George Rainey, Jr.

CISSP-Emeritus designation,

active CFE (now Semi-Retired)

*** ****** ******* *****

Virginia Beach, VA 23452

email: ad4jsh@r.postjobfree.com

949-***-****

SUMMARY

Management, technical, risk management, instrumental in achieving URAC accreditations (PBM

& DTM), familiar with HIPPA, SOX & ARRA regulatory requirements. Consulting experience in IT for accounting, systems security for network security and auditing over a span of 34 years in the bank, health care, retail and state government industries. Trademark preparation and Franchise document writer. Professional certifications in Information Systems Security and anti- Fraud. Strengths include project management, communication, implementation, documentation, TCP\IP standards and their respective authentication protocols. EXPERIENCE

5/08 – 2/11 UNITED HEALTH GROUP, CA

IT SYSTEMS SECURITY MGMT ANALYST

Responsible for development and implementation of UHG info sec policies, standards and procedures to secure and protect UHG data residing on systems. Duties:

1 Determine level(s) of security risks associated with policy exceptions to corporate security control standards;

2 Subject Matter Expert for corporate security control standards; 3 Work with user departments to implement procedures & systems for protection, conservation and accountability of proprietary data. 12/06 – 5/08 PRESCRIPTIONS SOLUTIONS (United Health Group), CA SECURITY ENGINEER(CONSULTANT)

Hired as Contractor in Information Systems Infrastructure Services to provide IT Audit Support, documentation and audit support.

Duties:

1 Creation & maintenance of Security policies & procedures and audit processes; 2 Report to management potential security issues;

3 Attend SOX, HIPAA, Data Governance & Audit meetings; 4 1st 2 years--Audit desk for PBM & DTM Accreditations for URAC. 6/06 – 12/06 TEKSYSTEMS, Newport Beach, CA

SECURITY ENGINEER(CONSULTANT)

Hired as Contractor in Security Administration Department to create, modify and terminate user id profiles for CICS (Top Secret), Windows NT and Outlook and other applications AAA Corporation uses to provide access control to its employees; this involved completing service requests for employees who are new hires, transfers and terminations, service requests for employees subject to leave of absence and those who are approved for internet access. 4/05 – 4/06 TECHSPACE INC., Mission Viejo, CA

IT DATA CENTER MANAGER

Hired as IT Manager (Consultant) for national Internet Service Provider Data Center. Responsible for performing IT Audit on web & mail servers, writing policies and procedures for security controls, putting in place IT structural format, providing guidance for IT Project Management, and managing data center daily operations and it’s staff.

Creation of job descriptions for technical staff; hired and developed career paths for technical staff and performed technical training. Overseeing use of server configurations & remote desktop connection process, password administration for mail, ftp and VPN accounts. Wrote policies and procedures for MAC’s to client DNS names;Held status meetings with senior management about IT Development Tasks. TCP/IP knowledgeable as a standard for networks’ use to electronically communicate; and provide IT Customer Support

5/00 – 3/05 RAINEY & RAINEY CONSULTING, BUSINESS TRAINING INSTITUTE, New Jersey & Rancho Santa Margarita, CA

INSTRUCTOR FOR WEB DEVELOPMENT & DESIGNING, TRADEMARK PREPARER, FRANCHISE DOCUMENT WRITER, RADIO SHACK STORE MANAGER (managed several stores in Southern California).

Website development for clients and Web Development/E-Commerce Instructor for Business Training Institute, Rochelle Park, NJ. JavaScript Programmer, and former COBOL and RPG Programmer. Trademark (Service Mark) Preparer & Franchise Document Writer for clients. 9/97 – 5/00 FLEET (SUMMIT) BANK, Ridgefield Park, NJ SR. INFORMATION SECURITY ANALYST

Primary author for employee Use Policy for Internet use. Preparation of security standards and procedures for assigned applications\systems for department’s procedural manual. Security representative for testing new security modules and working closely with IS Audit for matrix approval. Assurance of security requirements in place for new applications\systems during pre- planning and implementation stages. RACF Administration & AS400 (OS/390), Secure Id (Ace Server), Windows NT Servers (sharing and mapping drives, user-id permissions-rights), Novell Netware (providing rights and directories for user-ids), DEC (VAX), Internet Proxy Server, and Tandem. Trouble-shoot problem user ids and changed respective passwords. 7/95 – 8/97 RAINEY & RAINEY CONSULTING, Honolulu, HI WEBSITE DESIGNER & INFORMATION SECURITY CONSULTANT Website development for clients. This involved consultation from concerns about firewall security accessing the Internet to development of such clients’ website(s). A former COBOL and RPG Programmer.

