Security Management
Resume:
QUALIFICATIONS Senior Information Security leader with more than 14 years of
Summary progressive responsibility.
Large Enterprise experience assessing and developing strategic solutions
to mitigate business risk, address regulatory requirements and building,
maintaining and securing critical infrastructure.
Skilled in managing globally dispersed and technically diverse staff
delivering operational, business critical and highly available services.
Successfully directed the implementation and management of the world's
third largest Network Intrusion Detection infrastructure.
Published innovator in the field of deriving actionable intelligence via
log correlation of multiple datasets.
Employment Director of Global Analysis 2009-2010
HISTORY Managed Security Services
Symantec (SYMC), Alexandria, VA. USA
Responsible for delivering 24x7x365 Information Security related
services for over 90 of the top Fortune 500 enterprise and mid-sized
companies globally
Introduced core business shift away from communicating effectiveness
with incident counts to demonstrating value through the evaluation of
individual customer security programs against industry trends, broad
customer baselines and best practices
Directed staffing, training and operational effectiveness of four
globally dispersed Security Analysis teams representing over 45 highly
trained Information Security professionals
Acted as a change agent by introducing strategic planning processes and
initiatives to drive innovation and reduce change management life-cycle
development time
Assisted with the development of restructuring service offerings to
better reflect the needs of clients and the marketplace resulting in
core business shift
Director, First Vice President 2007-2009
Global Head of Information Security Operations
ABN AMRO Bank N.V. (ABN), Chicago, IL. USA
Oversaw development and run of Network Security, Vulnerability
Management, Perimeter Security, Executive Dashboard Reporting and Global
Computer Incident Response Team (GCIRT) Information Security services to
Global Business Heads
Managed a direct budget of 6.2 M EUR (8.4 M USD), a 24x7x364 Security
Operations Center and a team of more than 50 Information Security
professionals across North America, South America, Europe and Asia
Teamed with other direct reports to the Global CISO in developing
business responsive enterprise-wide Information Security and Risk
Management strategies impacting the Bank's global presence of over
110,000 employees and 325,000 nodes in more than 65 countries.
Led development of IS focused Risk and Compliance based reporting
demonstrating level of compliance to relevant regulatory frameworks
(SOXA, GLBA, BASEL II, NIST-800 & ISO 27001) by individual business unit
Reduced operational costs by 18%, reduced time to security incident
identification by 35% and increased incident accuracy by 300%
Oversaw and managed successful two year long transition of operational
ownership of global information security program to acquiring partners
(Royal Bank of Scotland, Bank of America & Fortis Bank) as part of the
largest and most complex acquisition of a financial services
organization to date
Assistant Director, Vice President 2006-2007
Global Head of Network Security Monitoring
ABN AMRO Bank N.V. (ABN), Chicago, IL. USA
Managed a direct budget of 2.4 M EUR (3.3 M USD) and a team of over 25
Information Security professionals across North America, South America,
Europe and Asia
Built 24x7x365 Global Security Operations Center providing network
monitoring and alerting services throughout the enterprise network to
globally-dispersed information security officers
Provided global project sponsorship in excess of 4 M EUR (5.4 M USD) to
deploy more than 200 Sourcefire Network Intrusion Detection (NIDs)
devices monitoring over 250,000 nodes in more than 50 countries
Led development and implementation of a global log collection and
correlation environment processing more than one billion events per
month
Established company's first global dashboard providing up-to-date
information and actionable data to regional business heads
Interfaced with Legal, Compliance and Regulatory teams to ensure
compliance of globally deployed information security solutions in the
context of Data Privacy and Bank Secrecy laws in more than 65 countries
Assistant Vice President 2005-2006
Security Compliance & Special Projects
LaSalle Bank (a wholly owned subsidiary of ABN AMRO),
Chicago, IL. USA
Monitored and reported desktop and server security and patch management
compliance within a multi-department environment
Partnered with selected representatives from Audit, Security and
Technology groups to develop and implement internal controls to meet new
Sarbanes-Oxley compliance requirements
Designed Active Directory OU structure, developed and oversaw phased
migration of more than 2000 users and 3000 systems from legacy NT Domain
to Active Directory infrastructure
Assisted with the development and deployment of a SMS 2003
infrastructure spanning multiple region
Production Support Supervisor 2003-2005
eTreasury Management Solutions
LaSalle Bank, Chicago, IL. USA
Managed team of senior Unix and Windows engineers providing 24x7x365
support for mission-critical systems, processing international
transactions exceeding 20 B USD monthly
Closely partnered with key business groups, developers and vendors in
the creation, testing and deployment of new code enhancements to
enhance, expand and maintain best-of-breed product-line functionality
Performed testing and maintained deployment schedules for production
code enhancements and fixes
Senior Engineer 2000-2003
CashProWeb eTreasury Portal
LaSalle Bank, Chicago, IL. USA
Built and supported CashProWeb, an eCommerce treasury management
solution for Tier-1 commercial clients replacing the bank's traditional
main-frame centric customer interfaces
Actively partnered with development, management and business units in
the creation, testing and deployment of new code and system enhancements
Successfully developed and led the merging of the sister site, ACHWeb,
into the CashProWeb portal - the single largest environment enhancement
at that time
EDUcation &
Credentials
B.A. History of Art and Architecture, 1994
University of Illinois at Chicago, USA
CISSP Certified Information Systems Security Professional
SFCP (104936)
MCSE Sourcefire Certified Professional
ITIL Microsoft Certified Systems Engineer (1615237)
PMI Information Technology Infrastructure Library Service
Management Foundation
Project Management Institute (1887827)
Presentations, Log Management & Analysis Summit: "There was an Easier Way?"
PUBLICATIONS & SANS Institute, 05 April 2009
INTERVIEWS http://www.sans.org/logmgtsummit09/
WhatWorks Webcast in Security Information and Event Management:
"Correlating and Analyzing Massive Data Flows with ABN AMRO"
SANS Institute, 11 December 2008
https://www.sans.org/webcasts/show.php?webcastid=91954
Security information and event management: "Finding the proverbial
needle"
Network World, 09 October 2008
http://www.networkworld.com/supp/2008/100908-trendwatch-siem.html
Groups & CECTF Chicago Electronic Crimes Task Force
Associations FS-ISAC Financial Services - Information Sharing and Analysis
INFRAGARD Center
(ISC)2 FBI & Private Sector Partnership
ISSA International Information Systems Security Certification
Consortium
Information Systems Security Association
[pic]
1
Contact this candidate