Security Management
Resume:
Scott A. DuPart
Chicago, IL 60608
Cell 312-***-****
acdf9r@r.postjobfree.com
http://www.linkedin.com/in/dupart
Summary of Qualifications
. Experience in implementation, integration, and evolution of complex
systems architecture
. Expertise Identity and Access Management, including LDAP, Strong
Authentication, Web Security Standards, and Federation.
. Ability to analyze, evaluate new systems designs and create technical
strategies
. Ability to provide architectural design for a given system or systems
. Critical thinking/strategic business decision-making abilities, strong
problem-solving skills and effective communication skills
. Solid project management skills, ability to multitask and work
independently with a high level of energy and precision
. Cross-functional team leadership skills, possessing good judgment with
the ability to effectively work within a team setting as well as
independently
. Vendor management, evaluation, selection and price negotiation
experience
1 TECHNICAL SKILLS
TCP/IP Information Security Policies Secure communications: IPsec,
Security Event Management and Procedures: Policies, Encryption, SSH, SSL,TLS,
(SEM) Standards, Guidelines, Digital certificates and
End Point Security Technical controls, workflows signatures
SOA Security framework and procedures. 802.1x, NAC
Technical Project Management ITIL Network Security
Identity and Access Firewalls and DMZ, Load
Microsoft Operations Management systems Balancers, Reverse Proxy, XML
Framework, (SDLC) Federated Identity Gateways
Regulatory and Standards: Management, Authentication, Web Filtering
HIPPA, Sarbanes-Oxley, Authorization and Access Virtual Private Networks and
(COBIT), ISO7799, PCI, FISMA Control: End-End Application Remote Access
Security, WS- Security, VMWare
IDS/IPS Enterprise Authentication and Secure Data Center, Cloud
DLP Authorization Web Services, Security Experience
Secure administration,
RADIUS, SecureID, Single
Sign-on (SSO), SAML
Active Directory /LDAP
EDUCATION
2 NORTHERN IL.
UNIVERSITY, DeKalb, IL. 1996
B.A. Instructional Technology and Telecommunications
CERTIFICATIONS
CISSP Test -May 1, 2014
SABSA SHERWOOD APPLIED BUSINESS SECURITY ARCHITECTURE 2007
MCSE (Microsoft Certified System Engineer) 2003
CCNA (CISCO CeRTIFIED NETWORK ASSOCIATE) 2003
3COM CDMA Data Systems (WIRELESS IP NETWORK ADMINISTRATION) 1998
PROFESSIONAL EXPERIENCE
Jones Lang and LaSalle September 2012 - Current
Global Realestate and Investment firm
Enterprise Security Architect
. Identified gaps in the enterprise security program, technologies, and
processes then created an actionable technology roadmap and security
program strategy.
. Worked closely with the Stakeholder areas in creating a holistic
approach to developing and managing the company's security strategy.
. Deliverables included clear communication of strategy, project
management, and on-going assessment for initiatives across the
enterprise, as well as leadership in security incident response and
remediation activities.
. Procured and implemented a Managed Security Service to monitor, detect,
and analyze security events.
. Designed and implemented IDS/IPS, Two Factor Authentication, DLP, SIEM,
Vulnerability Management.
. Managed the lifecycle and the retirement of technologies.
. Designed a Security Framework based on the risk management methodology
to review technology projects and secure with proper controls.
. Analyze technology feasibility, costs estimates, time, and work effort
needed to design and implement of security solutions
Walgreens Corporation Lincolnshire, IL. July 2011 - September
2012
Large Retail owner and online pharmacy servicer for prescriptions, health &
wellness products, health information and photo services
Sr. Security Architect
. Acts in a lead technical role, providing expertise and guidance to
groups across the enterprise in the design and support of architecture
and infrastructure solutions for business applications.
. Facilitated and review the definition and implementation of standards,
methodologies, and best practices that guide the design of technology
solutions including architecting and implementing solutions requiring
integration of multiple platforms, operating systems, and applications
across the enterprise.
. Oversee and participates in the design, implementation of systems
architecture, infrastructure products and services to ensure security,
availability, reliability, and scalability for the applications services
and environments, including development test, UAT, and production.
. Assists in identifying root cause of complex systems problems when
requested. Contributes to the definition and execution of the
architecture governance process.
. Designed N-tier architecture for security services, ecommerce and ESB
from concept to implementation.
. Performs research, analysis, and formulates recommendations regarding
technologies, products, and solutions to fulfill requirements within the
enterprise. Communicates with vendors and service providers to gain a
clear understanding of product or service capabilities and costs.
Identifies potential risks, analyzes costs vs. benefits, and potential
impact on operations associated with new technologies, products, and
services.
. Lead complex security projects and created Reference Architectures for
Secure Data Center, XML Security Gateways design, Oracle Entitlement
Management and Oracle Identity and Access Manager Implementation for web
services and portal applications.
Accenture Chicago, IL. Feb 2011 - July 2011
A global management consulting, technology services and outsourcing
company
Security Architect and Senior Manager - Contract
. Designed and implementation of a 24x7 Global Security Operations Center
from conception to sustainment.
