SUMMARY:

• 7+ years of Information Security experience.
• Running and managing reports in Quest Reports, and utilizing Identity Access Management tools.
• Experience with communicating and presenting updates and issues related to risk, compliance, various vulnerabilities and threats.
• Hands on experience with PCI, SOX, HIPAA compliance.
• SQL scripting experience.
• Executes policies and procedures to support SOX, HIPAA, PHI and PII other regulations as needed to prevent potential threats.
• Provide in - depth technical knowledge and business requirements to design & implement process improvements and secure solutions to meet customer/client needs.
• Delivered guidance and implementation of IAM execution. Develop security solutions for medium to complex environments.
• Extensive Experience as a Security Analyst delivering access/permissions to resources on the network via Active Directory.
• Excellent communication and analytical skills.

PROFESSIONAL EXPERIENCE:

Confidential

Sr. Information Security Analyst

Responsibilities:

• Confidential system required expertise to assist with several mergers and acquisitions. Their main focus is with IAM (RBAC) and IT Governance, Risk & Compliance. Ensuring newly acquired organizations are compliant with their corporate standards and also HIPAA/other regulatory standards.
• Manage IAM (Oracle Identity Access Management), team responsible for administering Role Based Access Controls (RBAC).
• Determine system requirements, perform troubleshooting and validation testing excel Vlookup.
• Prepare weekly metrics and security reports for environment.
• Prepare daily pivot reports to demonstrate state of the system progress.

Confidential

Information Security Compliance Analyst

Responsibilities:

• Daily Audit and Compliance Application and Server Assessment and Vulnerability Management.
• Analyze and design techniques to solve business problems using information technology OIM Oracle Identity Management which include Tools (ARM Access Request Management, AIT Access Inventory Tool, and SSO Simplified Sign On, Remedy.
• Determine system requirements, perform troubleshooting and validation testing.
• Perform detailed analytics in preparation of reports and metrics
• Perform daily key information security concepts related to authentication and application security

Confidential

IAM Administrator

Responsibilities:

• Provisioned access for Active Directory, Lotus Notes, Mainframe, Windows Local, Unix VAS, Unix Local, Sybase, Oracle, MSSQL, VPN, and Tivoli Access Manager;
• Managed failed tasks in the Oracle Identity Manager based access provisioning system;
• Monitored and removed access related to daily Transfers and Terminations;
• Vulnerability Management
• Troubleshoot issues reported via Remedy work orders and incidents;
• Perform privileged user administration; Manage share access
• Handle server migrations (users, groups, access)

Confidential

Information Security Analyst

Responsibilities:

• Experienced in strategic planning and implementation, regulatory compliance, project management, risk management security architecture, design process improvement, change management, Software Development Life Cycle management, deployments and migrations, threat and vulnerability management, security awareness and incident management
• Developed an appropriate Threat and Vulnerability Management program to attain accurate information and metrics from internal and external vulnerability scanning activities which met SOX compliance standards. Creating Process Flow charts.
• Successfully managed and corrected security architecture which was developed by divestiture contractors while meeting stringent timelines and keeping the cost of security solutions within the provided $150K to $200K budget. Reduced by 28.5% decreasing administration time and increasing level assurance.
• Prepared weekly reports for management regarding security state of the environment and forensic root cause analysis of HD Vest and advisor security incidents which facilitated strategic decision regarding security, compliance, business objectives and budgetary allowances.
• Delivered guidance and implementation of Access Management for clients and employees.

Confidential

Security Compliance Analyst

Responsibilities:

• Manage Threat and Vulnerabilities to the Network with Application Owners. Assign compliance regulation issues to PCI, HIPAA and SOX type of Vulnerabilities.
• Work on multiple platforms, technologies and projects as a team member and leads the data-related security components Maintained by Enterprise Software. Create flowcharts.
• Develop security solutions for medium to complex assignments using Qualys Scans to detect vulnerabilities.
• Primarily focuses on security administration. Work independently or on multiple IT security projects as a project team member, occasionally as a project leader.
• Executes policies and procedures to support SOX, HIPAA, and other regulations as needed as well as coach junior staff as needed.

Confidential

Identity Security Solutions Analyst

Responsibilities:

• Analyzing Data for Auditing, Processing request via (OIM) Oracle Identity Access Management, local administrator access tool, collect and manage data using Quest Reporter.
• Microsoft Active Directory Global Access support of individuals with advanced knowledge and experience in Microsoft technologies, especially Active Directory.
• In-depth knowledge of Group Policy Objects, User accounts, Share Drives and Network Resources. Windows 2003 server & Windows 2008 server knowledge is required.
• SOX compliance via Quest Reporter and Active Directory Vulnerability management. Daily and Weekly IT Audit reports (Administrative Access Control, Common Security settings, Computer Assessment, Data Access Control, Domain Trust and User Account Assessment).
• Reporting tools (Quest Reports, Active Directory), ensure all security processes are followed to ensure security compliance, ensure all in scope system meet and follow defined security standards, manage permissions requirements across all regions / domains, create and manage “restricted group” GPO settings, as well as documented best practices for the entire enterprise environment

