Archie De Guzman

Offshore Manager, Global Security Operations Center

Teleperformance USA Group

091*-***-****

ac0x1c@r.postjobfree.com

Summary I have been in the field of Information Security for the last 9 years, taking on various roles. From

Access Control Management, Role-Based Access Engineering/Compliance Analyst, Security

Operations Engineering, Project Management and management of Security Operations Center

among others.

Experience Offshore Manager, Global Security Operations Center

Teleperformance USA Group

June 2012-Present

Tasks include but not limited to:

- Manages the team of (12) engineers who ensure the security of company

electronic data/information.

- Establishes and manages security systems in order to prevent the infiltration and

breach of company and/or exfiltration of customer information.

- Defines/regulates appropriate network firewall ACLs and criteria to safeguard the

organizations infrastructure and data.

- Designs and implements security policies to warrant stringent access control to

critical systems.

- Implements various web security controls and protocols to different sets of users

to safeguard the company from any external security threats/malwares.

- Administers and configures email gateways, tailoring the scanning policies to

ensure that loss of data is minimized and intrusion is mitigated.

- Safekeeping of security keys (internal keys, encryption keys, certificates etc) and

the management of key rotation.

- Implements and administers the encryption of data-sensitive files on servers and

shared directories (flat files) with the use strong AES.

- Manages the multi-factor authentication system of the entire organization.

- Accomplishes proof-of-concept for any security-related softwares/products.

- Spearheads all fresh rollouts, migrations and any security-related

projects/endeavour.

- Oversees the full-functionality of SIEM and log management.

- Execute periodic log reviews of high alerts from IDSs.

- Administers the endpoint protection of the company, ensuring that all signatures

and patches are up to date.

- Performs security scans i.e. vulnerability, wireless AP and PCI scanning.

- Takes care of the system maintenance of any security tool/hardware (i.e

backups, user management, drive/memory space allocation, overall health, etc).

- One of the head investigators on any fraudulent/malevolent events.

- Works with auditors for any security-related findings and the technical aspect of

the assessment.

- Hires, trains and evaluates new and/or existing personnel to ensure that the

operational demands are met and sustained if not exceeded and that the skills of

the staff are at par with the current demands of the information security

technologies.

- Attends to client audits as Security representative to respond to questions and

inquiries related to InfoSec and Risks

- Conduct Risk Assessments

- Suggest and/or explain to clients/executives remediation steps or controls to

minimize risks

Accomplishments

- Responsible for the project management of the massive and audacious

migrations of old web security solutions (Websense, CA SCM, Sonicwall) to

McAfee Web Gateway.

- Commended for single-handedly managing the roll out the encryption system,

including project management and administration (Vormetric Security).

- Recognized for the proof-of-concept, purchase, build, implementation and

administration of the new multi-factor authentication system of the organization

(from RSA to DUO).

- 3-time recipient of the IT Employee Of The Month Award.

- Responsible for the evident enhancement on email scan engines (McAfee Email

Gateway).

- Boosted the confidence of the team, thereby leading to its growth from a team of

two, to a team of 14.

- Sent 3 times to the USA for trainings and conferences

Role/Access Engineer, Safeway Manila

March-June 2012

- Prepares documentation, including process and procedures in managing data

control activities as needed.

- Monitors and advises on information security related issues to ensure that the

internal security controls are appropriate and operating as specified.

- Collaborates with the concerned I.T. personnel and management to oversee data

classification assessment and compliance requirements.

- Develops, publishes standards and guidelines based on good security practices

and awareness.

Accomplishments

- Received cross-training for Security Operations including the use and

administration of:

Imperva

Blue Coat

IP360

Symantec Endpoint Protection

Tipping Point (IDS)

Airwave (WAP)

Access Services Administrator, Safeway Manila

Aug 2008 to Feb 2012

- Account management on Mainframe TSO/TPX via JCL and VRA.

- Administration of Active Directory and LDAP running on Windows 2003 and

Windows NT.

- Managing accounts on SunIDM.

- Managing database account for Informix/SQL Database/Oracle/Teradata.

- Handling different platform such as Mainframe/UNIX/Windows.

- 2nd level support for VPN configuration/issues.

- Performing internal audit for SOX compliance.

- Administering the secured third-party email engine system.

- Managing the multi-factor authentication system

Accomplishments

Handled special projects on top of regular tasks.

- Administration of HP Quality Control SDLC software

- Process Re-engineering for the asset management of IT-related items; from

procurement to EOL

Groups top performer for 2010

Knowledgeable on the following security products and methodologies:

Fields of

- File Encryption (Vormetric)

Expertise

- Endpoint Encryption (McAfee EPC, Symantec SEP, MS Bitlocker)

- Web Security (CA SCM, Blue Coat, WebSense, McAfee Web, SonicWall, Cisco

CX, Sourcefire)

- Email Security (CA SCM, McAfee Email Gateway, Symantec Mail, Secure

Messenger)

- SIEM (Splunk, Tripwire)

- Multi Factor methodology ( RSA, DUO, Defender)

- IPS/IDS (Cisco, Sourcefire, Tipping Point)

- Vulnerability Management (Nessus, Retina, McAfee PCI, IP360)

- Endpoint Security (McAfee ePO, Symantec SEP)

- Windows Security Group Policy Management (GPO)

- Active Directory Administration

- Proxy Auto Configuration and deployment

- Firewall/Ports administration

- Data Loss Prevention (Vontu, Websense Triton)

- DRP/BCP

- Wireless/Rogue AP Scanning (Airwave)

- ISO 27001 controls

Employment History not related to Security

- Sept 2007- Jul 2008 (HSBC Cards Resolutions team)

- Feb 2004 to Aug 2007 (Saudi Telecom, MS Access DBA, Web Designer)

- Aug 2002 to Jan 2004 (Deped Olongapo IT Tech/Clerk)

School AMA Computer College

Bachelor Of Science in Information Technology

June 1998 - 2002

Available upon request.

References

Contact this candidate