Experience Summary:

IBM Security Compliance Consultant, and CISSP/CSOXP, with over twenty years of enterprise level experience in data center build outs, network design and troubleshooting, process creation and review, and project management. He has ten years of IBM audit experience as an auditor conducting the following audits: SAS70, KCO, PCI, SCR, BCR, HIPAA and SOX with all the major external audit firms; PwC, Deloitte, Ernst & Young, and KPMG. Peter’s specialty is testing and remediation. He has a proven track record of determining where the failures occur in audits and how to effectively remediate and evidence any audit defects found. Peter also has over three years of IBM industry standard security practices and policies creation, monitoring, and testing experience. He has excellent communication skills, both oral, and written.

Education/Certifications/Training:

CSOX®P - Certified Sarbanes-Oxley Professional

CEH® - Certified Ethical Hacker

CISSP® – Certified Information Systems Security Professional

CCNP-SEC® – Cisco Certified Network Professional plus Security

CCDP® – Cisco Certified Design Professional

MCSE® – Microsoft Certified Systems Engineer

MCNE® – Master Certified Novell Engineer

Programming Languages:

PHP

Pearl

Python

Linux Shell Scripting

Tools:

H.U.L.K

Windows based Switchblade

Experience:

04/13 - Present IBM, Inc. Los Angeles, CA

Title: M & A - Risk / Security Compliance Management Consultant

Accounts: Kenexa, Varicent, Algorithmics, DemandTec, Emptoris, SoftLayer, ECM, Softlayer, Demandtec

Worked with the IBM FedRAMP compliance committee to assist IBM brands in navigating the FedRAMP compliance process and becoming FedRAMP certified.

A member of the development team involved in developing, testing, documenting and implementing IBM's new Security SaaS offering via SoftLayer.

Conducted internal security audits of major IBM acquisitions which were then developed into requirements documents for the IBM Security SaaS offering.

Trained IBM offerings teams on the reporting functionality of the IBM Security SaaS offering.

Worked as a focal between major IBM acquisitions and IBM internal during the merger and integration process of each acquisition..

Trained security teams in the reporting functionality of QRadar, Nessus, and IBM internal security compliance tools.

roject manager for the on boarding of new mergers / acquisitions into IBM.

Experience (continued):

10/12 - 04/13 Tricosta Corporation Los Angeles, CA

Title: Cyber Investigative Consultant - Contractor

Worked with the Mitama Group to track down a group of individuals involved in a cyber defamation and libel scheme to damage the reputation of a hedge fund in New York city.

Developed custom search algorithms and search engine control software to quickly generate search results over 100,000 items in depth and spanned over 200 social networks.

Built custom search results filtering module to filter out irrelevant results and false positives.

We started out with one email address and one possible location and were able to enumerate all the individuals involved in the cyber defamation and libel scheme.

The project was completed with substantial evidence generated and court proceedings are moving forward against the identified individuals

08/11 - 10/12 IBM, Inc. Los Angeles, CA

Title: Security and Risk Management Coordinator - Contractor

Accounts: ACE, Wellpoint, Quest, CHLA, CA Medicade Management Information services, BCBS TN, BCBS MA, Baxter, Dow, Hill Rom, Mead Johnson, Nasco, Peidmont, Agnesian, Xcel

Audit Firms: PwC, Deloitte, Ernst & Young, and KPMG

Managed multiple accounts and server teams spanning AIX, HP-UX, Linux, Windows, VMWare, Solaris and other platforms in the execution of audits, audit evaluations, and remediation projects.

Worked extensively HIPAA, HITECH, PCI as well as common information security management frameworks and practices.

Managed audits, evaluations, and remediation projects of third party vendors.

Managed the implementation of risk management processes based on audit findings.

Communicated necessary reports, raw data and remediation requests, in all forms (both verbal and written), to customer, supporting work groups, and departments to successfully complete all audits and remediation projects.

06/11 - 08/11 IBM, Inc. Los Angeles, CA

Title: Identity and Access Management Coordinator - Contractor

Accounts: Hilton and Coke Enterprises

Audit Firms: PwC, Deloitte, Ernst & Young, and KPMG

Managed the Identity and Access management team.

Worked with major audit firms PwC, Deloitte, Ernst & Young, and KPMG in audits of the Identity and Access management records for the Hilton and Coke Enterprises accounts.

Managed the remediation projects that came out of audits of the Hilton and Coke Enterprises accounts.

Implemented new department wide processes based on audit findings.

Managed and executed pre audit testing and remediation.

Enhanced the processes involved in the timely execution of the user ID management process.

Managed teams to trouble shoot problems, resolve errors and assess accuracy of output data.

Experience (continued):

09/05 - 06/11 IBM, Inc. Los Angeles, CA

Title: Audit / Security Compliance Advisor - Contractor

Accounts: State of California, Ryder, Medco Health Systems, AFC Enterprises, Mount Sinai Hospital, Hertz, United Health Group, Sears Holdings Corporation, Pathmark Stores, Inc., Sears Retail, New York MTA, Realogy, Raytheon, Marathon Oil, Whirlpool, AK Steel and Technicolor.

Managed SAS70, KCO, PCI, SCR, BCR, FICS, HIPAA, and SOX audits.

Successfully managed the execution of multiple audits over several accounts at the same time.

Immediately developed remediation strategies and action plans the instant defects were discovered and managed teams to put the new policies and procedures in place.

Reviewed and approved evidence and expedited the closure of all audit defects in under thirty days.

Managed major third party auditors to successfully complete and pass thirty one audits in the past six years.

Created and updated major policy documents for the above accounts as well as managed the issue and risk management processes.

09/96 - 09/05 CB Richard Ellis, Inc. Newport Beach, CA

Title: Multiple Positions Within The Company - Permanent

Worked for CB Richard Ellis for over eight years. In that time I was promoted up through the company five times in that eight year period.

Promoted from Help Desk to Senior Network Engineer to Manager of Network Services to Data Center Manager and finally to Manager of Security Services.

During that same 8 year period I managed the build out 2 data centers with over 350 servers in each data center.

Developed traffic modeling programs that helped the company predict bandwidth growth and associated costs,

Saved the company over $265,000 a year in connectivity costs by moving from dial up services to VPN services for remote offices and acquired nine certifications at my own cost.

Contact this candidate