SCOTT DANNAKER

484-***-**** acunjf@r.postjobfree.com LinkedIn

IT SECURITY TECHNICAL PROGRAM MANAGER

•Senior Technical Program Manager with 14 years’ experience in business and technical analysis, access management program/project management, team management and consulting; managing teams of 2-10.

•SME in process improvement, IT security compliance and technology, identity and access management.

TECHNICAL EXPERTISE

•OS: Standard and Enterprise, Windows 95,2000,NT4, XP, 8, 10

•Data Bases: SQL 2012-2000, Exposure to SQL 2014 -

•Cloud: Office 365, Azure, AWS

•Remote computing- Citrix Win Frame, VPN, SSL

•Microsoft (Excel, Word, Share Point, Visio)

•SOX, PCI, CPNI

•Active Directory (users/Groups/Containers/OU’s/ Domains)

•RSA Archer

•Server Platforms and Storage- HP Servers Platforms and Storage, NetApps, EMC, Hitachi.

CORE COMPETENCIES

Identity & Access Management Requirements Review

Program/Project Management Business Strategy Application Integration

Security Compliance Functional Specifications Team Leadership

Service Management Team Leadership

PROFESSIONAL EXPERIENCE

Business Analyst

Capgemini Consulting Group Sept/2015 - Current

Currently working on a project at T-Mobile as a Business Analyst.

Working with non-functional requirements. This includes tracking the identified NFR’s from elicitation to realization.

Reviewing and tracking requirements with designated business owners, QA and technical teams. All NFR’s fall under four major categories with identified business owners for each that include Security, Operations, Service Assurance Management and Architecture.

As part of the realization process our team will be testing the NFR’s to ensure they meet the acceptance criteria established by the business. This includes test plans, artifacts and the test results.

Security Program Manager Consultant Feb/2015 – April/2015

Microsoft - Information Security Risk Management Group

Hired for a very specific skill set within the RSA Archer customized implementation for Microsoft’s Enterprise Governance Risk Compliance too. Assisted security managers/experts at Nokia with penetration testing of the apps that Microsoft wanted to retain post-merger.

•Captured data in Excel and modified to map into CSV files for import into RSA Archer.

•Generated reports with EGRC to provide metrics to leadership.

•Collaborated with internal and external security partners, Global Security Managers on risk treatment.

•Assisted stakeholders with Remediation and Policy Exception processes.

•Created RSA Archer specific work-flow documentation for import process and mapping.

Program Manager Consultant May/2013 – Sept/2014

AT&T Chief Security Office

Identity/ Access Management, and Application Integration/Sustainment

The mission was to corral 700-800 independent security apps across the enterprise and integrate them into a single model developed by the Chief Security Office. The CSO’s model standardized the access parameters, streamlined the audit process, and ensured that PCI, SOX and SPI compliance regulations were met and reported accurately, reducing overhead.

•Managed the program from initial requirements to “Go Live” and post implementation support and executed on data integration for 100+ apps

•Identified application owners, technical owners, support teams and access grantors for each application.

•Aligned vision, logic, value add and overcame objections – the pushback came from the comfort level of ‘the known processes’, moving to the unknown and investing time into the required training. The value add was in the CSO taking all the audit responsibilities.

•Catalogued profiles according to parameters of CSO’s tool, created ‘self-service model’ for app owners to retain their own provisioning rights, or use the automated functionality if they chose.

•Assisted application teams in technical evaluation of authentication methods, systems and application architecture, and user account management processes.

Personal Sabbatical - 2010 – 2013

Technical Break, Family caretaking, relocation across country, getting married, travelling.

Pfizer/Wyeth Pharmaceuticals, (acquisition), Great Valley, PA 2001 – 2010

Program Manager/Consultant - IT Security /Sr. Technical Analyst 2007 – 2010

Prior to acquisition of Wyeth by Pfizer, I partnered with Accenture on offshoring 90 % of the security operations account management task. This included creating new security plans, work instructions, and leading a team of two on-shore resources and 7 off –shore.

•Managed team of security engineers (2 on site/7 offshore) supporting daily account management and user access control for Windows Active Directory, Remote Access Services Secured environments and legacy systems.

•Consulted on corporate IT Security policies, governance criteria, and SOPs, coordinated SOX audit activities.

•Managed the transition of IT Security Operations to an offshore, outsourced operating model, reducing costs by 25% with no service level disruptions.

oHandled access rights for immediate terminations in North America, accelerating account closures to within 5 minutes and improving corporate data security.

oProvided workflow scenarios for the development and revision of security policies.

Scott Dannaker Page 3

oEliminated SOX deficiencies for application grants, modifications and removals by adding electronic signature system, subsequently adopted by the US. Developed enhanced turnaround time and tracking of access requests using Active Directory authentication.

oConsistently provided timely data to internal/external auditors, Human Resources and Legal departments, senior management, clients, and staff.

Manager IT Security 2005 – 2007

Managed a staff of 3 engineers and 1 contractor. Supervised all IT Security activity for Wyeth’s global computing platforms and SOX compliance. Managed the development and implementation of corporate IT Security policies and procedures.

•Implemented new processes for handling existing operational duties using templates, tools and processes.

•Maintained team cohesiveness and performance while handling chronic absences.

•Resolved duplicate account issues with multiple Active Directory domains, and significantly minimized issues.

•Reduced global provisioning time by 80%.

Senior Engineer/Engineer, IT Security 2002 – 2005

Promoted to Senior Engineer, IT Security, in January 2005, as a result of being highly rated in customer satisfaction, demonstration of company values, and implementing a team-oriented approach.

•Received recognition for quality of technical/project leadership.

•Averaged highest numbers in managing problem tickets with no overdue requests or incomplete notes.

EDUCATION

University Of Washington – Info Security & Risk Management Program

Expected completion June 2016

Delaware Community College

Contact this candidate