Information Security Technology

Location:

Rockdale, TX

Posted:

October 16, 2024

Contact this candidate

Resume:

Larry Timmons

**** ****** **** *** ****, Rockdale, TX 76567 - 512-***-**** - ******@*********.***

Professional Profile

Skilled Information Security and IT Professional with expertise in Risk Management and Compliance within the electronic payments services industry. Well-versed in direct and remote analysis with strong critical thinking, communication, and people skills. Able to thrive in fast-paced and challenging environments where accuracy and efficiency matter.

•Member of the Association of Payment Professionals.

•Certified Ethical Hacker (CEH).

•Certified Information Systems Security Professional (CISSP).

•Organized and dedicated worker with a serious approach to information security.

•Experienced with vendor management and conducting security and risk audits.

•Experienced conducting vulnerability assessments and mitigation strategies.

•Extensive working knowledge of the laws and procedures within the area of US Patriot Act, Anti-Money Laundering and OFAC Sanctions.

•Extensive knowledge of PCI-DSS, SOC 1, SOC 2, HIPPA, and HiTrust compliance requirements.

•Experienced with SOC 1, SOC 2, PCI-DSS, and AML Due Diligence audits and assessments.

•Experienced with GRC Tools such as ServiceNow, KnowB4 and Archer.

•Experienced with implementing SIEM solutions as well as DLP, FIM, IDS/IPS, Endpoint Security-Antivirus, Advanced threat protection, and email security.

•Experienced using Jira, Salesforce, and Confluence.

•Experienced with the incident response process and procedures.

•Excellent written, oral, communication, listening, presentation, and interpersonal skills. Ability to communicate ideas in both technical and user-friendly language.

Relevant Work

Finexio – Orlando, FL – Sr. Compliance Analyst (remote) - February 2023 - August 2024

•Transaction monitoring of all transactions to assess potential suspicious activity on the account, such as money laundering and sanctions.

•Identify data anomalies related to AML initiatives, AML/BSA regulations, and industry best practices for AML/BSA analysis.

•Drive the most effective means of meeting Finexio’s AML and Risk reporting requirements.

•Work effectively with multiple complex data sources and technical tools.

•Work and contribute in a team-oriented and collaborative environment to improve control processes.

•Ensure company’s adherence to and compliance with all applicable federal and state laws, regulations, and guidance, including those related to Anti-Money Laundering (i.e., Bank Secrecy Act, USA PATRIOT Act, etc.), as well as adhering to company policies and procedures and client requirements.

•Coordinating with review teams including Security, Risk and Compliance, IT, and others to ensure adequate due diligence process is carried out for customer accounts and documentation review assessments are completed within SLAs. (KYC, CIP).

•Completing Affidavits. Indemnification letters, SAR’s and filing disputes to recall fraudulent transactions.

•Successfull project completion and launching of Finexio Shield, offering a Fraud Guarantee.

•Successfully recovered over $2 million dollars in fraud last year and zero losses.

IPpay – Riviera Beach, FL – Sr. Risk Analyst (remote) - August 2021– February 2023

•Monitoring merchants, investigations, chargebacks, monthly fees, increase parameters, risk reporting and loss forecasting.

•Monitoring transactional, batch and authorization volume for merchant portfolio(s) and examine for anomalies.

•Investigate the credit card processing, chargebacks, refunds, and fraud on merchant accounts that have exceeded the parameters set by our risk management team and make a real time decision on increasing or decreasing exposures and reserves.

•Ensures continuous compliance with all internal and external regulations governing fraud and disputes processing.

•Identified possible negative merchant financial changes relative to transactions and profitability.

•Assist with merchant education on proper card acceptance procedures to prevent fraud.

CreditShop LLC – Austin, TX - Sr. Security Analyst - July 2019 – Aug 2021

•Responsible for all Corporate Physical Security, (CCTV, Badging Systems - CCure), Secure Print Room).

•Oversee security of the cloud infrastructure (AWS) and resolving security-related issues.

•Authored security policies and procedures, documentation and standard operating procedures.

•Provide incident response, including detecting advanced adversaries, log analysis, and malware triage.

•Execute proactive threat hunting to demonstrate trends and effectiveness of controls.

•Implement SIEM solutions as well as DLP, FIM, IDS/IPS, and Endpoint Security software.

•Assist with Vendor Management by conducting vendor security reviews.

•Perform regular and ad-hoc vulnerability assessments to identify security deficiencies and mitigation for information resources such as applications, cloud-based information technology, endpoints and network-attached devices and peripherals.

•Conduct security and risk assessments, recommend risk mitigation strategies and develop reports to present to technical and non-technical audiences.

•Provide requested documentation and assist with remediation during annual AML Due Diligence audits.

•Provide annual Security Awareness training to all employees.

•Contribute to the overall success of the Company by performing all other duties and responsibilities as assigned.

Worldpay SN (SecureNet Acquisition) - Austin, TX - Lead Security Engineer - Oct, 2014 – Apr 2019

•Responsible for all Corporate Physical Security, (CCTV, Badging Systems - CCURE).

•Review security events to identify and prioritize potential threats and identify trends.

•Provide IT Security: Cisco ASA, IDS, IPS, VPN Client, RSA Security Systems, WAF, PCAP, Tripwire, Websense, Kaseya, Solarwinds, Qualys, Poliwall, FIM, OSSEC HIDS, Metasploit, AppScan, Kali Linux, CrowdStrike, Splunk.

•Provide incident response, including detecting advanced adversaries, log analysis, and malware triage.

•Provide requested documentation and assist with remediation during annual PCI-DSS audits.

•Provide annual Security Awareness training to all employees, this also included initial security awareness training during new hiring onboarding.

•Conduct security and PCI Compliance risk assessments, recommend risk mitigation strategies and develop reports to present to technical and non-technical audiences.

•Assist with vulnerability assessments to identify security deficiencies and mitigation strategies.

•Authored security policies, documentation and standard operating procedures.

•Provided Desktop Support for 2 years while position was being filled, this included all desktop and laptop support, deployment and asset management, granting user access, activating and removing users from Active Directory. I also provided training and supervision to the employee who took over the position.

•Contribute to the overall success of the Company by performing all other duties and responsibilities as assigned.

SecureNet Payment Systems Inc. - Austin, TX - Lead Security Engineer - Oct, 2011 – Nov 2014

•Responsible for all Corporate Physical Security, (CCTV, Badging Systems, CCURE).