| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Basking Ridge, NJ Street Address PHONE NUMBER AVAILABLE EMAIL AVAILABLEIT Program Manager Security, Risk and ComplianceIT & Security GovernanceBusiness AdministrationC & PowerShell ProgrammingProfit & Loss (P&L)Quality AssuranceWaterfall & Agile MethodologiesSoftware Development Lifecycle (SDLC)Risk ManagementNetworking & InfrastructureThird Party Risk ManagementIT Professional with broad technical and managerial experience in IT with a focus on IT Security, Risk and Compliance. Extensive business and program management experience, and a proven record of success overseeing critical infrastructure and security initiatives.Strong leadership experience, proficient in Operations Management, Profit & Loss, and IT Infrastructure implementation, security governance, and risk management.An exceptional communicator, capable of high-level networking, building and leading cross-functional teams, and collaborating across all organizational levels to ensure the achievement of immediate and long-term company goals.Highly qualified IT and business manager of enterprise networks and global carrier networks, with experience working with Fortune 2000 accounts, and reporting P&L, business results, metrics, and performance exceptions.CAREER ACCOMPLISHMENTSGeneral Manager for AT&T Solutions overseeing, $25 M, 135-person contract for Chase Manhattan Banks US data and voice outsourcing contract exceeding revenue targets by a margin of 20% for 3 consecutive years, and closing $6M+ in add-on business.Saved Chase Manhattan $1M by identifying and implementing key gain sharing opportunities.Led IT Security initiatives and strategies for major companies, including Bed, Bath & Beyond, Deutsche Bank, Quest Diagnostics, Wyndham Hotels, E-TRADE, and ADP.PROFESSIONAL EXPERIENCELiberty Corner Presbyterian Church Liberty Corner, NJ October 2022 PresentTrusteeIdentify and implement projects to maintain and improve the structural integrity, safety, security and appeal of an 800-member, twelve acre church including a childrens pre-school.Map and Digitize Cemetery Records for proper maintenance and expansion.Identify and remove diseased and dying trees for purposes of safety and grounds health.Remove and replace a 20-foot deteriorating paver circle with a new butterfly garden and memorial.Direct Boy Scout and Cub Scout troops on scheduled ground cleaning and improvement events.Remediate Childrens pre-school issues including those identified by Department of Education.Ensure proper maintenance of Cemetery grounds using allotted funds.Remediated 20-year dirt pile to ensure continued growth of mature Sugar Maple trees and address neighbors concerns.Regraded down large flower beds to ensure proper drainage of water away from foundation to address seepage issues.Manage multi-year concrete pavement and step repair and replacements.Upgraded existing Automatic External Defibrillators (AED) and installed an additional AED while providing training to all staff and teachers.C&G Consulting Services, Inc (Customer: Legend Biiotech) June 2022 October 2022Third-Party Risk ManagementThird-Party Risk Management & OneTrust Product OwnerOneTrust Product Owner for modules: Third Party Risk Management, Data Mapping, Data Discovery & Classification, Cookie Consent, Policy Management. Lead process owner of Third-Party Risk Management and Policy Management modules.Review all Third-Party agreements and provide Privacy & Security Assessments according to risk and possible mitigation including access and networking risk.Advise Legal on appropriate language to include in contracts to ensure proper risk mitigationAuthor all Policies, Standards and SOPs related the Third-Party Risk ManagementWork with IT Business Partners, Procurement, Legal and Contracting to streamline the Third-Party Risk Management processAutomate the Third-Party Risk Management process utilizing the OneTrust platform and Third-Party Risk Management moduleOverall owner of the OneTrust platform for all modules including Data Mapping, Cookie Consent, Consent, Enterprise Policy Management, et. al.DM&A - (Customer: Orlando Health) August 2021 March 2022IT Program Manager Security, Resiliency & ComplianceManaged Orlando Healths Security, Resiliency & Compliance Program and Projects including Saviynt IAM, Imperva, AD Modernization, Varonis, GRC RiskonnectDeveloped and Executed Saviynt IAM Recovery Plan1.Assembled a restoration team2.Directed the development of business processes for on-boarding personnel from disparate systems including Student Services, M&A, & MD-Staff3.Developed and executed on process to fix, streamline or eliminate IAM Technical Rules4.Developed and executed on process to address complex IAM Service Requests5.Reconfigured the networking of IAM, AD and ancillary systems to improve performanceResponsible for NIST/CIS program1.Updated existing roadmap to CIS 8.Selective Insurance Company of America (SICA) Branchville, NJ April 2019 March 2021IT Senior Security Specialist IT Vendor Risk ManagementManaged SICAs Third Party Risk Management ProgramAutomated the Third-Party Questionnaire for all new and existing Vendors providing Software as a Service (SaaS) to SICA.Authored all Questionnaires including General, Service, API and Cloud.As single point of contact reviewed over 300 contracts for inclusion of Data Privacy and Information Security terms.Authored