Security Manager
Resume:
Nelson Llanes
***-**** **. ***. *** . North Bergen, NJ 07047 . 201-***-**** .
*******@*********.***
Objective: To obtain a position as an Information Security
Analyst/Administrator in which my 22 years of Information Technology
experience will make a significant contribution to the Information
Technology Department.
Summary: 13+ years experience with security configurations on the
following platforms: Z/OS, UNIX, OS/400 and Wintel. Networking skills
include basic knowledge of TCP/IP and Firewalls. Expert knowledge of CA-Top
Secret and RACF, Intermediate level with CA-ACF2 software.
Experience: Deutsche Bank, Jersey City, NJ
Information Security Prevention and Detection Services 04/07 - Present
. Responsible for developing and running the Z/OS mainframe security
monitoring program. Daily review of CA-Top Secret violations and
security administration changes. This included following up on
security violations and reconciling security changes against approved
request. Also monitored the usage of the TSS Master account and any
TSS modify commands. Engineered a near real-time intrusion detection
system for the Z/OS platform. This involved the use of the ArcSight
ESM (Enterprise Security Manager). SIEM software tool to collect
system logs from TSS. Arcsight processes the logs through predefined
security event filters and produces event reporting and alerts.
Responsible for Audit remediation of any issues on the Z/OS mainframe
platforms.
. Administration and support of Symantec Enterprise Security Manager
(ESM). ESM is used to monitor server configurations and to ensure
compliance with DB global platform Security Standards and Guidelines.
Currently installed on all Production UNIX, Windows and VMS servers.
Working with Infrastructure groups to remediate non-compliance issues.
CitiGroup (NY, NY)
Information Security Technical Advisor 09/05 -- 04/07
. As a member of the Citigroup Information Security Administration
group, responsible for mainframe security on multiple CA-Top Secret &
RACF lpars. Project management as well as day to day mainframe
security administration. Audit remediation, generating access reports
and troubleshooting authorization failures. Testing new
release/enhancements of Top Secret/RACF software and supporting
existing production security batch jobs. Support multiple LPARS in
Z/OS 1.6 using Vanguard software (Administrator, Advisor and
Analyzer). Implemented and maintained security policy and procedures.
AIG - Consultant for Modis (Livingston, NJ)
Security Specialist 01/05 - 06/05
. Mainframe Security Administrator - Monitors and maintains the security
databases for all environments for all systems. Maintains automated
processes for security reports. Prepares ad hoc reports. Create and
delete user Ids, profiles, uid strings. Administers password access,
Implements OEM interfaces with non-IBM products. Maintain Z/OS LPARS
using CA-Top Secret, CA-ACF2 and RACF security software products.
Research, evaluate, test, recommend and implement new security
products and releases. Related responsibilities typically include
troubleshooting all security related problems, interfacing with
internal and external audit for compliance with Sarbanes-Oxley. Review
security database and recommend and implement changes to improve the
security product and services. Assist in creating and implementing
security standards, policy, guidelines, and practices.
. Axcess Staffing Services (Livingston, NJ)
Information Security Analyst(Consultant - CIT ) 02/04 - 09/04
. Responsible for maintaining the Z/OS security environment utilizing
CA's Top-Secret software.
. Administration of security software products such as MailSweeper - E-
Mail content scanner and Chaperone 2000 web proxy, Microsoft ISA
proxy.
. Responsible for notifying the appropriate IT operations group on
vulnerabilities within their systems and security alerts that could
affect the systems they manage, and to provide recommendations on
mitigating or removing the vulnerabilities.
. Perform monitoring and analysis of logs generated By UNIX, Windows and
Mainframe. Identify and investigate anomalous log entries for impact
on the security, integrity and performance of its infrastructure.
Bear Stearns & CO. (Whippany, NJ)
Security Analyst 04/03 - 09/03
. Coordinate requests and maintain the mainframe ID and application
entitlement databases.
Review all requests for validity, accuracy, completeness and proper
authorizations.
Maintain Standards and Procedures manual used by staff and auditors.
Interface with all mainframe technical areas on issues and program
products as well as new product support .
Perform security/information investigations for both development and
operational staff requests as they pertain to test and production
environments.
Review daily audit reports to maintain a proactive position for
problem determination.
Review and test new releases/maintenance of CA- Top Secret software,
SSO & KOPS.
Perform security traces using CA- Top Secret debugging tools. Maintain
JCL and programs as they pertain to security. SecurID administration
for remote access.
District Council 37 (NY, NY)
Mainframe Security Consultant 02/03 - 04/03
. CA-Top Secret 5.2 administration in an OS/390 2.10 environment.
Performing full Top Secret administration on multiple LPARS including
USS security administration. Performing security assessments on the
Mainframe environment and providing recommendations based on security
best practices. Working on hardening the mainframe systems for HIPAA
compliance. Migrating Top Secret facilities from WARN to FAIL mode.
Working with CA technical support to resolve security problems.
Deutsche Bank - Bankers Trust (NY, NY)
Information Security Manager/Analyst 4/99 - 05/02
. Top Secret 5.1 administration in an OS/390 environment across multiple
production and test LPARS. Including but not limited to creating and
modifying ACIDS, maintained the RDT and the control options parameter
file, facility matrix and the STC tables. Maintain security for
USS(UNIX System Services). Ensure the overall security of the IBM
mainframe by monitoring violation reports and utilizing Top Secret
utilities TSSUTIL, TSSAUDIT, TSSTRACK, TSSCFILE and TSSSIM.
