Security Project Manager
Resume:
Kyley Stabenow, CISSP
[pic]
Information Security Specialist: Windows, Networks, UNIX
IT PROFESSIONAL
In excess of 16 years experience developing and implementing
effective system security measures and strategies.
Deliver energy, insight, and organizational leadership essential to achieve
key performance objectives. Collaborate with senior management and key
personnel to define goals and set priorities. Formulate policy and budgets,
devise strategies; implement detailed operational plans. An autonomous
leader and team player showing mastery of highly stressful, fast-paced
environments with critical demands and expectations. Pending award of CISM
certification.
[pic]
SKILLS, ABILITIES & Achievements MATRIX VALUE OFFERED
Policy Development ( Strategic Planning ( Operations ( Budgeting &
Financials
Project Management Programming ( Staff Training & Development ( Risk
Management
Cost Reduction ( Key Account Management ( PCI PA-DSS ( Snort ISS
RealSecure expertise
tcpdump expertise ( Intrusion Detection System Design & Operation
Regulatory Compliance & Remediation ( Penetration Testing & Analysis
QSA and PA-QSA Certifications - Inactive
[pic]
Career Track & Performance Driving Forces
Information Security Manager 2008 - Present
HMSHost Corporation Bethesda, MD
I currently direct critical system security functions aligned with
short and long-term requirements and to maintain full compliance with
corporate and external directives. Create and implement all IT security
policies and procedures company-wide. Validate effective information
security technologies, processes, and practices to maintain multiple
agency compliance. Chairman of the Information Security Steering
Committee.
Organizational Impact Contributions:
< Design and provide ongoing training (e.g. security awareness) to
employees at all levels, marketing partners, and appropriate 3rd
parties to maximize security critical to safeguarding proprietary
and customer business data.
< Achieved complete success resolving 5-year PCI DSS non-compliance
by developing and managing annual compliance process. Effort
yielded significant cost savings by keeping efforts in-house.
< Played a key role assisting in achieving considerable cost savings
through annual HIPAA and PCI DSS compliance remediation
achievement; previously, company secured outside technical
providers for remediation planning and execution.
< Additional achievements include assisting many IT departments in
streamlining system administration issues to achieve improved
efficiencies, lower costs, and reduce staffing levels.
Senior Information Security Consultant 2004 - 2008
Computer Task Group Houston, TX
Managed client engagements focused on the design and development of
system security solutions customized to exact needs. Performed assessments
that included attack and penetration tests, evaluated overall client IT
infrastructure and resources, and prepared documentation and presentations
for client and company decision makers.
Organizational Impact Contributions:
< Assignments included PCI remediation for a prominent US
hospitality client, and PA-DSS and PCI DSS assessments for vendors
and merchants. Performed quarterly security assessments and wrote
customized, automation-based security tools for heterogeneous UNIX
systems. Consistently delivered results at budget and on or before
deadline.
< Achieved significant cost savings by managing PCI DSS and PA-DSS
assessment and remediation processes and actions.
Kyley Stabenow, CISSP
Manager Interim Director, Information Security Services 2003 - 2004
Jefferson Wells International Houston, TX
Supported and guided a 6-member forensic and IT security staff
serving a large client base with varied needs. Established project
timelines and requirements, assigned personnel, and managed engagements to
successful conclusion.
Organizational Impact Contributions:
< Played a leading role managing network and UNIX system-level
forensics in successful credit card fraud investigations, and
spearheaded several HIPAA, SOX, and security vulnerability
assessment projects involving heterogeneous networks and
platforms.
< Efforts generated lucrative additional revenues and profitability
through VISA CISP and PCI DSS assessment and remediation services
and other network security consulting.
Senior Information Security Consultant Engineer 2000 - 2003
Schlumberger Network Solutions McLeod USA Houston / The Woodlands, TX
Served as Project Manager directing all facets of the architectural
design and deployment of the complete Network Intrusion Detection Systems
(NIDS), incident response implementations, and UNIX security for the 2002
Salt Lake City Olympic Games IT networks in partnership with the United
States Secret Service, with work resulting in a formal award by the United
States Secret Service.
Organizational Impact Contributions:
< For McLeod USA, served in leadership capacity on a 24/7 Incident
Response and Control Team. Planned and executed regular network
security assessments, and developed applications and tools to
lower costs and ensure optimal security company-wide.
< Highlights include creation and implementation of password change
automation process for 1.5K network devices nationwide utilizing
Python and Expect languages. Scripted customized brute force
attack program as a proof-of-concept tool for testing password
weaknesses for all routers and switches. Programmed real-time web
management interface for Snort IDS platform for easing daily
analysis and maintenance.
< Efforts saved the Salt Lake Organizing Committee approx. $1M in
IDS implementation and operating system security, and achieved
exceptional end results for McLeod USA by reducing / eliminating
high costs associated with distributed denial of service, external
network compromise, and associated network security events.
Network Security Vulnerability Technician 1995 - 1999
United States Marine Corps Rota, Spain
Provided technical and supervisory leadership maintaining critical
computer, communication, physical and information security to various US
Navy commands and a Naval Intelligence organization. Performed forensic
evaluations, developed policies and procedures, and trained personnel in
all aspects of operational, information, and computer security. Held TOP
SECRET/ SCI clearance.
Organizational Impact Contributions:
< Authored first-ever network security assessment process SOP for
all organizations, and created an operational security brochure
earning US Navy letter of commendation.
< Designed and developed shell script-based tools for monitoring and
securing remote systems achieving critical goals while lowering
costs and manpower requirements.
< Maintained and ensured quality for 200+ telecom circuits for local
and remote clients, and managed real-time communications of
various mobile platforms.
[pic]
LEARNING CREDENTIALS
Computer Science Mathematics, Lakeland College ( 3.8 GPA Dean's List
Contact this candidate