SUMMARY:

30+ years of diverse management and technical experience in the Information Systems and Security field.

TECHNICAL SKILLS:

Operating Systems: Windows Servers, Linux (Redhat, Suse), AIX 3.x - 5.x. Solaris 2.x - 8, OS/400 v3r1 - v4, Cisco IOS, HPUX 11.x, Samba 2.x - 3.x

Intrusion Detection: ISS RealSecure (host and network), Bindview, Tivoli Intrusion Manager, Snort, LUR HQ, Secure works.

Firewall: Cisco PIX, Raptor, CheckPoint Firewall 1, Sygate, Netscreen

Vulnerability Auditing: Nessus, nMap, Retina, ISS

Forensics: Encase

Remote Access: RADIUS, RiverPilot, Cisco VPN, MS RAS, SSL VPN, Checkpoint VPN

Anti-Virus: McAfee, Symantec, Norton, Trend Micro

Wireless: Cisco

Storage: EMC Clariion and Celerra systems

Databases: MS SQL, MySQL, Oracle

Web Servers: Apache, IIS

SPECIAL SKILLS:

Comprehensive knowledge of HIPAA, PCI, GLBA, and Sarbanes-Oxley regulations and compliance. Highly competent with ISO 17799/27001 , ITIL, DIACAP, FISMA, NIST, CobIT standards. Thorough understanding of complex network infrastructure, architecture and design. Structured Project Management Methodologies - PMI standards, Strategic Planning, Business Continuity/Disaster Recovery Planning, Benchmarking and Quality Measurements, and Policy Development.

CAREER HISTORY:

VP, Information Security Specialist

Confidential, Addison, Tx

Responsibilities:

• Initially starting as a contract consultant, tasked with updating existing Information Security Standards and Baselines within GIS Policy.
• Achieved direct hire within 2 months. Primary role was to review and update all information security standards and baselines on a regular basis and remain abreast of regulatory and legal changes as they may affect those requirements. Responsibilities included meeting coordination, project management, interaction with various levels of technical subject matter experts to define processes, response to audit issues, and building relationships between various bank entities.
• Spearheaded the policy simplification effort in 2012 which created a more streamlined approach to developing information security standards and baselines in a hierarchical relationship to one another.
• Presented this project to senior technical executives and gained approval to proceed with the total overhaul of the existing policy system, to include initiation of a new system of record, new requirement numbering schema, and new document formats and domains.
• Entire project completed within 12 month timeline.

IT Audit Manager

Confidential, Dallas, Tx

Responsibilities:

• Responsible for managing compliance of SOX, PCI, HIPAA and other industry regulations and best practices via continuous monitoring and regular audit activities.
• Served as information technology subject matter expert to senior executives to validate operating expenses, project requirements, and staff/system efficiencies.
• Primary global information security subject matter expert.
• Appointed as project management oversight on numerous projects that had slid off scope, timeline and budget to ensure successful completion. Such projects included enterprise security policy and compliance initiatives, network infrastructure upgrades and migrations, ERP solutions, and data center builds and moves.
• Produced and initiated top-down risk assessment for Sarbanes Oxley pre-compliance.
• Authored information security and compliance requirements documentation and policies
• Successfully completed first international compliance audit of two production locations within the Philippines.
• Instrumental in obtaining DIACAP accreditation for Tricare services contract by establishing enclave standards and practices.

Sr. Manager, IT Infrastructure

Confidential, Plano, Tx

Responsibilities:

• Hands-on, technical manager over all datacenter and information security services for a mid-sized telecommunications service company consisting of 15 sites and 600 remote users, with a total user population of 950 users.
• Served as primary information security manager. Led efforts to produce forensic evidence and ediscovery for several legal cases.
• Principal agent with regards to root cause analysis and incident management.
• Produced and implemented a comprehensive information security policy set, and documented all security requirements and their remediation/implementation plans.
• Implemented and managed an EMC NS40 Celerra SAN: Migrated numerous file servers into a single CIFS share;
• Configured and managed iSCSI/NFS/Fiber Channel arrays for Oracle eBusiness suite, MS Exchange, MS SharePoint, etc. Added second EMC NS120 Celerra and initiated replication for disaster recovery.
• Migrated all users from MS Exchange 2003 to Exchange 2007.
• Performed all routine maintenance and management post migration.
• Migrated all Active Directory services from Windows Server 2003 to Server 2008 and implemented virtualization using Microsoft Hyper-V to reduce datacenter footprint.
• Build, configured and managed a Linux-based systems monitoring server using Nagios. Performed routine uptime KPI reporting based on monitored services. Managed and maintained change control via monitoring service.
• Designed and implemented a fully meshed remote office WAN
• Implemented, configured and maintained WebSense web hosted internet security.
• Managed service merger with Alcatel Lucent to acquire 451 technicians and form a new line of business.
• Designed and implemented a secondary datacenter in Oklahoma for redundant services and disaster recovery.