. Created standard operating policy and procedures for the Security
Operations Center using ISO 20001 and ITIL practices.
. Architected, designed and implemented the security technology and
capabilities for the SOC including firewall, IDS, DLP, Threat
Management, Antivirus, Config Management, Asset Management and Network
Monitoring.
. Responsible for analyzing and/or administering security controls for
information systems.
. Safeguard the network against unauthorized infiltration, modification,
destruction or disclosure.
. Implement and enforce company security policies.
. Provide incident response, analysis and reporting per policies and
procedures.
. Provide support to review, assess and document vulnerabilities to
improve the security posture of information systems.
HEALTH CARE SERVICE CORPORATION (HCSC) Chicago, IL. Nov 2004
- Feb 2011
Premium medical care insurance provider affiliated with numerous Blue
Cross Blue Shield operations
Senior Technology Architect - Security Domain
(Nov 2004 - Feb 2011)
. Engage with Operations, IT Management, Security, Procurement, to develop
enterprise strategies based on defined drivers from key business
stakeholders, influencing the development of roadmaps for IT
Infrastructure and Security-based deliverables.
. Translate business requirements into technology strategy and
implementation for the firm's network infrastructure. Influence senior
level management and key stakeholders.
. Direct all aspects of architecture design/upgrade including, the
integration of new technologies for enterprise services.
. Collaborate with management teams to ascertain business needs and to
formulate technology solutions that meet functional requirements and
align with organizational objectives.
. Performed comprehensive gap analyses to identify/resolve discrepancies
leveraging Federal Enterprise Architecture (FEA), SABSA and Zachman
frameworks and create future roadmaps for enterprise IT technologies.
. Developed a comprehensive Enterprise Mobility Plan which ensured HIPAA
and SOX compliance while delivering crucial productivity gains to the
corporation and partner networks.
. Selected to SWAT team to overhaul corporate approach to network design
and system security, preparing foundation for solutions such as
Enterprise Service Bus (ESB) and Network Redesign.
. Lead Security Architecture Teams to establish Technical Reference Models
for Security Domain and develop an enterprise security roadmap, and
defining standards, and polices.
. Developed formal best practices for architecting security solutions
using a top down approach to ensure security deliverables met business
goals.
. Transformed scope and target of Infrastructure Architecture Team by
instituting focused, clearly defined standard charter.
. Develop, coordinate, and direct the implementation of standardized
enterprise-wide Infrastructure and Security-based strategies and
processes throughout the firm.
. Lead other assigned infrastructure projects such as AAA, SEM,
Encryption, End Point Security, Audit Trail, Network Redesign, Second
Data Center security, Secure File Managed Transfer, Datapower, ESB
Security, and other projects as requested.
DuPart Agile Technology Cop, Chicago, IL,
Feb 2004 - Nov 2004
. Obtained account from Microsoft to implement Microsoft Operation
Manager for WorldCom.
. Performed testing and proof of concept
. Serviced as an escalation point for implementation.
Microsoft Corporation, Redmond, WA,
Nov 1999 - Feb 2004
2 IT Service Manager (Sept 2002 - Feb 2004)
Google Enterprise Security Architect
Sr. Network Security Engineer (Nov 1998 -
Sep 2002)
. Implemented and managed Microsoft Corporation's internal IT Global
Remote Access Services in 63 countries.
. Implemented the Global use of smart card using PKI, secure remote
access, radius, and 802.1 x.
. Developed and tested business continuance and disaster recovery plans
. Collaborated with Engineering and Product Development identifying
technical requirements and to drive new product design including Radius
for authentication, account authorization, established standards for use
of wired and wireless communication equipment.
. Coordinated replacement of corporate dial-in circuit switch
infrastructure with over the Internet connections using VPN.
. Responded to escalations from executive management and stakeholders
within company and responded to operational network issues.
. Executed the "Rapid Deployment" and network reconfiguration of Access
Points and Gateways to secure the 802.11b network that included
implementation of the 802.1i, AAA Services, to secure the wireless LAN
infrastructure.
. Served as primary "POC" for instituting ITIL approach.
. Provide analysis, project management and support for networking system
projects
3COM, Mount Prospect, IL Jun
1997 - Nov 1999
3 Group Lead,
Sr. System Engineering
. Worked with customers on different phases technology implementation
which included driving beta testing, implementation, and troubleshooting
support for First Generation Circuit and Data Packet Wireless IP on
Total Control 1000 CDMA IWF technology for NSPs and ISPs
. Installed, tested and supported the IWF for Lucent or Motorola's base
stations that will connect directly via a new radio port (RP) interface
to a packet data-serving node (PDSN); Configured and supported (AAA)
servers for user authentication and traffic management, then forwards
traffic to a gateway router/home agent (GRHA) at the designated IP
network
. Reviewed and approved, product design documentation, functional specs
and test plans from Development to ensure all technical functionality
for the system was addressed
. Worked closely and consults with the development and test teams, during
both pre-release product cycles and post-launch operations to ensure the
highest quality service by provided bit level problem-solving solutions
to 3Com's Research and Development team for issues related to bugs and
fixes
Contact this candidate