IT Security Manager Resume


Title
IT Security Manager


Primary Skills
IT Security, IT Risk Management, IT Management, Active Directory, IT Compliance


Location
US-TX-Houston (will consider relocating)

Posted
Aug-28-11

RESUME DETAILS

PROFESSIONAL SUMMARY

Strategic, proactive IT Risk, Security & Compliance Analyst
and MBA with 10+ years experience at a Goldman Sachs
subsidiary, University of Texas Health Science Center and
more. Unique ability to design and implement security in
federally regulated environments using a holistic approach
that combines administrative, technical and physical
controls.
* Exemplary leader who can drive change, infuse new ideas
and deliver solid business results to take enterprise system
performance and productivity to the next level.
* Core competencies include security architecture,
business continuity planning, identity management, technical
infrastructure management, CoBIT and compliance. Proficient
in risk simulation, management and optimization tools.

PROFESSIONAL CERTIFICATIONS
CISSP - Certified Information Systems Security Professional
MCP - Microsoft Certified Professional

PROFESSIONAL EXPERIENCE
LITTON LOAN SERVICING (subsidiary of Goldman Sachs),
Houston, TX; 06/2007 - Present
4 years 2 months
SUPERVISOR, IS SECURITY & SYSTEMS ADMINISTRATION (01/2010 -
Present)
Establish and maintain information security framework for
federally regulated Mortgage Servicing Unit with 2000 users
in 3 sites. Manage 15+ network security architects and
system administrators in 3 sites and outsourced location in
India as well as external contractors. Develop, communicate
and maintain standards, procedures and guidelines to support
IS policy, including privileged access management,
infrastructure change management and server build
procedures.
* Integrate information security controls into contracts
with business partners.
* Coordinate daily technology pass/fail status reporting
used to measure KPI.
* Assist in assurance-related engagements by internal
audit; compile and provide information requested by New York
State Board regulators.
KEY ACCOMPLISHMENTS:
* Developed information security strategy and plan that
allowed business and process owners to safely perform tasks
without putting information at risk. Implemented plan that
complied with regulations in the Gramm-Leach-Bliley Act
(GLBA).
> Introduced a more secure platform to transmit data
using sFTP vs. Website.
> Recommended fault tolerant distributed systems that
would automatically failover in a disaster situation vs.
using static locations in programs.
* Created business cases to justify investments in
information security, including RSA DLP for data loss
protection and NetIQ DRA for user entitlement management.
* Introduced process and tool to measure, report on and
enforce baseline configuration, submitted annually to
internal audit and New York State Board auditors. Also
maintained configuration management catalog.
* Implemented server lifecycle management process and
converted hundreds of physical servers into the virtual
environment (VMware), significantly reducing server
deployment time and data center space.
* Instituted a change control process, resulting in a
consistent KPI of 95% success.
* Facilitated information exchange between technology
management and technology oversight committee and created
automated management information reports.
* Successfully managed a highly skilled team with more
professional work experience.

LEAD, IS SECURITY & SYSTEMS ADMINISTRATION (06/2007 -
01/2010)
Designed, implemented and administered security and
networking solutions that improved system stability,
efficiency, maintainability and recoverability.
KEY ACCOMPLISHMENTS:
* Guided IT infrastructure team of 12 to develop and
implement business continuity (BCP) and disaster recovery
(DR) plans across 3 geographic locations.
> Proposed and secured project buy-in from executive
management. Created scope and overall plan, then
transitioned to project manager for execution while
functioning as a key stakeholder and strategist.
> Efforts led to 2 successful moves of critical services
to the disaster recovery site during Hurricane Ike and a
major Houston power outage.
* Formulated operating baseline to enforce company's
security policies/standards.
* Established process for detecting/responding to IS
incidents through implementation of products (NetIQ Change
Guardian, RSA enVision), policies and procedures.
* Redesigned AD and DNS infrastructure to accommodate
separation from old parent company and inclusion of another
affiliate (Avelo) after purchase.
* Consolidated user identity and access control
management across 8 disparate systems using Oracle Identity
Manager. Designed conceptual framework with change
management and outsourced code development.
* Co-managed deployment of 2-factor authentication using
RSA Secure ID and AD.
* Deployed Public Key Infrastructure (PKI) within the
subsidiary.
* Created a secure process to transfer files between
vendors and partners; served as point person for all data
going out of the company.

PC SOLUTIONS, a Gold Partner with Microsoft & Fonality,
Houston, TX; 07/2005 - 06/2007
IDENTITY MANAGEMENT CONSULTANT; 1 year 11 months
Provided expertise in the design and implementation of
identity management solutions, mostly Active Directory.
Assisted in pre-sales demos and answering technical
questions.
KEY ACCOMPLISHMENTS:
* Suggested ways clients could use technology to improve
business practices/security.
* Implemented document management systems at multiple law
offices and maintained infrastructure for several partners
who outsourced operations to India.

UNIVERSITY OF TEXAS HEALTH SCIENCE CENTER, Houston, TX;
06/2000 - 06/2005
5 years
SYSTEMS ANALYST (01/2002 - 06/2005) / NETWORK SUPPORT
SPECIALIST (06/2000 - 01/2002)
Pivotal technical and leadership resource on networking and
security projects supporting 10,000+ users. Prepared
information security evaluation for new application
projects.
KEY ACCOMPLISHMENTS:
* Designed and administered enterprise Active Directory
of more than 10,000 users.
* Led successful migration of computers and user accounts
from various AD domains/forests into a consolidated
structure, a 2-year project with 20+ team members.
* Created solution to synchronize user accounts/passwords
between Sun LDAP & AD.
* Streamlined IT processes to achieve 75%+ reduction in
labor and 99%+ uptime while adhering to HIPAA.

PROFESSIONAL AFFILIATIONS
Information Systems Audit and Control Association (ISACA)
Information Systems Security Association (ISSA)

PROFESSIONAL TRAINING
RSA DLP Compliance Management, RSA, 2010
NetIQ Security Management Suite, NetIQ, 2009
Principles of Project Management, PMI, 2005

TECHNICAL SUMMARY
IS Stabdards: COBIT, ISO 27001/27002, GLBA, PCI DSS, HIPAA
PLATFORMS: Windows, UNIX
SW/TOOLS: Active Directory, Cisco Routers/Switches,
CheckPoint Firewalls, Bluecoat Web Filters, RSA SecureID,
Cisco WAAS, RSA DLP/enVision, NetIQ DRA/Security
Manager/Change Guardian, VigilEnt Policy Manager, EMC
Storage, Citrix, CommVault Backup, Enterprise Vault, Altiris
Suite, VMware, Veritas Backup Exec, MS Office Suite, MS
Exchange, Oracle Crystal Ball, Oracle Identity Manager

EDUCATION
University of Houston, C.T. Bauer College of Business,
Houston, TX
M.B.A., 2010

University of Central Oklahoma, Edmond, OK
B.B.A., MIS, 1999


Certifications
See above

CONTACT DETAILS

You must be logged in and have a current resume access subscription. Login or Register »

Related: IT Manager Resumes | IT Resumes in Houston, TX | IT Resumes in Texas