Risk Management Project Manager
Resume:
Ms. Nahum Arlene Nicholas
ad4k90@r.postjobfree.com
Atlanta, GA 30047
www.linkedin.com/in/nahumnicholas
678-***-**** cell
SUMMARY: Experienced Cybersecurity Risk Management Lead and Technical Program Manager with a strong background in Infrastructure Upgrades, Cyber Security, Business Analysis, and Documentation.
HIGHLIGHTS:
Lead Risk Management Cyber Security Specialist for AT&T, closing 70% of security gaps within 1 year
Created & implemented governance and risk methodology used to lead new security teams
Lead dozens of projects to implement new security policies and secure existing technologies
Coordinated hundreds of hardware/software/application/database refreshes, updates & virtualizations
Managed multi-million dollar, high-profile network upgrades and vulnerability remediations at Wells Fargo
Delivered millions in savings from refreshes, virtualizations and decommissions at Anthem / BCBS
Saved 1/2 million dollars annually in monthly vendor maintenance fees
PROFESSIONAL EXPERIENCE
Kyndryl (Formerly part of IBM, client is AT&T) remote - laid off
July 2022 – August 2023
Lead Cybersecurity Delivery Specialist / IT Risk Management Security Program Manager
-Security Compliance Lead / SME for vendor managed applications, storage and VMWare systems within AT&T.
-Managed security vulnerability remediation projects from discovery stage to remediation completion.
-Developed security compliance methods, procedures, reporting, and documentation within a new team created for the purpose of providing Security Compliance and Risk Management at AT&T.
-Functioned as single point of contact by providing information to affected teams regarding how to close security vulnerabilities and align with regulatory requirements and security controls.
-Identified security risks and gaps, assessed priority, and managed risk mitigation work streams: Created vulnerability reports, documented processes, tracked gaps with weekly meetings and ticketing systems, and managed efforts until remediated.
-Managed risk initiatives: Hosted project calls with application teams and management to plan, track and document vulnerability remediation work to close security risks and provided senior management with compliance metrics.
-Worked with app teams to determine remediation path for Linux/HP-UX, Windows & VMWare servers by running scans, researching CVEs, and working with vendors to provide patches.
-Determined if security exceptions are needed and valid: submit and track exceptions, track decommissions, re-assess when exceptions expire.
-Managed effort to onboard servers into new cloud-based management software (SPLUNK) for regulatory governance compliance (ASLA).
-Managed high priority project: responsible for ensuring all Emergency 911 servers at AT&T stayed up to date with patches (First Responder Network Authority).
-Created Change Requests (via Remedy) for security patches.
-Used many tools within AT&T to manage and document remediation and auditing efforts (Service Now, UPRS, iApprove, iRequest, IPC, MOTS, CANA, IEDS, CyberNow-VMWare, CSO-SN, CCDR/CCRC, ITAP, Server Ops Portal, Wintel WSH, Wintel Server DB, REM/Remedy, Compliance Portal scan tool, ITO decomm tool).
April 2018 – July 2022
Career break: Maternity leave to become a stay-at-home mother to a wonderful young daughter.
Wells Fargo (contract) remote
Oct 2016 – March 2018
Technical Project Manager IV
Technology Infrastructure Services, ISM Deployment Co-ordination Team
-Managed large project to upgrade and consolidate Data Centers at Wells Fargo.
-Managed project to refresh EOL/EOS servers, OS upgrades, hardware upgrades, user & print queue migrations and moved to NAS where possible.
-Project Manager for File/Print and Dealer Services Tech Refresh projects.
-Coordinated between FMs (Fulfillment Managers), SAs (System Admins), Network Engineers, Team Managers.
-Lead multiple weekly calls with engineers and managers to track status and address hurdles.
-Provided weekly and quarterly project status updates to management.
Network Utility Force (consultant) remote
March 2016 – Oct 2016
Technical Program Manager
-Point of Contact for customers' requirements to design to close security gaps and perform network upgrades.
-Program Manager for multiple clients, including Iron Mountain, GA Aquarium, Verus Networks, PureVPN, & Markley.
-Edited proposals for clients’ network design and security, prioritized engineer workload, assigned tasks to network engineers, tracked daily progress, monitored project expenditures, hosted project status meetings and provided project status updates to company owners.
Wells Fargo (contract) remote
April 2015 – Feb 2016
Technical Project Manager V
Enterprise Technology Infrastructure, Wholesale (DSO)
-Lead day to day operations for migrating support teams for servers, storage, switches and firewalls. Ensured all servers met enterprise standards and security controls before transitioning servers to new support teams.