Information Security Consultant

Confidential, Plano, Tx

Responsibilities:

• Served as institution-wide Information Security Officer. Worked specifically in compliance of JCAHO and HIPAA guidelines and regulations.
• Appointed as liaison between UMC management team and UTSW management teams for coordinated change management and project control.
• Consolidated IT operations of two separate and distinct Hospitals, Zale Lipshy University Hospital and St. Paul Medical Center into one data center consisting of a XioTech Magnitude SAN, 150 Compaq servers, and an AS/400.
• Authored and implemented policies and procedures relative to security and operations to assist in compliance of HIPAA regulations.
• Converted IT operations of St. Paul University Hospital from an outsourced service (Texas Health Resources) to internal support services and converted all 1100 users from a Microsoft NT based network to a Novell 6/NDS 8 environment. Converted all users from a Microsoft Mail email system to a Groupwise 6 system. Added fax-on-demand services using RightFax.
• Managed technical deployment of Novell Portal Services utilizing NPS 1.5.
• Managed eBusiness server deployments utilizing Microsoft .Net framework and participated in content production and review.

Senior Manager, Network Services

Confidential, Dallas, TX

Responsibilities:

• Managed and directed the activities of Confidential ’s Network Services Team comprised of two managers and 15 network administrators and engineers.
• The Network Services Team provides support for a 5000+ node LAN/WAN environment operating on a mixed Novell NDS and Microsoft Windows 2000 ADS platform.
• The Confidential corporate server farm is comprised of 350 Compaq servers, all high availability.
• Also managed the efforts of desktop services team, supporting two major locations.
• Performed all traditional management functions such as personnel performance appraisals, hiring, firing, plans, budget review and analysis, etc.
• Also performed hands-on technical management such as network systems design and architecture, capacity planning, monitoring requirements, etc. Position reported directly to Director of Information Technology.
• Led successful GroupWise to Microsoft Exchange 2000 email system with 5,000 end users, both local and remote clients. Full life-cycle project management to include budget oversight, contract management, procurement, and implementation planning. Project budgeted at $3 million, with aggregate project staff of 25 consultants/internal personnel. Project was completed ahead of schedule and under budget.
• Managed Novell NDS to Windows 2000 ADS conversion for corporate LAN environment. Maintained technical lead role for full lifecycle project with very limited budget constraints. Project completed successfully. Created enterprise desktop standardization policies to realize considerable savings in licensing, support requirements, and reduction of SLA.
• Managed the creation and publishing of enterprise IT standards and procedural guides.

Confidential, Dallas, TX

Network Services Manager (Interim)

Responsibilities:

