Summary





Well rounded IT professional with several years experience, predominantly in IT Security. While working in IT, I ve become CISSP, MCP and ITIL Foundation certified. As a Senior IT Security Analyst, I was tasked with troubleshooting level 2/3 incidents and requests ; helping to establish a sound analytical and problem solving skill set. In addition to my IT Security experience, I ve established extremely strong communication skills as a past Help Desk analyst .I ve worked very closely with an IT Compliance organization to satisfy SOX, ISO 20000 and ISO 27000 standards. Going forward, I look to continue to develop my current skill set while building new skills through future work experience and training .I hope to 1 day get into senior/executive level IT management.


Awards

CISSP
Certified Information Systems Security Professional
ITIL Foundation Information Technology Infrastructure Library
MCP Microsoft Certified Professional
Won Service Desk quarterly awards for Most Outstanding Performer FY06 Q4 , FY07 Q1 , FY07 Q2 , FY07 Q3 and Best Teamwork FY06 Q3 , FY06 Q4 , FY07 Q1 , FY07 Q2
Won CIO FY10 Q2 award for work on vulnerability assessment on project to bring learning application in-house from hosted facility
Won CIO FY10 Q3 award for work on merger and acquisition project
Deemed a Subject Matter Expert by Learning Office after working closely with them on security awareness course content


Employment

2005 -  2010
Computer Associate

Education

Skills


Network Security experience includes review of all firewall/router changes ; Host-based Security ; Vulnerability Management processes and tools ; Enterprise Antivirus Management ; Enterprise Patch Management ; Malware Remediation ; IDS ; Data Leakage Prevention ; Wireless Security ; Remote Access Security ; Microsoft Active Directory Administration ; understanding of cloud computing and virtualization concepts ; knowledge of Windows infrastructure management.

Holds strong communication skills, has a experience in a customer service related position, possesses a polished problem solving skill set, has a wide range of IT project related experience and has an understanding of security awareness training development.

Familiarity with Sarbanes-Oxley SOX, ISO 20000 and ISO 27000 Security Controls ; and Information Technology Infrastructure Library ITIL concepts and practices in Service Management. Was a member of Computer Security Incident Response Team CSIRT with experience in Incident Response.


Miscellaneous

Senior IT Security Analyst
Resolved numerous Level 2/3 incidents and requests raised by CA employees while providing world class customer service. Also acted as an escalation point for our level 1 Security Operations team.
Collected and analyzed security escalations from automated sources IDS, Logs, etc. to ensure overall security of CA s network was maintained. Additionally, acted as a point of contact for escalations from non-IT sources, internal HR, Legal and external requests to provide expert level IT Security perspective.
Developed safe computing policies and procedures for the enterprise ; several of which helped organization achieve ISO 27000 certification.
secured CA s environment with architected strategy and business case driven investments ; while assessing the impact and likelihood of any risks in the environment and escalating to upper management so they appropriate remediation plans could be carried out.
Aided in forensic investigations while following a security incident response plan in order to identify potential root causes and provide an executive report to senior management detailing all findings.
Analyzed emerging security technologies, trends and emerging issues in order to make appropriate recommendations regarding their implementation.
participated in the product development lifecycle on a number of CA products, providing feedback to the brand on the use of their solutions which contributed to a process of continual improvement evaluated and made decisions on security policies for various security solutions but not limited to, Web filtering technologies, proxies, firewalls and anti-malware, to ensure the business needs were met while following security best practices.
Coordinated the notification and containment of infected users and hosts found by proactive vulnerability management tools and processes and driving the remediation effort to resolve a high number of vulnerabilities.
Collaborated with IT System Administrators to manage both physical and virtual Windows infrastructure systems.
Associate Security Engineer
Resolved numerous Level 2 incidents and requests raised by CA employees while providing world class customer service. Also acted as an escalation point for our Service Desk team.
Conducted initial review of all firewall change requests in CA's production environment for the opening of ports and escalated to Threat Management team for final review.
Managed the granting/revoking of access for employees, utilizing Microsoft's ISA Firewall Administration tool for external port access for CA employees to accommodate special business use cases for certain employees. Followed a similar process for access to restricted web sites through domain groups in Active Directory.
Coordinated and conducted vulnerability scans of enterprise and end user systems, upon proper service desk request and oversaw that the necessary remediation steps were taken if necessary.
Managed quarterly access reviews of in-scope applications and file share access with business application owners and conducted reviews of all generic and privileged accounts across the domain to pass IT related SOX controls.
Service Desk Analyst
Provided Level 1 support for all of CA s internal employees across the world, helping to develop strong communication skills and resolved approximately 80% of all requests raised without the need for escalation.
1 of 2 analysts that were responsible for working to resolve any issues raised by a VIP support list that included the majority of all executives at CA.
Used the CA product, Service Desk, to create, resolve and transfer requests that were raised via phone call or web.