over 150 IT Vendor Risk Reviews.Ensured the attestation and re-attestation of over 400 vendors for 23 NYCRR 500 Cybersecurity.Drove and managed the development of SICA GRC platform as well as the on-boarding of Vendors via IT Relationship Managers on-line survey input.Improved the performance of Tier 1 vendor security profiles over 6 business quarters.Implemented pro-active Tier 1 Vendor Security Posture improvement program.Monitored and improved the Security Posture of Tier 1 Vendors through active engagement through both identifying internal networking interconnection risks with Third Party Vendors and monitoring Third Party Vendor networking risks using Bitsight.Managed the implementation of SSO for existing and new vendors as well as DMARC policies concerning enforced TLS for sensitive data email transmission.The Athene Group (Customer: Starr insurance, New York City, NY) September 2018 January 2019IT Program Manager COBIT 5 SpecialistEngage C-Levels and their teams to assess the clients alignment with COBIT 5 IT process and their capabilities and maturity.Interviewed C-Level, Director and Manager personnel to assess key work product outputs in the area of Operations, Security, Change Management and Business Continuity against COBIT 5 framework.Reviewed over 700 documents of supporting material for COBIT 5 classification and population of COBIT 5 Policy and Procedure documentation repository.Authored COBIT 5 Assessment report following COBIT 5 framework on level of maturity against above mentioned areas.Authored key policies for Change Management and Security for corporate use and overall, Policy StructureReviewed, investigated, and recommended overall Policy and Procedure framework and documentation management system.Stratus Technology Services, LLC - (Customer: IFF, Union Beach, NJ) September 2017 November 2017IT Program Manager Security & NetworkingLed implementation of all enterprise IT Security projects including:Remote Single Sign-On for all employees and vendors, Automation Plant Network Segregation, IDS-IPS, Enterprise SIEM,Data Loss Prevention, Vulnerability Management implementation and final implementation of ZScaler services.Implemented global ZScaler servicesImplemented segregation/segmentation firewalls for 2 factories and planned segmentation for all worldwide plants.BED BATH & BEYOND Union, NJ March 2015 July 2017IT Program Manager Security, Risk & ComplianceLed program management of all enterprise IT Security projects, consistently completing deliverables on time and on budget, and demonstrated strong leadership in the development and implementation of system remediation initiatives for Compliance projects. Led and directed Deployment and Service Management for a wide range of Security Services including:Anti-Virus, DNS/DHCP (Blue Cat), Proxy (BlueCoat), External DNS (Akamai), Tripwire, Juniper VPN, PKI & HSM (selection to service), RSA Two-Factor, Imperva WAF & DBF (deployment & tuning), ACS, Transformation to Program Management, Configuration of Management Security Service (Windows PowerShell), and Network Segmentation for PCI Compliance.Implemented and upgraded SOC platforms as well as improved their processes and capabilities.Protiviti (Customer: Deutsche Bank, Jersey City, NJ) November 2013 January 2015IT Program Manager Security, Risk & ComplianceServed as Rollout Manager for Global Configuration Management Deployment of 1K+ Deutsche Bank servers, ensuring full compliance with Monetary Authority of Singapore requirements.Successfully coordinated Test, Quality Assurance and Production implementation with application worldwide owners.Drafted and submitted monthly progress reports to local and German project offices, and fully authored guide to assist future rollout implementation strategy.GALAXE SOLUTIONS Somerset, NJ July 2013 October 2013IT Security & Application Program ManagerOversaw development of custom software solutions within the Technology, Healthcare and Media industries. Utilized Agile and Waterfall methodologies to manage Web & New Technology software introductions for Express Scripts (largest US Prescriptions Benefit Management provider).Led and directed offshore staffing and Agile software development scheduling (Scrum), and fully integrating software deliverables with Express Scripts IT process, with minimal impact on day-to-day business.SECUREISLE Basking Ridge, NJ July 2010 June 2013Technical Program Manager Enterprise Security SolutionsServed as IT Security PMO Lead and Project Lead, delivering a wide range of IT Security Solutions for a wide range of clients:Quest Diagnostics: Identified security risks and delivered loss prevention reports to Senior Leadership concerning PCI, PII, and PHI data, and provided direct leadership over DLP and SIEM projects. Led Executive Directorate for Demand & Resource Management and served as Program Manager for mapping of Unified Control Framework (UCF) to identify policy gaps for SOX, HIPAA, PII, PCI, PHI and other regulations.Wyndham Hotel Group: Successfully managed $4.5M Security & Compliance portfolio and saved company $250K+ by recommending buy vs. build option for Privileged Access Management. Implemented security applications, including Embedded Password Mitigation using Scrum and Privileged Access Management (CyberArk) to ensure compliance objectives were met. Additionally, performed PCI gap analysis on Software Development