• Provide IT technical and personnel leadership and direction.
• Define and create policies and procedures for daily support and network infrastructure operations.
• Realigned staff, to include salary structures and job descriptions.
• Produced recommendations for hardware/software purchases for infrastructure growth.
• Standardized desktop hardware/software for increased support efficiency.
• Refined migration plan from NT 4.0 to Windows 2000. Managed 7 direct reports.
• Provide hands-on guidance to other consultants and internal staff resources - totaling an average of 20.
• Provided strategic implementation of global MS Exchange email systems and network topology upgrades/migrations from OS/2 to NT 4.0 and from Token ring to Ethernet for 600+ nodes.
• Define requirements and perform needs assessments for telecommunications equipment purchases.
• Assist with production of 5-year IT strategic plan.
• Manage project resources. Produce RFPs, LOIs, and proposals. P/L responsibility.
• Utilized Microsoft Project for time and resource tracking.
• Manage and direct the activities of 30+ senior level IT consultants. Perform network systems upgrades from Apertus management system to Cisco routers.
• Manage external cable vendors, and guide internal resources
• Provide business development and product-line enhancements to Mid-Western region.
• Tasked with the development of business continuity planning as a service offering.
• Conceive and implement marketing strategies and delivery methodologies for new service offerings.
• Design and implement a campus-wide local area network.
• Review and revise operating budget. Produce RFPs for sub-contract services.
• Conduct vendor negotiations. Acquire, configure, and install Compaq server and workstation hardware on an NT 4.0 Switched Fast Ethernet network.
• Configured NT server and workstation operating systems utilizing TCP/IP. Arrange dedicated T1 connectivity via Cisco router to the Internet for use of TexShare library system.
• Give guidance and direction for financial reporting requirements imposed by TIFB grant authorities.
• Manage project time and resources using Microsoft Project.
• Maintained principle P/L control over project scope.

Director of Information Systems

Confidential, Bartonville, TX

Responsibilities:

• Recognized a need across a multi-national corporation for a tightly integrated information resource management tool.
• Launched ERP selection process.
• Designated tier 1 and 2 requirements for a successful ERP system. Produced requests for information from multiple vendors.
• Organized functional demonstrations for top candidates.
• Determined best fit.
• Negotiated implementation-consulting contract.
• Managed SAP implementation project.
• Coordinated end-user and support personnel .
• Initiated and implemented EDI interfaces with major customers/vendors.
• Established initial Internet presence.
• Coordinated efforts in design and architecture of confidential.
• Implemented voice-over-IP using Cisco routing protocols to effectively eliminated long distance charges between branch offices.
• Established operational standards and policies for IS/IT personnel and all systems end-users.
• Moved telecommunications functions from office management to information systems department. Immediately realized 75% savings on long distance services and considerable line access savings.
• Accomplished discovery, testing and remediation phases in a six-month period to gain compliance.

Sr. Network Engineer

Confidential, Dallas, TX

Responsibilities:

• Tasked with the supervision and direction of technical personnel.
• Responsible for evaluating, recommending, and approving the purchase of all information systems related hardware and software.
• Also responsible for outlining strategic project plans, relating both to local issues and to those mandated by corporate focus.
• Served as liaison between a highly trained technical staff and its customers to insure quality of service and appropriate use of technology, while minimizing cost.
• Served as senior network engineer and systems architect for a wide area network.
• Designed and implemented a switched Fast Ethernet LAN attached to a Metropolitan Area Network comprised of four physical locations and more than 600 users. Network built on a Windows NT 4.0 and Novell Netware 3.11 platform using 3COM Corebuilder backbone switch and Cisco routers for connectivity via DS/3 circuitry.
• Served as Telecommunications Manager for a Lucent Definity enterprise communication system with Intuity/Audix voice messaging.
• Successfully migrated all network email users to Microsoft Exchange 5.5 from Microsoft Mail 3.2.
• Inititated Fax-on-Demand services using RightFax
• Managed multiple large-scale projects using Microsoft Project 98.
• Acted as interim director of information systems during two periods.
• Specified and gained approval for four million dollar operating departmental budget and capitol plan.
• Built a strong, cohesive team of network and support personnel.
• Managed Year 2000 testing and compliance project.
• Directly managed three supervisory positions and 35 indirect reports.

Technical Support ManagerConfidential, Lake Zurich, IL

Responsibilities:

• Microsoft NT 4.0 and 3.51 Administrator. Responsible for all NT network workstations and servers. Administrate dial-up networking for access to a Novell wide-area-network via a Microsoft NT Server.
• Responsible for and supporting users of Microsoft Products: Excel 5, Word 6, Access 2, PowerPoint 4 as well as MS Mail and MS Schedule +.
• Supervised the development of custom applications using Visual Basic for Applications (Excel), WordBasic, and Visual Basic 4.0.
• Managed a major PowerBuilder development project.
• Supervised end-user support for a Novell 4.1 Wide-Area-Network consisting of 3700 users.
• Personally implemented satellite network systems in 35 district sales office locations and provided and support to users.