SUMMARY

• Hands on Motivated and Results Oriented Senior IT Infrastructure professional with excellent communication skills and a talent at building strong relationships.
• Seeking to leverage my proven interpersonal skills to provide customer - focused insights and make a contribution within the organization.
• Senior IT Security/IT Risk/IT Infrastructure Audit professional with a successful track record of Identity/Access Management, Privileged Access Management, Governance Risk & Compliance, Third Party Vendor Management, Disaster Recovery/Business Continuity, Privacy, Enterprise Network Infrastructure & Vulnerability Tools, Security Monitoring Toolsets, General Data Protection Regulation (GDPR), Cybersecurity Risk Mitigation, Cloud Server & Storage Services and General IT Security projects.
• National expert with the ISO 17799 & the 27001/2 series Framework.
• Developed and Published an IT Audit program based on the ISO Framework still in use by a Fortune 50 Bank.
• Experience includes strategic as well as tactical initiatives including complete project life cycle management, budget preparation, staffing/team management, very strong vendor management skills, extensive construction management including Union Labor management, identification and mitigation of business risks, and presentation of reports to executive management and the Board of Directors.
• Experienced public speaker with the capacity to adjust presentations to match varying levels of an audience. Experienced feature speaker for large scale speaking presentations at corporate events and Higher Learning / Continuing education seminars. Interview subject for major industry trade magazines.

AREAS OF EXPERTIES

• Identity/Access Management
• Privileged Access Management
• Governance Risk & Compliance
• Third Party Vendor Management
• Disaster Recovery/Business Continuity
• Privacy
• Enterprise Network Infrastructure & Vulnerability Tools
• Security Monitoring Toolsets
• General Data Protection Regulation (GDPR)
• Cybersecurity Risk Mitigation
• Cloud Server & Storage Services and General IT Security projects

PROFESSIONAL EXPERIENCE

Confidential

IT Principal

Responsibilities:

• Plan, direct and coordinate activities specifically relating to Information Security and IT Audits.
• Extensive interaction with clients and prospective clients with the primary responsibilities to present and evangelize the Strategy as well as maintain and further develop existing client relationships.
• Assist clients with developing their organization's Information Security Program including their Information Security policies, procedures, standards, and guidelines, as well as their Security Awareness Program, and their Disaster Recovery & Business Continuity plans.

Confidential

Senior IT Security Engineer

Responsibilities:

• National Subject Matter Expert with IT Security, Identity & Access Management, Privileged Access Management, OWASP, Active Directory, Governance IT Risk Management & Compliance.
• Extensive interaction with clients and prospective clients with the primary responsibilities to present and evangelize the Strategy, perform demonstrations and deployments of the technology as well as maintain and further develop existing client relationships.
• Respond to all RFI/RFP requests as well as partner with the client to setup and guide the client through their Proof of Concept process.
• Document client feature requests to the Product Roadmap team and present these client feature requests at the regular scheduled Roadmap Core Team gatherings.

Confidential

Senior IT Project Manager

Responsibilities:

• Led the IT Project Management Team that engineered all new IT projects in the Northeast Region.
• Regional SME for all Identity/Access Management & Privileged Access Management projects, IT Risk, IT Security and IT Audit Frameworks.
• Projects included evaluation, deployment and configuration of various IT infrastructure, Identity & Access Management and Privileged Access Management, Entitlement Based Review client projects.
• Responsible for managing the strategic alliances with our partners and developing new strategic opportunities. Responsible to innovate new business opportunities through the Channel Partner system.

Confidential

Senior Identity Management PM

Responsibilities:

• Lead Project Manager for a short-term Role Based Identity & Privileged Access Management project. Responsible for the national team of PM Consultants assigned to the Role Based Identity & Privileged Access Management project. Conducted the initial Gap Analysis and collected the material from the team of project managers and articulated the material to the Director for review and presentation to the Executives of the organization.
• Provided the COO budget projections based on immediate and long-term goals and objectives.

Confidential

Manager IT Security/Network Infrastructure

Responsibilities:

• Managed a global IT Network Infrastructure including policies & procedures and security awareness for the North America Branch of the Confidential . The Global IT program included 25 different IT projects that were on a three-year deployment plan.
• Represented the State of the IT Security/IT Risk Management program to the monthly Operational Risk Committee meeting, consisting of the CEO, CFO, COO & Members of the Board of Directors and exercised sound judgment and influenced senior business managers and peers.
• Provided leadership to the Identity & Access Management projects with specific focus on Segregation of Duties & Toxic Combination analysis on Role Based User Access Profiles.
• Identified and evaluated information security risks within the organization and communicated findings to senior management; Developed and implemented security standards, procedures, guidelines to meet Financial Regulatory Requirements.
• Performed the Annual Internal IT Assessment and Defined and Deployed the Daily, Weekly, Monthly and Quarterly Critical Security Controls that mitigated potential Audit shortcomings in advance of the Audit team, Examiners and Regulators.
• Conducted the annual IT Risk & Controls Effectiveness Review. Published the monthly and quarterly IT Risk reports and presented the results to the Audit Committee and the Board of Directors.
• Responsible to Host the incoming Bank Examiners, Auditors and Regulators. Additionally, responsible to address incoming Subpoena requests with the Legal department.
• Liaison to Business Unit Management for all new build applications to incorporate sound security features from the earliest of the development stages.

Confidential

Management PM

Responsibilities:

• Documented and improved the flow of the Applicant Registration process for the ADP Applicant Employment Registration website.
• This project was a short term assignment to provide leadership, industry experience and best practice for a thorough Identity Management, Business Entitlement registration process.

Confidential

Manager IT Security/Network Infrastructurer

Responsibilities:

• Provided vision and leadership for all IT Security and network infrastructure initiatives to promote an effective information security and privacy program across the Bank.
• Developed the IT Risk Management Framework and IT Security Methodology including all IT Security Policies and Procedures and managed all aspects of IT Audits of internal applications and operations.
• Initiated the annual IT Risk & Controls Effectiveness Review. Published the monthly and quarterly IT Risk reports and presented the results to the Audit Committee and the Board of Directors.
• Evaluated VPN Technologies and deployed RSA SecureID for remote VPN Access to the Bank network.

Confidential

Information Security Risk Auditor

Responsibilities:

• Responsible for assessing the Information Security and Network Infrastructure risks as per the ISO 17799 Standard associated with the use of 3rd party vendors/suppliers.
• Investigated and recommended appropriate corrective actions for data security incidents and reviewed the development, testing, and implementation of security plans and control techniques.

Confidential

Identity & Access Management Engineer

Responsibilities:

• Responsible for all areas of Identity and Access Management, IT Risk Management and IT Audit. Successfully conducted client IT Audits using the COBIT & ISO 17799 control frameworks.
• Areas of focus included, Identity and Access Management, Privileged Access Management, Network Infrastructure, Disaster Recovery/Business Continuity, Risk assessment & process definition, IT Risk Management Framework and IT Security Methodology.

Confidential

IT Security Officer/ Risk Officer

Responsibilities:

• Deployed RSA SecureID for remote VPN Access to the Bank network. Conducted the Segregation of Duties & Toxic Combination analysis on User Access Profiles.
• Deployed the Global Active Directory project which included the Global Microsoft Exchange Servers.
• Developed the IT Risk Management Framework and IT Security Methodology including all IT Security Policies and Procedures.
• Managed all aspects of IT Audits of internal applications and operations.
• Initiated a comprehensive annual Disaster Recovery and Business Continuity test.