PROFESSIONAL SUMMARY:

• An accomplished business - focused, results-oriented Cyber Security leader with 19 years of extensive hands-on experience in Program/Project management, Governance & Risk Management, Identity and Access Management, Enterprise Security (On-premises | Cloud), Cloud computing, Software Development Life Cycle, devising strategies to align multiple disciplines, coordinating efforts between the business groups and driving complex systems integration to improve efficiency of the state-of-the-art systems on time and under budget, practical benefits, risks, and contingencies.
• A solution driver experienced in building teams and managing secure service management to get results by inculcating commitment, trust, and honesty
• Confidential 's experience ranges from strategic planning to business process improvement; from information technology/Security hardware/software evaluation and selection to project management, security/network design and implementation; from and to the leadership and coaching aspects of information security.
• Confidential 's background includes a working knowledge of many industries and proven leadership skills communication, strong people management skills, and enterprise management skills with the ability to interface at all level
• Adaptable- skilled at supporting individuals, handling problems; as well as managing team, developing strategies, policies and processes

CORE COMPETENCIES:

• C-suite Executive Engagement and Client Management
• Digital Transformation Strategy
• Program and Project Management
• IT Governance, Compliance & Risk Management
• Financial Planning & Management
• Business Process Re-engineering and Automation
• Change Management
• Agile Transformation
• Vendor Management
• Identity & Access Management
• Enterprise Security (On-premises | Cloud)
• Threat & Intelligence Analysis
• Cloud Computing (IaaS, PaaS, SaaS)
• Business Continuity/Disaster Recovery

TECHNOLOGY SOLUTIONS:

Cloud Computing: AWS, Azure, GCP, Salesforce, Office 365 - IaaS, PaaS, SaaS

Risk Management: COSO, COBIT, BASEL, NIST RMF, OCTAVE, FAIR

Program/Project Management/Delivery: Software Development Life Cycle (SDLC), Software Testing Life Cycle (STLC), Agile, Waterfall, Scrum, Kanban, SAFe, Service Delivery (ITIL), DevOps

Security Standards/Frameworks: ISO 27001, NIST SP /NIST CSF

Compliance: SOX, PCI DSS, SOC2, GLBA, GDPR, FEDRAMP/FISMA, HIPAA/HITRUST, COBIT

Security Control: CIS Top 20, CSA CCM, NIST, OWASP Top 10

Security Operations: SIEM/SIMS, CERT/CSIRT, Incidence, Response, logs, events, Cyber Investigation, BCP/DR, Threat Intelligence, Vulnerability Management

Secure Communications: SecureID, IPSec, Encryption, SSH, SSL, Secure FTP, PKI, Digital s and signatures, Data Classification - Data-at-rest, Data-in-transit, Data-in-use, Key Management

Infrastructure Security: Network (Router, Switches, Web Filtering, Next Generation Firewall), Database, Storage (SAN/NAS), Server, Load balancers, Secure Email

End User Computing Security: Operating Systems (Windows/Unix), Anti-Virus/Host Intrusion Prevention System, IDS/IPS

Identity & Access Management: Authentication (MFA, Adaptive Authentication), Directory (Active Directory, Oracle), Privileged user management (PAM), Single Sign On (SSO), Access Management - User Provisioning |De-provisioning, Role-based Access control, Attribute-based Access control, LDAP authentication, API (REST), Consumer IAM, Tools - IAM (Oracle, SailPoint IGA, MS Active Directory, Cyber Ark, Thycotic, ForgeRock), Scripting - Python/Bash

Application Security: OWASP, Testing, Python, Secure coding, Java, XML, API, Microservices, Kubernetes

Migrations/Integrations: Data Center- on premises/cloud, IT Infrastructure (network, security, server, storage, database), IT Applications (SDLC), IoT Security, Mobile Security, Business Continuity Planning/Disaster recovery

PROFESSIONAL EXPERIENCE:

Confidential, East Brunswick, NJ

Principal Consultant, Cyber Security & Risk Services

Responsibilities:

