Security Manager
Resume:
Resume
Cover Letter
Bob Robinson
Aurora, Colorado, 80015
813-***-**** Cell
******.*.********@*******.***
Objective:
To find a position with a forward looking company where my years of
experience would assist to drive security out to the enterprise supporting
a diverse team environment.
. Experienced information security professional
. Experienced driving large scale projects
. Expert Regulatory Compliance and Control Formats and Frameworks
such as, COBIT, ISO 17799, BS 7799, ISO 27001, 27002, ISO 2000
ITIL, NERC CIP, PCI, GLB, SOX, X.509 and NIST Special Pub 800-
34, NIST Special Pub 800-30 and NIST Special Pub 800-61.
. Experienced in developing and deploying policies, processes, key
controls and systems to support regulatory compliance.
. Experienced technical leader for the design, deployment and
operation of security management software and hardware devices
including, but not limited to: anti-virus defense, intrusion
detection, encryption systems, authentication and access control
systems, network scanning and vulnerability assessment, etc.
. Expert technical lead for the security incident response team.
. Experienced in forensic investigation techniques to document
root cause and impact of detected computer security incidents.
. Expert Public Key Infrastructure development and deployment
. Expert analyst for information security assessment or audit of
internal networks and systems.
. Expert ability documenting findings in written reports with
recommendations for remediation.
. Experienced planning and coordinating technical security
architecture, design and development.
. Experienced leader work with groups and business management to
create, test and refine an enterprise wide Disaster Recovery /
Business Continuity plan.
Experienced with Windows 2003 Server, deployment and management of
IDS/IPS systems to include SNORT, SourceFire, Tipping Point, and Cisco
IDS. File integrity Monitoring systems to include TripWire, Deploy and
manage RSA envision (SIEM) . Instant Messaging solutions including
Quest Policy Authority (formerly Akonix) Deploy and Manage MS Active
Directory, Deploy and manage MS Exchange, Deploy and manage Nokia
Firewall Appliances, Cisco Firewall and Raptor Firewall, Storage Area
Networks, UNIX, Linux, Novell, TCP/IP and Network Fundamentals, RSA
Certificates, Checkpoint Firewall, Splunk Syslog Server, Juniper
Firewalls, Internet Security Scanner, Retina Security Scanner, Trend
Micro, Symantec SEP, Internet Monitoring Tools such as WebSense,
Iprism.
Resume
Bob Robinson
5403 S. Sicily Way
Aurora, Colorado, 80015
813-***-**** Cell
******.*.********@*******.***
Experience Summaries
Current Position
Security Tower Lead/Security Manager (Contract)
Inter-American Development Bank (IDB) May 2011 to Present
Leading a multi-national security team, managed day to day security
issues which include global monitoring of network assets, Incident
Management, Incident Response, access management . As the Information
Security Manager leading all aspects of information security at IDB.
Leading the security incident response team. Wrote the Computer
Security Incident Response process and procedures to include process
flow documentation and remediation process documentation.
Implementing security architecture to reflect "security in depth"
strategies. Deployed, configured and managed RSA enVision (SIEM)
device. Sponsoring and authoring ongoing training and exercises that
enable the processes that ensure compliancy with SOX and PCI
requirements.
Sr. Information Security Engineer (Contract)
Sempra Utilities (San Diego Gas & Electric) October 2010 to May 2011.
Working on the Security team evaluating new products, as they are
being implemented ensuring that they are configured to conform in
accordance to Company standards. Currently working on wireless
solution for the smart meters, offsite security reviews, and
conducting penetration and vulnerability assessments as required.
Managed the vulnerability scanning (Rapid 7/Nexpose/metasploit,
AppScan, Nessus, WebInspect, Scarab etc.)
Sr. Information Security Engineer (contract)
Catalina Marketing Corporation, May 2010 to September 2010
Reported directly to the Information Security Director. Managed the
day to day IT security issues while implementing critical security
tools that were purchased but not implemented. These included
Tripwire File and Server Integrity Monitoring tool, Akonix (now Quest
IM Policy Authority) which as an in house Instant Messaging Solution,
Websense Internet Monitoring tool and installed, configured and
maintained the Rapid 7, NeXpose, Security Incident Event Management
tool. I managed the daily anti-virus monitoring with Trend Micro.
Conducted ongoing penetration and vulnerability assessments as
required. Managed the vulnerability scanning (Rapid
7/Nexpose/metasploit, AppScan, Nessus, WebInspect, Scarab etc.)I
oversaw the IBM Monitored IDS/IPS systems program where I reviewed
critical events, investigated log files and requested changes and made
recommended directly to the Information Security Director. I also
Attended weekly change control meeting, making recommendations for
securing new products as they were discussed for introduction into the
Enterprise.
