Information Security Manager
Resume:
Bassey Ben Etok, MS PM, Graduate Cert. Cyber Security, PSM
Sr Project Manager/ Delivery Manager/Scrum Master
********@*****.***
**********@******.***
SUMMARY OF EXPERIENCE
Project Manager with over 12 years of professional information technology experience implementing IT solutions for Abbott, AMN Healthcare, Cardinal Health, JP Morgan, Nationwide Bank, Tenneco Automotive, Kellogg and State of Massachusetts Office of Technology Services and Security and Ameren in infrastructure, Application Development, Organizational Change Management (OCM) and Cyber security. Adept at implementing business and IT solutions to save cost, maximize customer satisfaction, experience and, also create business value for my clients.
Also, successfully implemented international infrastructure refresh and integration, bank lending, mortgage, digital and marketing projects, Service Desk platform ITSM and upgrade, RSA Archer modules optimization and automation for robust end to end Incident, Risks and vendor risks management. Proven experience managing multiple medium to large enterprise-wide and GRC projects -PCI, NIST, GDPR implementation and Cyber Events simulation and surface intrusion and endpoint remediation projects.
Technology Tools:
● Microsoft Office 365 applications -Word, Excel, MS Project 2013 server, PowerPoint, Outlook, Visio ● Clarity, Workbench, Planview ● ServiceNow ITSM, Remedy ● Microsoft Team Foundation Server ● SharePoint ● Cyber Security, Network monitoring, ITIL, PCI DSS 3.2.1, SOX, NIST CSF, HIPAA, ISO 27001/02, IAM ● PMBOK/Agile -Scrum methodologies, SDLC, Waterfall, Jira, Qradar, Nessus, Tenable i.o, Tableau and Splunk analytical.
Professional Experience
Sr Digital Projects Management Consultant
Ameren Energy- St Louis Missouri January 2020-
Implement ITSM service definition and External Identity Access Management (ForgeRock) and integration projects.
Implement ITSM process to identify and capture business processes digital supports, define Digital Services that support those business processes, develop mutually agreed upon Service Levels, create a Service Catalog to house the above information. Also create Service Maps showing the connections between business capabilities and all the supporting Services and technologies.
Successfully managed challenges associated with enterprise solution delivery with multiple vendor (Accenture) and cross functional interdependencies to meet aggressive timelines in support of identity access management and platform integration.
Managed concurrent vendor applications (iSupplier, PayAgent, MyEnergy, LiHeap, Wiring Okayetc), integration projects with tight delivery timelines, diverse teams making sure technical issues, risks and requests are resolved in a timely and expeditious manner.
Successfully managed integration build activities in integration requirements gathering, design development, testing, UAT, production migration, and post production Hyper-care.
Sr IT Project Compliance Consultant
VACO Consulting- Cincinnati Ohio- June 2019
Senior consultant for the Cincinnati market assisting companies leading Information Security and Compliance engagements. This involves performing activities in support of creating and maintaining IT compliance such as NIST, PCI-DSS, GDPR, SOX ITGC Information Security controls, BCP/DR and other contractual compliance obligations, standards and requirements per clients' needs. This ensure compliance and security related Policy, process, guidelines, and standards for compliance to the requirement as per client needs.
Responsible for ensuring SOX/PCI-DSS/NIST Compliance with all IT related functions.
Develop, maintain risk & security management plan for the engagement and provide periodic updates to the management on the Information Risk & Security Compliance
Lead the implementation of contractual compliance requirements ITGC controls including Information Security, SOX, NIST, PCI-DSS, GDPR and BCP/DR.
Create and monitor the risk mitigation plans.
Prepare and implement effective security and compliance training to employees to ensure that any changes in regulations are communicated in a timely manner.
Develop and monitor security metrics for the engagement.
Engage with external auditors & customer visits for Information Security and Compliance assessments.
Plan and ensure Internal Information Security compliance audits, reviews and reconciliation as part of compliance abidance.