Confidential

Sr. Systems Data Security Analyst

Responsibilities:

• Provide in-depth technical knowledge and business requirements to design & implement process improvements and secure solutions to meet customer/client needs
• Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment to ensure PCI and SOX compliance (e.g. Windows, Oracle, UNIX, VPN,) ensuring Vulnerability Management.
• Perform user and group object security administration (provision & deprivation access entitlements) on Wide Area Network using Active Directory and proprietary tools
• Support productivity benchmarks and sliding SLA. Provide 2nd level support to Operations administration team, Security Points of Contacts (SPOC). Respond to Peregrine Service Center tickets
• Organize & prioritize work, excellent oral and written communication skills. Customer Service support, Problem solving skills.

Confidential

Security Administrator

Responsibilities:

• Daily administration of the Confidential network accounts via Active Directory.
• Creation of new accounts, account terminations, and account access using
• Web Administrator, MS Exchange and Active Directory
• Creating and managing permissions for application accounts via Enterprise Solutions.
• Processing Entitlement review revocations (EERS) in a timely basis
• Ensuring compliance with Confidential Information Security standards
• Justifying all actions taken, Lotus Notes support.

Confidential

Network Administrator

Responsibilities:

• Backup and Recovery of the network
• Manage Network Multiple Servers (e.g. Active Directory, Exchange, SQL and Enterprise Security Management); Monitor Vulnerability Threat reports to ensure PCI, SOX and HIPAA compliance controls are met.
• Manages the acquisition, installation and maintenance of the organization’s local area network hardware/software via Network Topology.
• Ensures technology documents/s such as product registrations, SSL s, maintenance agreements, service contracts, etc. related to technology operations and/or technology services are evaluated, updated and processed.
• Performs routine preventive maintenance on hardware and software to ensure vulnerability threat management.
• Designs, develops and maintains web-based applications including websites and intranets. Continuously improves the organization's Web site and Intranet; adds new functionality and improves user ability to maintain without technical support
• Run Audit reports via Symantec and Network updates on all servers

Confidential

Network Analyst

Responsibilities:

• Managed all servers on the network (Virus scan, updates), MS SQL server, Windows 200 & 2003, IIS, Print server, and two terminal servers.
• Active Directory responsibilities include creating account and managing mailboxes
• Backup and Recovery include: support Symantec Backup Exec, BrightStor Arcserve, Retrospect
• Manage the Phone system. Create new users, edit passwords, setup user location and train user on Inter-tel phone system.
• Resolved network issues remotely.
• Microsoft Application Solution.

Confidential

Infrastructure Analyst

Responsibilities:

• Handled Security/Access Management issues by supported Active Directory Information Security.
• Responsible for identifying and solving information security problems, which includes granting network access to secure information granted by qualified approver.
• Managed mailbox moves from one server to another, delete and change mailbox attributes.
• Provide technical support to remote sites by use of Citrix. Work request via Service Center Ticketing System.
• Desktop imaging
• Handled monthly reports by extracting user information from Active Directory.
• UNIX support included creating ids and updating profiles. Supporting and troubleshooting AIX and VAX servers. Run monthly reports by extracting user profile information via UNIX, AIX AND VAX servers.
• Handled Citrix Server support. Add user to the Citrix server for use of remote access, Identify and troubleshoot client access issues.

Confidential

Sr. Systems Administrator

Responsibilities:

• Handled Windows NT (2000 and 2003) server and client support, windows 2000 and XP operating systems.
• Responsible for Active Directory Administrator; Created accounts, manage vulnerabilities, network resources, services and group policies. Technical Writing via Knowledge Base ticketing system.
• Maintained network security. Novell, creating accounts, granting network permissions, Implementing Group Policies, Managing user PDA.
• Responsible for Microsoft Exchange, responsibilities include Microsoft outlook sharing of resources (inbox, calendar, contacts and personal folder), creating contacts for shared domain user access. Mail forwarding, and setting up mailbox storage limits. Creating groups, and granting access to Group Policies.
• Managed Daily system backups, restoration of lost documents, server reboots and installs, SQL server, Citrix, Symantec Antivirus administrator, responsibilities include daily network monitor of potential threats, applying patches and upgrades,
• Responsible for Elite/Web view Administrator responsibilities include setting up enterprise users granting access to web view, granting user access to timekeepers and limiting access to confidential information.
• Managed Web view page designing, setting up label printing and troubleshooting daily user error messages. Enterprise and Docs open support.
• Responsible for monitoring and maintaining network installation of software hardware, installs include server and desktop software installation and hardware support.

Confidential

Technical Support Specialist

Responsibilities:

• Provided technical support for various operating systems including Windows 95, Novell, Windows NT Workstation and NT Server.
• Responsible for supporting Lotus notes, Outlook Express and MS Office including Word, Excel, Access and PowerPoint.
• Handled configuration of RAS Services, troubleshooting printers and resetting passwords