Manager Security

Professional Summary

. Security Architect offering more than 15 years of design and security

experience in the areas of Aerospace, High Tech, Retail and Travel.

Administered user system and data entitlements, authorizations, access

rights, account creation and modifications across multiple platforms.

. Recognized for expert in forward thinking in security and disaster

recovery.

. Mentored, managed and lead for IT Security forensics team of 9 people.

. Expert knowledge in PCI, Virtualization, Public key Infrastructure,

Unix.

. Certified Private Investigator by the State of Texas to perform cyber

security investigations

. Earned CISSP, IISSAP and CIFI Certificates

Professional Experience

Williamson-Dickie Manufacturing Co., Fort Worth, Tx

Manager of IT Security and business recovery May 2013 - Present

. Managing the security program in its entirety.

. Implement and manage Corero Intrusion Detection System (IDS) and

configured device to maximize protection and minimize false positives.

. Responsible for Customs-Trade Partnership Against Terrorism (C-TPAT)

program, and worked directly with all business units to ensure

compliance.

. Successfully executed the installation, configuration and ongoing

support of the Solarwinds Log and Event (LEM) SEIM manager and used

responses to automate security responses.

. Successfully completed Payment Card Industry (PCI) audits and

coordinated with 3rd party penetration testers to ensure timelines

were met.

. Performed annual audits for financial systems including review of

AS400 access control

. Accomplished a significant upgrade to the Point Of Sale (POS) system

to migrate from an unsupported operating system platform to POSReady

2009

. Supported all departments during an acquisition, and ensured all new

systems entering the environment were at corporate standards

. Created end user education system and focused on preventing fraud,

phishing, and malware prevention

. Responsible for Statement Of Work (SOW) review and ensuring security

was backed into contracts

. Providing feedback to C-Level management and giving roadmaps to ensure

company was leading in the way of security.

JVL ISIS, Dallas, TX

Security Architect- August 2012 - May 2013

. Supporting Application Security (APPSEC) penetration testers and

providing feedback to developers and 3rd party audits.

. Complete the evaluation and investigative work regarding potential

threats, real time security events.

. Proactively disclose and remedy actual or potential breaches and risks

to the confidentiality, integrity and availability of our company's

Data and Systems.

. Advises the organization with current information about information

security technologies and related regulatory issues

. Apply expert knowledge to initiate good security practices and

planning

. Formally evaluate security features of information products and

systems and make recommendations on purchases.

. Providing feedback to sys admins and alternative methods to performing

duties more effectively

. Managing and reviewing security vulnerabilities discovered by 3rd

party.

. Architect and implement LDAP solution.

. Appraising future security solutions including PKI, Oracle Identity

Manager (OIM).

. Security lead for the change control board.

. Design review of security products and development.

. Integrated with Operations team

. Revised and created security standards.

Sabre Holdings, Southlake, TX

Principal Information Security architect / Team Lead (manager), October

2000 - August 2012

. Multi-disciplined SME, able to support multiple business units with a

variety or architectures.

. Provide enterprise solutions and architecture

. Architected SUN IDM offload project.

. Lead Payment Card Industry (PCI) liaison for the enterprise.

. Close relationship with FBI, Police, and Interpol and assisted with

multiple investigations.

. Architected and proposed solutions that allowed reuse, multiple

environments, and leveraged current solution in an out of the box

thinking

. Performed risk assessments on all products, solutions and vendors.

. Created and spearheaded enterprise encryption solution, as well as,

enterprise PKI solution and managed projects from cradle to grave.

. Managed Global Computer Incident Response Team (GCIRT) and defined

escalation procedure.

. Generated, modified and reviewed security policies.

. Ensured projects security requirements were met.

. Security lead for management and acquisitions.

. Managed BYOD (Bring Your Own Device) project and ensured devices did

not compromise network integrity.

. Lead architect for government travel solution.

. Managed Cisco rogue wireless detection system and prevented MIFI and

WIF access points from accessing the Sabre Network.

. Concept resolved legacy problem of co-mingling government and public

data as well as encrypting data in an environment dedicated to top

speed performance.

. Design lead and technical lead for cross-functions and platforms.

Strong IT consulting and risk management skills

. Performed forensic and fraud investigations and support legal and HR.

