Objective
Career objective is to obtain an Information Security position in a highly productive team oriented environment.

Employment

06/2007 -  08/2008
Information Security Project Manager

Project Manager for global Information Security team. Integral in providing a more secure, consistent and compliant environment and implementing a focus on audit readiness and compliance in a multi site cross platform setting.

Focused on security systems and processes, strategic planning, issue analysis and resolution, international team collaboration, and automation. Administered security compliance tracking web application. Managed escalated security issues for major customers.

Key Achievements:
* Provided focal point for automation of key security processes through use of existing software and the adoption and integration of corporate standard security toolsets including Consul Insight Manager / Tivoli Compliance Insight Manager (TCIM), ScriptLogic, Configuresoft Enterprise Configuration Manager (ECM), GFi LANguard and BladeLogic Operations Manager
* Facilitated transition of security tasks from domestic operating system administrators to the international security administrators to achieve separation of duties. Optimized performance of the security administrators and minimized impact to customer programs during transition by coordinating training and providing extensive documentation on programs existing practices including existing security structure, event log management, escalation, reporting, privileged and service account management and termination

* Analyzed and redesigned access request process for major customer, freeing 45% of security administration teams work cycles to focus on higher level security concerns

* Led cross functional team in defining secure remote access procedures (hardware and software)

* Investigated and documented escalated security incidents. Provided remediation plan with controls to resolve a major customers recurring access management issue. Solution resulted customer request for expansion of data security controls to their extended environment

03/2005 -  06/2007
Information Security Engineer

Key team member responsible for security administration and audit compliance for 6 large commercial programs, 2 government programs and an internal infrastructure program.

Prepared multi-site operations for compliance with regulatory and standards organizations including Federal Information Security Management Act (FISMA) / National Institute of Standards and Technology (NIST), Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Statement on Auditing Standards No. 70 (SAS 70) as well as ACS corporate standards based on BS 15000 / ISO 20000 according to the programs requirements.

Conducted internal security audits to determine status of controls within environments. Provided comprehensive support to internal programs and auditors during audit periods.

Key Achievements:
* Developed, implemented and maintained processes and controls to secure a multi-site cross-platform (mainframe, Unix, Linux, Novell and Windows), environment from internal and external threats resulting in corporate and regulatory agency compliance

* Investigated security incidents using corporate standard procedures. Removed the immediate threat and remediated the issue with an effective set of controls

* Maintained security integrity by performing internal audits of systems and processes, users, group utilization and remote access (VPN). Collaborated with the intrusion detection and penetration testing teams to secure the application (database and messaging) and networking environments

* Coordinated security and account management for Active Directory and MS Exchange infrastructures with the global support teams

05/2001 -  03/2005
Information Management Senior Specialist

Installed and maintained Windows NT 4.0/2000/2003 servers in a multi-site WAN environment. Configured and supported standard tool sets including Active Directory, enterprise applications (Exchange, Blackberry, SQL, WSUS, SharePoint, ARCserve, and Veritas BE), monitoring tools (Tivoli, NetIQ, and HP Insight Manager) and security (McAfee ePO and GroupShield).

Provided on-going liaison support for the international system administration teams. Designed, implemented and tested disaster recovery / business continuity plans for customers.

Key Achievements:
* Initiated, developed and scheduled team projects plans. Supported change control process through project planning

* Oriented and provided on-going support to the international system administration team. Trained on the standard infrastructure tools, introduced to contiguous support teams, wrote detailed documentation on the administration procedures and acted as liaison to customers and other teams

* Evaluated and allocated issues to the appropriate international team members

* Secured Windows server environment to meet or exceed corporate and customer standards

* Designed and delivered midrange disaster recovery planning services to three major customers. Supported customers onsite and remotely during successful disaster recovery tests.

00/2000 -  05/2001
Applications Project Manager

Applications Project Manager
Led implementation and integration of major corporate client/server applications including ERP, HRIS and Financial systems utilizing project management skills. Supported escalated HRIS application issues.

* Analyzed, designed, tested, debugged, optimized, documented and implemented systems applications to meet business requirements

* Installed, supported and upgraded software (Windows 2000, NT Terminal Server, Citrix MetaFrame and Great Plains Dynamics, Progress RDMS and Microsoft Project) and hardware on corporate application servers in a multi-site WAN environment

12/1997 -  00/2000
Windows System Administrator

* Administered, tuned, monitored and upgraded hardware and software on 30 critical servers in a 500+ node 7x24 NT/UNIX TCP/IP multi-site LAN/WAN environment

* Provided 3rd tier software, hardware and network support for desktop and helpdesk

* Project lead for implementation of ERP and Great Plains systems

* Prepared and managed annual budget encompassing client/server solutions

* Received the Real3D Corporate Recognition Award for the client/server implementation

00/1996 -  00/1997
Network Technician (Contract)

* Installed, administered and supported Novell NetWare 3.12 and 4.1, OS2 and Windows NT 4.0 in an IPX/SPX environment on Compaq, Dell and IBM servers

* Implemented and maintained Citrix WinFrame multi-user server and clients

* Managed backup servers and tape libraries (StorageTek, and Quantum)

* Provided Windows, Microsoft Office and Lotus cc:Mail support

* Supervised hardware/laptop lab staff and maintained spare parts and inventory

* Received letters of commendation from Caltex Board of Directors

00/1995 -  00/1996
Support Engineer (Contract)

* Administered technical support as member of Microsoft launch team for Windows 95

* Supported installation, configuration, networking, and usage issues for customers

* Chosen to furnish Premier, contract and fee-based weekend support

* Exceeded daily and monthly support goals with average of 110%

* Recognized for outstanding customer service by Microsoft POS team

Education

Miscellaneous
EDUCATION
ACS Internal Security Compliance for Health Insurance Portability and Accountability Act like HIPAA
Basic Cisco Router Support and Setup

CERTIFICATIONS
MCP : Installing, Configuring and Administering Windows 2000 Server
MCP : Installing, Configuring and Administering Windows 2000 Professional
MCP : Implementing and Supporting Systems Management Server pursuing Certified Information Systems Security Professional like CISSP