It security & Compliance Specialist Resume
5.00/5 (Submit Your Rating)
New York, NY
SUMMARY:
- Highly motivated, meticulous and experienced IT Security and Compliance professional possessing strong leadership & communication skills with a focus on delivering projects on time & within budget to meet the business objectives.
- ISO 27001, GDPR, Identity and Access Management (IAM), Data Loss Prevention (DLP), On - Boarding/Off-Boarding, Applications/Desktop Support, SDLC, Agile Methodology, SOX, IT Audit, Project Management, Product Migration and Implementation, Multi-Factor Authentication (MFA). Active Directory (AD) Management, Okta Platform, Privileged Access Management (PAM), Empower ID, Proof Point, Varonis DatAdvantage/DataPrivilege (DA/DP), Smartsheet, Box, Secure Share, SQL, PowerShell, SharePoint, O365, MS Exchange/Outlook Management, Visio, Donovan Data System (DDS), Citrix, JIRA, Lucid Chart, Direct Message Labs IRIS.
EXPERIENCE:
Confidential - New York, NY
IT Security & Compliance Specialist
Responsibilities:
- Leadership and Strategic Activities
- Strategize and propose an IAM solution to save over $2.5 Million on product licensing using InfoSec measures.
- Assist in project vision, planning, designing and provide initiatives towards the organizational application and infrastructure maintenance and continual service improvement (CSI).
- Lead organization wide IAM product and create Knowledge Base (KB) articles for users’ self-serve capability.
- Mentor team members by providing full transparency, clarity on the projects’ vision, promoting positive team spirit and ensuring appropriate individual attention is facilitated to achieve excellent results.
- Project Management and Delivery Activities
- Lead the migration, implementation and deployment of Adobe Creative Cloud products from serialized licensing to Named User Deployment (NUD) resulting in over $2.5 Million in savings.
- Lead client/business data folder remediation project from conception to completion (Initiation to Closing) such as identifying data owners, provisioning data folders/files in to third party security tool (Varonis), RBAC (Role Based Access Control) initiative for IAM (Identity and Access Management) project, AD (Active Directory) management identifying internal and external stale accounts, users groups, security groups, Distribution Lists (DLs), Disabled accounts & AD attributes mapping.
- Planned and implemented remediating of Global Access Groups (GAG) and broken Access Control Lists (ACLs) on corporate filers and servers
- Executed Business Continuity Management (BCM) plan by engaging global and regional IT executives to provide information related to Business Continuity & Disaster Recovery (BCDR), Business Impact Analysis (BIA) Plans and Crisis Management Team (CMT)
- Provide updates to PMO, Stakeholders and Executives on ISO projects’ status and tasks for upcoming milestones
- Conduct daily scrum meetings with key stakeholders to ensure timely resolution of issues encountered by the team and keep the project on track.
- Communicate and interact with key stakeholders and various global functions such as Finance, HR, Operations, Infrastructure, Development, Information Security, PMO and vendors to achieve business and project goals.
- Liaison between IT and business to gather, interpret, translate customer needs into functional and nonfunctional requirements to ensure deliverables are on time and within budget.
- Planned and executed data classification (public, private and confidential) on documents shared with external clients and applied relevant controls.
- Identify internal Single Sign On (SSO) based applications & collaborate with responsible parties to have them integrated into corporate application authentication tools (Okta).
- Lead to assist business on the IAM consolidation project with user data migration from several tenants into single core corporate tenant.
- Support the infrastructure team in validating, filling in the gaps with the migration/implementation of user data from Active Directory to Microsoft Azure Platform to O365 Business Solutions.
- Operations Activities
- Actively monitor system for exceptions, errors as well as performance related problems. Troubleshoot and escalate as per established protocols while keeping end users informed of progress across all regions (NA, EMEA, APAC, LATAM).
- Responsible for conducting entitlement review for data owners
- Respond to security alerts such as lost and stolen assets, data breaches, unusual data access activities, spam and malware and remediating risk by applying controls such as access block, security scans, legal holds / litigation holds.
- Accountable for ensuring email security & protection controls are operational, such as blocking external suspicious emails, URLs, pulling back excessive spam emails sent by our internal users using third party tool (Proof Point).
- Report any IAM issues such as malware/phishing/smishing/impersonation/MFA/DLP/data breach & unusual data access related alerts provided by third party service providers (Cipher Tech, Outpost24, SentinelOne) to global regions’ IT Functions for immediate security and safety actions remediation.
- Ensure security (password protection/MFA) policies are enforced and compliant with federal and state regulations (ISO 27001, GDPR) across the globe (NA, EMEA, APAC, LATAM).
- Submitting/escalating Governance Risk Compliance (GRC) requests on behalf of users
- Quarterly generate entitlement reviews completion reports and following up with Data owners for incomplete status.
- Support senior management in implementing cost effective solutions to accomplish projects on time and within budget,
- Support external auditors (KPMG) with information and provide documentation as needed.
- Work directly with vendors to ensure products are functional as per the business need and standards.
- Work closely with Procurement to ensure business adheres to licensing agreements as per contracts.
Confidential - Westport, CT
Service Desk Associate
Responsibilities:
- Lead Win7 migration team to ensure Windows 7 Project migration progresses in alignment with the Windows 7 Project goals.
- Provide guidance, direction, solutions to achieve results in a qualitative & quantitative way.
- Ensure IT Assets are reported and updated accurately by approving all the Configuration Management Database (CMDB) entries.
- Mentor team members by providing full transparency, clarity on the project’s vision, promoting positive team spirit and ensuring appropriate individual attention is facilitated to achieve excellent results.
- Ensure Service Desk can support IT needs to meet business goals & customer satisfaction by delivering machines, fulfilling the incidents & service requests in a timely, consistent & quality manner.
- Enable service desk to create/update knowledge management by exposing defects in incident & request management & holding responsible parties accountable for their actions towards service desk goals.
- Support Project deployment/mitigation teams by strengthening the desktop support, deployment process & resolving issues by escalating.
- Understand & operate within company principles on a day-to-day basis among the service desk team by diagnosis and quality transparency.
- Ensure service delivery aligns with IT strategy by delivering quality services.
- Assist in driving improvements & evolution throughout the service desk function by logging & following up with suboptimal outcomes & escalating for quick resolution for issues by providing transparency.
- Manage incidents & service requests that meet and exceed the customer needs by adhering to Service Desk (SD) fulfillment execution processes & ensure SD response is within service level agreement (SLA) & tickets are resolved efficiently.
- Provide a secure service & manage risks by escalating security issues & mitigating service delivery risks with a security mindset.