-Created and instituted methods and processes for a brand new team, which were used to manage a high volume of server migrations. New processes included communication plans, server assessments, security checklists, project reporting and creating a process documentation library.
-Coordinated server transitions and builds between senior directors, managers, architects, engineers, SAs, BAs/BSCs, PMs, overseas vendor, and change management.
-Sole PM for 2 teams, Internal Transfer Consistency and Internal Server Transfer, which aligned company security and build-out controls between departments.
-Managed workload for 2 BSCs/BAs and 2 OSEs/SAs for all server clean-up efforts, reporting and transition processes.
-Created Architecture Recommendation presentations for high level management, assessing network and server vulnerabilities and site deficiencies. Recommended actions needed to move servers to a secure, approved data center location and operating state, to meet enterprise standards and security controls. Remediated vulnerabilities presented in the Recommendation.
-Server clean-up work included rebuilding server as virtual or with new HW/OS/SW, migrating databases & applications or assessing & upgrading existing servers: implementing security controls, patching, updating firmware, then updating Remedy fields and verifying access for new teams and removing old teams’ access.
-Used Planview and Stamp for tracking project time and status.
Wells Fargo (contract) remote
April 2014 – December 2014
Technical Project Manager IV
*Received two Raving Fans recommendations from Wells Fargo team members on this project
Technology Infrastructure Services, ISM Deployment Co-ordination Team
-Managed initiative to secure and consolidate data center backbone routers and servers over multiple locations.
-Project Manager responsible for coordinating the migration of servers to new subnets and switches.
-Coordinated system administrators, application managers, network engineers, business units and third party vendors.
-Coordinated network inventories and site surveys.
-Functioned as BA (Business Analyst), gathering site information for Cash Vault project in order to schedule site surveys.
-Used Remedy to create change request tickets for Change Management Board (CAB) and used Planview and Stamp for tracking project time and status.
Major banking organization (contract) remote
January 2014 – April 2014
I.T. Project Manager III
Global Network and Infrastructure Services
-Project manager responsible for coordinating the consolidation, upgrade and decommission of F5 load balancers.
-Coordinated data center migration between engineers and business customers, presented changes to multiple change advisory boards (CABs) across the company, performed user acceptance tests (UAT) and coordinated cutover windows for production.
-Targeted load balancers which are EOL (End of Life), LOR (Loss of Redundancy), DMZ (De-militarized zone) & data center consolidations.
Recall (now Iron Mountain, contract) remote
April 2012 – April 2013
Security Program Manager
PM for Information Security Operations
-Lead company-wide risk management and security compliance initiatives for a new network security team:
Developed, communicated and implemented security projects company-wide at a global corporation by delivering compliance and governance methodology, security procedures and controls, risk management strategies, and security metrics.
-Identified security risks and gaps, assessed priority, and managed mitigation work streams: Created vulnerability reports, documented processes, and tracked risks and security gaps.
-Created and implemented security and risk compliance processes and procedures for high profile projects closing security gaps across the network: VPN, FW, FTP, AV, AD, etc.
-Oversaw rollout of new security products to all segments of the network and across the backbone in an effort to implement risk controls: WAN, LAN, DMZ, LBs, FWs & proxies, DBs & apps,.
-Managed and coordinated security product rollouts between business units and vendors.
-Created Change Control Board (CM/CCB/CAB) Requests for network changes; communicated changes to Service Desk and Desktop Support.
-Reported to senior management on project status, milestones and resource tracking.
-Communicated project plans, process flow and network changes to project stakeholders.
-Gathered monthly metrics and created presentations for executive level management.
-Maintained department SharePoint repository for project documentation, including MS Project Server plans.
-Conducted process reviews and business analysis; created RACI Scorecard to show departmental standing versus national industry standards.
-Created departmental security newsletter for company-wide readership.
-Developed requirements for interactive web forms on SharePoint (FTP & FW account requests).
BA for Network Infrastructure & Security Projects
-Business Analyst for over 25 projects concurrently, totaling several million dollars in expenditures.
-PM for JDIs (Just Do It projects) from Proposal phase through Closure phase, using SDLC methods.
-Business Analysis: Interviewed project sponsors and requesters to determine scope and requirements, wrote technical Business Requirement Documents for Network projects, obtained project estimates from IT, Dev & QA, created CapEx & OpEx expenditures & before and after Process Flow diagrams, pushed proposals through executive budget approval committee, documented project budget and timeline in MS Project Server and Sharepoint, updated stakeholders.
