PROFESSIONAL SUMMARY:

• Extensive experience in Information Technology beginning in Banking and continuing to Sr. Operations Analyst and progressing through Sr. Security Analyst. Opportunities in Mainframe Systems Programming led to Information Security, including Business Analysis Support, Access Administration and Violation investigation and remediation, Security Awareness and tracking and Regulatory Compliance/Audit investigation and remediation. Documentation has been a critical component. Incredible Career, proactively resolving a myriad of issues, from Production, Business needs, System and Security Access to I am currently looking to extend that contribution to the proper challenge.
• IT Guidelines, Security Policies, Documentation and procedures including submitting changes through chain of command for approval. Including Business Analysis from investigation, documentation, submission for approval.
• System, Applications, and User Access Security for Mainframe (RACF, Megasolve, Vanguard), AS/400 User Security (iSeries), Secure Access for Network, Active Directory, Novell, VPN (Virtual Private Network) with RSA SecurID access and technologies. PCI - DSS and SharePoint familiarity. Problem Management, Identity Manager (IdM/IAM), Windows, Netview, Netmon and Omegamon, Microsoft Office Suite (including PowerPoint, Visio, etc.).
• Network monitoring to ensure availability to Domestic and International Customers, including expediting and escalating issues with vendors and remote sites.

PROFESSIONAL EXPERIENCE:

Information Security Compliance Analyst

Confidential, Greenwood Village, CO

Responsibilities:

• Create and Review All Process Guidelines (Controls) to validate process adherence, evidence creation and evidence retention following all applicable Federal Controls.
• Monitoring of adherence to IT Controls, including devising and applying effective remedies for deviations (findings) from policies and controls and documenting same, submitting through appropriate channels for possible exceptions as required.
• Developing and maintaining IT Guidelines, Security Policies, Documentation and procedures to follow current FFIEC Federal Controls, NIST, FIPS, FISMA, POAMs, etc.
• Audit preparation for compliance in managing Sarbanes Oxley (SOX), FFIEC, SAS70, NIST, FIPS and additional Government controls to ensure compliance.

Network Operations Analyst

Confidential, Golden, CO

Responsibilities:

• User, Operations and Help Desk interface monitoring World Wide Network activity and availability.
• Monitoring remote access - VPN (Virtual Private Network) with RSA SecurID access and adherence.

Confidential, Aurora, CO

Senior Information Security Compliance Analyst

Responsibilities:

• Monitoring of adherence to IT policies, including devising and applying effective remedies for deviations from policies and documenting same.
• Developing and maintaining IT Guidelines, Security Policies, Documentation and procedures.
• Create and Review All Process Guidelines to validate process adherence, evidence creation and evidence retention.
• Audit preparation for compliance in managing Sarbanes Oxley (SOX), FFIEC, SAS70, and additional Government controls to ensure compliance for multiple platforms, eg. Mainframe (RACF), UNIX, AIX, Linux, Windows, IdM, IAM, iSeries, etc.
• Business Analyst Support - Information gathering, researching and submitting change requests for code/access modifications as required.
• Technical Support including RACF, CA products, JCL, MVS, z/OS, DCL, Adabas, DB2, Problem Management, Endevor, Active Directory, Identity Manager (IdM,IAM), Windows, Netview, Netmon and Omegamon, Microsoft Office Suite (incl. PowerPoint, Visio, etc.)

Senior Information Security Compliance Analyst

Confidential, Broomfield, CO

Responsibilities:

• System and Applications validation. Investigation of User, Batch and System Task accounts, ensuring appropriate and finite access as required on multiple platforms.
• Security control of created and existing datasets per Government standards.
• Pre-Audit of existing accounts, including working with Auditors (Booz-Allen, PWC, etc.).
• Audit preparation for compliance regarding Sarbanes-Oxley (SOX) and SAS70 protocols.
• Security Violation Audits on Mainframe, including documenting violations for and audit purposes.
• VPN (Virtual Private Network) with RSA SecurID access., Identity Management (IdM/IAM).
• User and Help Desk interface, with emphasis on process improvement and Business Analyst assistance for improved process workflow.
• Responsible for creating process documentation and applicable .
• Creation of PowerPoint and Visio presentations for result presentation and process documentation.

Information Security Compliance Analyst

Confidential, Greenwood Village, CO

Responsibilities:

• Responsible for access rights and information security on various platforms, including AS/400 (iSeries), Mainframe (RACF), UNIX, VPN.
• Creation of User, Batch and System Task accounts on various platforms, ensuring appropriate and finite access as required by Corporate and Federal Controls.
• Security control of created and existing datasets.
• Pre-Audit of existing accounts, including working with Internal and External Auditors (Booz-Allen, PWC, etc.). Sarbanes-Oxley and SAS70 responsibilities.
• Security Violation Audits on both Mainframe, and AS/400 (iSeries), including enforcement, correction, and audit purposes.
• VPN (Virtual Private Network) with RSA SecurID access.
• User, Operations and Help Desk interface geared at process improvement, including testing and implementing changes.
• Government interface with Security for Controls Compliance. EFTPS responsibilities.