Kyley Stabenow, CISSP

[pic]

Information Security Specialist: Windows, Networks, UNIX

IT PROFESSIONAL

In excess of 16 years experience developing and implementing

effective system security measures and strategies.

Deliver energy, insight, and organizational leadership essential to achieve

key performance objectives. Collaborate with senior management and key

personnel to define goals and set priorities. Formulate policy and budgets,

devise strategies; implement detailed operational plans. An autonomous

leader and team player showing mastery of highly stressful, fast-paced

environments with critical demands and expectations. Pending award of CISM

certification.

[pic]

SKILLS, ABILITIES & Achievements MATRIX VALUE OFFERED

Policy Development ( Strategic Planning ( Operations ( Budgeting &

Financials

Project Management Programming ( Staff Training & Development ( Risk

Management

Cost Reduction ( Key Account Management ( PCI PA-DSS ( Snort ISS

RealSecure expertise

tcpdump expertise ( Intrusion Detection System Design & Operation

Regulatory Compliance & Remediation ( Penetration Testing & Analysis

QSA and PA-QSA Certifications - Inactive

[pic]

Career Track & Performance Driving Forces

Information Security Manager 2008 - Present

HMSHost Corporation Bethesda, MD

I currently direct critical system security functions aligned with

short and long-term requirements and to maintain full compliance with

corporate and external directives. Create and implement all IT security

policies and procedures company-wide. Validate effective information

security technologies, processes, and practices to maintain multiple

agency compliance. Chairman of the Information Security Steering

Committee.

Organizational Impact Contributions:

< Design and provide ongoing training (e.g. security awareness) to

employees at all levels, marketing partners, and appropriate 3rd

parties to maximize security critical to safeguarding proprietary

and customer business data.

< Achieved complete success resolving 5-year PCI DSS non-compliance

by developing and managing annual compliance process. Effort

yielded significant cost savings by keeping efforts in-house.

< Played a key role assisting in achieving considerable cost savings

through annual HIPAA and PCI DSS compliance remediation

achievement; previously, company secured outside technical

providers for remediation planning and execution.

< Additional achievements include assisting many IT departments in

streamlining system administration issues to achieve improved

efficiencies, lower costs, and reduce staffing levels.

Senior Information Security Consultant 2004 - 2008

Computer Task Group Houston, TX

Managed client engagements focused on the design and development of

system security solutions customized to exact needs. Performed assessments

that included attack and penetration tests, evaluated overall client IT

infrastructure and resources, and prepared documentation and presentations

for client and company decision makers.

Organizational Impact Contributions:

< Assignments included PCI remediation for a prominent US

hospitality client, and PA-DSS and PCI DSS assessments for vendors

and merchants. Performed quarterly security assessments and wrote

customized, automation-based security tools for heterogeneous UNIX

systems. Consistently delivered results at budget and on or before

deadline.

< Achieved significant cost savings by managing PCI DSS and PA-DSS

assessment and remediation processes and actions.

Kyley Stabenow, CISSP

Manager Interim Director, Information Security Services 2003 - 2004

Jefferson Wells International Houston, TX

Supported and guided a 6-member forensic and IT security staff

serving a large client base with varied needs. Established project

timelines and requirements, assigned personnel, and managed engagements to

successful conclusion.

Organizational Impact Contributions:

< Played a leading role managing network and UNIX system-level

forensics in successful credit card fraud investigations, and

spearheaded several HIPAA, SOX, and security vulnerability

assessment projects involving heterogeneous networks and

platforms.

< Efforts generated lucrative additional revenues and profitability

through VISA CISP and PCI DSS assessment and remediation services

and other network security consulting.

Senior Information Security Consultant Engineer 2000 - 2003

Schlumberger Network Solutions McLeod USA Houston / The Woodlands, TX

Served as Project Manager directing all facets of the architectural

design and deployment of the complete Network Intrusion Detection Systems

(NIDS), incident response implementations, and UNIX security for the 2002

Salt Lake City Olympic Games IT networks in partnership with the United

States Secret Service, with work resulting in a formal award by the United

States Secret Service.

Organizational Impact Contributions:

< For McLeod USA, served in leadership capacity on a 24/7 Incident

Response and Control Team. Planned and executed regular network

security assessments, and developed applications and tools to

lower costs and ensure optimal security company-wide.

< Highlights include creation and implementation of password change

automation process for 1.5K network devices nationwide utilizing

Python and Expect languages. Scripted customized brute force

attack program as a proof-of-concept tool for testing password

weaknesses for all routers and switches. Programmed real-time web

management interface for Snort IDS platform for easing daily

analysis and maintenance.

< Efforts saved the Salt Lake Organizing Committee approx. $1M in

IDS implementation and operating system security, and achieved

exceptional end results for McLeod USA by reducing / eliminating

high costs associated with distributed denial of service, external

network compromise, and associated network security events.

Network Security Vulnerability Technician 1995 - 1999

United States Marine Corps Rota, Spain

Provided technical and supervisory leadership maintaining critical

computer, communication, physical and information security to various US

Navy commands and a Naval Intelligence organization. Performed forensic

evaluations, developed policies and procedures, and trained personnel in

all aspects of operational, information, and computer security. Held TOP

SECRET/ SCI clearance.

Organizational Impact Contributions:

< Authored first-ever network security assessment process SOP for

all organizations, and created an operational security brochure

earning US Navy letter of commendation.

< Designed and developed shell script-based tools for monitoring and

securing remote systems achieving critical goals while lowering

costs and manpower requirements.

< Maintained and ensured quality for 200+ telecom circuits for local

and remote clients, and managed real-time communications of

various mobile platforms.

[pic]

LEARNING CREDENTIALS

Computer Science Mathematics, Lakeland College ( 3.8 GPA Dean's List

Contact this candidate