Sign in

Information Security Manager

Staten Island, New York, United States
August 12, 2018

Contact this candidate


George Velez

** ***** ***** ****** ****** NY Cell #:917-***-**** Email:


IT Professional with 15 years of Information Security, Security Analyst, Security Administration, and Identity Access Management Experience

Ability to learn new technologies and applications quickly with minimal training and supervision

Reputation for going beyond and above to provide exceptional client/customer service

Excellent team-building and interpersonal skills; works well with individual on all levels

Effective verbal and written communication, analytical, technical, and problem solving skills

Capable for doing work that requires concentration, patience, and attention to detail


Information Security Application/System Recertification Identity & Access Management

Policies & Procedures Security Administration System Risk Management Process

Security Awareness Training User Training/Mentoring/Coach Monitoring & Reporting


RABOBANK, 245 Park Avenue, NY, NY (April 2018 – Present)

Security Analyst

Participates as a member of the regional Corporate Security Intelligence team.

Conducts the weekly Human Resources new hire Information Security Orientation Presentation

Assist Information Security Officer with mandatory annual Security Awareness Training

Manage, coordinate and review access recertification’s, Identity Access Management tool management and issue coordinating

Identify problematic or incomplete information on security assess request forms that could delay or negate the processing of security clearance requests and exacts items of security concern and determines whether additional checks are necessary based on the evaluation of available information

Develop procedure s and guidelines which effectively present a detailed overview regarding the establishment and assigning of user security profiles

Conduct annual user recertification activities and systems to ensure compliance with policy

Develop procedures and guidelines which effectively present a detailed overview of the annual user recertification process

Responsible for quarterly File Share and Network Account Recertification’s and ensure that owners review and verify that users should have access to specific file shares or retain their network accounts

Represent the team at technical and management meetings regarding DellOne Identity Access System as required

Comfortable working as part of a global team across multiple countries, cultures and time-zones

Ability to acquire a working knowledge of Company and Client policies/procedures

Designated as the first point of contact for all Internal/External Audits and work closely to ensure Rabobank delivers all requested artifacts, documents, policies, and procedures that are requested during an Audit

Conduct spot checking and reviewing of the Identity Access Management activities in the form of auditable review

Assist under the guidance of Security Officers in the coordination and review of System Risk Assessment and the review of Logical Access Control Models.

Responsible for the recertification of 93+ banking applications (8 SOX’S, 9 Payment Systems, 76 applications)

Responsible for following up and responding to security incidents and escalated monitoring

Acting IAM Manager responsible for the transitioning of 4 Corporate Security Administration positions being relocated to the New Identity Access Management Team in St Louis, MO.

Manage and train 3 new IAM members responsible for the management and support of system access and entitlements for the Americas

Provide assistance, guidance, presentations, and training to the Business and IT Infrastructure owners for the application recertification process for all Rabobank Systems and Applications

Assist with System Risk Management Process (SRMP) and System Risk Assessments for applications before the applications go live

Assist with Logical Access Control Policy (LACP) process and ensure all applications have a LACP with procedures to verify appropriate access & privileges on each banking application and systems

Work with both LACP Business and Infrastructure Owners to ensure all Logical Access Control Policy are up to date.

Monitor CyberArk reports and respond to failed password verification alerts and work with system account owners to resolve failure alerts

Create CyberArk Accounts and add system and application id’s to specified Safe and vaults

Retrieve CyberArk system/application password’s and assist Database, Linux, Wintel, and Core Application Support teams when passwords are requested

Create, update, and maintain all Corporate Security application and Security procedure documentation

RABOBANK – New York, NY (11/2015 to 04/2018)

System Security Administration

Reports to Head of Corporate Security and provides IAM support to the America’s region (New York, California, St Louis, Missouri, México, Canada, and Brazil)

Provisions and processes all new hires, transfers, and terminations for the region

Monitors and reviews application, user activity, never logged on, and inactive network login reports

Train Business Manager’s and Executive Assistance on how to use the new DellOne Identity Access System

Reviewed, analyzed, and remediate all DellOne Identity access anomalies found on the DellOne weekly report

Responsible for testing applications such as DellOne upgrades and HP Service Manager systems on UAT before new releases go into the production environment

Work with all teams to ensure any audit findings are closed and resolved by specified and agreed dates

Monitor CyberArk reports and respond to failed password verification alerts and work with system account owners to resolve failure alerts

