Security Management
Resume:
Tarak B. Patel, CRISC
Kendall Park, NJ 08824
Home: (732) -821-7235, Cell 908-***-****
Email: ***********@*****.***
Objective:
Senior Information Security and Project Control Analyst specialist whose
qualifications include a certification in CRISC, a detailed knowledge and
experience in Information Security, Business Continuity, Physical Security
technologies and best practices seeking career advancement.
Summary:
Proven Senior Information Security and Project Control Analyst with over
seven years of experience in deploying, implementing and administering
Information Security for leading wealth management firm. Strong record of
success in disaster recovery planning, creation and deployment of physical
security solutions, enterprise and vendor risk management, protecting
network systems and information assets, managing IT budget for a leading
wealth management firm.
Career Achievement:
BESSEMER TRUST, WOODBRIDGE, NJ
Vice President - Senior Information Security and Project Control Analyst
Sept 2006-present
. Manage plans and administers the operational activities of a full service
Information Security department
. Established operating policies and procedures that affect the day to day
operations of
administrative units, security programs, document and facility units and
overall building security.
. Develop and implementation of physical and Information Security policies,
standards, guidelines and procedures to ensure ongoing maintenance of
security
. Work with Information Technology managers to implement Information
Technology security program
. Successfully lead the planning for over five Business Continuity
exercises annually
. Develop and provide instruction and Information Security awareness
training for a Faculty, Staff consisting of over 1,000 end users
. Communicate regularly with personnel about potential threats to the work
environment
. Formalized a Vendor Risk Assessment Program based on feedback of external
regulators for over 125 outside service providers
. Conduct due diligence security reviews for all outside service providers
. Liaison for all regulatory exams, internal and external auditors to
ensure compliance. Manage external regulator exams and facilitate
successful completion of SSAE-16 Type 1 and Type 2 audits
. Responsible for the implementation and administration of Data Loss
Protection (DLP), Database Activity Monitoring (DAM), Security
Information and Event Management (SIEM) and Web Filtering tools
(Websense, Bluecoat)
. Assist in conducting annual Risk Assessment with the Information Security
Officer
. Identifying and testing vulnerabilities and conducting research in the
areas of information system and network security using various security
tools
. Manage external service providers for annual security vulnerability
assessments
. Assisted in managing and maintaining $20 million Information Technology
budget
. Head the company's Corporate Security Incident Response Team (CSIRT)
. Currently formalizing the company's Security Operations Center (SOC)
. Perform legal holds and searches as needed
. Perform an average of 12-15 vendor security assessments annually.
Escalate findings and recommendations to Senior Management
. Perform Information Security risk assessments on proposed projects and
provide recommendations on findings
. Identify potential risk; consult/advise on correcting or reducing risk
. Conduct digital forensic investigations for workstations and servers
. Studies the proliferation of viruses to prevent hacker intrusion
. Perform security scan on servers and assist in remediation using various
security tools
. Provide and managed budget recommendations for the IT department
exceeding $20,000,000 annually
. Participates as appropriate in the planning, implementation and security
hardware and software. Identifies and assesses IT security risk/ exposure
on new and existing infrastructure
. Analyzes security incidents and escalation of security events
. Liaise with clients and Senior Management to resolve and document
Information Security incidents.
. Works with functional groups and staff in the creation of guidelines to
ensure the security and privacy of information on the University's
computer systems
. Work with individual departments to ensure Business Continuity Plans are
updated and created for new departments addressing Recovery Time and
Point Objectives (RTO/RPO)
. Established credibility with the Senior Management Team and executives
across the health system
. Manage, design and administer the physical Security and protection for 14
regional offices, 1000 employees and multiple assets.