Ensure IT systems, policies and procedures comply with applicable regulations and the master service agreement signed for the client engagement
Monitor and evaluate security measures to protect against reasonably anticipated threats or risk to the security of Client sensitive information
Produce reports highlighting issues and providing potential solutions
Monitor and evaluate security measures to protect against reasonably anticipated threats or hazards to the security or integrity of Client sensitive information
Review security exceptions for the engagement and identify risks.
Responsible for user access permissions audits to ensure compliance with SOX ITGC
Sr. Cyber Security program/ Project Consultant/Scrum Master
Massachusetts State Office of Technology Services and Security - Boston, MA
November 2018 to Present
● Manage onsite and remote(international) teams using remote agile/scrum practices and values.
●Supporting and educating the product owner on grooming and maintaining product backlog
●Assessing the scrum maturity of the team, coaching to attain high productivity, quality
●Manage and lead sprints planning, stories and moving impediments and resolving issues
●Implement PCI, AD and framework compliance
● Implement vulnerability management tools, security assessment and establish and promote
Process across 9 state secretariats.
●Facilitating discussion, decision making, conflict resolution and creating transparency via communication
●Create asset inventory, provision, and prioritize scanning, and collaboration with Red teams.
●Successfully managed patching across 9 secretariats for effective vulnerability management posturing for Windows and Linux systems and apps
●Collaborate, participate and drive remediation work streams on engagements with secretariats and CIO, CISOs relating to endpoint security including mobile threat defense, endpoint detection and response, patching, compliance and system hardening.
●Review and validate vulnerability findings using tools, data sources available and identify new sources as needed
●Implemented Splunk design, architecture, use case development and integration with data and security systems and monitoring, alerts, compliance and dashboard implementation.
●Successfully assess cyber security risks linked to vulnerabilities and developed enterprise wide mitigation and remediation project plans.
●Collaborate with secretariats’ cyber security and risk management teams for issues resolution, mitigation plans and escalations.
●Collaborate with secretariats to develop approaches for system patching, deployment of controls, coding, infrastructure changes etc.
●Manage on premise and cloud infrastructure security landscape to increase visibility, security posture and prevent unauthorized access.
● Manage Ernst &Young, and remote Red Teams for successful delivery per SOW.
Sr. Cyber Security Project Consultant
May - August 2018
Kellogg- Oakbrook, Illinois
●Implement governance, risk and compliance (GRC) – GDPR, IAM and RSA Archer projects.
●Successfully implemented IT Security Risk Management aimed at increasing a robust ability to mitigate risks of new system integrations
●Maintain Archer GRC platform components – Server hardware, SQL databases, Windows services, RSA Archer product software
●Collaborate across functional areas and SMEs to recommend solutions and provide expertise for the platform development architecture.
●Managed data analysts SMES to develop eGRC dashboards and produce key information for CIO/CISO and leadership reporting and decision making
●Successfully integrated RSA Archer with key source systems - IT4IT sources such as (iServer), ServiceNow, and Tableau, SIEM and Splunk compliance tool.
●Configure and customize core solutions enhancement like Incident management, Enterprise and vendor risks
●Design, configure and implement Archer enterprise and IT risk assessment modules, populated with business hierarchy, processes, technologies and resources.
●Research, evaluate and analyze vendor risks in Archer
●Configure applications, workflows, dashboards, and data feeds using API
●Coordinate Security Risks Evaluation reviews for vendors and internal projects
●Generate reports for executive review and decision
Sr. Projects Delivery Lead Consultant
Tenneco - Lake Forest, IL November 2017 -May 2018
●Manage infrastructure, app dev and security projects from ideation to completion.
●Facilitate and moderate IT weekly/monthly board and stakeholder meetings.
●Coordinate buy in and adherence to business processes and compliance to IT governance and security risks assessment within projects and business service areas.
●Implement ServiceNow(ITSM) and Service Desk platform ITSM workflows upgrade
●Conduct ServiceNow upgrade workshop
●Plan and coordinate meetings and discussions related to Corporate IT efficiency and day to day activities.