• Advisory & Consulting Practice (East coast region) - Identity & Access Management (IAM), Data Loss Prevention, Cryptography, Network Security, and Cloud Security. Assisted in the sale of advisory services to new clients and to existing clients
• Developed Cyber Security delivery model including Agile SAFe 4.5, Scrum, Kanban, Lean methodologies with a defined metrics (KPIs/KRIs)
• Designed Consumer IAM model including self-registration, user sign in - authentication, account recovery, device management etc., with Agile SAFe 4.5 methodology using ForgeRock AM, IM and DS
• Build, deploy, and manage new employee and contractor onboarding and offboarding process. Automate manual and previously scripted process. Gain additional 30% efficiency and reduced helpdesk calls
• Performed data migration from on-premises environments into AWS
• Designed and implemented Cyber Security Program initiatives with the different organizations including Data Center migrations (traditional/cloud), vulnerability management, IAM (identity & access management - MFA, PKI, Identity Federation, Single Sign-On, Directory Services, Secure email (S/MIME), Encryption Key Management, digital signature, Privileged user management (PAM), Access Management - User Provisioning |De-provisioning, Role-based Access control, LDAP authentication),incidence response, network upgrades (LAN, WAN), security (firewall, IDS, IPS), Office 365 migration, Azure Active Directory, Windows 10 migration
• Maintain and update annual Security Roadmap as constant evolving threat landscape and maturing business needs shape different project initiatives, including coordinating with other entities. Performed threat and risk analysis, deployed threat hunting methodology with ELK Stack and the cyber kill chain
• Assessed the current client Information Technology Risk Management (ITRM); identified gaps in the risk management process to propose a more granular coverage of the risk landscape to enhance the risk view/lens of the client organization using industry experience and knowledge; Mapping identified risks and controls (COBIT, NIST, CSA CCM, OCTAVE, FAIR, BASEL, etc.) to business processes to provide; meeting organization regulatory and compliance requirements
• Designed and implemented Data Loss Prevention (DLP) architecture and policies; Implemented Data Classification (Sensitive, Classified, Public) projects
• Provided guidance for internal and external audit and regulatory compliance for GDPR, NY DFS, FFIEC, SOX, and others by implementing a strong security program based of a combination of security frameworks such as NIST, ISO, and COBIT
• Captured real-time monitoring, identified distinct incidents and planned responses, actively analyze access and authentication data, integrated threat intelligence with machine data generated by various IT infrastructure and applications, monitored advanced threats by implementing network security monitoring and endpoint detection (Splunk)

Confidential, Hoboken, NJ

Senior IT Project Manager - Merger & Acquisition (Cyber Security)

Responsibilities:

