Information Technology Security
Resume:
Kenneth R Foster
*** ******* ****, ******* *****, GA 30559
706-***-**** Res 706-***-**** Cell
**********@*******.***
PROFESSIONAL SUMMARY
Accomplished US Navy Veteran information technology professional and CISO with 20+ years of experience in public and private sector. Transformational leader that excels at developing and implementing strategic, technical, and operational security/infrastructure architectures that are properly aligned with business goals and objectives. Established history of innovation, while utilizing technology and processes effectively to minimize operational cost and to strategically align Information systems with corporate goals.
SUMMARY OF QUALIFICATIONS
oWell versed in overall information security, risk management, vulnerability assessments, security operations center (SOC), network operation center (NOC) operations, IT operations, and program/project management.
oBackground in developing, implementing and managing strategic, technical and operational security plans that are aligned with business goals and objectives and aligning security programs that meet the organization and industry best standards.
oExperience with domestic and international merger and acquisitions
oExperience in the risk and information assurance process: planning, researching, budgeting, evaluation, testing, management reporting and recommendation/follow-up.
oExperience managing and performing security and vulnerability assessment reviews on information technology systems.
oExperienced in assessing IT and security controls, business processes, policies and procedures to mitigate risks and ensure corporate and regulatory compliance.
oStrong understanding of industry leading standards and requirements in information security and risk/assurance: (SOX, SSAE 16/SAS 70, SOC 2, PCI, NIST Cybersecurity framework / 800-series, ISO 27000 series, OWASP).
oExtensive Technical experience with: Information systems Architecture including networking, computer, system implementation and system administration.
Rollins Inc. June 2013 – Nov 2016
Atlanta, GA
Chief Information Security Officer /Managing Director, Data Center Engineering and Operations
oResponsible for establishing an information security and IT operations and compliance department to support the business needs and ensure the integrity, confidentiality and availability of information that is controlled or processed by all company owned brands.
oEnterprise Information Security:
oAssess, Implement and Maintain PCI Compliance program
oEstablish and implement Information Security framework (ISO 27001, NIST, COBIT etc.).
oDevelop information security strategic plan to mitigate risk, threats (existing, changing and emerging information security threats) and vulnerabilities to the environment, data and resources.
oDevelop and establish enterprise-wide vision for information security issues, policies, standards, priorities and projects.
oEstablish security protection goals, objectives and metrics consistent with strategic plan and priorities.
oIdentify security risks to Brands and evaluate/recommend appropriate security measures, from a strategic perspective in order to help executive management.
oDetermine information security resources including budget, staff, training needs and resource allocation.
oEstablish an integrated risk management approach to create executive level perspectives and status reports regarding all security risks that brands may encounter; this includes risks in, access and control issues, data security and contingency planning.
oDevelop enterprise wide, standards and guidelines to address new security technology issues and trends.
oCommunicate and educate all Executive leadership and business users on changes in information security as well as threats on a global level.
oStay abreast of evolving technologies to ensure appropriate security controls are implemented and maintained as processes changes.
oPlan, develop and execute the information security programs. Provide advice and consulting services to management to assist in developing and implementing security programs.
oEstablish incident response and management program
oDevelop information security awareness programs along with training department
oIT Operations and Engineering
oDevelop strategy, design, plan and completed implementation of infrastructure transformation for the enterprise consisting of two data centers 450 locations and 12,000 employees in 1.5 years.
oProvide deep financial analysis to save the company significant amounts of money and improved service levels over 3 years by restructuring how the company delivered DR services.
oImprove service levels while maintaining low operating cost and meeting delivery deadlines
oCoordinate / Assist the critical business units in developing the enterprise business continuity plans.
oPlan and assist with coordinating disaster recover, business continuity and incident management exercises.
CACI April 2011–June 2013
Bagram, Afghanistan
Systems Administrator Lead
Lead technical expert and manager for in country assets with thorough understanding of security, application and hardware systems for the Harmony Deployable Systems Team. Providing time sensitive collection, processing, analysis, and dissemination of classified materials for the US and Foreign allies intelligence community
oResponsible for the planning, design, implementation, instruction, assignment, direction and monitoring of the performance of systems
oManage of all in country personnel within Harmony Deployable Systems Team providing support the US Intelligence community.
oProvide professional and technical mentoring to junior systems administrators, military members and DOD employees on cyber security, applications, infrastructure, and electronic forensics.
oProvide onsite training and support to all DOD/DOMEX (electronic media collections, forensics, analytics and distribution) personnel in theater.
oImplement IT systems including Firewalls, Unified threat management systems, Endpoint protection, Data loss prevention and encryption systems, servers, storage, endpoint compute and networking technologies used on multiple secured and classified networks.
oProvide professional and technical mentoring international special operations groups
oProcess sensitive information for secure dissemination to various classified networks for analysis and time sensitive use by authorized foreign units
Ceridian July 2010–April 2011
Atlanta, Ga
Contractor- Systems Administrator
Lead systems administrator for militaryonesource.com website and client portal. Technical expert for vulnerability, scanning, load testing and remediation of all data center environments for US government acceptance.
oResponsible for all vulnerability scanning and penetration testing using industry standard tools such as Gold disk, Nessus, and Retina scanners
oProvide reporting and remediation requirement for DIACAP compliance on DOD Enclaves
oInstall configure, and maintain and harden Infrastructure environment.
oTroubleshoot hardware/software issues on server farm.
oRecommend strategy and solutions for Security and infrastructure architecture and create detailed project plans for implementations
Phoenix Communications Group March 2009–July 2010
Alpharetta, Ga
Senior Information Technology Engineer
Architect, plan and implement information technology systems including networks, servers, firewalls, unified threat management systems, intrusion detection, intrusion protection, endpoint protection, data loss prevention, and applications for multiple client companies in the Atlanta market. Help develop long term IT and security strategy for external clients. Preform PCI and SOX assessments for customers and develop and implement strategic plan to achieve compliance.
PFE International Inc. September 2000–February 2009
Kennesaw, Ga
Corporate Information Technology Manager
Develop overall strategy for Security and Information Technology for US based operations. Architect, plan and implement information technology systems including networks, servers, Firewalls, Unified threat management systems, endpoint protection, data loss prevention, and applications for multiple corporate locations in US. Developed Training for users for all aspects of security and information technology systems
US Navy January 1991–June 2000
Virginia
INFORMATION SYSTEMS OFFICER (JUNE 1998 – JULY 1999)
Responsible for Security, IT operations, and implementation of command wide Information systems for up to 8000 users while deployed at sea.
oLead a 9-man team to plan and implement commands first network and email system successfully
Electronic Mechanic (Jan 1991 – June 2000)
Lead technical expert for a 12-man team responsible for casualty analysis, repair of printed circuit boards, electrical/electronic components of electronic search and precision radar tracking systems, weapons computer systems, target designation systems, and Electro-hydraulic servomechanisms, and support equipment. In support of entire battle group of 8000 service members while deployed at sea.
Education
Capella University Information Technology Program Degree not complete
CompTIA Security + COMP001020090209
US Navy
Contact this candidate