●Implement Hyperion Financial reporting for enterprise reporting
●Perform and document IT service and compliance weekly audits and status update.
●Managed and coached onsite/offsite developers and test teams
●Create customization(APIs) and automation for archer tasks fulfillment and compliance reports
●Manage day to day tasks/activities for all resources assigned to projects and ensure completion per requirements and charter
●Manage OCM related projects and metrics to align projects with enterprise expectation and change directions
●Work with vendors, shape requirements, deliverables, timelines ensuring integration and communication across teams, management and vendors
●Ensure compliance with security requirements.
Cyber Security Consultant/Project Manager
Fifth Third Bank Cincinnati, OH March 2017 to September 2017
●Collaborate with senior management, IT engineering, and implementation, operation teams to identify, prioritize, develop and track strategic IT security project initiatives aimed at remediating vulnerabilities in enterprise infrastructure and operational environment.
●Analyze penetration test results and engage with technology partners and IT SMEs to resolve identified vulnerabilities
●Implement surface intrusion solutions-email protection and anti-virus(McAfee/Symantec) software to harden end user protection
●Incorporate and manage enterprise OCM requirements and deliverables in cyber security projects.
●Monitor and analyze syslog for network events generated from network security controls.
●Scheduling service and project meetings with vendors and clients to plan and implement project deliverables and engaged supporting teams for tasks completion
●Lead and participate in the development, review and delivery of project deliverables identified in the project plan.
●Communicate project issues, progress, expectations and build commitment from key stakeholders.
●Worked with vendors and customers to identify and manage RFP/SOW deliverables in project scope and plan.
●Successfully planned and managed cyber events simulation and preparedness projects within the bank and specialized third-party actors.
●Executed key program requests, technology project deployment coordinating with business, project team and operations to ensure requests are communicated across the enterprise.
●Manage critical project dependencies to ensure that all requirements are syndicated to relevant work streams and business partners.
●Identify critical risks and issues, drive resolution, and escalating to senior management, stakeholders using contingency planning and appropriate risk management procedure
IT Projects Delivery Manager/Scrum Manager Consultant
Nationwide Bank - Columbus, OH - June 2016 to March 2017
●Agile/waterfall environment) Manage onsite and remote teams using remote agile/scrum practices and values.
●Designed and implemented solutions that increased sales, revenue, marketing experience for end users and customers
●Supporting and educating the product owner on grooming and maintaining product backlog
●Assessing the scrum maturity of the team, coaching to attain high productivity, quality
●Manage and lead sprints planning, stories and moving impediments and resolving issues
● Facilitating discussion, decision making, conflict resolution and creating transparency
●Responsible for leading agile teams in implementing financial IT projects within IT Solution Areas (Bank Business Service Areas- Mortgage, Lending, and Marketing).
●Managed Call center and mobile applications development projects
●Lead all aspects of information technology projects and multiple IT projects, including project planning, execution, timing, functionality, quality, communication and budgeting.
●Successfully implemented security requirements for Beacon projects
●Managed and coordinated internal resources, third party vendors in executing integration projects.
●Supply recommendations and subject matter expertise for the development/architecture of the tableau platform.
●Prepared, tracked and analyzed project budgets for variance
●Produced WBS define project phases, activities, tasks and deliverables for multiple bank IT projects.
●Managed IT Building/Data center migration and deployment using manual and automated SQL DB.
●Produced and coordinate project communication, metrics and weekly updates to relevant stakeholders on project performance and progress.
PMO International IT Project Manager Consultant
Cardinal Health, Dublin Ohio - Dublin, OH July 2015 to June 2016
●Manage multiple with low to high complexity Tech Refresh/infrastructure integration/data center migration projects in China for Cardinal Health.
●Gather and agree on project objectives, requirements, deliverables and develop scope and project plan
●Define solution, team structure, set expectations, lead, coach and motivate team
●Perform project risk assessment and issues management
●Manage cross-functional US and China teams for effective project alignment and delivery.