Security Projects: SOC2 Security Audit Certification readiness assessment, Wireless intrusion prevention, External penetration scans for global data centers, Security assessments for in-house software tools.
Infrastructure Projects: AD Migration, Migration to new company-wide hardware and OS standards, WAN circuit upgrades between data centers, global wireless upgrade, storage upgrade, installation of new Exchange reporting tool, installation of global WAN acceleration devices, Switch replacements, Mobile Device Management.
WellPoint / Anthem / BCBS (contract) remote
January 2010 – March 2012
Technical Project Manager II
N-1 Server Refresh & Decommission Team
-PM for company-wide mandate to upgrade/consolidate Intel & UNIX servers to new platforms and hardware and to virtualize where possible across network backbone. Project managed HW & OS upgrades with server owners and system admins, reviewed migration plans with owners, coordinated network change maintenances and application and data migration to achieve policy compliance.
-Managed project rollout coordination between all affected business units, application and database owners and offshore vendor (IBM in India).
-Upgraded equipment and implemented security controls for all segments of the network: WAN, LAN, DMZ, LBs, FWs and DBs.
-Coordinated virtualization of old hardware to VMWare for hundreds of servers.
-PM responsible for decommissioning hundreds of old servers: located server owners, coordinated shutdown procedures, server retrievals & disposal. Saved the company half a million dollars annually in monthly vendor maintenance fees.
-Escalation point for vendor build issues for new servers.
-Upgraded Oracle database to latest version.
-Used SharePoint revision control to manage all project documentation, such as project tracking spreadsheets, interactive project calendar, processes and procedures.
-Used PlanView to break down time spent on specific aspects of the project.
-Functioned as BA (Business Analyst) to gather hardware, OS, database, application and testing requirements from business units.
Middleware / Information Systems
-Managed and implemented multiple I.T. migration and upgrade projects simultaneously.
-Created Change Control (CM/CCB/CAB) tickets and represented projects at Change Control Board meetings.
-Initiated JAD sessions to identify business objectives, technical requirements, obstacles and milestones.
-Created Work Breakdown Structures (WBS), detailed technical Project Plans and Project Risk Assessments, documented projects using MS Project, Visio and SharePoint.
-Created status reports and project documentation for management.
-Projects:
Remediated security vulnerabilities
Rolled out monitoring & patching agent (BladeLogic) on 1,200 servers
Migrated Amisys/Maestro from one production server to another
Upgraded Citrix servers from 3.0 farm to 4.5 farm
Upgraded WLM (WorkLoad Manager) in Prod & Dev networks
AT&T / BellSouth (contract) hybrid
November 2006 – November 2009
Security Program Manager
-Point of contact for all Business Units within BellSouth, providing Security Compliance and Risk Management guidance for the Application Security Program.
-Created and coordinated dozens of security mitigation plans for company-wide software security initiatives (70,000 BellSouth employee desktops), implemented SDLC methods and AT&T’s ITUP processes.
-Determined if security vulnerabilities impacted the environment by creating inventories of vulnerable software within the network; Prioritized software package development based on security severity.
- Managed the production push of updated software applications to entire BellSouth network via SMS; Oversaw vendor-created software development and deployment using SDLC/ITUP to ensure that policy compliance, security standards, processes, and procedures were correctly implemented.
-Coordinated software deployment and change management approval with all Business Units within BellSouth.
-Managed the manual updating and removal of vulnerable software, with multiple mitigation projects running concurrently; used PRISM to create and track project estimates.
-Vendor management: Negotiated project timeline with vendors and ensured change requests did not impact other changes made to the environment; Verified that pre-implementation checklists, back-out plans and documentation requirements were included in change request.
-Performed UAT (user acceptance tests) and confirmed QA results before deploying software to the network.
-Reported project status to management in the form of individual project status updates, weekly success status reports, monthly success rate statistics and quarterly accomplishment reports.
-Created detailed documentation for all Windows software security patching procedures and ticket creation (REM/Remedy) processes within Bellsouth.
-Coordinated Business Group’s migration to new trouble and change management system by gathering business requirements from application owners and communicating their needs to developers.
-Recommended process improvements to implement within new internal ticketing system based on needs of end users.
-Trained application owners to migrate to new ticketing system.
DELL SecureWorks
September 2005 – September 2006
Security Operation Center Analyst
-24/7 Network security support for banks, credit unions, hospitals, and large corporations.