. Conduct Information and Physical security investigations as needed
Skills
Skill Name Skill Level Experience
Physical Security Expert 7 years
Administrator and
company authority -
Honeywell Prowatch
And DVR/NVR
Administration
Postini Email Archive Expert 7 years
Administrator
Company Business Expert 7 years
Continuity Planner
External Regulator Expert 7 years
(FFIEC,SEC,etc)
Liason
Web Filtering - Expert 7 years
Websense 7.5
Administrator
Security Scanning - Expert 7 Years
Nessus Administrator
Outside Service Expert 6 years
Provider Management
Tool - Contraxx
Administrator
Enterprise and Vendor Expert 6 years
Risk Assessment
Administrator -
RiskWatch
Database Activity Expert 6 years
Monitoring - Guardium
CSIRT lead Expert 6 years
SIEM Log management - Expert 3 Years
LogRythym
Administrator
Password Management - Beginner 1 year
Lieberman
Security Scanning - Beginner 1 year
Nexpose Administrator
Symantec Email Beginner 1 year
Archival
Bluecoat Web Beginner 1 year
Filtering
Proofpoint Email Beginner 1 year
Security
BESSEMER TRUST, WOODBRIDGE, NJ
Associate Vice President - Web Applications Administrator for Siebel/Adobe
Workflow/Filenet/Vignette
Sept 2002-2006
. Manage ongoing support for employees based on user needs and business
analyst requirements
. Managed and completed upgrade to Siebel 7.7 and providing operations
department with server requirements and design
. Manage and mentor Siebel, FileNet and Adobe developers.
. Managed upgrade of servers to Siebel 7.7 on 5 separate environments
. Enabled Outlook Integration in Siebel 7.7
. Upgrading Production to allow Single Sign On/Active Directory protocol
. Managing and coordinating all Siebel patch releases
. Filtering, grading and assigning all enhancements and bugs via Test
Director Tool to developers and related support staff
. Working continuously with QA department in guiding, approving and
troubleshooting all fixes as well as providing documentation of all fixes
in current builds
. Managing Siebel Technical Account Managers in providing ongoing Siebel
support for Service Requests and upgrade documentation
. Review and troubleshoot all problems in production and provide feasible
solutions for business
. Scheduling all builds (releases) with Managing Director for introduction
into production
. Providing Disaster Recovery plan and design, documentation as well as
participating in building Disaster Recovery servers with Operations
department at SunGard BCP site in Rutherford, NJ
. Conduct daily production support meetings to address user and IT needs
with business analysts and support staff
. Managed Integration Services development and deployment to provide
communications of Siebel with legacy data
. Working in conjunction with Oracle Administrators to insure database
backup strategy as well as Disaster Recovery plans
. Created all Siebel install and training documentation including but not
limited to server installs, correspondence creation with Siebel and
Microsoft Word, Build tasks and Siebel Administrator documents
. Manage Actuate developers for future Reporting requirements as well as
providing technical support, administrative support and documentation
. Provide Siebel Sync support to Operations departments
. Personally closed 2000 defects for users within the Siebel 7.0-7.7
environments
. Providing all Siebel related sign off documentation for executives
. Vendor selections for Siebel add-ons ( Data Quality)
. Participated in vendor selection for Workflow
BESSEMER TRUST, WOODBRIDGE, NJ Jan 2002-Sept 2002
Advanced Siebel Developer, Siebel Server/Business Administrator and Actuate
Administrator
Participating in implementation of Siebel Financial Services 7.0.4 at
wealth management firm to allow business to handle family groups, contacts,
relationships and accounts.
. Installed and maintained Siebel 7.0.4 on 7 independent environments to
allow for development, integration, testing, validation, training,
disaster recovery and production utilizing Oracle RDBMS.
. Installed and maintained Actuate on all environments to facilitate
reporting mechanism for business.
. Configured Gateway, Siebel Server, Database Server, Actuate and SWSE
(Siebel Web Server Extension) and documented installation results.
. Delegated Siebel Build Master to facilitate all migration between
environments (dev2prod)
. Configured Mail Merge fields to allow Personal and Public Correspondence
Templates
. EIM and maintaining of List of Values
. Siebel Remote Administration. (Adding employees, database extracts,
generate database, responsibilities and positions)
. Configuration work includes but not limited to creating business
components, applets, views, screens, pick lists, extension columns
. Minor Siebel VB Coding and SQL Queries
. Provide technical and operative support, problem resolution with respect
to Siebel
. Responsible for maintaining a stable network environment, traffic
monitoring and disaster recovery planning
. Utilizing Mercury Test Director to log and rectify bug fixes
. Installing Tools and Client on select developers desktops
. Configured NT scheduler to start full compiles on development server
. Experience in IIS (Security)
EDUCATION
Certified in Risk and Information Systems Control (CRISC) - Expires 2017
Lic # 1003982
Siebel 7 Essential Certified [pic]
Certified in Project Management for Software Development - 2004
Contact this candidate