Project Manager Security

Selected Qualifications:

Manage and provide IT risk assessments and acceptance processes for critical businesses units. Provide NIST compliance and oversight of configurations, implementations and security reviews. Conduct pre-audit inspections and post audit remediation for NIST and SOC audits. Set data classification and policy for handling classified and sensitive data including PII. Meet regularly with management to set policy and approve infrastructure designs.

Design, develop, deploy, and manage complex networks. Manage deployments of complex project in the five million to ten million dollar range.

IT and security manager with over 20 years’ experience. Strategic thinker, skilled in developing, communicating complex project vision with technical and security teams while engaging all stakeholders. Successfully integrated internet based technologies and related security services into business driven information solutions.

Developed and implemented firewalls, compliance rules, proxies and DNS servers. Immediate response and remediation of computer/network vulnerabilities and threats driven by security zones and levels of security classifications of data.

Provide solutions, management, support and maintenance within high integrity, high availability wired and wireless computer networks. Team creation and management of software development projects and support for robust environments.

Utilization of and compliance to Cyber Security Framework (CSF), DOD 8500 and Security Technical Implementation Guides and tools (STIGs). Assuring NIST/FISMA/SAFR Risk Management framework (RMF) for risk assessment, implementation NIST and ongoing monitoring. Leverage NIST 800-53 control set, align controls for SOC 2/3 Compliance.

Partners and leads working with internal and external auditing functions, will support and report on compliance status, and drive improvements as part of strategic leadership teams.

Develop Security best practices and frameworks, while coordinating compliance assessment and reporting across diverse organization functions. Lead prioritization, strategy development and utilization of geographically remote teams.

Manage multiple programs and projects with budgets of 5 to 8 million Dollars.

Hardening of networks for both hardware and software. Conforming to NIST hardening rules for servers, firewalls, and routers. Software secure code review with automated tools.

Cisco, Juniper, F5 LTMS/GTMs, Bluecoats risk reviews, and hardening. Skybox for compliance and Algosec change management.

Cloud Security using FEDRAMP as a base, migrating apps and identity to the Microsoft AZURE cloud. Migrated internal websites into the AWS cloud along with moving external DNS to Verisign for public domains. Began the process to federate the Microsoft Azure with internal Active Directory. With the future use to securely federate skype, office 365 to the cloud. We have several tenants up Azure in the testing phase. We are also using AIRWATCh to connect mobile iPhone devices to the network from the outside.

Member Infrastructure Review Board that approve any new infrastructure that is to be added to the network.

Member of Infragard

Selected Projects

Created a process to track expiring security certificates. 100% to date compliance.

Security approving Engineer for AIRWATCH, Secure Cash Card Services (Treasury/DOD project)

Identified an opportunity to decrease organization response times and eliminated in excess of 1800 manual person-hours. Designed and coordinated implementation of the automated National Incidence Response Team alert processing

Conceived and developed a workflow intake system that links applications and ports in an expedited fashion.

Manager leading several teams for the implementation and deployment of 16,500 IP Telephone endpoints across 13 geographically dispersed sites

Project Manager for a large software development, datacenter design, implementation and hardware deployment of a custom application for secure IP cameras, build out of secure datacenters. The software developers were in multiple countries.

Technical Skills

Experienced in migrations of windows desktops XP/7/8/8.1 and windows servers’ 2003/2008/2012R2. Migrations testing and security testing for large migrations of OS and custom applications.

Subject Matter Expert (SME) in the design, engineering, and implementation of networks and network security systems for network security architectures to include boundary security, intrusion detection and protection, access control, disaster recovery, business continuity, and best practices.

OS software: Microsoft 2003/2008/2012R2/Enterprise/Datacenter Active Directory, Windows NT/9X/XP/2000/2003/2008/7, Red Hat Enterprise Linux/Solaris

Software: Acronis and Veritas NetBackup, Symantec, Microsoft Exchange 2003/2007/2010, Microsoft Office Suite, McAfee, Ghost, VMware, DNS (bind and windows), Web Servers ( IIS, Apache), Remote Access, VPNs, PC Anywhere, DHCP, TCP/IP,

Hardware: Telephone Systems, SIPs, Dell, HP, IBM, NAS/SAN Printers, Scanners, Cisco Routers, Switches, Firewalls and Generic PC hardware, MS Project

Technology: Virtualization, Cloud Computing, Wired and Wireless Networking, security architecture frameworks, Software Develop Lifecycle (SDLC) models

Employment Experience

SCHNEIDER ELECTRIC, Andover MA, August 2016 – January 2017

Project Manager - IT Governance Risk and Compliance (GRC), Certification Security Project Manager

Creating a risk and compliance framework for several business units. Using NIST Cyber Security Framework (CSF) as a Base. Utilizing SOC 2 plus reporting and COBIT 5 and COSO management frameworks. Using NIST 800-53 (currently r4) as the individual control set. The business units are developing products for several verticals including the IoE (Internet of Everything). The framework is based on best practices, internal and external standards and guidelines. The compliance framework takes into account regulations are over multiple jurisdictions including but not limited to USA, United Kingdom, European Union, Germany, and Canada. The GRC framework deals with all facets of the product development including, the firmware and software development life cycles (SDLC), risks and compliance. Securing the infrastructure comprised of internal, external, cloud and cloud connections. This includes AWS, AZURE and Virtual Private Cloud. The ultimate goal is an end-to-end secure environment from the product in the field to the endpoint in the company be it server, desktop or application hosted in the cloud. I provide sign off on the security side when it is identified that the project is fully compliant with the security requirements, or that sufficient compensating controls have been put in place to mitigate identified risks and thus achieve compliance. Where there is a gap and no compensating control could be identified I proceed with the escalation, working with the Global IT Security Team I provide feedback and validate the cloud security assessment questionnaire. Propose mitigation steps for identified risks and threats Providing Certification recommendations from a security perspective based on understanding of application and results of automated checks