Life Cycle PCI Step 6 to ensure PCI and authored Secure Software Assurance Roadmap, as well as .Net and JAVA development security best practices.ADP: Led project to catalogue and inventory Global Public Internet Edges, and implemented Gateway architectural standards, including Symantec ESM & DLP, Netwitness, Cisco and Juniper firewalls. Led security assessments of global IT sites for Risk Rating and Incident Response Readiness.Wipro Technologies, Inc. Sept. 2009 July 2010Program Manager Enterprise Security SolutionDirected PCI Compliance project from inception, using RSA-DLP scan. Developed Archer questionnaire and deployed covering 1,200 questionnaires across 43 countries for Credit Card use.Utilized EMC IRM for remediation. Managed On-shore and off-shore team for production.Developed new Archer Questionnaire for US SSN and Driver License numbers.Provided regular updates on progress to EMC Chief Security Officer (CSO)Assisted development of DLP policies to identify PII information (specifically Massachusetts 201 CMR17.00) in the global unstructured data environment.Developed relationships with clients in EMC CSO organizations and developed proposals worth over $2M.NetworkingPS, L.L.C May 2003 Aug 2009Project Director Security SolutionsDeployed Compliance and Configuration management software for Fortune 1000 companies including PCI, GLBA and SOX compliance reporting. Software now part of RSA IONIX Products.Developed and executed SOW for Assessment and Solution Design and Phase 2 roll-out engagement for a large Financial Broker company using IBM Tivoli Identity Manager (ITIM).Led IBM Tivoli Identity Management Assessment (ITIM) & Solution Design engagement for a 60,000-person insurance companyCompleted successful turn-up of a Phase 1 installation of an IBM TIM/TAM/EDS Identity Management Suite (ITIM) environment for a 2,000+ person energy company providing password management, provisioning, Web portal access management and SSO services.AT&T Solutions Chase Outsourcing Services 1998 2002General Manager & Senior Client Executive - Chase Manhattan Corp.Managed and directed $25M contract and 135 personnel consisting of engineering, implementation, and operations personnel supporting multi-year Professional Outsourcing Services Agreement with Chase Manhattan Corp. Primary interface to Chase senior management on Outsourcing & Managed ServicesAT&T Solutions Chase Outsourcing Services 1996 1998Director - Engineering & Network Implementation Chase Manhattan Corp.Managed engineering and IT program management for Chases domestic network for multi-year outsourcing agreement with Chase Manhattan Corp.AT&T Solutions Chase Outsourcing Services 1994 1996Manager - Voice & WAN Engineering Chase Manhattan Corp.Directed and managed engineering, capacity, and services management for Chases domestic network. Provided corporate Voice, WAN and Call Center Services. Managed 14 Technical Professionals.AT&T Corp. 1992 1994Manager Worldwide Network Operation CenterIdentified, quantified, and mitigated risk associated with national network activities. Managed introduction of surveillance tools for network services. Obtained, analyzed, and reported network performance information to Executive Management, Public Relations, Account Managers and Business Unit Product Managers. Supervised 6 employees.AT&T Corp. 1989 1992Senior Internal Auditor - Corporate AuditingDeveloped and performed Management Process Audits for Network Systems.AT&T Network Systems 1983 1989Development Engineer Oklahoma City WorksCoordinated and streamlined systems testing of all International 5ESS systems. Developed C code for management display and dissemination of test information. Worked closely with Bell Laboratories to resolve first office application hardware, software, and database issues. Delivered on-time shipment of International Systems to clients including Saudi Arabia, Netherlands, and China. Designed, implemented, and managed LAN supporting 100+ UNIX minicomputers supporting multi-million-dollar cost reduction effort.TECHNICAL PROFICIENCIESTechnical Background:C language, IP, LAN, UNIX, LDAP, XML, SQL, PowerShellSecurity:RSA-DLP, RSA SecurID, RSA Envision, Archer, Netwitness, Qualys Vulnerability Management, Symantec ESM & DLP, IBM Tivoli Identity Manager (ITIM), IBM Tivoli Access Manager (TAM), IBM Enterprise Directory Server, Eurekify Sage, Cisco. ZScaler, Okta, McAfee, Titus, SDLCFrameworks:ITIL, COBIT 5, HIPAA, NIST Cybersecurity Framework, ISO 27001.EDUCATION AND CERTIFICATIONSRUTGERS, East Brunswick, NJMaster of Business AdministrationCLEMSON UNIVERSITY, Clemson, SCMaster of Engineering, Electrical EngineeringAuthored Master Thesis titled A Computer Simulation of Protocol Conversion between TCP/IP and ISDNUNIVERSITY OF OKLAHOMA, Norman, OKBachelor of Science, Electrical EngineeringCertificationsGoogle AI Essentials, Certified Third Party Risk Management Professional Previous: PMI PMP Certified Project Manager, CISSP, CISA, CRISC, ITIL Certified, COBIT 5 Instrument Rated Private PilotAffiliationsInstitute of Electronic and Electrical Engineers (IEEE) Project Management Institute (PMI)(Open Web Application Security Project (OWASP) Information Systems Security Association (ISSA)Information Systems Audit and Control Association (ISACA) NJ ISACA Chapter Designated COBIT 5 TrainerInternational Information Systems Security Certification Consortium (ISC)2 |
