Security Manager
Resume:
Paul Richter
**** ** **** ***. #***, Delray Beach, Fl 33445 561-***-****
**@**********.***
IT Objectives
. As a recognized leader I want to be able to create long term solutions
to eliminate problems.
. Utilize my skills to ensure compliance of the highest standard and
mitigate risks.
. I am equally successful in both team and self-directed settings; and
proficient in a range of computer systems, languages, tools and
testing methodologies.
Education
University of Phoenix - Phoenix, Az
B.S. in IT Security GPA: 3.2 Graduated
Florida Atlantic University - Boca Raton, Fl 33483
B.S. in Computer Science and Engineering GPA: 3.0
Palm Beach Community College
A.S. in Networking Technologies GPA: 3.8
Certified Information Systems Auditor (CISA), Certified Cisco
Certificatio Network
ns: Administrator (CCNA), CompTIA A+, 5 DELL Certifications, MTI Cert,
Pelco Endura VSS Cert.
Systems: Windows 9X/NT/2000/XP/ Win 7/2K3/Win 2008/2008 SQL
Databases: Oracle, SQL, Relational Databases
Languages: Visual Basic, SQL, HTML, ASP, CSS, C++, Java
MS Visio, MS Office, Lotus Notes, Exchange, Crystal Reports
Software: SSH, SSL, VLAN, Symantec Anti Virus 10, 11 and 12, penetration
Security testing, bio metric scans
Audit, Compliance, SOX, HIPPA, Security, Windows Administration,
Specialties: Network Security, SQL, Oracle, Essbase, IPS/IDS, SEP Protection
Suite
IT Experience
ADT Corporate Headquarters - Boca Raton, FL 33431
IT Compliance Analyst, (December 2013, current)
Perform Risk Assessments on Current and Integrated SOX systems,
perform Gap Analysis, and identify remediation plans and action items
to mitigate risks in a timely manner. Develop and apply security
controls for infrastructure security to ensure consistency across the
enterprise by developing POC to gain leadership buy in. Interpret SOX
requirements for control owners and prep for audits. Assist and liaise
for Internal and External Auditors from ENY and Deloitte. Review
firewall logs for appropriate/acceptable use by providing detailed
analytics. Evaluate SOC reports for 3rd party SOX mapping to ADT Key
IT Controls for completeness and integrity and resilience.
Royal Caribbean Corporate Headquarters - RCCL Intl., Miaramar, Fl 33027
IT Compliance Analyst, (April 2013 - October 2013 )
Responsible for monitoring 19 different SOX systems including system
changes, upgrades and logical access. Checking termination and new
access for 80,000 employees across 23 systems to ensure access is
appropriate and authorized. Responsible for monitoring 43 ships with
respect to compliance testing, monitoring and audits. Evaluate the
risk landscape across the network environment for vulnerabilities and
penetration exploits to report to Executive leadership. Develop and
internalize controls for continuous compliance for COBIT Framework.
As compliance analyst I have worked with several external and internal
auditors to provide reports, evidence and interviews with system
owners. Develop and utilize macros to expedite daily routines and
verify data integrity.
Treasure Coast Forensic Hospital - GEO Care Inc., Indiantown, Fl 34956
. Information System Manager, (Feb 2008 to April 2013) Responsible for
network security, data integrity, disaster recovery and testing, IPS/IDS,
NAC, Port monitoring and event monitoring and correlation. writing
policies, balancing the IT budget, and ensuring compliance with federal,
state and local regulations via internal IT audits. Supported technical
troubleshooting for 300 + users within an enterprise environment.
. Part of the Corporate Compliance Committee tasked with performing IT
Audits at other hospitals to ensure compliance with contractual
obligations as they pertain to HIPPA, SOX and internal Policies and
Procedures.
. Procurement, configuration and hardening of Network and edge devices.
. Developed audit strategy and techniques to mitigate findings with
respect to ISO27001, SOX, PCI, regulations using COBIT and CISA
principals.
. IPS/IDS using Symantec 12 firewall appliance to proactively detect and
stop malicious software that do not yet have published anti-virus
definitions.
. Proactively perform quarterly vulnerability scans (such as SNMP,
wireless, etc.)
. Create and modify Information Security awareness and training for the
entire GEO Care Enterprise
. Perform follow-up activities relating to monthly vulnerability scans
using penetration tools such as Nessus, Metasploit, Nikto and
Wireshark
. Evaluate, classify, and audit both legacy and new systems as they are
integrated into the GEO CARE organization. Make program changes to the
ICS and SCADA modules where applicable.
. Work across the information security and compliance teams to ensure
regulatory compliance requirements such as HIPAA, DCF, The Joint
Commission, etc. are appropriately accounted for
. Assist the GEO CARE business areas as it relates to request for
proposal (RFP) responses
. Identify, implement, and maintain the necessary systems to enhance the
overall security posture of the organization
. Administration oversight and day-to-day support for GEO CARE video
surveillance systems
. Audit, assess, and continuously evaluate business-to-business (B2B)
connectivity to determine overall risk exposure to the organization
. Follow-up on patch management initiatives to ensure the organization
is properly secured
. Perform software risk assessments on any newly proposed software
application to ensure the software meets minimum security standards
and does not expose the organization to undue risk
. Provide support for 3rd party security audits and assessments to
ensure the organization is current within industry best practices
. Conducts quarterly internal self-assessments.
. Provide support to local network and server teams by debugging
network, server, and end-user connectivity issues on separate
surveillance servers.
. Conduct Application Service Provider (ASP) assessments to ensure
appropriate due diligence is performed in order to safeguard
internally proprietary data
. Provide local incident response and incident handling support
. Identify, classify, and audit applications, systems, and processes as
they relate to IT Security and Compliance
Hardwire Electric, Ft. Pierce, Fl 34983
. Network Security Administrator, (Jan 2005 to Jan 2008) Designed and setup
WAN. Implemented and secured wireless technologies. Created HTML based
forms to integrate the client SQL database. Monitor event viewer and
other logs for suspicious or malicious events.
Contributions:
. Utilized technology to protect mobile data.
. Perform vulnerability scans and harden network devices
. Managed Cisco VOIP system.
. Provided insight to keep IT to keep focus on business alignment
Pinecrest Prep School - Boca Raton, Fl 33444
Network Technician, (2003 to 2005) Support 300 students in XP/DELL
environment. Diagnose and repair network issues including DELL and Canon
printers. Train teachers to use new technology and software. After school
tutoring in various languages including C++, SQL, VB and HTML.
Contributions:
. Ran and terminated Cat5 and Cat 5SE
. Installed post racks and mounted servers, switches and UPS into new
server room.
Contact this candidate