| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Street Address
Phone: PHONE NUMBER AVAILABLE E-Mail: EMAIL AVAILABLEObjectiveDynamic Information Security Leader pursuing the role of Director or C-level executive in a fast paced, multi-faceted IT operations environment. Expertise providing security solution services, management, and security direction and guidance to business groups, IT support teams, and project teams. Leveraging CISSP and HCISPP credentials with a MBA and a well-rounded background including IT operations and engineering, risk management, strategic guidance, and thought leadership.ExperienceKUMA Senior Security Analyst Aug 2021(PT)-April 2023(FT)-present* Provide fractional CISO services to multiple clients* Drive Policy and Procedure creation and updates* Work with HITRUST assessors to achieve HITRUST certification and renewals* Provide Incident Response leadership* Maintain and test Business Continuity and Disaster Recovery Plans* Provide end user training to maintain compliance and build end user awareness* Provide factional Cloud Engineering services to multiple clients* Update and maintain existing cloud infrastructures in AWS, GCP, Azure, and Microsoft 365* Monitor and update security configurations as needed for effective Security Operations in a virtual data center infrastructure* Work with cloud engineers from other clients to establish secure VPN tunnels to transmit PHI data* Monitor and provide security enhancements to cloud VMs and end user endpoints* Work with 3rd party pen testers to identify and remediate vulnerabilities* Maintain and update cloud networking and security controls to ensure HIPAA complianceVirginia Community Capital Information Security Officer Jan 2021(PT)-April 2022(FT)-April 2023* Wrote and updated policies and procedures to facilitate maturing the Information Security program* Worked with IT to implement additional security controls including Microsoft Intune and Conditional Access* Spearhead all audits for VCCSE ensuring they were completed on-time* Utilized FFIEC as a CMMI to determine next areas of improvement in the Information Security program* Developed scripts as part of a daily secure file transfer process* Daily vetting of security alerts from various sources and performing full follow-through up on incidents* Hire a Vendor Manager to perform 3rd party risk management for the Vendor Management programBrownGreer PLC Cloud Engineer November 2020-April 2022* Managed the Palo Alto firewires for interconnection between sites and Microsoft* Planned and implemented an IPSec firewall cutover to retire a Microsoft Express Route tunnel* Created and implemented a process to migrate DNS zone records from UltraDNS to Azures DNS* Architected a GlobalProtect migration to Azure and implemented firewall load reduction changes without compromising security* Managed the organizations Azure Active Directory environment directly and via PowerShell scripts* Documented and updated the infrastructure via Visio and Word diagrams and proceduresRxEOB Chief Information Security Officer (CISO) June 2020-November 2020* Wrote, updated, and created policies and procedures aligned with HITRUST, HIPAA, and business goals* Lead 3rd party penetration tests and worked with the DevOps team to remediate all findings* Performed an internal risk assessment of IT and physical vulnerabilities as they related to HIPAA and lead corrective action projects* Conducted phishing campaigns, measured responses, and recommended training opportunities* Performed monthly tabletop exercises to test and document different risk mitigation scenarios* Designed and implemented a backup solution using Azure Site Recovery and rewrote accompanying policy and procedures* Initiated and lead the Microsoft Intune project for Mobile Device Management (MDM) and data protection* Performed regular security audits and risk assessments and provided written and verbal updates to Senior Management* Ensured policy and technical controls met or exceeded requirements for protecting client PHI data* Communicated technology and security strategies to partners and clients* Directed, approved, and supervised the implementation and maintenance of the information security systemsePlus/BrownGreer PLC Consultant / Sr. Cloud Engineer February 2020-June 2020* Initiated and lead the Microsoft Intune project for Mobile Device Management (MDM) and phone system conversion* Co-implemented, monitored, and managed an emergency Virtual Desktop Infrastructure (VDI) at the start of the COVID pandemic* Assessed remote access risks and received approval to modify access controls for VDI and MDM environments* Assessed and made updates to BrownGreers cloud enterprise technology strategy and architecture* Performed regular monitoring and troubleshooting in an Azure VM environment* Managed the organizations Azure Active Directory environment* Documented the infrastructure in Visio and maintained updates and changesCovenant Woods Security Architect / Sr. IT Systems Admin November 2017-February 2020* Initiated and presented a risk assessment of the facilitys aging IT computing infrastructure* Configured and monitored the security for the onsite and offsite operational data infrastructure* Planned and executed a $750K upgrade of the entire network infrastructure using Extreme switches and wireless access points* Executed an internet upgrade to bring fiber into Covenant Woods and added high-availability for business continuity* Lead a 3rd party audit and utilized findings to prioritize and implement security protections to ensure HIPAA compliance* Engineered a DR/BCP solution configuration, management, ongoing monitoring and proactive testing to mitigate the risk of data loss and prolonged outages* Built, configured, managed and maintained the end-to-end IT infrastructure including firewalls, switches, wireless access, servers, PCs, and VMware ensuring that all systems and maintenance are accounted for in the budget* Planned and executed the migration all staff users from internal Office and Exchange to Office 365 and Exchange 365* Managed DNS, protocols, certificates, ports, and ingress/egress restrictions, Microsoft Group Policy and Active Directory management* Recommended, installed, and configured monitoring tools and alerts (intrusion