Engineer Security
Resume:
Robert Schrack
MSIA CISSP-ISSMP GCFA
Webster, NY 14580
******@*******.***
Objective
To obtain an information security management position that will utilize my broad
experience to drive compliance, information assurance, and risk management initiatives.
Summary of Qualifications
Directed security incident response and investigations
20 years as the "go to guy" for tackling difficult technical issues
Over 10 years of experience in information security in an academic medical center
Accomplishments
ISC2 Certified Information Systems Security Professional (CISSP) (Certification Number
378504)
ISC2 Information Systems Security Management Professional (CISSP-ISSMP)
Global Information Assurance Certification (GIAC) Certified Forensics Analyst
Member of Upsilon Pi Epsilon, the International Honor Society for the Computing and
Information Disciplines
Information Systems Audit and Control Association (ISACA) Member
Experience
July 2012 - PresentUniversity of Rochester Medical CenterProject Director - Information Security Risk & Compliance
Rochester, NY
Responsible for building the risk management and compliance team to ensure appropriate
information security controls are implemented and perform as specified. Create the
computer security incident response process and lead internal investigations. Develop a
vendor risk management process to certify that business associates will handle URMC data
properly. Working to implement the HITRUST Common Security Framework throughout the
Medical Center.
May 2001 - July 2012University of Rochester Medical CenterNetwork Security Engineer
Rochester, NY
Senior information security engineer responsible for network security operations.
Responsible for day-to-day management of multiple firewalls, remote access solutions, IP
Address management, internal PKI infrastructure, vulnerability assessments, and web and
email content filtering. Developed and implemented systems for intrusion detection, log
consolidation/correlation, and incident response. Led investigations of employee
performance, HIPAA violations, missing persons, and child pornography, working with Human
Resources, Office of Counsel, and Law Enforcement Agencies as necessary.
August 2001 - May 2004Clifton Springs Hospital and ClinicSystems Administrator
Clifton Springs, NY
Led project to implement multiple Checkpoint firewalls for border protection and remote
access. Redesigned internal network architecture to simplify network addressing and
routing. Managed project to implement Microsoft Exchange email system and migrate from
Novell Groupwise. Trained on-site system administrators in new systems.
August 1996 - May 2001University of Rochester Medical CenterLead Enterprise LAN Engineer
Rochester, NY
Lead Systems Engineer dedicated to Microsoft Windows domain and Exchange email
administration. Implemented first email anti-virus and anti-spam initiatives at URMC.
Developed and deployed first widespread open-source system and network monitoring service.
November 1995 - August 1996Universal Connecting PointSenior Systems Engineer
Pittsford, NY
Senior Engineer responsible for developing network architectures for clients. Led
installation and support of client networks. Managed internal network, servers, and EDI
systems. Developed and managed Internet connected email system.
December 1992 - November 1995SalesBook Systems
Systems Administrator / Customer Support Manager
Pittsford, NY
Managed internal network, servers, and mail system. Developed VB application for
reporting of data from development. Managed Customer Support group from May 1994-November
1995
Education
MS, Information Assurance, with honors
`
Norwich University
Concentration in Managing Cyber Crime and Digital Incidents
Northfield, VT
BS, Computer Engineering
Rochester Institute of Technology
Rochester, NY
Contact this candidate