• Led IT integration of acquired companies across the globe into Confidential IT infrastructure. Developed project plans to improve security infrastructure to ensure consistency with cybersecurity standards with clear identification of resources, dependencies, risks, and milestones. Provided Level 2 Security operational support for the acquired companies. Provided information protection through risk assessments on major business systems, IT assets, and access controls, implemented on the critical data asset
• Developed threat hunting techniques by leveraging Sysmon and windows logs, understanding the pattern of behavior, reduced number of false positives by adhering to MITRE ATT&CK framework
• Collaborated with management teams to deliver assigned programs - Developed group and individual timelines, assessed/identified potential bottlenecks in each project/program process. Planned the overall program and monitor progress to make sure that milestones are being met across the various projects and programs; managed the program budget; managed the risks and issues aroused over the course of the program life cycle and took corrective measures
• Managed, designed, and implemented the Security Solution for the acquired companies based on the security model SABSA and security framework NIST with the regulated compliance SOX, PCI-DSS including vulnerability management, secure hardening of endpoints (encryption, AV/HIPS), data classification, data loss prevention, identity & access management, VPN, firewall, IDS/IPS, secure email
• Established controls and processes to help identify vulnerabilities through technology risk assessments, threat monitoring, and vulnerability assessments, assigning risk based on likelihood and impact, planning an appropriate response, tracking the response through completion, and periodically verifying completion
• Identified, developed, and monitored Key Risk Indicators (KRIs); Created and published monthly/quarterly risk reports (based on pre-defined templates) to Sr. Management (operations committees, leadership and board)
• Created audit log monitoring process to integrate to SIEM server and train SIEM Monitoring Team on platform-specific actions. Subsequently migrated SIEM (log review) to the LogRhythm security intelligence and analytics platform, which improved reporting capabilities.
• Delivered AWS cloud based and client server applications to leading clients across the globe in challenging work environments
• Managed the deployment of an identity management solution for a global services provider replacing their custom provisioning application; focus on requirements, solution design, testing, and production deployment
• Delivered the customer Onboarding Experience for Office 365 & other Cloud based services while utilizing the company’s IP and assets across partners, Microsoft Enterprise services, support teams, the Microsoft field sales organizations and Office 365 business groups
• Led project teams to configure Active Directory, Domain Controllers for Windows Server migration from physical to virtual environment. Office 365 implementation planning for administrative services
• Led post-acquisition Integration projects pertaining to building out end-user technology infrastructure (e.g. email/IM, telephony, Video conf. Mobile, user data migrations) with clear metrics, operating mechanisms and regularly updated to stakeholders
• Managed the implementation access management and coordinating IT security requirements with the network security teams to restrict access
• Managed network & application penetration testing, web application security reviews, mobile application reviews and source code security analysis for internal clients
• Windows 2003 Active Directory design and installation and deployment of enterprise-wide Group Policies using Active Directory tools, perimeter security architecture, two factor authentication specifications
• Managed information security projects, including planning and deployment of new processes and technologies in areas of intrusion detection and response, deployment and management of authentication tokens and VPNs, and vulnerability assessment and remediation practices

Confidential, New York, NY

IT Project Manager

Responsibilities:

• Managed the inbound and outbound transition activities on different strategic programs including Network, Security (Firewall, IDS/IPS), Azure Active Directory, Voice and Data, and End User Desk Management.
• Led projects ensuring an effective transition, working with designated BCO Strategic Source Vendors/SME
• Transitioned production services to operations personnel for ongoing maintenance & support through formal documentation.
• Developed mitigation strategies to address project risks and issues
• Directed multi-team in deploying solution to client to address administration costs for security administration.
• Single-sign-on, self-service password re-set and role-based provisioning were part of the solution

Confidential, Jersey City, NJ

Senior Project Manager

Responsibilities:

• Managed multiple projects by defining and managing each project with a plan including work breakdown structures, project milestones, critical path analyses, risk assessment and management plans, cost/benefit analyses, staffing plans, project timelines, and project budgets
• Established a long-term roadmap for convergence and consolidation of existing and strategic Identity and Access Management (IAM) technologies and platforms
• Developed an IT Risk framework and an enterprise Risk and Controls Self-Assessment (RCSA) program; managed the assessment framework incorporating likelihood and impact of risk elements through quantitative and qualitative risk measures; gather updates and prepare quarterly ERM reports with KRIs and risk mitigation commentary for the relevant risks
• Rolled out IDS/IPS- Developed management system (selection of network- & host-based devices to deploy; developed logging systems; developed audit policy; deployment of network-based IDSs and host- based IDS; refined IDS policies; Refined written standards; Operations - incidence response procedure; Forensic toolkits)
• Designed and established PMO process, templates, standards and practices in a cross-functional multi-tiered organization including standardization of process, tools, and templates, for project charter, scope management, estimation, schedule management, metrics, status reporting and multiple in-house processes.

