Management Security
Resume:
DONALD BOLZ, CISSP
Wappinger Falls,
New York 12590
*******@*****.***
TECHNOLOGY EXECUTIVE: SVP ( Information Officer ( Security Officer (
Operations
IT Strategy Development Operational Leadership Information Security
Management Disaster Recovery
Risk Management Infrastructure Development Relationship Management
Start-up Operations
Program/Project Management Solutions Design & Implementation Business
Process Analysis
Forward-thinking Technology Officer with hands-on project management
experience driving strategy and tactical operations for corporations in the
finance and healthcare industries. Instrumental in aligning IT with larger
organizational goals and direction, while providing leadership to all
technical projects and support activities. Reputable for building ground-up
systems and infrastructures, maintaining security and minimizing risk while
ensuring consistency and reliability of IT services to internal and
external clients and customers. Confident communicator, effectively
interacting with C-level leaders, technology teams, and business partners.
o Technology Strategist and Leader. Orchestrates design and deployment of
mission-critical systems and initiatives, through combining strong
technical expertise with a keen understanding of business processes and
demands.
o Security and Operations. Ensures uncompromised security while minimizing
risk through proactive review and updating of systems, network, and data
protection. Delivers unique operational expertise, with background in
start-up/business management, renovations, and infrastructure design.
o Project Management. Extensive "real world" program/project management
experience spanning industries including Systems Development, IT/Network
Infrastructures, Security Programs, Facilities, and Construction.
PROFESSIONAL EXPERIENCE
The Greater Hudson Valley Family Health Center 2012 - Present
Director of Technology and Information Security
Oversee management of Technology & Information Security.
. Operationalized the IT department through the use of "Project
Management Methodologies to Quantify, Plan and Execute all ongoing and
future projects", "Departmental Reorganization", and "Mentoring of
existing personnel".
. Increased the "Information Security Posture" of the Health Center
through;
o Gap analysis and audit against the HIPPA-HITECH security
framework.
o Implementation of a robust Information Security Program based on
HIPPA and best practices. This includes but, is not limited to;
the formulation of a board level "IT Steering Committee", "IT
Strategic Planning"," IT Budgeting", "Policies, Procedure, &
Guidelines", "Information Risk Assessments", "Incident
Reporting", "Systems Audit & Monitoring", "Vendor Management &
Risk Assessments", Information Security & HIPPA training",
"Business Continuity and Data Backup", etc.
o Participation and contribution to several high level
institutional committees including, Compliance, Strategic
Planning, Clinical Quality Improvements, and The Joint
Commission Task Force.
o Facilitate and lead projects for EMR integration to State
immunization
o Maintained and implemented Policy and Procedural changes as
pertaining to evolving State-Federal laws and regulations
o Facilitated EMR systems changes though in-house and third party
vendors to insure accuracy and consistency in claims and
billing. (i.e. Current Reimbursement and Payment Mechanisms for
Medicare & Medicaid Services from the National Wraparound
Initiative)
Accenture, New York, NY ( 2011 - 2012
Technology Delivery Lead - Financial Systems & Security
Lead global teams of consultants and analysts in assessment and delivery of
Financial Programs & Projects to major US banking institutions.
Selected Highlights
. Software Asset Management Lead: Manage project to discover and
reconcile software products across a major bank enterprise.
o Using BMC's Asset Management platform, we found software
signatures on 60,000+ servers that where then cross-referenced
to a contract data base. This had never been done at this scale
before.
. Security Access Control Lead: Manage project planning to support
multiple security controls, including but not limited to: multifactor
authentication, boundary protection, and auditability.
The Park Avenue Bank, New York, NY ( 2004-2010
CIO, CISO, Operations Officer, SVP
Oversee management of Information Technology, Information Security/Risk
Management and Identity Theft programs, ensuring system and operational
integrity to successfully complete all internal, external, and regulatory
audits. Liaise with core system provider and technology vendors, with
control of contracts, SLAs, pricing, and installations. Serve as Chief
Security Officer - steer bank's Physical Safety and Security Program.
