Information Security Manager / Identity Access Management Consultant
Resume:
W ESLEY L . H ARRISON
*** *** ****** ~ Brooklyn, New York 11215
917-***-**** ******.*.********@*****.***
SUMMARY OF QUALIFICATIONS
Technical business expert employing tremendous Information Security and Risk Management Techniques. Specializing in
enterprise-wide change programs, motivating staff and cross-functional partners to achieve business objectives, and decisive in
developing solutions. Producing clear results with ambiguous direction is a trademark. Conversant in Spanish and Russian.
Learning German.
PROFESSIONAL EXPERIENCE
Swiss Re, New York, NY September 2012 – July 2014
Management Consultant:
•Mitigated risk by advising business units on proper tools, techniques and processes to manage their risk profile.
• Lead rapid improvements to help business units identify and understand project related risk.
• Redesigned Compliance organizational structure to more effectively identify and streamline work, enhance efficiency,
provide clarity and improve communications.
• Managed the relationship between the business, IT and vendors to ensure required solutions were satisfied through
proper design of software in an AGILE environment.
• Lead Master Data Management program to win the renowned Gartner Award in 2013 for best MDM practice in the
world and provided 200% more functionality then originally estimated in the project charter.
IT Security Manager March 2009 – September 2012
• Conducted Risk investigations with external companies to expose any internal fraud.
• Monitored banking systems for external attacks and leveraged resources to fight back.
• Defended the firm via multiple internal and external audits, was able to track down and provide documentation to
address any audit inquiries, proactively identified and addressed any issues that exposed the firm to risk and could potentially
cause audit findings.
• Analyzed high risk treasury systems for security breaches and inappropriate access setup. Found mysterious users and
group setups and challenged the business as to their existence. Identified high risk issues where users could initiate and release
their own wire payments and rectified these issues through proper role setup.
• Networked with Blackrock and middle office business representatives to analyze and classify granular permissions of
the Blackrock Aladdin system and setup role-based access to ensure the segregation of duties and to maintain SOX
requirements.
• Found and addressed holes in recertification of SOX applications where real time user access was not correctly being
reflected on the reports.
• Managed project to migrate access management and approval for 65+ Asset Management and Infrastructure
applications from Lotus Notes based system to new high speed online request portal. Improved system dynamics allowed
physical approval workflow speed to decrease from 60 minutes to 60 seconds. Requests that took up to 2+ weeks to process can
now be processed within 24 hours.
• Gathered requirements from business owners, infrastructure and the user community to write business requirements
that provided a holistic approach to the project at hand so that the project gets completed correctly the first time with little effort
needed for re-engineering.
• Identified, tracked and pushed resolution issues with the projects by engaging the appropriate members of the business
or management. (e.g. system setting inappropriate expectations for service delivery 2 days, can't assign tickets to an analyst,
can't submit a request due to no workplace id for externals, can't process requests for new starters due to lack of lotus notes id)
• Integrated external clients who needed 3rd party hosted banking applications into new internal access related request
tools while identifying and mitigating the risk associated with doing so.
• Trained users, managers, and technologists on new systems and ensured that requests were not unaccounted for when
transitioning from one system to the next.
• Engineered solutions to address problems in IAM request system; Invented web based request assignment database
that allowed analysts across time zones and regions to assign requests to themselves while bugs in the actual product offering
were addressed with the vendor.
• Networked with Applicant IT Owners and members of Infrastructure to help dissolve the ambiguity behind the server
permissions needed to enable application access for Unix and Sybase systems due to frequent network changes, changes in IT
ownership and poor change management documentation.
• Networked with the business in order to analyze needs and requirements for BFR (Business Functional Role) based
setup of Asset Management and Infrastructure Applications.
• Prevented hundreds of network access issues by proactively insuring that users being provisioned with new server
builds maintained access to their current subset of secure files and folders.
• Automated Active Directory reporting process to cut down administration time and to provide clean data to present to
business owners for access recertification.
Citigroup, New York, NY September 2006 – June 2008
Information Security Management:
•Administered, recertified and maintained centralized IAM accounts for applications that needed more than the usual security,
through the use of a static user ID and dynamic password system.
•Studied various applications and business units to provide the best advice to users and managers on how they could implement
Secure Centralized Identification into their respective departments.
• Collaborated on efforts to move and translate database system functionality from Access to SQL Server.
•Developed software solutions to automate repetitive tasks, significantly decreasing the turnaround time of deliverables.
•Programmed a solution that made Microsoft Internet Explorer load within Access as if Access were a web browser, copy
relevant data from an internal webpage that contained IAM requests and directly append the information into the Access
database reducing the production time of processing an IAM request from about 15 minutes (900 seconds) to 15 seconds.
Apple Computer Inc., New York, NY March 2006 – July2006
Lead Mac Genius:
• Managed a group of technicians who serviced customer computers and addressed customer needs and concerns.
• Managed project schedules and coordinated team efforts to meet deadlines and exceed customer expectations.
•Offered employees consistent feedback on how to improve their technical efficiency when dealing with computers and
customers, fostering an environment centered on superior technical and customer service skills.
•Developed training curriculum for new hires with the goal of fast familiarization with key concepts and basic steps to succeed
within the team.
• Diffused advanced customer problems and concerns through the implementation of relationship management skills.
J.P. Morgan Chase & Co. New York, NY June 2002 – January 2006
BlackBerry, PDA & Wireless Internet Product Management:
• Assisted a team in the design of a J2ME Blackberry Solution that allowed home finance bankers to wirelessly accept
applications for loans and get instant, detailed responses for those loans to provide to the clients.
•Managed a Split Liability Billing project through a six sigma DMAIC life cycle that saved the corporation $1 million+ per
year by assigning BlackBerry voice service liability to the client and data service liability to the corporation. ‘
•Managed the technical liaison between vendor Cingular Wireless and JPMC, communicating complex technical issues to non-
technical members management.
• Analyzed 3rd party product offerings to ensure best possible corporate security for mobile data access card networks.
• Interviewed potential vendors to evaluate the quality of their product offerings.
• Negotiated Statements of Work and fair market prices for services provided.
Remote Access Resolve & Support Team:
• Developed work plans and created departmental objectives for global support structure.
•Provided weekly reviews of team members based on their progress, efficiency, timeliness and professionalism with clients
• Corresponded with clients during User Acceptance Tests to resolve problems with new product offerings.
Middleware/Messaging Product Manager:
•Analyzed network software and hardware usage and identified inconsistencies in vendor maintenance reports saving JPMC 8
million dollars annually in maintenance fees.
Business Aligned Server Delivery Management:
•Coordinated efforts with other Lines of Business to improve operational procedures and ensure servers and applications ran
smoothly.
Supplier Diversity Program Management:
•Built relationships with minority and women owned businesses, sourcing their services for JPMC and mentoring them to
network and expand at trade shows and business expos.
TECHNICAL QUALIFICATIONS
Information Security: SANS, CSET, SOX, NIST, ISO
Consulting: Project Management, Change Management, Process Engineering
Certifications: ITIL v3 Foundations Certified, PROSCI Certified Change Manager, Six Sigma White Belt
Certified
Languages: English, Spanish, Russian.
Education: Columbia University – Computer Engineering
Contact this candidate