1/91 – 7/95 QUEEN’S HEALTH SYSTEMS, Honolulu, HI

SR. INFORMATION SYSTEMS TECHNICAL AUDITOR

Responsible for developing technical information systems and application reviews for entire hospital systems. Managed monitoring project over Perot Systems Facilities Management Team

(1.4 million dollar contract) for contract compliance. Developed Risk Analyses, Preventive Maintenance Plan, Disaster Recovery Plan for LAN. Created and performed comprehensive information systems security reviews and audit programs for all QHS entities, which included applications, operating systems, networks, microcomputers, administration, environmental conditions, resources, and developing systems. Installed new applications and acted as LAN Administrator for audit department. 4/89 – 1/91 RAINEY & RAINEY CONSULTING, Honolulu, HI COMPUTER CONSULTANT

Created computer and business consulting firm providing services for internal accounting, computer security, fraud examinations, installing accounting packages for Radio Shack, and clients (MAS 90, Peachtree, Bedford, Great Plains). 2/87 – 4/89 MANAGEMENT DIMENSIONS CORPORATION, Pomona, CA DIRECTOR: SOFTWARE SECURITY

Responsible for managing security consultants that defined security requirements for an accounting system for the State of Illinois Comptroller’s Office-a total budget which encompassed 11 phases costing the State of Illinois 30 million dollars. Designed and implemented an access control subsystem shell for access to all applications with use of CICS internal tables, e.g. SNT. Developed security policies, standards and procedures for administering a Security Management Plan. Managed the committee for coordination of identifying and documenting requirements for access control. Managed the committee to review security requirements defined by each application design group, data base group and Systems Integration Group.

2/84 – 2/87 MAY DEPARTMENT STORES COMPANY, Culver City, CA DATA SECURITY ADMINISTRATOR

Appointed by New York Corporate Office to create national data security function at Western Region Data Center as model to use at the other three strategically located data centers. Wrote corporate Security Management Plan, proposal to install security packages and security policies. Coordinated with Technical Support Department at all four data centers to install system and data security packages—Top Secret, Guardian (OmniGuard) and Flee, Flim, Flic (DOS Library protection). Wrote standards for security rules to use for security packages at each data center to detect unauthorized access and protect information system resources. Administration of password usage for TSO, VOLLIE & ROSCOE: wrote rules & regulations for password requirements. Lectured about security awareness and the need for personnel to be aware of their responsibility as a user of information system resources. 6/81 – 2/84 MAY DEPARTMENT STORES COMPANY, New York, NY CORPORATE SENIOR IT AUDITOR

Performed data center and divisional store reviews to determine physical security, adequacy of controls, disaster recovery provisions, administrative, operating and programming efficiencies; audit involvement included all aspects from initial planning through report preparation and presentation to various levels of management; managed three junior IT Auditors. 5/76 – 5/81 METROPOLITAN MUSEUM OF ART, New York, NY ASSOCIATE INTERNAL AUDITOR

Financial and operational audits, including A/P, A/R, P/R, EDP, Mail Order; account analysis and reconciliations: bank accounts and concessionary liquor account; supervised and trained Assistant Auditors; interface with external auditors, (Coopers & Lybrand, Federal Grants Auditor, State Sales Tax Auditors). EDUCATION

Continued completion of specialized seminars and courses annually to maintain international certifications for re-certifications listed below since 1992. Paralegal Studies, New York Paralegal Institute, NY, 1983. Bachelor of Science, Business Economics, State University of New York, New Paltz, NY, 1975.

Associate in Applied Science, Banking and Finance, Borough of Manhattan Community College, New York, NY 1971.

CERTIFICATIONS

Certified Information Systems Security Professional, 1994; International Information Systems Security Certification Consortium.

Certified Fraud Examiner, 1992; Association of Certified Fraud Examiners.

Contact this candidate