Paul Richter

**** ** **** ***. #***, Delray Beach, Fl 33445 561-***-****

acfofv@r.postjobfree.com

IT Objectives

. As a recognized leader I want to be able to create long term solutions

to eliminate problems.

. Utilize my skills to ensure compliance of the highest standard and

mitigate risks.

. I am equally successful in both team and self-directed settings; and

proficient in a range of computer systems, languages, tools and

testing methodologies.

Education

University of Phoenix - Phoenix, Az

B.S. in IT Security GPA: 3.2 Graduated

Florida Atlantic University - Boca Raton, Fl 33483

B.S. in Computer Science and Engineering GPA: 3.0

Palm Beach Community College

A.S. in Networking Technologies GPA: 3.8

Certified Information Systems Auditor (CISA), Certified Cisco

Certificatio Network

ns: Administrator (CCNA), CompTIA A+, 5 DELL Certifications, MTI Cert,

Pelco Endura VSS Cert.

Systems: Windows 9X/NT/2000/XP/ Win 7/2K3/Win 2008/2008 SQL

Databases: Oracle, SQL, Relational Databases

Languages: Visual Basic, SQL, HTML, ASP, CSS, C++, Java

MS Visio, MS Office, Lotus Notes, Exchange, Crystal Reports

Software: SSH, SSL, VLAN, Symantec Anti Virus 10, 11 and 12, penetration

Security testing, bio metric scans

Audit, Compliance, SOX, HIPPA, Security, Windows Administration,

Specialties: Network Security, SQL, Oracle, Essbase, IPS/IDS, SEP Protection

Suite

IT Experience

ADT Corporate Headquarters - Boca Raton, FL 33431

IT Compliance Analyst, (December 2013, current)

Perform Risk Assessments on Current and Integrated SOX systems,

perform Gap Analysis, and identify remediation plans and action items

to mitigate risks in a timely manner. Develop and apply security

controls for infrastructure security to ensure consistency across the

enterprise by developing POC to gain leadership buy in. Interpret SOX

requirements for control owners and prep for audits. Assist and liaise

for Internal and External Auditors from ENY and Deloitte. Review

firewall logs for appropriate/acceptable use by providing detailed

analytics. Evaluate SOC reports for 3rd party SOX mapping to ADT Key

IT Controls for completeness and integrity and resilience.

Royal Caribbean Corporate Headquarters - RCCL Intl., Miaramar, Fl 33027

IT Compliance Analyst, (April 2013 - October 2013 )

Responsible for monitoring 19 different SOX systems including system

changes, upgrades and logical access. Checking termination and new

access for 80,000 employees across 23 systems to ensure access is

appropriate and authorized. Responsible for monitoring 43 ships with

respect to compliance testing, monitoring and audits. Evaluate the

risk landscape across the network environment for vulnerabilities and

penetration exploits to report to Executive leadership. Develop and

internalize controls for continuous compliance for COBIT Framework.

As compliance analyst I have worked with several external and internal

auditors to provide reports, evidence and interviews with system

owners. Develop and utilize macros to expedite daily routines and

verify data integrity.

Treasure Coast Forensic Hospital - GEO Care Inc., Indiantown, Fl 34956

. Information System Manager, (Feb 2008 to April 2013) Responsible for

network security, data integrity, disaster recovery and testing, IPS/IDS,

NAC, Port monitoring and event monitoring and correlation. writing

policies, balancing the IT budget, and ensuring compliance with federal,

state and local regulations via internal IT audits. Supported technical

troubleshooting for 300 + users within an enterprise environment.

. Part of the Corporate Compliance Committee tasked with performing IT

Audits at other hospitals to ensure compliance with contractual

obligations as they pertain to HIPPA, SOX and internal Policies and

Procedures.

. Procurement, configuration and hardening of Network and edge devices.

. Developed audit strategy and techniques to mitigate findings with

respect to ISO27001, SOX, PCI, regulations using COBIT and CISA

principals.

. IPS/IDS using Symantec 12 firewall appliance to proactively detect and

stop malicious software that do not yet have published anti-virus

definitions.

. Proactively perform quarterly vulnerability scans (such as SNMP,

wireless, etc.)

. Create and modify Information Security awareness and training for the

entire GEO Care Enterprise

. Perform follow-up activities relating to monthly vulnerability scans

using penetration tools such as Nessus, Metasploit, Nikto and

Wireshark

. Evaluate, classify, and audit both legacy and new systems as they are

integrated into the GEO CARE organization. Make program changes to the

ICS and SCADA modules where applicable.

. Work across the information security and compliance teams to ensure

regulatory compliance requirements such as HIPAA, DCF, The Joint

Commission, etc. are appropriately accounted for

. Assist the GEO CARE business areas as it relates to request for

proposal (RFP) responses

. Identify, implement, and maintain the necessary systems to enhance the

overall security posture of the organization

. Administration oversight and day-to-day support for GEO CARE video

surveillance systems

. Audit, assess, and continuously evaluate business-to-business (B2B)

connectivity to determine overall risk exposure to the organization

. Follow-up on patch management initiatives to ensure the organization

is properly secured

. Perform software risk assessments on any newly proposed software

application to ensure the software meets minimum security standards

and does not expose the organization to undue risk

. Provide support for 3rd party security audits and assessments to

ensure the organization is current within industry best practices

. Conducts quarterly internal self-assessments.

. Provide support to local network and server teams by debugging

network, server, and end-user connectivity issues on separate

surveillance servers.

. Conduct Application Service Provider (ASP) assessments to ensure

appropriate due diligence is performed in order to safeguard

internally proprietary data

. Provide local incident response and incident handling support

. Identify, classify, and audit applications, systems, and processes as

they relate to IT Security and Compliance

Hardwire Electric, Ft. Pierce, Fl 34983

. Network Security Administrator, (Jan 2005 to Jan 2008) Designed and setup

WAN. Implemented and secured wireless technologies. Created HTML based

forms to integrate the client SQL database. Monitor event viewer and

other logs for suspicious or malicious events.

Contributions:

. Utilized technology to protect mobile data.

. Perform vulnerability scans and harden network devices

. Managed Cisco VOIP system.

. Provided insight to keep IT to keep focus on business alignment

Pinecrest Prep School - Boca Raton, Fl 33444

Network Technician, (2003 to 2005) Support 300 students in XP/DELL

environment. Diagnose and repair network issues including DELL and Canon

printers. Train teachers to use new technology and software. After school

tutoring in various languages including C++, SQL, VB and HTML.

Contributions:

. Ran and terminated Cat5 and Cat 5SE

. Installed post racks and mounted servers, switches and UPS into new

server room.

Contact this candidate