Confidential

Senior IT Program Manager - Security

Responsibilities:

• Program manager for Confidential North America working on Confidential project migration, project assessment and delivery model providing expertise on project initiation, process, risk mitigation, communications, project plans, project deliverables, actions/issue resolution, scheduling, cost, quality assurance, contract negotiation, policies and procedures, project documentation standards, executive presentations, organizational structure, contract requirements and best practices
• Managed portfolio compliance with the enterprise architecture principles, best practices and standards.
• Defined and lead financial management for the different Program Initiatives
• Developed, implemented, and maintained IT Compliance controls; reviewed existing IT Compliance controls for regulatory updates and performs the necessary gap analysis; created and maintained various internal and external audit and compliance schedules for Information Technology
• Reviewed, documented, evaluated, and tested manual and automated controls throughout the corporate IT environment; developed and implemented testing methodologies for application development, IT infrastructure, security, and availability; design and executes compliance tests for IT systems and coordinates required remediation
• Provided Strategic consulting to Standardized and Optimized International Monetary Fund (IMF)’s 112 Remote Offices by creating Business Vision, gathering data of “As-Is” Network, performing “Gap analysis” and “SWOT analysis”, and designing the “To-Be” network
• Designed, developed, implemented, monitored and Troubleshoot IT data work, voice and security infrastructure (LAN/WAN, MPLS, DWDM, Data Center, UC-Cisco UCS M1/M2, and Security)
• Managed IT infrastructure including Network LAN, WAN, Firewalls, VPNs, IDS/IPS, MPLS Data Network, Data Centers, Disaster Recovery facilities, ERP applications, telecommunications, various third-party applications including CRM, Internal reporting, database management and IT help desk
• Application and Hardware migrations as a transformational project to enable a move to a consolidated remote hosted cloud environment build disaster recovery, security and back up
• Project lead for Migrating and Implementing Data center (Revenue 7 million), and maintaining facilities including 100 Gigabit Ethernet backbone, power requirement, appropriate cooling, structured cabling, mounting of the data/voice equipment etc
• Conducted Steering Committees responsible for creating the framework and delegating responsibility to those who are best suited to develop and carry out the Data Center Migration
• Managed a team of network engineers and provided oversight in the area of network architecture, equipment installations, maintenance, and network security

Confidential

IT Project Manager

Responsibilities:

• Developed and improved processes and procedures to minimize errors maximize efficiencies and ensure a clean handoff from pre-sales to post-sales
• Managed on-site, near-shore, and offshore staff to ensure optimal functionality of Hartford’s Insurance Data center, IT Infrastructure services including Network and Voice Infrastructure, and Application
• Ensured completion of DR/BCP drills, create remediation list, follow-up on remediation items, and prepare and finalize documentation to ensure compliance
• Transformed Hartford Insurance from its current mode of operation to future mode of operation in end-user computing with Implementation of one technology and Operational Framework consists of a set of processes for service management and delivery of the following: Active Directory, Account Group & Share management, Client management, Software distribution, and Email
• Managed risks and issues impacting project deliverables. Developed and maintained methodologies and processes. Conducted regular quality assurance review
• Developed the Project Budget by understanding business needs, Identifying the cost factors, creating cost model, performed risk analysis, Project assumptions, and reviewing the cost estimates
• Planned, Conducted, Administer and Close Procurements by planning purchases and acquisitions, contracting, request seller responses, select sellers, contract administration and contract closure
• Managed staff of IBM technical team responsible for delivering metrics, documenting workflows, providing analysis of data in order to support recommendations for process improvement, and development of business requirements
• Forecasted Key Performance Indicators (KPI) for different accounts and ensured SLAs are met in a timely manner

Confidential, Bellingham, WA

Lead Network Architect

Responsibilities:

• Designed, Migrated and Implemented Datacenter program (Revenue 15 million), saving company $500,000
• Recognized for achieving a 99% up time for the corporate-wide IT infrastructure
• Reduced 25% vendor cost by re-negotiating product pricing structure for effective & cost-efficient rollout
• Led $5 million Enterprise Network upgrade project; cutting costs to align with business needs. Designed, implemented, and managed VPN solutions for 70 Field Offices; successfully surmounting all the challenges
• Successfully orchestrated the project in the different phases including initiation, planning, executing, controlling, and closure saving company $200,000 in IT Services
• Developed program budget, developing migration plans, network standards and specifications, manage, and communicate the activities to ensure that project objectives are met at client, team and executive's satisfaction
• Designed and Implemented Cisco Teleworker’s solution (CVO) for 200 users saving the organization thousands of dollars monthly on the real estate. Performed VOIP cost analysis for the remote offices