| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Bedford, MA Street Address
PHONE NUMBER AVAILABLEEMAIL AVAILABLEVP of Security Marriott Loyalty, World Wide OperationAccomplished and business savvy IT professional with robust experience acquired over Thirty years in information technology delivering optimal results and business value to fortune Five hundred companies by establishing key relationships with business segments globally and in US. Skilled in leading a diverse team in 7/24/365 environments, developing customers and vendor relationships and driving innovative digital transformations. Responsible for global database security and compliance in a multinational hospitality organization. Knowledge and experience in corporate security, data center, cloud computing, data management, and analytics. Exceptional communication and presentation skills and proficiency in grasping new concepts and staying with trends and technologies.Skills Area: Security and Compliance Project and People management Process improvement Strategic and Operation planning Business development and Negotiation Design and Presentation Cross functional leadership in a 7/24/365 environment Cost and Competitive analysis Technical Architecture and Assessment Client and vendor relationship management Training and hands on systems engineering.EXPERIENCEMarriott Corporation Boston, MassVP Security - World Wide Operation 2020 Present* Securing Marriott Bonvoy Reward system worldwide by engaging with business partners, internaland external stakeholders and vendors.* Analyzing existing applications, architecture and developing, conducting security awareness trainingand recommending solutions to optimize and reduce cost and improve efficiency throughout the company.* Setting up goals, managing risks, guidelines, expectations, timelines and recommending strategies.* Acting as the key liaison between Information Security, relevant business units, and outside vendors tounderstand and translate business requirements to functional and technical solutions to achieve commercial objectives* Managing and leading a Database security team in a fast phase 7/24/365 environment, working withtraditional data centers, public and private cloud.* Managing operational expenses and capital budget for Information Security team.* Continuously building and developing effective working relationships with the relevant business stakeholdersto serve as a key decision maker and advisor on strategic business issues.* Securing Loyalty database systems throughout the company by analyzing large data sets on a daily basisusing analytical tools. Monitoring data, activity, gap analysis, breach of data, anomalies, and userbehavior analytics and creating reports and dashboards.* Working with various technology/business stakeholders at to integrate relevant data sets into enterpriseGRC Solution* Adhering to Governance, risk and Compliance (GRC) complying with internal Marriott mandates.* Lead on complex technical and high change and incident management issues.Wells Fargo Bank Boston, MassAssistance Vice President - Security & compliance 2018 2020* Worked with Technology, operations and stakeholders to determine process improvements and strategicDirection, including development of and monitoring of database systems in the bank.* Creation and maintain of security architecture artifacts (models, templates, standards and procedures) thatcan be used to leverage security capabilities in projects and operations.* Monitored information security trends internal and external to the Company and keepsLOB leadership informed about information security-related trends.* BAU Query Management and Resolution, escalation and remediation in support of Auditing.* Drafted security procedures and standards to be reviewed and approved by executive management* Validated IT infrastructure and other reference architectures for security best practices and recommend changesto enhance security and reduce risks, where applicable.* Evaluated statements of work (SOWs) to ensure that adequate security protections are in place.* Leveraged risk-based reporting to shape the risk posture and subsequently derive guidance to improveinformation security adoption across assigned lines of business.* Change management, incident management and response, escalations, compliance and reporting in a 7/24/365environment.* Adhered to Governance, risk and Compliance (GRC) with internal Bank and Government mandates.* Technical/leadership role in Database Activity Monitoring (DAM) and Vulnerability Management (VA)projects from design, architecture to development, migration and operation of a new environment.* Analysis of Qualys scans on a periodic basis and making appropriate decisions based on severity of issues.* Maintained and enhanced in policy in conjunction with SOX policy.* Developing documentation, and analysis of business & technical requirements.Vodafone U.S Boston, MassManaging Cyber Security Lead 2014 2018* Maintained high schedule adherence, change management, response incidents, escalations, prioritiesCompliance and reporting in a 7/24/365 busy environment. Working with stakeholders throughout theEnterprise (offshore and onshore) team on identifying acceptable levels of risk. Adhering to Governance,risk and Compliance (GRC) Principal and methodology for Bank of America.* Assigned incidents to L1, L2 engineers. Providing supervisions, guidance and knowledge to Seven L2engineers.* Engineering lead on complex technical issues and high incident management issues, coordinating activitieswith vendors such as IBM and Cisco.* Provided client management and external stakeholders with an appropriate level of communicationand insight into Risk Convergence and Data Analytics.