-Monitored, investigated, and remediated IPS (Intrusion Prevention System) security incidents for thousands of financial and medical institutions, using iSensor.
-Administered policy changes on IPS according to most recent vulnerability discoveries.
-Customized IPS based on client requests, upgraded Linux based IPS to new version, monitored test performance and accuracy of new IPS signatures before full deployment.
-Performed network troubleshooting on issues related to IPS, firewall configuration or network issues, using Linux tools.
-Monitored all segments of clients’ networks, including DBs, WAN, LAN, DMZ, LBs, proxies and FWs.
-Performed standard Linux administration tasks and investigated IPS performance problems related to CPU, memory, network outages, etc.
-Point of escalation for client questions regarding network incidents, vulnerabilities, mitigation efforts and network security reports.
U.S. Army Reserves (contract)
October 2004 – September 2005
Security Operation Center Analyst
-Investigated IDS (Intrusion Detection System) security incidents and responded according to established procedures; escalated incidents to military personnel as necessary.
-Monitored network traffic for compliance of DoD policy compliance requirements and responded to non-compliant incidents, according to DoD regulations.
-Used Ethereal/Wireshark and tcpdump on Linux to perform packet capture and analysis.
-Wrote SOP (Standard Operating Procedures) with specific documentation for how to perform daily duties, such as security incident escalations and how to use internal tools.
-Created documentation for troubleshooting methods for Unix and Windows security incidents.
-Created Security+ study guide used by team to pass the Security+ exam.
-Created documentation for internal DoD network troubleshooting and configuration procedures.
Interland Web Hosting / Web.com
October 2003 – September 2004
Security Analyst & PM
Vulnerability Mitigation and Risk Controls – As the first employee hired in a new security team, I assisting in writing a company-wide Security Mitigation Plan and project managed the number one company priority of securing all data centers in the country, consisting of 70,000 servers which had been compromised (FBI was involved).
-Created and communicated Risk Management project plans for each impacted department; Assigned project responsibilities to engineers and operations personnel; Established timelines, monitored work flow and dependent action items; Tracked project status and monitored all critical path tasks; Assigned security patching and cleaning of compromised servers to team members; Updated daily reports of all servers with latest security vulnerabilities and compromises until security compliance was reached.
– Managed implementation of company-wide token-based security log-in system by overseeing software installation on desktops and servers and coordinating token distribution.
Security Assessments (Windows & UNIX Servers) – Performed assessments; corrected file system permissions; analyzed Netstat output, network settings and log files; removed root kits; verified that services running matched product specifications; audited and remediated user and group authorization configurations; identified compromised servers, analyzed servers to locate source of compromise, corrected vulnerabilities, hardened servers by disabling unnecessary services and removed the compromised content.
Security Assessments (Network) – Used Linux commands such as nmap and tcpdump to analyze network usage on routers and internal servers in order to identify abuse cases and compromises.
Patching and AV – Tracked company-wide patch levels on every customer’s web hosting servers and ensured that security patch levels were the latest version; updated AV and other software security patch levels to latest versions on thousands of servers; scanned servers for viruses and removed them.
Procedure Documentation – Created Risk Management SOP (Standard Operation Procedure) manual for the Security Operations Center for patching and hardening Linux and Windows servers (locking down ports, closing unneeded services, removing unauthorized users) and cleaning servers’ unauthorized software such as spyware, malware, freeware, and unauthorized files.
Project procedures plan – Wrote multi-departmental Security Mitigation plan for securing domain controllers, installing anti-virus server software, patching and cleaning of servers and implementation of dual-factor authentication methods, firewall software and secure shell connections.
Project Management and Documentation – Attended project planning meetings, documented project progress, used RCS to update technical documents and diagrams, wrote and distributed meeting notes, developed and followed up action items, documented resources in MS Project, created network diagrams in Visio, updated team with daily progress and deadlines; attended JAD sessions to develop business and technical requirements.
Tickets/Monitoring/Reporting – Created reports documenting server security levels, then manually corrected all security vulnerabilities discovered; Monitored network for security incidents, then resolved or escalated issues; Resolved customer and internal security tickets on all web hosting and mail servers; Processed after-hours network abuse cases.
EarthLink Inc. / MindSpring Enterprises
October 1997 – October 2003
Network Engineering, Configuration Management
Network reporting statistics – Created traffic reports for circuits and routers using monitoring tool (Cricket) to watch traffic levels and router CPU statistics; tracked peering and transit circuit traffic levels; updated Cisco router configuration to reflect changes in traffic patterns; wrote and updated script files to monitor ports and to create traffic pattern graphs.