Selected Highlights
. Spearheaded start-up operations - designed, executed, and drove
creation and construction of a bank from concept through to grand
opening. Oversaw all departmental & administrative issues for
Technology, Information Security, HR, Marketing, Facilities &
Construction; proving instrumental in growing the bank by 450%.
. Directed and managed development of core disciplines from Provider
Assessments (RFP's) and Security programs (Information and Physical)
to Branch Administration/Operations, Deposit operations, Central
Management and Facilities.
. Developed and implemented an Information Security Program that held
up to scrutiny, particularly when reviewed by regulators and outside
auditors, based on "FFIEC" and "ISO 27000 series" best practices.
This program included "Operating Policies and Procedures", "Planning
and Deployment", "Risk Management and Assessment", "Audit and
Monitoring", "Administrative and System Operations", "Vendors and
Outsourcing", "Legal and Regulatory", "Insurance", "Business
Resumption and Contingency Plans", "Applications / Website Security",
"Incident Response and Management" ...
. Led implementation, & integration of all internal systems and vendor
products/maintenance to cover all aspects of banking/technology
needs. Core/Item Processing, Branch/Teller Systems, Website
Development and Hosting, Internet Banking, Remote Deposit Capture,
Network Security Monitoring, Data Warehousing, Document Imaging,
Executive dashboard and Cognos reporting.
. Designed and implemented a "state of the art" technology
infrastructure that included a company owned Disaster Recovery Hot
Site (NOC); planned as a future profit center, with a four year
breakeven point, This infrastructure included redundant systems,
data, and telecommunications; ensuring critical systems back online
in minutes as opposed to days
MERCK-MEDCO MANAGED CARE, Franklin Lakes, New Jersey ( 1991-2004
Provider of clinically driven pharmacy and healthcare services. (Now
Express Scripts / Medco Health Solutions)
13 years of "hands on" experience in building and managing complex health
care systems for Medco Health Solutions including "Claims (Order entry) &
workflow", NCPDP / IDC-9 transaction processing, and Protocol Management.
During my time at Medco I consistently moved up the ladder from a
Programmer/Analyst to a Senior Manager
Senior Manager, Alpha Systems (2001-2004)
Directed management and delivery of projects to rewrite front-end
interfaces of Order Entry/Workflow, and Protocol Resolution, to a VB based
"Client Server/Web" architecture accessing mainframe DB2 databases through
a Cobol/CICS/MQ server interface. Greatly enhanced systems requirements in
quality, definition, architect & design; serving as the subject matter
expert on legacy systems.
Selected Highlights
. Optimized user experience and productivity through design and
implementation of VB-based GUI interfaces, which delivered point-and-
click access to existing mainframe legacy systems.
. Designed and managed implementation of mainframe servers to translate
mainframe data to XML, and back, for use in Client Server and Web
based presentation and update.
Manager, System Development (1997-2001)
Led multi member IT teams in all aspects of management - from development
and release to production support - for multiple online and batch systems.
Created time- and budget- conscious project schedules and prepared "Level
of Effort" estimates for development/upkeep of 100+ online modules spanning
multiple systems. Maintained, developed, and updated systems; in accordance
with a highly structured release process.
Selected Highlights
. Achieved zero defects, along with on-time and on-budget delivery, for
design and deployment of Y2K enhancements and QA efforts across
multiple complex systems.
. Elevated technology capabilities through redesign and implementation
of legacy system interfaces to Client Server and Web based front-
ends, using VB, MQ and IBM Web sphere for CICS.
. Boosted efficiency and effectiveness through institution of a
systematic monthly release and change process.
. Played central role and delivered major contributions to planning,
design, and architecture of company-wide projects (including HIPPA
and Y2K).
EDUCATION & TRAINING
Bachelor of Science in Applied Mathematics and Computer Science
Pace University, Westchester, New York
"Safe Systems" Information Security Training for Information Security
Officers
CERTIFICATIONS
CCBSO - Certified Community Banking Security Officer
CISSP - Certified Information System Security Professional
Contact this candidate