Security Manager
Resume:
Education
Tulane University, New Orleans, LA
B.S. - Computer Information Systems
Experience
December 2013 – August 2016 Service Corporation International, Jefferson, LA (Formally Stewart Enterprises)
Manager Information Security and Compliance
Decreased company’s security risk posture by authoring and publishing new companywide security standards, policies and guidelines.
Managed Security staff which included one on site resource and three offshore resources
Maintained company’s financial stability by managing all IT Security Sarbanes Oxley (SOX) controls including deficiency response management and remediation process. Partnered closely with Internal and External Auditors in completing SOX audits. Increased IT Security controls pass rate.
Managed access/data security controls across all line-of-business (LOB) applications encompassing 25,000 full time employees, contractors and remote workers
Limited company’s risk by conducting Third Party Vendor Risk Assessments covering 75 vendors across all LOB applications
Increased company’s security posture by instituting a comprehensive Vulnerability Management solution encompassing 800 servers across two Datacenters and single Disaster Recovery Site. Accountable for testing, prioritizing and mitigation of identified vulnerabilities
Decreased risk of cyber threats through managing security solution sets across company’s 13,000 clients and 800 servers
Increased end-user security awareness by developing and instituting an in-house company-wide Security Awareness/training and communications program. Program was built into new hire mandatory training.
Improved IT Security capabilities by negotiating Managed Security Services contracts. Prepared SOW’s, reviewed BOM’s and managed vendor(s) performance.
Increased company’s security posture by participating in yearly data privacy audits, preparing management responses and remediation for identified
Increased company’s security posture by implementing network Intrusion Protection/Detection System
Brought email phishing awareness to forefront by implementing a phishing awareness program companywide with targeted user awareness training
1995 – December 2013 Stewart Enterprises, Jefferson, LA
Director Information Systems Security Officer & Disaster Recovery Coordinator
Decreased company’s security risk posture by Authoring and publishing new companywide security standards, policies and guidelines.
Directly supervised two Security Admins staff and one Sarbanes Oxley (SOX) Compliance Analyst and 5 Service Desk personnel
Increased company’s ability to continue operations following disasters by spearheading development of a full Disaster Recovery/Business Resumption plan for our Corporate Headquarters and key remote facilities.
After Hurricane Katrina I was appointed to IT Emergency response team to locate a remote Datacenter and manage buildout of DR Datacenter.
Increased user access provisioning by designing and managing implementation of two user provisioning applications
Supported IT Security efforts in designing and implementing DMZ configurations
Created IT team to institute Sarbanes Oxley (SOX) IT controls to fulfill company’s regulatory compliance using COBIT framework
Augmented existing IT Security by coordinating the implementation of IT Standard Operating Procedures (SOP)
Increased visibility of Payment Card Industry (PCI) compliance issues as related to IT functions.
Principal member of IT Risk Assessment Team. Partnered with PWC consultant using Carnegie Mellon OCTAVE Allegro Risk management approach
Managed access/data security controls across all line-of-business (LOB) applications encompassing 3500 full time employees, contractors and remote workers
Proactively assist CIO in several special projects across all IT departments
Successfully assisted in the design and implementation of a corporate WIFI system
Governed a $500K security budget
Increased mobile device security by implementing Mobile Device policies and management
Effectively created network policies and implementing Microsoft Group Policies
Diligently assisted in the configuration and maintenance of Microsoft Active Directory
Reliably assisted in the design, maintenance, and configuration of CISCO routers and switches
Responsible for security awareness/training program
Network Manager
Effectively supervised 5 PC Techs; 2 Network administrators; 1 Procurement specialist
Increased network efficiency by re-designing new switched environment
Trusted to manage and oversee company Microsoft Licensing agreements
Initially designed and implemented IT DR solution
To insure IT availability I managed yearly DR testing for all critical IT systems
To improve network performance I assisted in the careful design and implementation of upgraded LAN/WAN infrastructure
Enjoyed assisting our CIO in several special projects
Responsible for creating capital and operational budgets
Responsible for developing accurate performance reviews
Overcame many challenges during Hurricane Katrina: I was part of the DR team responsible for setting up our DR site – all systems successfully deployed
PC Technician Supervisor
Competently supervised 5 PC techs
Responsible for assigning duties and scheduled work assignments in line with department goals and procedures
Team player, assisting Director of Technical Services in various technical duties
PC Technician
Trusted to manage and oversee maintenance of corporate headquarters and remote facilities assets
Responsible for Installed Novell 4.1 file and print servers
Installed WARP OS2 clients
Installed Windows for workgroups and Windows 3.11
Installed and maintained Ethernet network
Effectively maintained and supported IBM AS400 clients
Maintained and installed IBM Client Access
Successfully converted LAN to IP
2009 – August 2016 Investor’s Trust, Inc., Harahan, LA Subsidiary of Stewart Enterprises, Inc.
Information Security Officer
To insure regulatory compliance I worked closely with the Texas Banking Department for IT audits within Investors Trust
For compliance reasons I created IT security Policies and procedures in compliance to regulatory guidelines
Coordinated internal audit of IT controls
Responsible for Disaster Recovery plan
Implemented regulatory polices required by Texas Banking Department
Computer Applications & Skills – Proficient
MS Word
MS Power Point
MS Excel
MS Project
MS OneNote
McAfee Network Security Manager IPS
Qualys Vulnerability Management
PhishMe Simulator
Awards & Recognition
Award Dean’s List Tulane University
Volunteer Catholic Charities Adopt-A-Family Program 2011-2014
Member Louisiana Technology Council
Member Information Systems Audit and Control Association, ISACA, New Orleans Chapter
Founding Member Men’s Spirituality Round table
Contact this candidate