P atrick Kelly
***** ****** ****** **. **********, TX 77316 Phone: 281-***-**** abhj5b@r.postjobfree.com
Key Skills INFORMATION SECURITY SPECIALIST
Network & Information Seasoned professional Enterprise Security Management
Senior information security professional with more than 15 years of
Security
Developing security experience and a proven ability to effectively balance business needs with
strategy and policy to
security principles. Earned multiple technical certifications as well as the
support business goals
CISSP designation. Proven record of success evaluating, designing, and
Cross functional staff
managing all areas of enterprise security programs. Have demonstrated
management and
sound business judgments, decisiveness, fiscal responsibility, and well
development
developed planning, analytical, and communication skills at a consistently
Strategic planning
high level of performance in a variety of progressively responsible and
Vulnerability Assessments
Authentication & Access challenging assignments.
Control Professional Summary
System Monitoring Optimizing security Identified several areas of opportunity to increase efficiency, reduce
Regulatory Compliance program: costs, and add value through effective security management.
System Integration Recommended and implemented changes to existing technologies,
Planning programs, processes, and procedures to better align security program
Risk Management with business goals.
Strong analytical and Staff management Manage a diverse team of professionals to ensure compliance with
problem solving skills and development: regulatory and company policy as well as network and information
Certifications security. Completed cross training and documentation projects to provide
CISSP career growth opportunities and increase team productivity.
CCNP Provide security Provides executive management team with presentations and reports to
CCDA leadership: support enterprise security goals. Responsible for developing and
MCSE maintaining security strategy to support broader IT and business goals.
Technical Intrusion detection and prevention systems, Networking technologies,
proficiencies: vulnerability assessments and remediation, event correlation, incident
response, effective strategic planning, Risk management, Security
Information and Event Management
Recent Career
Highlights
Reduced cost of annual intrusion detection and prevention expenditure by almost 50% while
•
improving functionality and effectiveness
Automated alerting for security events to allow security staff to be more effective and
•
responsive
Developed a Security Incident Response program, leads the IR team
•
Leads regular vulnerability scans and penetration testing of the environment
•
Presented security strategy and overview to executive management
•
Developed a security awareness program to improve end user awareness of security issues
•
Introduced vulnerability assessments and remediation into the project management process
•
Led a team of technical and non technical staff to complete an overhaul of IT security policies
•
and standards
Successfully completed thirty seven security investigations in support of the Legal department
•
Developed automated ‘dashboard’ view to provide security metrics and key performance
•
indicators to executive management
Developed an event correlation program and led the project team to a successful
•
implementation
Participated on multiple project teams to enhance overall security across the company
•
Leads staff in supporting records retention effort, system upgrades, legal investigations,
•
process improvements, and other enterprise programs
Secured funding for security and compliance projects. Led project teams to successful
•
implementations
Collaborated with other business units to successfully deliver a targeted data loss prevention
•
solution, single sign on enhancements, data ownership and classification program, remote
access solutions, patch management enhancements, and data encryption solutions
Coordinates compliance and auditing activities
•
Secured performance rewards, and provided a growth opportunity for staff members. Provided
•
training for all staff members and coached employees on providing training and presentations
for colleagues
Business Experience
2006 Present
Dynegy, Houston TX
Senior Manager, IT Security and Compliance
Manage enterprise security program and staff, perform internal and external penetration tests,
developed and managed an enterprise vulnerability management program, gave presentations to
executive management to promote security awareness and provided a live hacking demonstration
to promote IT Security strategic goals, successfully managed the company GCC and SOX audits,
reduced overall security costs by approximately 30% by introducing efficiencies and automation;
leveraging existing tools and vendor relationships; and eliminating redundancies, attended project
management training, managed and developed staff, took ownership of departmental budget,
developed security strategy to align with overall business goals and directed activities to meet
those goals, developed departmental SLAs and introduced security principles into project
processes.
2005 2006
American Residential Services, Houston TX
Information Security Analyst
Performed enterprise security assessment and reported results directly to the CIO, performed
internal and external penetration tests on several critical applications and coordinated a 3rd party
assessment for financial applications to satisfy board audit concerns, performed Internet Security
oversight including access control; security monitoring; and redesigning the infrastructure to
adhere to security standards, gave presentations to all levels of IT on security awareness and
provided a live hacking demonstration to promote IT strategic goals, successfully managed the
company GCC and SOX audits, saved the company over $200,000 by managing SOX and GCC
projects and reducing dependencies on outsourcing, implemented an intrusion detection solution
to identify and prevent malicious activity.
2000 2005
TD Banknorth, Falmouth ME
Information Security Specialist III
Implemented an enterprise Intrusion Detection system (ISS RealSecure) on a 7,000+ node
network, created secure network designs for implementation teams based on the Cisco SAFE
models, provided router/switch/VLAN security oversight for switched network environment,
provided VPN security requirements for concentrator and clients, Windows 2000/XP/Active
Directory migration and design, performed Internet Security oversight including access control;
security monitoring; and redesigning the infrastructure to adhere to security standards, performed
and coordinated penetration and vulnerability testing, provided security representation for several
projects, participated in wireless security policy development and security program development,
earned commendations for positive contributions to several multi million dollar projects.
1998 2000
Intelligroup/Seranova, Phoenix AZ
MIS Manager
Manage network support, engineering, and administrative staff, develop IT project plans, manage
IT projects, budget, and resources, procure hardware/software, responsible for implementing a
secure connection to a fortune 100 client, and oversee all other IT functions. Participated in high
level security analysis meetings with clients and provided security presentations and reports to all
levels of management. Developed and trained technical staff to perform multiple IT and security
functions.
1994 – 1998
BayanTel, Manila, Philippines
Network Engineer Apprentice
Performed network integration and installations, troubleshooting, systems conversions, and NDS
security. Worked as part of a team to install, configure, and test WAN connections to satellite
offices on remote islands.