Post Job Free
Sign in

Security Manager

Location:
Deer Park, NY, 11729
Posted:
March 04, 2011

Contact this candidate

Resume:

DONNA L. STEFANCICH, CISSP, CISA, CISM

** **** *********

Deer Park, New York 11729

631-***-****

***************@*****.***

SUMMARY: Extensive experience in information technology, with an

emphasis in IT Audit and Information Security, using

multiple platforms including Z/OS, VM, VMS, OS/400, and

Unix.

CERTIFICATIONS: ( Certified Information Systems Security Professional

(CISSP)

( Certified Information Systems Auditor (CISA)

( Certified Information Security Manager (CISM)

SOFTWARE: TeamMate, CA-ACF2, CA-Top Secret, RACF, VMSECURE, Multilevel

Security (MLS), Riskpac, DP/90 PLUS, TRPS EXPRESS, Vanguard

RACF Administrator, Raxco Security Toolkit, Securemax, and

Microsoft Office.

PROFESSIONAL ARROW ELECTRONICS, INC., Melville, New York

EXPERIENCE: Senior IT Auditor, 10/05 - Present

( Train and supervise staff auditors and guest auditors.

( Participate in annual risk assessment.

( Develop control matrices for IT general controls for

sites worldwide in compliance with Sarbanes

Oxley guidelines.

( Lead and perform comprehensive testing and analysis of

Sarbanes Oxley control matrices for sites

worldwide and report findings to management.

( Author narratives providing an overview of the IT

operating environment and general computer

controls.

( Develop audit programs for IT general control and

application environments.

( Plan, lead, and perform IT general control reviews

(change management, logical access, backup

and recovery, business continuity and disaster

recovery, and application controls) along with

providing recommendations to improve and strengthen

controls.

( Prepare audit announcement letters and document request

lists, gather relevant information, prepare

audit work papers, identify issues, draft and finalize

reports, and other audit communications.

Data Security Analyst, 10/96 - 10/05

( Performed and consulted on data security administration

on MVS (CA-Top Secret) and OS/400.

( Developed corporate-wide MVS and OS/400 data security

policies, standards, and procedures.

( Migrated CA-Top Secret from implement mode to fail mode.

( Converted TSO userid information from SYS1.UADS to CA-Top

Secret.

( Conducted single sign-on product evaluation encompassing

Unix, MVS, VMS, Novell, and NT platforms.

( Performed security review and assessment of all

operating system platforms including

recommendations for enhancements.

CABLEVISION SYSTEMS CORPORATION, Woodbury, New York

Network Security Manager, 7/95 - 10/96

( Developed corporate-wide data security policies and

procedures for LAN/WAN, data, voice, data

center operations, and application systems

development.

( Managed the evaluation, selection, and implementation of

all security software.

( Performed evaluations of new hardware and software to

determine security exposures.

( Created Change Control Management Policy and Procedure

for Corporate Information Systems.

NATIONAR, Woodbury, New York

Manager, Data Security and Controls, 2/94 - 6/95

( Managed the implementation, maintenance, and education

of data security on MVS (RACF), AS/400,

VAX, VSE, and LAN platforms.

( Developed and authored corporate-wide data security

policies, procedures, and standards for the

aforementioned platforms.

( Created, implemented, and maintained corporate-wide

security awareness program.

( Administered application security for NCS Trustware,

Montran, and Dun and Bradstreet G/L.

( Managed change management and disaster recovery for MVS,

AS/400, VAX, VSE, and LAN

platforms.

GRUMMAN DATA SYSTEMS, Bethpage, New York

Senior Computer Security Analyst, 11/87 - 1/94

( Managed the implementation, maintenance, and education

of CA-ACF2 on MVS and VM platforms.

( Functioned as AIS Security Custodian on several

government classified programs responsible for

program and data security on heterogeneous networks

consisting of VAX/VMS, SUN/OS, IBM PCs,

and Apple Macintoshes and accountable to Defense

Investigative Service Inspectors. ( Led the

implementation and education of RACF for customer in Battle

Creek, Michigan.

( Evaluated, installed, and tested security products for

Unix workstations.

( Authored disaster recovery plan for several Cray

supercomputers in Bay St. Louis, Mississippi. (

Compiled disaster recovery plans for Grumman IBM, Amdahl, and Hewlett

Packard systems.

EDUCATION: NEW YORK INSTITUTE OF TECHNOLOGY, Old Westbury, New York

Master of Business Administration/Management Information

Systems - GPA 3.8

B.S. Computer Science - Business Minor - GPA 3.8

HONORS: NEW YORK INSTITUTE OF TECHNOLOGY

( MBA/MIS degree awarded with distinction

( 1997-1998 edition of Who's Who in American Women

( Graduate Scholar Award

( N.Y.I.T. Academic Transfer Grant

( Nu Ypsilon Tau Honor Society

( Dean's List

( Summa Cum Laude graduate

( 1985 edition of Who's Who Among Students in American

Colleges and Universities



Contact this candidate