Create CyberArk Accounts and add system and application id’s to specified Safe vaults

Retrieve CyberArk system/application password’s and assist Database, Linux, Wintel, and Core Application Support teams when passwords are requested

Create, update, and maintain all Corporate Security application and Security procedure documentation


Nominated to manage the IAM Transitioning Project, hire and manage 4 Security Administrator position to work in the new IAM Team located in Saint Louis, MO. In addition, to train the team and teach them how to administer approximately 100+ Banking applications

Work with DellOne Developers and DellOne Identity Access Teams in Utrecht, Nederland’s to work on high priority technical problems, bugs, and issues that are found here in the Americas Region. Set up weekly meetings to discuss how to resolve the problems and agree on a due date for a complete resolutions.

FIRST REPUBLIC BANK, 1230 Avenue of Americas, NY, NY (04/2014 –August 2015)

Access & Identity Management

Assigned to the Identity & Access Management Operations Team to support the America’s region (San Francisco, Los Angeles, New York, Oregon, Connecticut, Florida, & Boston)

Responsible for On-boarding all new hires, Contractor’s, Consultants, and Offshore staff and ensured all requested and approved applications, File Share, Distribution List, shared mailboxes, and remote access are provisioned

Responsible for employee transfers, conversions, and terminations process

Performed accounts administration (provisioning and de-provisioning) using various applications and tools

Provided application and troubleshooting support when user’s encountered problems and issues

Responsible for creating, modifying and applying the security groups to the File Share’s

Created, maintained, and updated all Access & Identity Management process and procedure documents

Contributed to the improvement of processes and training materials for fellow Access and Identity Management staff

Ran PowerShell scripts for new hires and transfers to set up profiles

Responsible for creating and resolving Service Now request tickets and ensured timely resolution

Responsible for granting access and pushing out all applications to groups and users via SCCM system (System Center Configuration Manager)

TD Securities, 31 West 52nd Street, New York, NY (02/2013 – 04/2014)

Identity Access Manager

Reported directly to the Director & Vice President of Application Support and Production Services

Facilitated the provisioning of access to applications, infrastructure, databases, operating systems, Citrix/SecurID, network devices as per established procedures

Facilitated the review of access /attestation processes

Responsible for the On boarding of new applications and the processes and procedures

Ensured compliance with the Access Management process, policies and procedures

Managed and supervised 2 Identity Access Analyst contractors

Reviewed and updated all TD Securities Access Management processes and procedures as required

Attended weekly Team Lead meetings to update and report on Access Management issues

Reviewed daily application exception reports and distribute to appropriate teams to resolve findings

Reviewed Monthly FIST and ION application reports to monitor system admin activities

Supported troubleshooting applications with Identity or Access Management related issues

Maintained working relationships with the business and other IT teams (local and corporate)

Access Management representative assigned to work on the on boarding of Aveska Identity Management access control system

Managed the TD Securities Generic ID process and responsible for On boarding Generic ID’s into CyberArk System

Responsible for reconciliation of Generic ID’s versus automated Stealth Audit Reports

Evaluated and maintained all IT Security policies, procedures, and standards

Assisted in the deployment of IAM solution RSA Aveksa from test stage to production and on boarded 45 out of approximately 100 applications

Analyzed raw data files (csv) fed from third party vendors to Momentum to insure accuracy of data

Reviewed XML files feeds to Aveksa ensuring users, roles and entitlements are in compliance with the company's security policies

Conducted comparison analysis of XML data and data within Aveksa, ensuring it is updated daily

Reviewed monthly attestations and initiate any necessary changes in access regarding LAN, VPN, Web applications, third party, proprietary and data (network share access)

Reviewed and investigated daily reporting from Aveksa of any anomalies and orphaned accounts reported

Provided documentation in adherence to monthly audit sample requests from internal/external auditors

Investigated generic ID password fail verification alerts and vault check outs within CyberArk

Worked closely with the business directors, VP's and data owners to ensure security compliance

Attended daily meetings, surrounding compliance, security policies and deployment of IAM solution

MACQUARIE HOLDINGS, 125 West 55th Street, New York, NY (06/2007 – 11/2011)

Security Operations Professional

Hired as the first successful Security Operations representative to support the America’s region (United States, Brazil, and Canada)

Responsible for adding, modifying, and/or deleting approved user access to the Macquarie network

Created, reviewed, and modified all security administration policies and procedures

