Resume of INFORMATION SECURITY

Title
INFORMATION SECURITY

Primary Skills
IT Security and Risk Management Professional with Security+ certification and pending CISSP

Location
US-NJ-Jersey City

Posted
Feb-05-08

INFORMATION SECURITY & RISK MANAGEMENT

Proven IT Security and Risk Management Professional with Security+ certification and pending CISSP. Proven ability to aid in development of highly effective security policies, procedures, and business / technical infrastructure as well as managing related regulatory compliance issues. Experience managing teams of 5-30, including local, remote, and offshore / outsourced teams in India. Results-driven professional with exceptional communication and team leadership skills who thrives on high pressure decision making.

AREAS OF EXPERTISE INCLUDE:

Information / IT Security
Network & Systems Security
Identity & Access Management
Threat Monitoring & Mitigation
Risk Assessment / Risk Management
Custom Security Tool Development
Business Impact Analysis
Data Integrity, Classification, & Recovery
Regulatory Compliance
17799, SOX, SAS 70, COBIT
Cost Benefits Analysis



RECENT ACCOMPLISHMENTS

* Increased firm-wide audit pass rating D to A for past 4 years by implementing risk management standards and practices for risk factor identification and exposure management.
* Increased productivity while reducing request backlog by 50% and slashed problem resolution turnaround to 24 hours by creating and implementing streamlined, standardized escalation process.
* Member of Privileged Access Governance Committee.


PROFESSIONAL EXPERIENCE

JPMORGAN CHASE, Jersey City, NJ
Wintel Security Analyst Level II - Risk and Security Management, 2007 - Present
* Hand-picked from among pool of regional Team Leaders for creation of high level team of five security professionals developing global security standards, policies, and procedures for new globalization restructure spanning Asia, Europe, and North America.

Information Security Analyst-Lead - Identity & Access Management - North America, 2003 - 2007
* Promoted to train and manage geographically dispersed teams (onshore and offshore) of 30 security and risk management professionals located in New Jersey, Florida, and India using Citrix MetaFrame.
* Oversaw information security, systems security, and physical access security for 50+ Intel Environments with 200,000+ user accounts across Novell, NT, Active Directory, and Notes Platforms.
* Traveled to India twice to develop / present security training to outsourced security staff of 20.
* Ensured compliance with IT Control Policies and Standards, identified and mitigated risks and implemented procedures that achieved successful audit ratings.
* Oversaw Information Risk Analysts in conducting more than 100 annual risk assessment reviews.
* Led comprehensive analysis of privileged supervisor access which identified substantial gaps.
* Collaborated with Vulnerability and Recertification Groups on semiannual access re-certifications.
* Worked with internal and external auditors on in-depth internal SAS 70 and SOX audits.
* Reduced budget by semi-automating offboarding of terminated users.
* Provided guidance to IT & Business management on information risk and control.
* Coordinated risk assessment of Gap Remediation Projects and project deliverables.
* Trained / managed staff of 20 ensuring compliance with regulations, standards, and customer needs.
* Developed and implemented standards for network security issues such as access management, including formal escalation and SLA and establishment of 24x7 administration.

RICHARD A. TELLO PAGE 2

* Enforced IT Control Policies and Standards and managed LAN Security and Remediation Group for Wholesale Line of Business throughout JPMorgan Chase.
* Investigated and prevented unauthorized access of supported environments; oversaw administration of user, special purpose (functional), privileged, and emergency accounts.
* Enforced compensating controls to minimize security risk; implemented privileged access process.
* Conducted gap analysis on environments to identify security gaps and managed several gap remediation projects; aided IT Risk Management with internal and external security audits.
* Implemented information management database to track users across all supported environments.
* Named subject matter expert (SME) on Information Security policies and standards across Intel environments and participated in several security-related projects / initiatives owned by IT Risk Management, Global Technology, and Lines of Business.

LAN Administrator - Global Security Operations Management, 2000 - 2003
* Started as merger related consultant.
* Rapidly hired and promoted to lead administrator on security team providing user account and group administration on multi-platform (Windows and Novell) operating systems.
* Handled user and group account creation, deletion, password and account / station restrictions and access privileges.
* Provided Lotus Notes user administration.
* Reviewed and archived security logs with Event Viewer; maintained monitoring system and ran server reports using 3rd party products (Bindview, Logcaster, Kane Securities, etc.).
* Troubleshot file permissions and application issues using Timbuktu.
* Effectively partnered on Disaster Recovery Testing with both line of business and technology groups, ensuring smooth cutover from production to disaster recovery mode.
* Involved in 10 migration / transition projects to standardize access across businesses / geographies


EDUCATION & TRAINING

HUDSON COMMUNITY COLLEGE
- Bachelor of Science (BS) - Management Information Systems (MIS), Pending
* HONORS & AWARDS: 4. 0 GPA ~ Honors Graduation Track ~ PHI THETA KAPPA International Honor Society

CHUBB INSTITUTE - Computer Technology Diploma
COMPTIA - A+ certified ~ Security+ Certified
CISSP - CISSP Certification Pending (Boot camp completed)

INFORMATION SECURITY & SYSTEMS SECURITY TRAINING
Risk Management for IT Professionals
Technology Usage
Information Protection Practices
IT Risk Management Policies & Standards
Sarbanes-Oxley (SOX)
Encryption & Cryptography
PKI / Smart Cards



MANAGEMENT TRAINING
Preventing Workplace Harassment
Customer Loyalty
Leading Service Excellence
Emotions - Problems or Solutions
Effective Use of Questions
Presenting Yourself Positively
The Management People Series for T&O
Listen To Understand
Professional Communication
Handling Challenging Situations
Setting Objectives


TECHNICAL SKILLS
DOS, Windows (3.X / 9X / NT / XP), Active Directory AD , Novell (3.X, 4.X, 5, 6-eDirectory), Apple Mac OS X TCP/IP, Ethernet, TokenRing, VPN, Symantec Bindview, ITA, ESM, LT Auditor, Console One, NWAdmin, User Manager, Server Manager, DameWare, NetlQ, DRA Directory & Resource Administrator, Active Directory Management Consoles, MMC, Hyena, DumpSec, Word, PowerPoint, Excel, Access, Project, Peregrine Service Center

REFERENCES AVAILABLE ON REQUEST

Certifications
See above


You must be logged in and have a current resume access subscription. Login or Register »

View all resumes in US-NJ-Jersey City »
View all resumes in US-NJ »

View other INFORMATION SECURITY resumes, Programmer / Developer resumes