPort Email Gateway, Firewalls, and ISA/SurfControl infrastructuresDeployed security monitoring tools to provide security event correlation and alertingFacilitated collaboration between enterprise architecture and information risk management departmentsEvaluated security tools for business requirements and cost-efficienciesEDUCATIONBS, CHEMICAL ENGINEERING December 1994The University of Texas, Austin, TexasCHEMICAL ENGINEERING AND ECONOMICS PROGRAMS 01/1988 - 08/1990Syracuse University, Syracuse, New YorkPROFESSIONAL AFFILIATIONSISC2 Member - 2007 Began Proctoring CISSP examsSANS SANS GIAC Advisory Board MemberTexas Exes Student Association - Life Member |
