Manager Security
Resume:
A. JOHN MORENO
Boonton Twp NJ *****
Home: 973-***-**** Email:
****@**********.*** Mobile: 973-***-****
http://www.linkedin.com/in/johnmoreno07005
SUMMARY
An Information Security Generalist and manager. A self-starter; have built
information security from the ground up; experienced with SOX compliance -
remediation; Business Continuity & Disaster Recovery Plan development.
Interpretation, development and enforcement of corporate policy;
successfully brought enterprise to compliance with PCI DSS requirements;
Identity Management; managed security team incidence response and
mitigation; Network/Operations manager; project management. Confidential
investigations.
PROFESSIONAL EXPERIENCE
MORENO COMPUTER CONSULTING, Boonton, New Jersey 2008 - present
Responsible for providing B2B information security (data & network) for
intellectual property.
PANASONIC NORTH AMERICA, Secaucus, New Jersey 2007 - 2008
Senior Information Systems Security Analyst and ISM Professional
(autonomous security focal)
Improved and ensured outsourced IT (IBM) compliance to SOX remediation
efforts and corporate/best practice policies and procedures. Interim
Information Security Chief.
Create/updated IT Security policies/procedures to meet current and
changing needs; Managed SOX security remediation and audit support;
Compliance to ISM (Information Security Management), the parent company
corporate security efforts; Project manager for MEI (parent company) and
Corporate security initiatives; US representative to ISM security forum
in Japan; Oversaw security tool configuration changes; Managed system
patching to all environments;
. Accomplished compliance to PCI DSS requirements.
. Successfully managed CIRT team and remediated several security
incidents.
. Remediated SOX security related deficits.
. Successfully reviewed and updated all security policies and
procedures.
GAF MATERIALS CORPORATION, Wayne, New Jersey 1998 - 2007
Manager of Data & Network Security
Built security from the ground up. Ensured that the bottom line would not
be affected, due to security issues.
Manager of Application and Operations Information Security. Maintained,
updated and tested the Business Continuity/Disaster Recovery Plan.
Administrated Check Point Firewalls and Netscape Mailhost/SMTP servers.
Researched, recommended and promoted security related strategies, tools and
best practice policies.
. Successfully coordinated partner COBIT study.
. Successfully managed projects in: Business Continuity/Disaster
Recovery planning, Intruder Detection implementation, Network
assessment, Security Audits/Penetration studies, external audit.
. Developed company's first computer security policy and other security
related policies/procedures.
. Formed and chaired first Security and Change Management Operations
Committees.
. Interim Operations Manager and HP Unix Manager.
. Developed ERP PeopleSoft security - Identity Management
LENZE CORPORATION, Fairfield, New Jersey 1998 - 2002
Consultant - (Moreno Computer Consulting): Network, Operations, Database
administration, reports programming.
LENZE CORPORATION, Fairfield, New Jersey
1994-1998
Director IS Department
By migrating the company away from a Novell to a Microsoft network, was
able to provide a faster responding system from which to store and retrieve
data more efficiently and therefore more productively.
Database and Systems Administrator; Selected and acquired software,
hardware, maintenance contracts and consultants; Managed department budget;
Determine the company's future computer systems direction; Database
applications report programmer.
. Migrated Windows 3.1 and Novell 3.12 client/server to Windows 95 and
Windows NT network system.
. Organized company LAN and WAN connections to remote sites.
. Installed UNIX resident SYMIX accounting system. Created remote access
for field reps.
WEISS PECK & GREER, (brokerage firm) Wall Street, New York, New York
1989 - 1994
Systems Administrator
Programmed system maintenance functions to minimize operator intervention;
this provided the company with less downtime required for maintenance.
Successfully developed and tested company's first Business
Continuity/Disaster Recovery Plan.
LYCEE FRANCAIS DE NEW YORK, New York, New York 1987 - 1989
Consultant
Designed first computer student database and created computing network from
existing infrastructure (stand alone IBM and Apple computers).
Security:
2007 SafeBoot PC encryption certification
2007 ISACA, Audit & Control of Firewalls, Wireless LANS, Routers and
2007 Intruder Detections Systems
2006 Global Knowledge, Wireless Networking II: Security & Analysis
2005 New York University; CISA; Certification Information Systems Auditor
2005 Training
2003 New York University, CISSP: Security Certification for IT Professionals
2002 Training
2002 CSI Structured Approach to Incident Response
2001 PeopleSoft Security
1999 ISS, Ethical Hacking
1999 Learning Tree, Windows 2000 Security
1998 New York University; Network & Applications Security Certificate.
1998 New York University; Certificate in Unix Systems Management & Security
1998 ComPas Contingency Planning s/w at Comdisco (disaster recovery
1998 provider)
Hewlett Packard; Windows NT Server Security
ACSA; Penetration Testing, Intrusion Detection, Computer Forensics
North East Performance Group, HP UNIX Security
SecureIT FireWall-1;Certified Check Point Security Administrator
Other:
2009 Entrepreneurial Seminar Series County College of Morris
2005 Learning Tree SQL Query
2004 PeopleSoft Portal Administration
2003 PeopleSoft Tools I & II
2002 Kepner Tregoe Problem solving and decision making
1999 Paradigm, Netscape Messaging & Collaboration Server 3.6
1998 Hewlett Packard; Windows NT4.0 Server Support/Core Technologies
1997 Hewlett Packard; UNIX v10.x Networking & Systems Admin
1997 County College of Morris County, Professional Management
1996 New Horizons; MSAccess Intermediate and Advanced courses
1996 OnTrack Training Systems; Microsoft Windows NT 3.51 Server
1995 Support/Administration
1995 SYMIX Software Corporation; Symix Database Administration & Symix
1994 Customization
1994 Progress Software; PROGRESS Programming Version 6
1994 SYMIX Corporations; Accounting & Manufacturing Modules
1992 Westcon Corporate Training; Novell Netware TCP/IP & NFS, V3.12
1991 New York University; Certificate in Network Technology & Novell Netware
1990 Administration
1987 Westcon Corporate Training; System Manager; Novell Netware V3.11
Hewlett Packard; UNIX Systems Basics: HP9000 series
1982-198 Prime Education Center; Primos Systems Administration
4 Control Data Institute; Programming Certification, COBOL, FORTRAN &
BASIC, Systems Analysis and Design, DataBase Management, Accounting
Fundamentals
Academy of Aeronautics (now Vaughn College of Aeronautics); Computer
Science
ASSOCIATION MEMBERSHIPS
ISSA, CSI, ISACA, Tech Managers Forum. Fraternal Order of Police, Morris
County Chamber of Commerce,
Gerson Lehrman Consulting Group
Contact this candidate