. Managing outsourced 3rd party relationship.

. Designed and implemented multiple disaster recovery solutions.

. Engineered organic virtual environment to support a private cloud

environment

GetThere, a Sabre company, Menlo Park, Ca & Irving, Tx

Sr. UNIX Systems Administrator / Security architect / Solutions architect,

. Oversaw and maintained UNIX/ Solaris/ Linux environment.

. secured systems and network by researching and monitoring for security

vulnerabilities

. Architected environment specific solution, including disaster recovery

(DR) and load balancing

. Tasks included mentoring others, implementing secure solutions such as

SUDO and CHROOT to ensure secure environments

. Orchestrated a datacenter fail over from California to Texas

. Implemented a load balanced Hot-Hot disaster avoidance solution across

multiple datacenters

. Implement IDS tools such as SNORT and RADIUS authentication to Active

Directory

. Performed forensic investigations and log analysis..

Government Of Sarasota, Sarasota, FL

Systems Administrator, March 2000 - October 2000

. Oversaw and maintained UNIX/ Solaris/ Linux environment.

. Troubleshoot, upgrade and maintain UNIX servers(Sun and NCR Unix) and

maintain their critical uptime requirements.

. Automate procedures for DBA's and operators

. Configure RAID systems..

. Configure and setup NT servers.

TECSYS Inc, Montreal, Qc

UNIX systems engineer, July 1999 - February 2000

. Led a 2 week forensic investigation that eventual headed to

prosecuting the intruder

. Troubleshoot network problems.

. Create print queues.

. Supported Cisco Pix firewall, HP/UX, AIX RS6000, DYNIX, NT and SCO.

. Successfully implemented and completed Y2K upgrades.

. Configured TCP/IP, DNS, DHCP

Matrox Graphics Inc, Montreal, Qc

Pre/post Sales Engineer / Unix administrator, September 1995 - July 1999

. Pre and post sales support for various OEM customers, including IBM,

Motorola, Intergraph.

. Administered/Upgraded AIX and slackware systems.

. Managed release schedules for IBM (PC & RS6000)

Air Canada / IBM Advantis, Montreal, Qc

September 1994 - September 1995

. Field application support engineer.

. Managed network and desktop migration

EDUCATION & PROFESSIONAL CERTIFICATIONS

. CEC In computer science from Herzing Institute of Technology,

Montreal, Canada.

. Principal Information Security architect / Team Lead (manager) -

. ISC2, CISSP-ISSAP, October 2000 - Present.

. Certified Information Services Security Professional (CISSP) from

(ISC)2

. Information Services Security Architecture Professional from (ISC)2

. Certified Information Forensic Investigator from IISFA.

. Strong background in HIPAA, PCI, SOX, GLBA, ISO 27001, BS 7799, ITIL,

SAS 70

. UNIX, Security, Networks, Load balancers, Datacenter implementations,

TCP/IP, mainframe

. Cloud, PCI, PKI, policy, architect, IDM ( Oracle & Sun ), Visio,

Solaris, IaaS, PasS, SaaS

. Responsible for all environment, e-discovery, fraud and loss

prevention.

. Architected and implemented a public key infrastructure (PKI) Identity

& Access Management, and enterprise encryption solution.

. Designed and implemented virtual cloud environment with Xen, VMWare

and Virtualbox. Lead architect for government travel solution

. Implemented DLP solutions through Ironports, and network endpoint

protection.

. Performed IT security risk and threat analysis for multiple business

units

. Solution supported cryptographically secured email and allowed the

corporation to save money by replacing costly physical tokens with

certificates.

. Provided solutions and feedback to C-Level decision makers and

resolved operations issues.

. Instituted rigorous site penetration test and eliminate costly scans

by streamlining process

. Designed organic virtual private cloud, which lowered total cost of

ownership by implementing a cookie cutter design

. Subject matter expert for x9.org developing the "Cloud Services

Compliance Data Standard"

. Infraguard member

. CISSP & ISSAP # 56337

George Genovezos -CISSP - ISSAP - CIFI

Principal Solution / Security Architect

Phone: 817-***-****

Email: ********@*****.***

George Genovezos -CISSP - ISSAP - CIFI

Security Architect / Manager

Phone: 817-***-****

Email: ********@*****.***

Contact this candidate