●Effectively manage cost, schedule and scope for timely and quality project delivery
●Produce WBS; define project phases, activities, tasks and deliverables for multiple projects.
●Produce and coordinate project communication, metrics and updates to relevant stakeholders on project performance and progress.
●Gather and agree on project objectives, requirements, deliverables and develop scope and project plan
●Define solution, team structure, set expectations, lead, coach and motivate team
●Perform project risk assessment and issues management
●Track activities, open action items, and report project progress
●Manage project budget, resources cost and infrastructure expenses
●Successfully monitored vendor expenses, performance and resolve issues.
●Responsible for managing project costs, estimating, forecasting, and reporting on variance.
●Schedule and moderate web and onsite meetings using Lync, Skype, WebEx, take and develop minutes to communicate to project teams.
●Perform project closing activities and final report to stakeholders.
MS Implementation Project Manager Consultant
AMN HealthCare - Irving, TX February 2015 to July 2015
●Develop project plans in alignment to scope and schedule.
●Enterprise-wide healthcare software implementation incorporating medical staffing, benefits, eligibility, scheduling and payer system in a cross functional environment.
●Coordinating 21 concurrent Shift Wise software conversions and implementation projects in a cross-functional agile team environment. Resolved problematic technical issues
●Documented workflows and incorporated comprehensive training plan to medical staff that more than doubled access intake and compliance rate.
●Coordinated Shift Wise software project that integrated medical and paramedical staffing with scheduling, onboarding, eligibility, benefit and payer system
●Analyze and discuss the potential risks/benefits involved in using the Shift Wise software technology solution to address the business and affordable Act requirements.
●Track and document risks, opportunities and open action items/issues to meet quality and project goals.
●Create charts, document, analyze and manage KPIs/dashboards for ongoing projects.
●Schedule and execute project team meetings and develop minutes.
●Monitor project progress and develop weekly/monthly updates and status reports for team and C-level executives.
Project Manager (Contract/Consultant)
Abbott - Columbus, OH August 2014 to February 2015
●Coordinate software license transfers and software harvesting projects
●Collaborate with functional project managers to ensure alignment with projects scopes and goals
●Define solution, team structure, set expectations, lead, coach and motivate team
●Perform project risk assessment and issues management
●SharePoint maintenance: create, edit and update project plans, communication artifacts etc.
●Collect and analyze business requirements into technical requirements for project scope and solution delivery using agile methodology.
●Convene and moderate meetings for SWLT project team and core group
●Monitor and manage risks metrics with owners until resolution
●Performed Work Breakdown Structure to align teams with tasks, timelines and budget
●Maintain Microsoft Project Schedules, monitor tasks durations, completions, delays, costs, variance report.
●Manage Software Asset Management team resources with vendors.
IT Project Manager
JPMorgan Chase August 2011 to August 2014
●Produce and coordinate project documentation and updates to relevant repositories
●Coordinate enhancement, security and compliance and mobile applications projects on financial platform
●Conducted Risk Assessment based on NIST and ISO standards controls
●Tracked variance, schedules and project resources and assigned duties by managers.
●Managed projects using Excel spreadsheets, MS Word, Adobe Acrobat and SharePoint for updates and data management
●Manage multiple with low to high complexity Tech Refresh/infrastructure integration/data center migration and SAP projects in China for Cardinal Health.
●Gather and agree on project objectives, requirements, deliverables and develop scope and project plan
●Define solution, team structure, set expectations, lead, coach and motivate team
●Perform project risk assessment and issues management
●Develop process documentation, standards, policies, and collaborated with business partners and works cross-functionally with departmental team members.
EDUCATION
●Master of Science in Management/Project Management(MSPM) Strayer University - Columbus, OH
●Master of Art International Affairs (MAIA) Ohio University Athens Ohio
●Graduate Certificate - Cyber Security IT Auditing, Governance & Policies, CISSP (on-going studies) Keller School of Management
●PMP- (enrolled)
Contact this candidate