Processed new user, transfers, and termination of access to Macquarie’s applications and systems

Work closely with the data owners to review and modify user access to data, files, and applications

Responsible for enabling locked or disabled accounts for users after investigating the cause

Reviewed daily, weekly, and monthly security activity reports

Prepared, processed, and modified bi-annual user reauthorization forms for all employees

Oversee security investigations, including investigating and reporting of IT security breaches

Monitored and investigated all quarantined executable, encrypted, and non-business related emails

Sent out warnings to users who violate Macquarie’s Email and LAN policies and procedures

Maintained and developed security operations documentation, policies, and procedures

Managed the Macquarie’s Blackberry Operations and Management for the America’s region

Worked to ensure devices are accounted for and billed to the proper business cost center

Worked with mobile vendors to get cost savings BlackBerry devices and pricing options

Provided tier 1, 2, & 3 support and troubleshoot all Macquarie staff Blackberry problems and issues

Worked with AT&T, T-Mobile, and Verizon vendors regarding: Activations, Configuration, Cancellations, Upgrades, Porting, Activating International Roaming, Backing up/ Restoring devices, and general troubleshooting

Managed the remote access project to covert 3,000 users to the newly purchased Vasco device

Perform various applications and infrastructures testing; such as interface testing, configuration and security related testing

Amalgamated Bank, 15 Union Square, NY, NY (5/ 2002 – 6/ 2007)

Information Security Assistant Vice President (AVP)

Security Administrator for 49 banking applications and systems

Created user id's, groups, roles, and permissions for the Horizon and SunGard Global Plus systems

Responsible for creating LAN user id's and email accounts

Responsible for adding, modifying, and/or deleting approved user access to all banking applications

Assigned as the Security professional for 2 major banking system conversions

Responsible for enabling locked or disabled accounts for users after investigating the cause

Provided application support for 15 Branches, 600+employees, & 300 Online Banking customers/clients

Reviewed daily, weekly, and monthly security activity reports for attempted access by an unauthorized user

Prepared and processed bi- annual user reauthorization forms for all Amalgamated Bank employees

Served as the security liaison and security administrator for Federal Reserve, JP Morgan Chase, DDTC, and other institutions that are responsible for issuing user Ids, token devices to access to their banking applications

Ensured that all new applications met the SOX (Sarbanes Oxley) requirements

Direct contact for New York State, FDIC, KPMG, Grant Thornton, and Amalgamated Bank Auditors

Responsible for the Information Security awareness training of bank clerks and officers

Assisted the Information Security Vice President with the Business Continuity and Annual Disaster Recovery testing


Microsoft Software: MS Excel, MS Access, MS Powerpoint, MS Visio, MS Word, MS Outlook

Network Administration: Active Directory, System Center Configuration Manager (SCCM)

Security Tools: Active Directory Toolkit, CyberArk, Imprivata OneSign, PowerShell,

Operating Systems: Windows 95, Windows 2000, Windows XP, Windows 7, Unix

E-mail: Lotus Notes, Microsoft Exchange Server 2010, Blackberry Enterprise Server (BES)

Ticketing Applications: Remedy, Service Now, Easy Vista, HP Service Manager

Identity & Access Systems: BMC Control-SA, BMC Enterprise Security Station Console, Dell One Identity Manager, DellOne IT Shop, Aveksa RSA Compliance Manager, CyberArk

Security Administration: ABSEC_DT Surveillance, Active Directory,Actimize, AFEX Direct Online, Appian Flightpath, Application Extender/Web Extender ASC PowerLender,, Bony Inform, Bridger Insight XG, BSA Compliance Reporter, Cherwell Service Management, COUPA, CyberArk, DocuSign, DOX DQ, Egifts, EFT (Electronic Funding Ticket, ETS (Electronic Term Sheets), FIS Global –Evision, FIS Image Centre, eReports, Eximbills, : Equifax, Experian, Fedline Advantage, FundTech Payplus, FundTech Parc, Good Mobile Control, GoToAssist, Intuit Admin Platform, Jira-Financial Software Services, JP Morgan Access, Lexis Nexis


Winner of 2 Macquarie 2011 Information Technology Group Awards for outstanding client service skills


CISSP – Currently Pending - Preparing for the exam

A+ CompTIA Certified Technician

ITIL Version 3 Certified (07/2010)



22 Cortland Street, NY, NY

Diploma in Technical Support / Help Desk

Contact this candidate