* Analyzed and translating business, information and technical requirements into an architectural blueprintthat outlines solutions to achieve business objectives.* Anticipate and react to major technology changes to ensure the company maintains a robust IT infrastructurethat creates cost-effective, ongoing business efficiencies.* Ensuring data integrity and provide a smooth transition when new software or hardware is added to existingInfrastructure.* Buit and maintained business relationships with internal customers including key senior stakeholders.* Technical/leadership role in Database activity monitoring and compliance (DAM) and VulnerabilityManagement (VA) projects from design, architecture to development, migration and operation of anew environment using IBM InforSphere Guardium.* Developed documentation, and analysis of business & technical requirements to ensure compliance withPayment Card Industry Data Security Standard (PCI) and Sarbanes Oxley (SOX) regulations* System engineering duties as needed :( Installations, Data loss, Disk management, Memory utilization,Import/export, VM, Backup/Restore, Disaster/Recovery, Upgrade, Patching, Linux/Unix, F5, Guardium, TCP/IPtraffic analysis on the stack and validation of live databases traffic (MS SQL, Oracle, Sybase, Db2, Mainframe.)IBM Corporation (Guardium Corp 2007-2010) Littleton, MassSr Professional Services Consultant 2007 2014Managing consultant at Infosphere Guardium division of IBM Corporation, delivered services to fortuneFive hundred companies including but not limited to customers such as: Wells Fargo, Bank of America, and JPMCChase, TJX, AIG, U.S Federal Reserve Bank, Banco Reserva of Dominican Republic.* Managed multiple concurrent customers, projects, deadlines, facilitating business enablement activities includingpolicy reviews, reports creation, incident response management, work flow, disaster recovery and alertsAnalysis and translation of business, information and technical requirements into an architectural blueprintthat outlines solutions to achieve business objectives.* Communication liaison between customers, partners, vendors and local teams to implement a successfuldelivery strategy within the time and budget constraint.* Installation, upgrade, configuration, administration of Linux based Guardium devices (Physical Device /VirtualVMware (ESX)) in the data centers and on the networks, using Software tap and/or physical Span port switch.* Sizing, tuning, estimating, planning, scalability, performance, assessments, analysis, project management,technical architecture, integration, customization of InfoSphere Guardium product line at the customers sites.* Consultation, auditing and compliance (SOX, HIPAA, and PCI) to ensure compliance with Governmentmandates.* Monitoring of traffic in major databases (Relational: Mysql, Oracle, Informix, SQL Server, DB2, Sybase,Netezza, NoSql: Mongodb, Cassandra) on multiple operating systems (HP, AIX, Solaris, Linux, Windows,Z/OS, and Z/Linux) remotely and on the client sites.* System Engineering: (network, disk management, memory utilization, import/export, backup/restore,database integrity, data mapping, data mart, data loss, forensics, disaster/recovery, upgrade and patching)* Integration with third party products: SIEM (ArchSight, QRadar, Envision), WebSphere, SAN, PeopleSoft,Oracle EBS, Web logic, Business Objects)* Training customers hands on in a class environment (Up to 12 people) and/or remotely as requested.PRIOR EMPLOYMENTSICONIXX INC Houston, TXSr. Technical Consultant 2006 - 2007AMERIGROUP INC Virginia Beach, VASr. IT Consultant 2005 2006TIDAL SOFTWARE INC Boston, MA,Sr. Technical Consultant 2003 - 2005OPENWAVE SYSTEMS Redwood City, CAProfessional Services Consultant 2000-2003COMPAQ CORPORATION Marlborough, MASr. Application Developer 1999 2000COMPUTER SCIENCES CORPORATION (CSC) Cambridge, MASr. Systems Analyst 1997 1999Science Applications International (SAIC) Las Vegas, NVSr. Systems Analyst 1995 - 1997R.S MEANS - CONSTRUCTION MARKET DATA GROUP Kingston, MASr. Systems Analyst 1992 1995*MASSACHUSETTS INSTITUTE OF TECHNOLOGY Cambridge, MAApplication Development Consultant 1991 - 1992SYSTEMSHardware: Linux, Windows, VMware, Solaris/HP/AIX UNIX, Main Frame Z/OS, Z/Linux/SAM, I/SAM, VMS clusters.Software : Java, C/C++, MFC, SQL, HTML, J2EE, HTTP, DNS, JSP, ASP, NTP, FTP, Tomcat, Apache, PERL, SSL,4GL, FORMS, PL/SQL, PRO C, JDBC, FORTRAN PowerBuilder, Visual Basic, Unified Messaging,Mobile access Gateway, Email systems, Cisco routers & Switches, Voice XML, UNIX Shell, SNMP, SMTP,FTP, fire wall, WebLogic, POP, IMAP, IIS, LDAP CGI, PERL, TCP/IP, Visio, MS Office, MS Project,MS Access, TIDAL Scheduler, Crystal report, Ingrian, Imperva, (WAF, WAP, DAM, Share point), Radius,CyberArk, Guardium, Jsonar, sales Force, SIEM (Arc sight, Envision, Splunk), F5 BIG-IP Load balancer, QualysBluecoat, Crystal reports, agile, Confluence, Jira, Gitlab, Sonar, Wireshark, IBM cloud, AWS Cloud,Metasploit, Kali, JIRA, Agile, Confluence, Kanban.Databases: Oracle, MS SQL Server, Sybase, MySQL, DB2, Informix, Teradata, Netezza, Postgres, MongoDB, Hadoop, Z/OSTRAINING AND EDUCATIONGuardium Security Imperva and Jsonar security and data analyticsBluecoat security F5 (Load balancer and Big-IP)Planning and Scheduling Training and certification TIDAL Scheduler Training and certificationSarbanes Oxley (SOX) and PCI compliance Variable Compensation methodologyMicrosoft SQL Server and Oracle DBA training Cryptography and EncryptionElectronic mail operation and mobile access Sales, Marketing and communication trainingCell Technology, unified messaging, Email Massachusetts Broker License.SAINT LOUIS UNIVERSITY St. Louis, MOB.A - Mathematics and Computer ScienceB.S - Aeronautical Engineering |
