Security Management
Resume:
Willard W. Smith Jr.
Conyers GA. 30094
H: 770-***-****
C: 404-***-****
abl627@r.postjobfree.com
Profile:
Experienced computer professional with a strong combination of
technical and managerial
abilities. Substantial experience and knowledge of
midrange/mainframe systems and
Peripheral network management (TCP/IP, Ethernet, Token Ring, FDDI,
x.25, Frame Relay,
T1, T3, SDLC, FTP,, SNA),DATAKIT, DECTALK, SYMBOL Pocket PC,WIN95,98, NT, 2000, 2000 Server, XP, Novell Netware, Active Directory,
Microsoft Project, LAN/WAN, MVS, CICS, TPF, TSO/ISPF, Gold Disk,
Retina, BigFix, Change Audit, InTrust, ForeScout NAC, WPC, UPC,
XYGATE, RACF. Experienced in VOS, Assembler, COBOL, and UNIX
Six Sigma trained.
Skilled at establishing, maintaining, and developing positive
business relationships with a
varied clientele.
Certifications:
DoD (Department of Defense) (Secret Clearance)
DoT (Department of Treasury) (Staff - Like Access
Clearance)
CISSP- Certified Information Systems Security Professional
IT Project + - IT Project Management Certification
MCP - Microsoft Certified Professional
DCSE - Dell Certified Systems Engineer
CCNA - Certified Cisco Network Associate
Network + Certification
A+ Certification
Experience:
Information Assurance Analyst - Atlanta GA. /Hanahan SC.
Honeywell Defense and Space /SPAWAR - IPPlus/ USARCENT
JUL 2008 - Present
. Gov. Contract Position - Information Assurance Analyst - Responsible for
auditing,
certification and accreditation (C&A) process security test
and evaluations (ST&E) for DoD
and DoT. Testing on applications/systems and evaluations in
accordance with DIACAP,
FISMA, FIPS, NIST-800 series controls, STIGS, MITS controls,
SSP's.
Performing ST&E's and CT&E's at various DoT(IRS) and DoD
installations. (Kuwait)
Writing, evaluating and performing QC on test plan controls,
test procedures and expected
results and executing C&A process ST&E (boundary scope,
stakeholder briefings, gathering
evidence, supporting documentation conducting interviews
system security testing utilizing
ForeScout NAC, Gold Disk, Retina, BigFix, Change Audit,
InTrust, WPC, UPC,) and other task
writing conducting issue resolution, writing POA&M's,
monitoring) to complete C&A and
ST&E.
Security Auditor - Jacksonville FL.
(Technisource) Fidelity National Information Systems
AUG 2007 - NOV 2007
. Contract Position - Security auditor for IT application risk assessment,
security reviews, audit
compliance implementation of standards and procedures as pre-
audit for SAS 70 audit on
invoice, documentation, and process management systems.
Responsible for SOX testing and remediation of the day-to-
day management access in
accordance with Fidelity National Information Systems security
policies.
Duties entail performing risk assessment and vulnerability for
enterprise systems, developing
and documenting internal controls and audit policy information
for info management (ie;
identity access management, sensitive data and classification
and prioritization, physical and
electronic data protection, access to data, retention and
deletion).
System audits in accordance with ISO 177999 - 20005 and SOX
(404) incorporating PCOAB
Audit Standard 2 security compliance.
Security Consultant - Richmond VA.
Capital One
SEP 2006 - APR 2007
. Contract Position - Responsible for PCI(DSS) compliance assessment of
PCI LOB's.
Responsible for SOX testing and remediation of any risk in
accordance with Capital One
security policies.
Planning, audit compliance, development of security standards
and procedures for
implementation of internal controls in compliance with company
policy and regulations.
Duties entail performing risk assessment and vulnerability for
enterprise systems, developing
and documenting internal controls and audit policy information
for info management (ie;
sensitive data and classification and prioritization, physical
and electronic data protection,
access to data, data transport, retention and deletion).
Created and maintained
metrics for senior management.
Ensure Compliance with OWASP top ten vulnerabilities for 2007.
Establish and enforce remote access procedures for employees
(ie; software download policies,
use and transport of company owned computers network and
security technology, use of
external storage media.
