Information Security Manager

SARAH GENN, MBA, PMP, CSM, CSPO, CISM

212-***-**** www.linkedin.com/in/sarah-genn **********@*****.***

Information technology leader with extensive portfolio management experience in information security, infrastructure and applications. Excellent organizational and problem solving skills. Managed multi-million dollar budgets and staff of 20 on and off-shore professionals. Delivery focused.

CORE COMPETENCIES

Large system design and implementation

Resiliency and business continuity

Global team management

Risk management

Strategic planning / Change agent

Regulatory compliance

Staff development and mentoring

Governance

Industries: Banking, Brokerage, Insurance, Pharmaceutical

Vendor management and contract negotiation

Chemical, Energy

Client engagement management

PROFESSIONAL EXPERIENCE

AST FINANCIAL 2017 – present

Corporate governance and advisory services, issuer and mutual fund proxy services, equity plan solutions, restructuring services, class action.

Senior Program Manager / Project Manager Information Security and Infrastructure

Manage portfolio of 50 Information Security and Infrastructure programs / projects, plan roadmaps and strategy.

Lead complex application infrastructure updates, improving performance with no business disruption.

Manage data center moves and storage upgrades, transition to encrypted storage for SQL server.

Lead virtualization of servers and mid-range computers, allowing creation of additional environments.

Apply Agile principles to design, testing and delivery of infrastructure projects; consistent feedback cycles.

Manage resiliency / cybersecurity steering group and coordinate cybersecurity tabletop exercises.

Mentor Project Managers, coach change control manager, initiate process improvements towards CMMI Level 2.

Teamed with Risk and Compliance to meet regulatory Cybersecurity requirements for US and Canada, including European privacy requirement GDPR and all four tranches New York State DFS Cybersecurity regulation 500.

Spearheaded encryption updates for data in transit and at rest, across multiple platforms, protecting data assets.

Prepare and present projects for Governance. Monthly portfolio reporting to executives.

Managed vendor selection for ERP, comparing SAP, Oracle and Infor. Developed $2.5 million funding proposal to assess value relative to other priorities.

Initiated standardized patching cycle for 1000 servers, part of resiliency effort.

Identify target groups for selected monthly phishing among 1500 US and Canada employees, reduced susceptibility from 20% to 4%.

AXA EQUITABLE 2008 – 2016

Lead Infrastructure Manager (2013 – 2016)

Managed Information Security and Infrastructure programs / projects.

Led re launch of Information Security Program, using SANS. Developed strategy, established work streams and staffing, including Hardening, Networking, Passwords, Penetration Testing, Code Scanning, Awareness, Vendor Management, Endpoints, Malware, Identity & Privileged user management. Managed $6 million budget.

Managed various multi-million dollar vendor relationships; one exceeding $20 million for data center hosting.

Drove Security improvements to patching and hardening infrastructure, OS and databases.

Directed workstation and laptop upgrades for 5000 Financial Advisors, without business disruption.

Negotiated contract renewal with a key vendor, saving $1 million per year.

AXA EQUITABLE continued

Lead Infrastructure Manager (2013 – 2016) continued

Implemented Symantec Data Loss Prevention (DLP) for sensitive data, encompassing outbound email, network monitoring and 6000 endpoints. Oversight of technical teams including Architecture, Data Center, Networking, Messaging, DBAs, Capacity, Storage and Disaster Recovery. Partnered with Risk Management to establish policies.

Senior Project Delivery Manager (2008 – 2013)

Managed infrastructure projects supporting multiple business lines.

Spearheaded build of infrastructure components for a $40 million new product platform.

Managed data center projects including multiple disciplines – DBAs, Network, Operations, Messaging, Capacity, Storage and Telephony in a CMMI Level 3 organization with onshore and offshore personnel.

Evaluated, managed and mitigated program risks, daily interaction with C level management.

Coordinated Disaster Recovery drills, performance testing, internal and external penetration testing.

Managed infrastructure, database and telephony transition for divesture of a major division.

CITIGROUP 2007 – 2008

Program / Project Manager, Consultant

Managed portfolio of global Information Security projects for high visibility regulatory commitments. Projects concerned compliance and third party risk management for thousands of global vendors.

Part of Corporate Center PMO, responsibilities included governance, extensive management reporting and preparation of talking points for top executives.

Coordinated efforts of global executive fifteen-person Steering Committee, for consolidated process and reporting on vendor Information Security across North America, Asia PAC, Europe and Latin America.

Provided managerial and organizational guidance for Project Managers and Project Analysts.

Managed implementation of additional Metrics and Quality Assurance, improving monitoring of Third Party Information Security assessments and overall Vendor Risk Management.

SUN MICROSYSTEMS, Citigroup Team 2004 – 2006

Senior Project Manager, Consultant

Managed adoption of new Operating System for Citigroup, introducing virtualization. Coordinated client activities across multiple disciplines, including Unix Engineering, Database Engineering, Storage Engineering, Network Security, Capacity Planning, Monitoring and Integration Testing.

Managed data center consolidation projects, which helped save costs including real estate and energy. Projects included migration of investment banking / capital markets applications.

Managed third party vendor readiness for new Operating System at Citigroup. Coordinated efforts with major tool vendors such as IBM and Veritas to integrate their products with new OS and virtualization.

Managed charge back improvement effort, including CPU allocation, storage, and memory. Wrote chargeback business requirements. The goal was more precise cost tracking for each application.

Organized performance tuning for new applications being installed in Sun environments.

Managed staff of seven architects and engineers, plus extended staff and matrixed client personnel.

CURRENT CERTIFICATIONS

PMP – Project Management Professional, 193851

CSM – Certified Scrum Master, 587778

CSPO – Certified Scrum Product Owner, 1084252

CISM – Certified Information Security Manager, 1004184

EDUCATION

MBA, Finance and International Business, New York University, New York NY

BS, Management Science and Engineering, Stevens Institute of Technology, Hoboken NJ

Contact this candidate