Apprentice Network Engineer – Configured routers, updated router code to latest OS versions, completed maintenance work, cabled new equipment in data center, tested faulty equipment, manually updated equipment configurations using change control procedures, set up test lab for CCNA course.
Project Management – Data Center build out & consolidation to upgrade backbone – Project managed year-long project to upgrade all hardware and standardize entire network to latest IOS version using RCS configuration management to track changes. Scope included WAN, LAN, DMZ, LBs, proxies and FWs. Project included defining, monitoring and communicating the responsibilities for 30+ network engineers, which included the project priorities, dependencies, coordination with other teams, timeline, resources, and inventory.
-Managed internal departmental projects, such as reporting-tool improvements and a web-based login for routers.
-Managed projects pertaining to company-wide strategic priorities, such as monitoring ISP satellite performance post-installation and DSL churn-preemption, based on failed customer PVC connection attempts.
-Initiated cross-departmental meetings and JAD sessions, documented meeting notes, developed and followed up action items, updated project progress on department project website, developed individual project plans, developed documentation and network diagrams to communicate expectations, provided project updates.
Documentation – Created network diagrams using Visio: Created hundreds of index-searchable, detailed network diagrams depicting topology of entire ISP’s network, determined by manually looking through device configurations; created nation-wide diagram of every WAN/Peering/Transit circuit/POP for the entire ISP’s network; Created and documented company-wide standards for network diagrams; documented procedures for department project proposals, created signage for the Data Center.
-Web admin for network engineering department web site; maintained departmental web site and wrote technical documents such as processes and proposals; incorporated java script search tool and RCS for tracking document updates written by other authors; created interactive web form tools used for lab equipment management; updated company wide network equipment inventory.
Technical writing – Wrote technical presentations for network engineering department proposing new technology implementations; wrote equipment replacement proposals based on cost savings; created extensive CCNA study-guide.
Network Circuit Provisioning Coordinator
-Placed and tracked circuit and equipment orders with telecommunication vendors, from planning to installation.
-Created and maintained detailed network circuit and equipment records for every POP (Point-of-Presence) and Data Center in the network, for a national ISP.
-Liaison between network planning team, equipment installers and external vendors (BellSouth circuit provisioning).
-Created and maintained departmental web site as web admin.
Earlier work history:
Front Office Manager at Georgia State University’s Department of English - Managed staff responsible for supporting 100+ University professors and instructors and thousands of students.
General Manager of Cinefest Film Theater at Ga State University - Managed budget and staff, booked films, created film schedule, maintained equipment, built films and trained staff at an art house cinema.
VOLUNTEER
Gwinnett County Government, GA
Feb 2019 – present
Gwinnett County Animal Advisory Committee, non-paid civic role
-Report directly to Gwinnett County Commissioner (in a non-paid position appointed by County Commissioner) on an Advisory Committee whose purpose is to advise the County’s Board of Commissioners, co-ordinate resources, provide line of communication between County Board of Commissioners, County Animal Shelter Management, and citizens.
-Propose and advise on bylaws to the Board of Commissioners regarding animal related matters; proposed ordinances are voted upon by the Board of Commissioners.
-Chair Advisory Committee meetings with County Animal Shelter Management and the public.
-Handle community and Animal Welfare concerns and communicate needs and concerns directly to County Commissioner.
-Coordinate County resources to assist with needs of the Animal Shelter and public, regarding all animal related matters.
EDUCATION/ CERTIFICATIONS
Georgia State University, B.A.
Dean's List, Mortar Board Honor Society, Student Leader, Honors Day Senior Award, Homecoming Court
CompTia Security+ certification #210848039 – 2005 (inactive)
U.S. Military Top Secret Interim clearance 2004-2005 (inactive)
TOOLS
Network Management – iPrism, Ethereal, LANguard, Retina, Stat Scanner, ISS Internet Scanner, NetForensics, Intellitactics, Advanced Analytics, Intrushield, PatchLink, TripWire, Blade Guard, Cricket network monitoring, Microsoft SMS (Sys Mgmt Server), Eracent, BladeLogic, iSensor, NetStat
Ticketing Systems – Remedy, PeopleSoft CRM (Vantive REM), Service Center
Project Management and Process Documentation – MS Project Server, eProject, RCS, SharePoint admin, MS Access, PlanView, Stamp, PowerPoint, Visio, html code, Unix vi text editor, PhotoShop, Illustrator
Contact this candidate