Information Security Consultant
Resume:
James A. Campbell
**** ********** ***** **************, ** 23111 Phone: 804-***-**** E-Mail: *****.********@****-***.*** Objective
Dynamic Information Security Leader pursuing the role of Director or C-level executive in a fast paced, multi-faceted IT operations environment. Expertise providing security solution services, management, and security direction and guidance to business groups, IT support teams, and project teams. Leveraging CISSP and HCISPP credentials with a MBA and a well-rounded background including IT operations and engineering, risk management, strategic guidance, and thought leadership. Experience
KUMA – Senior Security Analyst Aug 2021(PT)-April 2023(FT)-present
Provide fractional CISO services to multiple clients
Drive Policy and Procedure creation and updates
Work with HITRUST assessors to achieve HITRUST certification and renewals
Provide Incident Response leadership
Maintain and test Business Continuity and Disaster Recovery Plans
Provide end user training to maintain compliance and build end user awareness
Provide factional Cloud Engineering services to multiple clients
Update and maintain existing cloud infrastructures in AWS, GCP, Azure, and Microsoft 365
Monitor and update security configurations as needed for effective Security Operations in a virtual data center infrastructure
Work with cloud engineers from other clients to establish secure VPN tunnels to transmit PHI data
Monitor and provide security enhancements to cloud VMs and end user endpoints
Work with 3rd party pen testers to identify and remediate vulnerabilities
Maintain and update cloud networking and security controls to ensure HIPAA compliance Virginia Community Capital – Information Security Officer Jan 2021(PT)-April 2022(FT)-April 2023
Wrote and updated policies and procedures to facilitate maturing the Information Security program
Worked with IT to implement additional security controls including Microsoft Intune and Conditional Access
Spearhead all audits for VCCSE ensuring they were completed on-time
Utilized FFIEC as a CMMI to determine next areas of improvement in the Information Security program
Developed scripts as part of a daily secure file transfer process
Daily vetting of security alerts from various sources and performing full follow-through up on incidents
Hire a Vendor Manager to perform 3rd party risk management for the Vendor Management program BrownGreer PLC – Cloud Engineer November 2020-April 2022
Managed the Palo Alto firewires for interconnection between sites and Microsoft
Planned and implemented an IPSec firewall cutover to retire a Microsoft Express Route tunnel
Created and implemented a process to migrate DNS zone records from UltraDNS to Azure’s DNS
Architected a GlobalProtect migration to Azure and implemented firewall load reduction changes without compromising security
Managed the organization’s Azure Active Directory environment directly and via PowerShell scripts
Documented and updated the infrastructure via Visio and Word diagrams and procedures RxEOB – Chief Information Security Officer (CISO) June 2020-November 2020
Wrote, updated, and created policies and procedures aligned with HITRUST, HIPAA, and business goals
Lead 3rd party penetration tests and worked with the DevOps team to remediate all findings
Performed an internal risk assessment of IT and physical vulnerabilities as they related to HIPAA and lead corrective action projects 2
Conducted phishing campaigns, measured responses, and recommended training opportunities
Performed monthly table top exercises to test and document different risk mitigation scenarios
Designed and implemented a backup solution using Azure Site Recovery and rewrote accompanying policy and procedures
Initiated and lead the Microsoft Intune project for Mobile Device Management (MDM) and data protection
Performed regular security audits and risk assessments and provided written and verbal updates to Senior Management
Ensured policy and technical controls met or exceeded requirements for protecting client PHI data
Communicated technology and security strategies to partners and clients
Directed, approved, and supervised the implementation and maintenance of the information security systems ePlus/BrownGreer PLC – Consultant / Sr. Cloud Engineer February 2020-June 2020
Initiated and lead the Microsoft Intune project for Mobile Device Management (MDM) and phone system conversion
Co-implemented, monitored, and managed an emergency Virtual Desktop Infrastructure (VDI) at the start of the COVID pandemic
Assessed remote access risks and received approval to modify access controls for VDI and MDM environments
Assessed and made updates to BrownGreer’s cloud enterprise technology strategy and architecture
Performed regular monitoring and troubleshooting in an Azure VM environment
Managed the organization’s Azure Active Directory environment
Documented the infrastructure in Visio and maintained updates and changes Covenant Woods – Security Architect / Sr. IT Systems Admin November 2017-February 2020
Initiated and presented a risk assessment of the facility’s aging IT computing infrastructure
Configured and monitored the security for the onsite and offsite operational data infrastructure
Planned and executed a $750K upgrade of the entire network infrastructure using Extreme switches and wireless access points
Executed an internet upgrade to bring fiber into Covenant Woods and added high-availability for business continuity
Lead a 3rd party audit and utilized findings to prioritize and implement security protections to ensure HIPAA compliance
Engineered a DR/BCP solution configuration, management, ongoing monitoring and proactive testing to mitigate the risk of data loss and prolonged outages
Built, configured, managed and maintained the end-to-end IT infrastructure including firewalls, switches, wireless access, servers, PCs, and VMware ensuring that all systems and maintenance are accounted for in the budget
Planned and executed the migration all staff users from internal Office and Exchange to Office 365 and Exchange 365
Managed DNS, protocols, certificates, ports, and ingress/egress restrictions, Microsoft Group Policy and Active Directory management