FEDERAL RESERVE BANK, BOSTON, Boston, MA, March 2015 – June 2016

Senior Risk Engineer

Working in a mission critical security team at the Federal Reserve System. The Network Security Services team (NSS) is a national organization supporting all Federal Reserve Banks, providing boundary security and application security to the Federal Reserve System (FRS). I am responsible for consulting on and managing the Information Technology (IT) risk assessment and acceptance processes, as well as providing configuration, implementation, and support of security technologies to the Federal Reserve System. I also provide security consultations, assisting departmental personnel with the operation, implementation and the support of infrastructure on a 24 x 7 basis for many critical financial applications for the Federal Reserve. We work in a team-oriented environment and interact directly with both Reserve Bank IT and Information Security personnel, as well as Federal Reserve IT system colleagues. My position requires interaction with technical staff including Reserve Bank IT and Information Security personnel as well as customers, business units, and end users on a regular basis. Security evaluation and compliance reviews based on SAFR/NIST internal control set.

Security SME for AIRWATCH, Cash Card services. Used Archer and Jira tracking systems.

COMMONWEALTH PHOENIX CONSULTING, Chelmsford MA, January 2009- February 2015

Consultant

Consultant for design and implement computer networks architecture, upgrade and troubleshooting for small and medium sized businesses. The primary focus is on configuring and securing the network and servers to provide high availability, performance, security and integrity. Design, engineer, test, install, and documentation of WAN/LAN and network security systems.

Highlights of Services Supplied:

Complete Program and Project Management from concept formation to delivery

Secure Infrastructure network design, implementation, and deployment

Cloud virtualization of server and desktops, Software as a service (SaaS).

Business continuity and disaster recovery, backup system design

Identity management, multi-factor authentication

IT security assessments/audits, remediation recommendations, hardening of networks and servers

Securing of Bring your own devices (BYOD), WIFI networks,

Network mapping, penetration testing, software vulnerabilities testing

Governance & Compliance for companies needing to meet Government Standards, including but not limited to NIST, HIAA, PCI DSS

On call incidence response

Secure software project management, design, testing and delivery written in C++ and Java.

Example projects include:

Project manager for an upgrade of 16,500 IP telephones for a commercial institution across 13 locations around the country. This included the upgrade of the servers supporting the phones.

Project manager for software development of video software program utilizing streams from analog and IP cameras to central servers for rebroadcast (200 + cameras and video viewers) using agile/scrum software development model.

500 PC migration to for engineering company to windows 7

Project manager who development and implemented a proprietary purchase order and tracking software and the associated 250 operator station international network to support an international vendor sales capability. Customer sold almost exclusively to Federal, State, Local and International governments. Written in C++

Designed, implemented and maintain 10 PC HIPAA compliant healthcare network, upgraded to windows 7

Designed implemented, secured and maintain high reliably network for a Law Firm.

RCM FX, Boston MA January 2008- January 2009

Head of technology/CTO

Administrated and managed the 24/7 remote server network (International banking interfaces built on metatrader4), ensuring the availability, integrity, and confidentiality of the network interconnections were constantly maintained.

Managed internal and external stakeholder issues by providing supervisory technical support to address higher-level support resolution issues.

Technical refresh /upgrade of the network to improve stability and security including a redesign of the active directory structure and security policies.

Development and deployment of companywide acceptable use policy and computer policies,

Deployment of companywide server to endpoint virus protection,

Daily review and analysis of server logs (security and reliability),

Planned network technical upgrades and refreshes. A

Supervised the traders on the in-house trading desk ensuring compliance with company policy and trading strategies.

Had 10 direct reports, from trading desk, customer support, IT, and daily traders.

NEW ENGLAND MERCHANTS CORP., Arlington MA December 2000-January 2008

Senior Network Manager / Licensed Branched Manager

Designed and implemented a computer network using Ellie Mae Encompass software based on windows platform/MSSQL

Day to day operations manager with dozens of employees.

Supervision of loan officers,

Coordination of both in-house and independent loan processors and verification of all documents for compliance

File and document compliance with state and federal regulations.

Oversaw and participated with my staff during the Commonwealth of MA compliance audit.

BBIS COMMUNICATIONS, INC., Boston MA, January 1996- November 2000

Managing Director

Established, configured, secured and maintained the ISP network,

Migrated the WAN /LAN environment into a Competitive Local Exchange Carrier (CLEC) environment.

Coordinated network services and capability to support diverse stakeholder needs and commitments.

Oversaw the development of the websites, coordinated with the web developers to achieve the company-desired look and feel of the interface and configured remote management for all the equipment.

Developed policies and infrastructures for maximum uptime using failovers and backups. No data was ever lost during my tenure, uptime was over 99.999%.

Education

UNIVERSITY OF HARTFORD, Bachelor of Arts

Clearance Status

Public Trust Moderate Risk

for Federal Reserve/United States Treasury

Certifications

Certified Information Systems Security Professional CISSP #466547

Project Management Professional PMP #1674917,

ITIL Information Technology Infrastructure Library V3 ITIL #978564

Contact this candidate