Amedisys Home Healthcare, June 2009 to December 18 2009
Sr. Information Security Consultant
I led teams for large scale projects (45000+) and was responsible for
finding and implementing engineering solutions for 4 identified
business needs. These needs were driven by regulatory requirements of
HIPAA, SOX and PCI. I delivered a password management solution that
would encrypt and protect administrative passwords. I delivered a
Privilege Access Management Solution that would limit, control and
audit the level of access that operations and helpdesk personnel have
to the server environment. I delivered a removable media solution that
would automatically encrypt and secure data, prevent data leakage and
improve the overall security posture by allowing only authorized
removable media devices into the network. Conducted penetration and
vulnerability assessments as required. Managed the vulnerability
scanning (Rapid 7/Nexpose/metasploit, AppScan, Nessus, WebInspect,
Scarab etc.)I also delivered a Smart Phone Encryption Solution that
would, encrypt and protect all sensitive client information to meet
the regulatory requirements of HIPAA and SOX. I also installed and
maintained the Splunk Syslog Server.
Attorney's Title Insurance Fund, Inc, June 2007 to April 2009
Information Security Manager
As the Information Security Manager led all aspects of security for
Attorney's Title. Led the security incident response team. Rewrote
the Computer Security Incident Response procedures to include new
process flow documentation and remediation process documentation. Re-
engineered the security architecture to reflect "security in depth"
strategies. Realigned security team processes to increase customer
satisfaction from 65% to 85% in six months. Effectively managed a 10M
budget. Deployed, configured and Managed RSA enVision (SIEM) device.
Deployed, Configured and Managed Tripwire, File Integrity Event
monitoring device. Developed and implemented the Corporate Business
Continuity Program to include development of the contingency planning
policy statement, conducted the business impact analysis (BIA) and
risk assessment, identified preventive controls, developed recovery
strategies, developed an IT contingency plan and finally tested the
plan and held ongoing training and exercises to ensure the processes
and to ensure compliancy with SOX and PCI requirements. Implemented
the monthly security metrics report that was adapted in CIO's monthly
metrics. Wrote the first long term and short term information security
strategy. Led the 2007 SOX / PCI audit support team that successfully
remediated 23 audit findings from the 2006 audit. The same team
successfully passed the 2007 SOX and PCI audits with only 6
observations which were remediated on the spot. Trained the security
team to fine tune and effectively manage IDS/IPS systems to include
real time alerting, network monitoring, a change management monitoring
system with alerting as well as nightly security scanning of the
entire enterprise.
WellCare Health Plans, Inc. September 2005 to June 2007
Sr. Information Security Analyst
Implemented, configured and maintained SNORT IDS system. Implemented
configured and maintained IPRISM Internet Monitoring system. Developed
and wrote 24 new security policies and procedures in support of the
annual SOX/PCI Audit. Led the annual SOX/PCI audit support team that
led to no critical findings and only 3 observations that were
remediated to satisfaction by security team. Provided technical
support for the operation of all security tools including, but not
limited to: McAfee anti-virus defense, RSA authentication and access
control systems. Implemented and administered TripWire, Conducted 4
hands on network penetration scanning and vulnerability assessment to
validate SOX/PCI compliancy. Conducted offsite security reviews,
including penetration and vulnerability assessments as required.
Managed the vulnerability scanning (ISS, Nessus, WebInspect) Led the
security incident response team. Applied forensic investigation
techniques to document root cause and impact of detected computer
security incidents. Documented findings in written reports with
recommendations for remediation. Planned and upgraded all new
technical security architecture including design and development of
data center security infrastructure. Working in conjunction with
business management to create, test and refine a companywide Disaster
Recovery /Business Continuity plan to include development of the
contingency planning policy statement, conducted the business impact
analysis (BIA), identified preventive controls, developed recovery
strategies, developed an IT contingency plan and finally tested the
plan and held ongoing training, and exercises to ensure the process.
Mustang Enterprises, LLC, June 2003 to September 2005
Chief Consultant
Chief Consultant/Architect and founder of Mustang Enterprises, LLC.
Consulted and developed 145 policies and procedures for 25 Clients.
Designed and implemented the network security architecture including
software and hardware designs for 11 clients. The design included anti-
virus defense, intrusion detection, encryption systems, authentication
and access control systems, network scanning and vulnerability
assessment in preparation for ISO 17799, BS 7799, 27001, 27002, ITIL,
PCI, GLB, SOX and NIST Special Pub 800-34 security audits. Was
contracted as technical lead for security incident response teams for
7 different clients on an on-call basis. Applied forensic
investigation techniques to document root cause and impact of detected
computer security incidents; documented findings in written reports
with recommendations for remediation. Worked with line of business
managers to create, test and refine company wide Disaster Recovery /
Business Continuity planning for 5 midsized companies.
Enabling Solutions, Inc. Security Practice (July, 2002 to June 2003)
Director, Information Security Practice
As Director for the security practice of Enabling Solutions. Led teams
that designed and installed secure network systems for fortune 500
companies. Launched HIPAA services for Enabling Solutions. Was the
primary consultant, pursued opportunities that directly supported
network design and data center implementations across the United
States. Wrote policies and procedures for 22 fortune 500 companies.
