Post Job Free
Sign in

Information Systems Security

Location:
United States
Posted:
November 29, 2014

Contact this candidate

Resume:

David Bryant

*** ****** *****

Roanoke Rapids, NC 27870

Phone: (H) 902-***-****

(C) 902-***-****

E-mail: **********@*****.***

Background

I am an IT security professional with over fifteen years of IT experience

with direct experience in Information Security, IT Risk Management and

Business Management.

I am currently living in Amherst Nova Scotia, but looking to move back to

the Wilson NC area.

Professional Experience

08/2014 to 11/2014

VF Corp. (Temp Contract, Remote from Amherst Nova Scotia)

JOB DESCRIPTION: Global Security Operations/Sr. Security Operations

Analyst

> Manage onboarding projects such as security hardware/software

implementations and updates.

> Provide assistance to management with administration and

configuration of critical enterprise security systems and software

such as McAfee Nitro (SIEM), McAfee ePO, McAfee DLP, McAfee

Complete Endpoint Protection-Enterprise, Proofpoint etc.

> Utilize McAfee ePO and Microsoft SCCM for endpoint management.

> Provide expertise with incident response, security event

monitoring, vulnerability management, asset security compliance and

data loss prevention utilizing McAfee Nitro (SIEM), McAfee ePO,

McAfee DLP, Qualysguard, Radid7.

> Manage enterprise security systems, identifying key security risks,

reporting risks to management with recommendations for corrective

action utilizing NIST frameworks.

> Review and remediate risk within internal workflow processes and

procedures.

> Resolve security violations, maintaining knowledge of commonly-used

concepts, practices, and procedures related to security.

> Ensure security access, protecting against unauthorized access,

modification, or destruction of company data.

> Generate security reports utilizing enterprise security systems

such as McAfee Nitro, McAfee ePO, Qualysguard and Rapid7.

> Implement measures to reduce risks associated with new viruses, and

complying with IT security policies and procedures.

08/2012 to 07/2014

Food Lion Corp.

JOB DESCRIPTION: Information Security Department/Sr. IT Security

Analyst

> Utilize IBM Proventia MX and Cisco ASA 5500 series firewall

technologies.

> Manage and monitor over 1,200 IBM Proventia MX firewalls utilizing

IBM Site-Protector.

> Utilize RSA enVision 7500 EPS (SIEM) for log management.

> Utilize HP Service Manager to manage trouble tickets.

> Monitor security processes and controls to ensure adherence to SOX,

HIPAA and PCI laws and regulations in relation to safe-guarding

information.

> Adhere to internal SLA's.

> Adhere to Change Management and SDLC.

> Work with other stakeholder's such as, Network Engineering and Risk

Management.

05/2011 to 03/2012

Morgan Stanley-Canada

JOB DESCRIPTION: Risk Management Department/ IT Risk Integrator

> Oversight for all ongoing projects relating to onboarding internal

security controls.

> Reached out to stakeholders across the Firm to gather security

requirements.

> Utilized ITIL v.3, ISO27001-2 and COBIT frameworks to manage

projects.

> Developed corporate security strategies in order to safeguard

technical and information assets.

> Implemented internal security controls into workflows in order to

mitigate risk to technical and information resources and to meet

federal/state compliance regulations and standards.

> Coordinated with Audit team to ensure internal security controls

met validation, security and regulatory requirements.

> Utilized Requirements Traceability Matrices (RTMs).

> Ensured deliverables were aligned with business goals and

corporate security policies.

> Ensured internal security controls adhered to Information Security

related laws and regulations such as SOX, GLBA, PIPEDA, RTIPPA and

PHIPAA.

> Documented internal security controls to ensure adherence to

corporate security policies and compliance regulations.

> Prepared documentation for senior management review.

> Created and customized workflows within Sharepoint.

> Developed user awareness training programs to assist end-users

> Escalation point (SME) for all issues relating to IT security

06/2006 to 11/2010

PAETEC

JOB DESCRIPTION: Engineering Department/Sr. Information Security

Administrator

Policy and Compliance:

> Assisted with the development, implementation and enforcement of

security policies in order to remediate external and internal

threats to corporate technical resources.

> Monitored security processes and controls to ensure adherence to

SOX, HIPAA and PCI laws and regulations in relation to safe-

guarding information.

> Utilized ITIL, ISO27001-2 and NIST frameworks.

> Oversight for enforcing Acceptable Use Policies (AUP) in relation

to Service Level Agreements (SLA) with clients.

> Conducted periodic research in order to stay abreast of latest

security solutions, best practices and trends.

Monitor for Vulnerabilities and Mitigate:

> Managed critical customer issues in an efficient and timely

manner.

> Implemented rule changes for network firewalls (Cisco PIX/ASA).

> Utilized security tools such as, Nessus 4.2 Vulnerability Scanner

to support vulnerability assessments.

> Document and update security processes and procedures content

within private/public Wiki.

> Used Remedy and Total Business Solutions (TBS) to track and

manage customer accounts and trouble tickets.

Data Abuse:

> Ownership for monitoring and the mitigation of all data abuse

incidents such as, viruses, malware, spam, phishing, copyright

infringement and botnets.

> Enforced Acceptable Use Policies (AUP).

> Utilized Mangler application to manage data abuse incident

Enterprise Access Control (RBAC), AAA/Cisco ACS Secure Server:

> Created new user/group accounts.

> Modified and deleted user/group accounts.

> Reset password for user and group accounts

> Monitored user/group accounts to ensure minimal (Lease Privilege)

access to network devices, applications, and files.

> Enforced user management policies to ensure unauthorized access to

network devices, applications, and files.

> Performed periodic internal audit of user/group accounts.

Education:

Degrees:

06/2011

DeVry University/Keller Graduate School of Management

Masters of Business Administration (MBA), Risk Management

(GPA, 3.40)

08/2005

Colorado Tech, Colorado Springs, CO

Masters of Science, MS, Information Systems Security

(GPA 4.0)

11/2003

Strayer University

Bachelor of Science (BS), Information Systems

(GPA 3.25)

Graduate Level Certificates:

> Information Security Management

> Information Systems Security

> Federal Security Certification & Accreditation

> Project Management

Certifications:

> CompTIA Security+ Certified

> Cisco ASA Certificate

Business Proficiencies

Management: Project Management (PMI), Leadership, Directing, Planning,

Organizing

Technical Proficiencies

Platforms: UNIX (Solaris), AIX, Windows

2000/2007/XP/Vista

Networking: TCP/IP, ISO/OSI, IPX/SPX, Ethernet, VoIP, Token Ring, FDDI,

ATM, VPN, SSH, SecureID, PKI, MPLS, DS0 - DS3

Technologies: RSA enVision (SIEM), McAfee Nitro (SIEM), McAfee ePO,

McAfee Endpoint Protection Suite, Solidcore, Cisco ACS

w/AAA, Microsoft A.D, Cisco PIX/ASA, Cisco Security Manager

(CSM), IBM Proventia, Juniper SA 6000, Rapid7 Vulnerability

Scanner, QualysGuard Vulnerability Scanner, IBM Site-

Protector, Proofpoint, Remedy, ServiceNow



Contact this candidate