detection, anti-virus, anti-spam, etc.) - investigated occurrences of spoofing or phishing and updated whitelist/blacklist prevention measures* Routinely audited Active Directory user and group accounts, MS Exchange accounts, folder permissions, and login activityCore Consulting/DPME Consultant August 2017-November 2017* PHP/MySQL/HTML programmingAftertime LLC Principal August 2017-August 2022* Consulting as a Security Analyst/ArchitectAstyra Corporation Consultant April 2017-May 2017* Performing consulting as an IT Security Analyst* Subcontracted to work on IT risk assessments* Contracted to update IT security policiesAltria - Business Information Security Officer (BISO) March 2015-October 2016* Provided daily IT Security/Risk Management consultation to the ALCS IS operating company from the Director level down* Member of the internal CISO Board reviewing requests that tested the limits of existing policies* Develop and manage policies, procedures, standards, and guidelines for the protection of Altria data in internal, external, and Azure cloud infrastructures* Performed internal and 3rd party IT risk assessments, worked with suppliers on their remediation efforts to ensure compliance to Altrias * IT contractual data security requirements, and leveraged risk-based ROI strategies to determine if solutions were warranted* Leveraged attack tree software to model and measure risks to the infrastructure to pinpoint areas of weakness* Architected, procured, and implemented an internal Static Application Security Testing (SAST) solution to improve the overall Security CMMI as gap identified by an audit presented to the Board of Directors* Worked on converting policies, procedures, and standards to fit the ISO27001 frameworkGenworth Financial Information Security Architect January 2010-March 2015* Member of the internal IT Security Council and Data Governance Council develop and review policies and procedures based on core risk management methodologies* Architect, administer, and manage policies for the Data Loss Prevention (DLP), Proxy, Firewall, SIEM and IDS/IPS infrastructures from manufactures including RSA, BlueCoat, and Palo Alto* Special Project - IT Project Lead for a large sub-business divestiture coordinate all IT-based separation activities identified and backed up all divesting businesss data, monitored and closed network ports in phases as part of the separation* Coordinated, managed, and executed a disaster recovery test of all R&P applications that fell under SOX Level 2&3 compliance* Worked with all teams to get the R&P Server farm accounts into Attestation compliance* Recommended and made changes for DLP to quarantine traffic going to Exchange Online and cloud file share services* Manage Genworths brand and reputation management services including domain registration and abuse notification* Continued performing OWASP vulnerability detection for, management of, and training on website vulnerabilities* Utilized a Security Information & Event Management (SIEM) system to collect logs from all network devices and perform queries* Performed IT Security Information research and early detection in partnership with the Genworth Fraud Response TeamGenworth Financial Web Infrastructure Architect September 2006-January 2010* Performed OWASP vulnerability detection for, management of, and training on website vulnerabilities* Stabilized and administered a web content management system for Genworths externally facing web sites* Strategized, procured, implemented, and managed a Google search infrastructure* Worked on a software development life cycle (SDLC) management system to store code and check for bugsGenworth Financial Infrastructure Architect January 2005-September2006* Special Project Divestiture Designed, architected, and implemented a midrange data center migration of 80 servers, 3 storage arrays, and a tape library in an 18-month project on-time and under budget* Used business continuity practices to migrate data between application servers across three different data centers* Updated a 3-tier network architecture of layered security to host a new set of applications and database serversGE Financial Assurance/Genworth Financial Sr. UNIX Systems Administrator November 1997-January 2005* Procured and provided application, storage, and security management for dozens of small to very large UNIX servers 4* Procured and managed a storage area network and tape library infrastructure consisting of 24TB across two data centers* Architected dozens of security solutions to control access to data and applications on UNIX and Linux servers* Architected and implemented a BCP solution and participated in multiple DR drills at an offsite locationEducationCapella University MBA IT Management 2010-2013 Completed with a 4.0 average - Graduate with Distinction.University of Virginia, SEAS BS Electrical Engineering 1988-1992 Alpha Chi Sigma professional fraternity; President of the UVA amateur radio clubAwards and Special TrainingHealthCare Information Security and Privacy Practitioner (HCISPP) (ID:410440) [2016]; Certified Information Systems Security Professional (CISSP) (ID:410440) [2011]; GIAC Certified Incident Handler (GCIH) [2016]; GIAC Security Essentials Certification(GSEC) [2015]; Cisco Certified Network Administrator (CCNA) [2000]; UNIX/Linux system administration; Windows system and application administration; DoD Secret clearance [expired]; Eagle Scout - BSA.Additional Skills/KnowledgeMicrosoft Windows Server; Microsoft Office & Office 365; Microsoft Exchange & Exchange 365; VMware; Firewalls (Fortinet, Palo Alto, Netgate, Checkpoint, Cisco); Disaster Recovery (Azure Site Recovery, Barracuda, Axcient); Security Tools (TrendMicro, SolarWinds, BurpSuite); Proxies (BlueCoat); Data Loss Prevention (RSA); IDS/IPS (Fortinet, Palo Alto); Application Security Testing (Whitehat, IBM); Residential Gateway (RG Nets rXg); SIEM (FortiAnalyzer, Splunk, QRadar); HP, Sun, and IBM UNIX & Linux; Shell scripting/Regular Expressions; Cloud Technologies (Microsoft Azure, Amazon Web Services); ISO270001, NIST 800, HiTRUST, CIS, COBIT FrameworksPatentsWOPHONE NUMBER AVAILABLE A3 - System and method for providing access to resources using a fabric switchWOPHONE NUMBER AVAILABLE A3 - Data center providing geographic redundancy |