. Managed the Mainframe Security administration group. Responsible for a
staff of 3 mainframe security administrators. The group was
responsible for all Mainframe security configuration changes as well
as Adds/Moves/Deletions and monitoring of profiles and resources.
. Administer general RACF. Define/modify profiles and password resets.
Produce various RACF reports.
. Enforcement of the Bank's Security Policies and Standards. Provide
quick resolutions to Audit findings. Work with programmers and Project
Managers in the development of new applications for Security
Adherence. Perform security assessments on multiple platforms for
compliance to security policies.
. UNIX Security Administration. Create and manage user accounts, update
filter list (ACL). Troubleshoot authorization failures. Also provided
security administration for UNIX FTP Drop Boxes. Troubleshoot FTP and
connectivity problems. Correct problems with file permissions.
. AS/400 Security Administration including the creation of user profiles
and group profiles, authorization lists, library security and system
wide security settings.
Amerada Hess Corporation (Woodbridge, NJ)
Data Security Administrator 8/98 - 4/99
. Full Top Secret 5.0 Administration, including the set up of new
userids and profiles, monitoring violation reports, implementing new
facilities and maintaining the RDT. Troubleshoot all Top Secret issues
and report problems to C.A. Technical Support. Setting up OS/390 Open
Edition security.
. Windows NT Security, create and manage user accounts, local and
global groups, directory permissions and domain rights and policies.
. SAP R/3 3.1H Security Administration, create SAP security profiles and
authorizations using Profile Generator and manually maintain existing
profiles and authorizations. Create and maintain SAP seats and
troubleshoot authorization failures. Working knowledge of Transport &
Corrections and OSS.
. UNIX/AIX Security Administration, create and manage user accounts.
Nomura Securities (Piscataway, NJ)
Tech Support Analyst/Consultant 6/98 - 8/98
. Y2K Infrastructure Support in an MVS environment, including but not
limited to Security Administration using CA-Top Secret 5.0 and Storage
Management/Tech Support duties using FDR, ICKDSF, STOPX37 and various
software products. Assisted in the resolution of production Batch job
ABENDS.
Automatic Data Processing (Jersey City, NJ) 12/90 - 4/98
Data Security Administration
. Responsible for Data Security in an MVS multiple CPU environment using
CA-Top Secret 5.0 with CPF to secure CICS/IDMS/TSO/BATCH/TCPIP/STC and
other facilities. Daily duties included defining, modifying and
resetting Acids, troubleshooting Top Secret problems. Coordinating Top
Secret upgrades/PTF's with MVS Systems Programming area.
. AS/400 & Tandem Security Administration.
. SecurID/ACE Server administration in support of remote access.
Technical Support Analyst
. System Assurance Coordinator responsible for IDMS software migrations
using IDMS utilities and Program Development Extension(PDX) change
control software. Responsible for the management of source/object and
batch scheduling changes across multiple production platforms in an
MVS on-line/batch environment.
Storage Administrator
. Maintained DFHSM in a large SMS installation, which included but not
limited to the monitoring of the daily tasks, such as AUTOMIGRATION,
incremental backups, full volume dumps, recycling carts, expiring
backup versions, Control Data set maintenance such as performing
Audit on the CDS and reorganizing these files periodically to
optimize performance. Strong knowledge of ICKDSF to Init, Inspect,
Reformat, Analyze and Buildix on DASD volumes. Maintained ICF catalog
structures encompassing diagnosing user catalogs for system integrity
and knowledgeable in catalog recovery using ICFRU.
American International Group Data Center (E. Orange, NJ)
Technical Support Analyst 01/89 - 12/90
. Responsibilities included DASD management using DFHSM, FDR, DFDSS and
ICKDSF. Responsible for the resolution of all Production DASD
problems. Involved with Data Center relocation project.
Clark O'Neill Inc (Fairview, NJ)
Production Control Analyst 10/86 - 01/89
. Setting up Batch streams, updating JCL and control cards, scheduling
batch jobs utilizing CA-7, ABEND resolution and RACF security
administration.
Education: Computer Operations Diploma from Computer Processing Institute
located in Paramus, NJ 1986 Various IBM, Tandem, Novell and Microsoft
Courses including but not limited to:
DFHSM/DFSMS, ICF Catalog Management, REXX Programming Concepts
RACF Security Administration, UNIX/Solaris System
Administration.
HARDWARE/SOFTWARE:
ZOS 1.6, OS/390 2.10, VSE\SP 4.2, CICS 4.2, RACF 1.6 & 2.10, CA-TOP SECRET
5.3, 8.0, CA-ACF2 6.5, VRA, Consul, JES2, DB2, TSO, ISPF, SMP\E, ACF\VTAM,
ACF\NCP, DFDSS, DFHSM, DFSORT, Info\Family, SLR, RMF, SDSF, Netview, DFSMS,
OMEGAMON\MVS, OMEGAMON\CICS, STATMON, TLMS, SAS, REXX, NATURAL, CA-
SCHEDULER, CA-UCC7\UCC11, UNIX HP-UX, ORACLE, Novell NetWare, Lotus Notes,
RAS SecurID, Nessus, Microsoft Office, Microsoft Windows NT & 2000, IBM
9672, 9121, 3090, 3081, RISC 6000, AS/400, Amdahl 5775, HP9000.
Contact this candidate