Led the incident response team for Enabling solutions which
investigated and remediated to satisfaction 6 major intrusions in a 12
month period. Experienced with Windows 2000 Server, deployment and
management of IDS/IPS systems to include Snort, SourceFire,
TippingPoint, Cisco IDS. Deploy and manage Nokia Firewall Appliances,
Cisco Firewall and Raptor Firewall, Storage Area Networks, UNIX,
Linux, Novell, TCP/IP and Network Fundamentals, Checkpoint Firewall,
Juniper Firewall, Internet Security Scanner, Retina Security Scanner,
Sprint E Solutions (Sep1998 to July 2002)
Director, IT Security Practice
As Director for Sprint E Solutions, led a world wide IT Security
consulting Practice comprising of over 450 consultants. Managed $20M
budget and supported over 300 fortune 500 companies. Consulted and
provided information security leadership in the maintenance,
development and deployment of current and existing policies, processes
and systems. Provided technical leadership for the design, deployment
and operation of data center security management software and hardware
devices including, but not limited to: anti-virus defense, intrusion
detection, encryption systems, Public Key Infrastructure,
authentication and access control systems, network scanning and
vulnerability assessment, etc. Provided technical lead for security
incident response teams. Applied forensic investigation techniques to
document root cause and impact of detected computer security
incidents. Performed information security assessments or audits of
internal networks and systems. Document findings in written reports
with recommendations for remediation. Provided leadership for Planning
and coordinating technical security architecture, design and
development teams. Worked in conjunction with business management to
create, test and refine company wide Disaster Recovery / Business
Continuity planning program.
Ernst & Young LLP. (Aug 1997-Sep 1998)
Ernst & Young, ISS Manager/Security Consultant
ISS Manager
Lead consultant for the Computer Forensics, and Computer Incident
response practice at E&Y. Led teams that designed implemented and
supported over two hundred fortune 500 companies providing network
security consulting services. Experienced with Business Continuity
Planning, Windows NT Server, deployment and management of IDS systems.
Deployed and managed Nokia Firewall Appliances, Cisco Pix Firewall
and Raptor Firewall, Storage Area Networks, UNIX, Linux, Novell,
TCP/IP and Network Fundamentals, Checkpoint Firewall, Internet
Security Scanner, CyberCop Security Scanner,
TeleCommunication Systems Inc (TCS). (May 1996-Aug 1997)
Short Message Service Center (SMSC) Project Engineer
Performed on-site maintenance and support for the SMSC deployed in PCS
PrimeCo Network (which became Vorizen Wireless) (the highest capacity
short message network in North America). Supervised and monitored the
SMSC operations on a day-to-day basis. Documented system performance
via TCP/IP and SS7 traffic statistics and alarms. Made changes and
adjustments to optimize system performance and supported client
maintenance, staff questions and issues. Coordinated with the
customer to define requirements, schedules, system activities and
maintenance operations. Worked closely with Lucent Technologies
Program Management to manage communications and project plans. Lead
engineer for all problems encountered in the SMSC and the wireless
network. Tested and verified new interfaces and features prior to
network deployment.
US Army (Jul 1979-Oct 1996)
US Army Technical Surveillance Countermeasures Special Agent,
Conducted Complex Computer Investigations. Was one of the first US
data forensic investigators cleared to testify in a foreign court. Was
Responsible for developing and implementing technical computer
instructions for special agents involved in complex technical
investigations. Courses developed include Computer Science
Fundamentals, Fundamentals of Information Warfare, Computer Evidence
Media Analysis and Computer Networking. Performed Technical
Surveillance countermeasures sweeps (network Intrusions, sweeps for
bugs, listening devices, hidden cameras, infrared devices etc.)
Education
Computer Investigations in an Automated Environment, 1995, Federal Law
Enforcement Training Center
Computer Evidence Analysis Training Program, 1995, Federal Law
Enforcement Training Center
Checkpoint Firewall
Retina Scanner
Internet Security Scanner
CyberCop Security Scanner
Raptor Firewall
Certifications
ABCP -Associate Business Continuity Planning
CEH - Course completed - Certified Ethical Hacker (CEH)
CISA - Certified Information Security Associate, CISA (Military
Certificate)
CISSP - Certified Information Systems Security Professional - Course
work completed. Need to sit for test
CCNA, 50% Completed
Microsoft Networking / Packet Exchange TCP/IP Course completion
Raptor Firewall Course
Raptor Master Firewall Course
Publications
"Security? Privacy? Let me introduce Trust Management".
"HIPAA A to Z"
Data Recovery "A look at the Physical level"
Computer Science Fundamentals "Course of Study"
Computer Evidence Media Analysis "Course of Study"
The Danish Hacker Case (Case Study)
Individual Terrorism Awareness "How to protect yourself in a hostile
environment"
Awards/Citations
Honorable Discharge
Army Commendation Medal- Three times awarded
Army Achievement Medal- Five times awarded
Professional Affiliations
International Association of Security Specialists
International Order of Computer Evidence
United States Army Intelligence Corps
Microsoft Project User Group (MPUG)
References Provided Upon Request
Contact this candidate