Information Security Analyst - Stratus/Tandem- Columbus
OH.
JP Morgan Chase
SEP 2004 - OCT 2006
. Responsible for IT Risk Assessment, Enterprise Information Security
planning, audit
compliance, development of Security standards and procedures
and for implementation
of policies and procedures and system administration on
Stratus/Tandem midrange platforms.
Duties entail performing risk assessment and vulnerability for
enterprise systems, developing
and documenting internal controls and audit policy information
for info management (ie;
sensitive data and classification and prioritization, physical
and electronic data protection,
access to data, data transport, retention and deletion).
Establish and enforce remote access procedures for employees
(ie; software download policies,
use and transport of company owned computers network and
security technology, use of
external storage media). Establish strong authentication and
ID management policies,
introduce and deploy intrusion detection technology, and use
of encryption technology for
data protection .
Responsible for SOX testing and remediation of the day-to-day
application management in
accordance with JP Morgan Chase security policies.
Systems Integration Professional - Stratus - Phoenix AR.
IBM
APR 2004 - SEP 2004
. Contract Position - Responsible for integrating business partner
systems into the
AMEX(American Express) IBM credit authorization system. Setup
business partners links on
the Stratus midrange system utilizing TCP/IP, SNA, X.25,
Connect:Direct and FTP as
transmission mediums. After configuring the hardware devices
and software extensive testing
and troubleshooting was conducted with the business partner
confirming connectivity and
credit authorization validation.
Field Technician - Atlanta GA.
NCR (National Cash Register)
NOV 2003 - APR 2004
. Contract Position -Field Technician updating, maintenance
(software and hardware) on
servers for various clients. Installs and upgrades include
internal server components upgrading
component software (OS, BIOS, drivers, config files, device
files, ESM) Updating and
installing operating systems and (Open System Manager, Array
Manager, etc). Installing and
upgrading RAID software.
AVP System Administrator Stratus - Technology and Operations -
Atlanta GA.
Bank of America FEB 1994 - MAR
2002
. Performed hardware and software/network administration for
midrange/mainframe
environment (operating system upgrades, hardware installs and
upgrades). Configured all
network connectivity in a midrange/mainframe environment using
SNA (over X.25 links,
TCP/IP over CISCO router network to various mainframe/midrange
systems (IBM mainframe,
Tandem, AS/400, Stratus) over T1, T3 OC3,12,48. Expert in
TCP/IP, Ethernet, Frame Relay,
X.25, Hyperchannel. Responsible for establishing, maintaining,
and troubleshooting network
connectivity at four production sites (Atlanta Ga., Richmond,
Va., Richardson, TX., San
Francisco Ca.) and 2 test /contingency sites (Richmond, Va.,
and Concord, Ca.).
. Implemented, documented and maintained all business continuity
procedures for Stratus
system at Bank of America for the ENCORE+ and PCACH
applications. This involved the
detailed planning,testing and implementation of DR procedures
which entailed coordination
with peripheral system connectivity (IBM mainframe, Tandem,
and AS400 hardware, Stratus),
and all midrange, software and hardware configuration.
Programmer Analyst III - Atlanta GA. Worldspan Corp.
MAR 1990 - FEB 1994
. Worked as a System Administrator on Stratus system performing
software and hardware
administration and maintenance. Responsible for managing
various projects for applications
client on Stratus midrange systems and VTAM (IBM 3745)
utilizing various vendor and third
party supplied software and hardware, and establishing all
network connectivity . Performed
maintenance and troubleshooting on all systems and network
connectivity.
. Worked as an airline reservation system TPF programmer utilizing
Assembler language
in an OS/MVS environment utilizing TSO/ISPF.
Education
A.A. Degree, Computer Science
Kansas City, Kansas Community College
Technical training:
Stratus ((SysAdmin, Continuum, XA Series (VOS & UNIX)
TCP/IP, TCP/IP (Advanced
network configurations), Georgia Tech Ethernet, Token
Ring x.25, SDLC, Frame relay,
Hyperchannel SNA, User Access, Hardware maintenance and
troubleshooting,)) Stratus
training facilities Marlborough Mass. VTAM (Networking),
IBM - Washington DC.
Contact this candidate