Recommended, installed, and configured monitoring tools and alerts (intrusion detection, anti-virus, anti-spam, etc.) - investigated occurrences of spoofing or phishing and updated whitelist/blacklist prevention measures
Routinely audited Active Directory user and group accounts, MS Exchange accounts, folder permissions, and login activity Core Consulting/DPME – Consultant August 2017-November 2017
PHP/MySQL/HTML programming
Aftertime LLC – Principal August 2017-August 2022
Consulting as a Security Analyst/Architect
Astyra Corporation – Consultant April 2017-May 2017
Performing consulting as an IT Security Analyst
Subcontracted to work on IT risk assessments
3
Contracted to update IT security policies
Altria - Business Information Security Officer (BISO) March 2015-October 2016
Provided daily IT Security/Risk Management consultation to the ALCS IS operating company from the Director level down
Member of the internal CISO Board – reviewing requests that tested the limits of existing policies
Develop and manage policies, procedures, standards, and guidelines for the protection of Altria data in internal, external, and Azure cloud infrastructures
Performed internal and 3rd party IT risk assessments, worked with suppliers on their remediation efforts to ensure compliance to Altria’s IT contractual data security requirements, and leveraged risk-based ROI strategies to determine if solutions were warranted
Leveraged attack tree software to model and measure risks to the infrastructure to pinpoint areas of weakness
Architected, procured, and implemented an internal Static Application Security Testing (SAST) solution to improve the overall Security CMMI as gap identified by an audit presented to the Board of Directors
Worked on converting policies, procedures, and standards to fit the ISO27001 framework Genworth Financial – Information Security Architect January 2010-March 2015
Member of the internal IT Security Council and Data Governance Council – develop and review policies and procedures based on core risk management methodologies
Architect, administer, and manage policies for the Data Loss Prevention (DLP), Proxy, Firewall, SIEM and IDS/IPS infrastructures from manufactures including RSA, BlueCoat, and Palo Alto
Special Project - IT Project Lead for a large sub-business divestiture – coordinate all IT-based separation activities – identified and backed up all divesting business’s data, monitored and closed network ports in phases as part of the separation
Coordinated, managed, and executed a disaster recovery test of all R&P applications that fell under SOX Level 2&3 compliance
Worked with all teams to get the R&P Server farm accounts into Attestation compliance
Recommended and made changes for DLP to quarantine traffic going to Exchange Online and cloud file share services
Manage Genworth’s brand and reputation management services including domain registration and abuse notification
Continued performing OWASP vulnerability detection for, management of, and training on website vulnerabilities
Utilized a Security Information & Event Management (SIEM) system to collect logs from all network devices and perform queries
Performed IT Security Information research and early detection in partnership with the Genworth Fraud Response Team Genworth Financial – Web Infrastructure Architect September 2006-January 2010
Performed OWASP vulnerability detection for, management of, and training on website vulnerabilities
Stabilized and administered a web content management system for Genworth’s externally facing web sites
Strategized, procured, implemented, and managed a Google search infrastructure
Worked on a software development life cycle (SDLC) management system to store code and check for bugs Genworth Financial – Infrastructure Architect January 2005-September2006
Special Project – Divestiture – Designed, architected, and implemented a midrange data center migration of 80 servers, 3 storage arrays, and a tape library in an 18-month project on-time and under budget
Used business continuity practices to migrate data between application servers across three different data centers
Updated a 3-tier network architecture of layered security to host a new set of applications and database servers GE Financial Assurance/Genworth Financial – Sr. UNIX Systems Administrator November 1997-January 2005
Procured and provided application, storage, and security management for dozens of small to very large UNIX servers 4
Procured and managed a storage area network and tape library infrastructure consisting of 24TB across two data centers
Architected dozens of security solutions to control access to data and applications on UNIX and Linux servers
Architected and implemented a BCP solution and participated in multiple DR drills at an offsite location Education
Capella University – MBA – IT Management 2010-2013 Completed with a 4.0 average - Graduate with Distinction. University of Virginia, SEAS – BS Electrical Engineering 1988-1992 Alpha Chi Sigma professional fraternity; President of the UVA amateur radio club Awards and Special Training
HealthCare Information Security and Privacy Practitioner (HCISPP) (ID:410440) [2016]; Certified Information Systems Security Professional (CISSP) (ID:410440) [2011]; GIAC Certified Incident Handler (GCIH) [2016]; GIAC Security Essentials Certification
(GSEC) [2015]; Cisco Certified Network Administrator (CCNA) [2000]; UNIX/Linux system administration; Windows system and application administration; DoD Secret clearance [expired]; Eagle Scout - BSA. Additional Skills/Knowledge
Microsoft Windows Server; Microsoft Office & Office 365; Microsoft Exchange & Exchange 365; VMware; Firewalls (Fortinet, Palo Alto, Netgate, Checkpoint, Cisco); Disaster Recovery (Azure Site Recovery, Barracuda, Axcient); Security Tools (TrendMicro, SolarWinds, BurpSuite); Proxies (BlueCoat); Data Loss Prevention (RSA); IDS/IPS (Fortinet, Palo Alto); Application Security Testing (Whitehat, IBM); Residential Gateway (RG Nets rXg); SIEM (FortiAnalyzer, Splunk, QRadar); HP, Sun, and IBM UNIX & Linux; Shell scripting/Regular Expressions; Cloud Technologies (Microsoft Azure, Amazon Web Services); ISO270001, NIST 800, HiTRUST, CIS, COBIT Frameworks
Patents
WO2002089341 A3 - System and method for providing access to resources using a fabric switch WO2002091204 A3 - Data center providing geographic redundancy
Contact this candidate