Information Security Manager
Certified Information Systems Security Professional (CISSP)
IT Infrastructure Library (ITIL) Certified Professional
|
| Highly accomplished manager with a successful 20+ year career
introducing effective strategies, best practices and controls to decrease exposure and
strengthen organizations. |
| |
| Expert in creating the tools, processes, teams and policies to build best-in-class security organizations.
Strength leading teams in evaluating and identifying risks, defining appropriate mitigation controls;
and deploying solutions to minimize vulnerability and threat across the enterprise. |
| |
| Specialized techniques for information security management, including risk and vulnerability assessments,
identity management, access controls, backup/recovery and regulatory compliance. |
| |
| Outstanding planning, organizational, team building, problem solving, leadership and communication skills.
Strength in facilitating consensus between teams, clients and partners to support objectives across complex environments. |
PEROT SYSTEMS - Plano TX - 06/05 - 05/09
Security Systems Senior Manager - Information Security Department |
|
Challenges: To introduce new teams, services and processes to enhance the delivery of information security services to clients within
the health care, financial, commercial, insurance and other sectors. |
| Responsibilities: Led teams in assessing and documenting client’s technical environments and processes;
evaluating risks and issues; and recommending and implementing standards and best practices to decrease exposure
and meet regulatory compliance. Partnered with clients and teams in determining business needs and goals,
and implementing remediation plans. Total accountability for profit & loss, RFP development and proposal certification,
cost model validation, and sales support for Information Security Transition and Business Services organizations.
Managed, mentored and monitored performance of 15 Associates. |
- Established dedicated Information Security Transition Team, and created and launched the Information Security Globalized Support Framework, enabling the successful migration of client’s security administration services to global outsourcing team with minimal impact to business operations. Developed standard processes for engaging client, evaluating and aligning business needs with contract requirements, assessing existing security environments, and developing and executing plans.
- Built a centralized Business Services Team and standard procedures to provide subject matter expertise to clients on compliance, auditing, and performance issues. Developed process to track resources and projects; created criteria to define and deliver business requirements; evaluated contracts and statements of work; and defined framework to measure project completion and success.
- Selected to develop an automated Identity Management solution for both internal and clients. Led team in evaluating, choosing, recommending and defining plan for the rollout of Novell Identity Management and Microsoft Identity Integration Server frameworks.
- Directed all aspects of Information Security Transition projects for 20 clients, from initial evaluation of contract and capture of client’s business needs to the development of detailed procedures for all aspects of user and platform administration of client’s environment, and on-time and appropriate delivery of services.
|
CAREMARK / ADVANCEPCS - Irving, TX - 03/02 - 06/05
Manager, Access Management (2003 - 2005) / Consulting Analyst
(2002 - 2003) |
| Challenges: Originally recruited by Advanced PCS to newly established Access Management team to strengthen internal processes to achieve regulatory compliance. Promoted within 1st year and challenged to introduce structure into Access Management operations to enhance employee and customer satisfaction. |
| Responsibility: Full accountability for leading team of 8 in overseeing access management for all applications, services and products across multi-platform Windows NT/2000, AS/400, UNIX, Citrix and RACF environments supporting 24,000 users. Assumed additional responsibility to evaluate, recommend and implement new security tools and processes; conduct in-depth audits and investigations; and implement controls and mitigation strategies to ensure safe computing. |
- Strengthened account management and access controls processes; introduced security training program; and initiated a continuing customer satisfaction survey, eliminating errors and customer complaints, reducing high employee turn-over rate, and achieving customer satisfaction ratings of 90%+.
- Spearheaded the rollout of Bindview auditing tool, and oversaw teams in conducting audits and investigations of environments to ensure compliance with Sarbanes-Oxley and HIPAA regulations.
- Defined and led the implementation of new security scheme for entire Windows NT/2000 infrastructure, minimizing vulnerability across 20 domains and 24,000 users.
- Core member of team charged with evaluating and recommending Sun Identity Manager tool, and subsequently charged with overseeing efforts to deploy new tool to automate manual user administration and password resets.
|
SPRINT E|SOLUTIONS - Ft Worth, TX - 04/99 - 03/02
Senior Consultant / SME for Windows NT and 2000 Platforms |
| Challenge: To evaluate, design and implement security, backup/recovery, remote access and Active Directory migration solutions for clients throughout the United States. |
| Responsibility: Consulted with clients to provide expertise on infrastructure design and optimization; risk mitigation; and best practices and continuous improvements. Given one-year interim responsibility to supervise team of 8 in managing network infrastructure and providing technical support to users for telecommunications manufacturing client. |
- Established the Windows 2000/Active Directory Migration build service offering, providing clients with technical expertise to support major initiative.
- Designed a back-up/recovery solution to enable a major software developer in the Pacific Northwest to safeguard 100 Terabytes of data within primary Data Center.
- Established Windows 2000 security policies and standards for major international finance company. Conducted security assessments; mitigated issues; and designed standards for deploying and administering Windows 2000 platforms.
|
| Additional experience as Technical Analyst for Abbott Laboratories, Systems Engineer for Customer Information Services,
Network Administrator for The Pinnacle Corporation, Technician for Tandy, Adjunct Professor of Windows NT, IIS and 95 Certifications
for Tarrant County College, and Master Sergeant in Law Enforcement and Industrial/Information Security for the U.S. Air Force.
|
| Education & Credentials |
Bachelor of Science in Management - University of Phoenix
Associate of Arts in Criminal Justice - Community College of the Air Force |
Certifications
CISSP / ITIL / MCSE / MCSA / CCA / CompTIA A+
|
|