Manager Information Security
Resume:
Career Summary
Result-oriented technology industry executive and engineering principal, noted for streamlining IT Architecture, Engineering, Operations and driving business innovation, leveraging infrastructure and data center expertise to accelerate business growth and gain competitive edge. Multiplatform enterprise security, operations, networking and business transformation expertise.
-Leadership of 70+ SME’s and engineers with a allocated budget ranging from 30 to 50 million
-Hybrid Data Center/Cloud “First” Strategy
-End User Services Roadmap and Strategy
-Data Center build work with automation solutions
-Hadoop and DW exposure
-Unified Communication
-Life Cycle Management Strategies for Hardware and Software.
-DevOps modeling and implementation
-Standardization and Migration strategies.
-Monitoring strategies (APM solution – legacy versus proactive)
-SOX, COBIT Governance Model and workflows for Audit controls
-Security and Operational Risk Management
Led complex technology upgrades and operations improvement credited with stronger client retention and service. Rose through operations, software and leadership roles, taking on vendor negotiations, cost control and infrastructure build outs.
Areas of demonstrated expertise include:
Project/Technical Management
Operations Management
Technical Leadership
Vendor Management.
Strategic IT Planning
Managing Support Environments.
Virtualization Architecture
Risk Management
Budgeting and Cost Control
Technology Owner & Expertise
Management Methodologies: Project Management, ITIL v3 Fundamentals, Risk/Problem Management, Governance. Proven ability to lead, motivate and build successful teams. Ability to manage operations within budgetary constraints. Building and maintaining strong and effective relationships with suppliers and customers. Strategy and Metrics driven utilizing Six Sigma, TQM, & Lean methodologies for success.
Management Tools: Project 2016, Mindjet MindManager, Office Suite, Tableau software.
Analytic Tools: Remedy, Clarity, RapidMiner, Jira, Riskview and Tableau software.
IT Architecture:
Operating Systems:
Windows - Windows 2003, 2008, 2012 and 2016, Windows Clustering, DFS, WINS, DNS/DHCP, Internet Information Services (IIS), GPO Admin and Quest software, Active Directory design and implementation, Group Policy design and implementation, Directory services-based security
Linux - SUSE 9, 10 & 11, RHEL 6.6 & 6.8, 7.x, Centrify, Hadoop (HDFS)
Performance/Availability Monitoring and Optimization: IBM Tivoli Monitoring Suite, HP OpenView/BSM, BlueStripe, Opnet, SolarWinds, Dynatrace, Cisco Prime and Compuware.
Configuration Management: Microsoft System Center Configuration Management, Puppet, Tivoli Endpoint Manager (Big Fix), Automated software and OS deployment
End User Computing: Unified Communication - McAfee, Airwatch and Good Mobile Device Management for iOS and Andriod Devices, MDOP, Proof Point, Exchange 2013 and Communicator, WebEx, Office 365, Intunes
Virtualization: VMware ESX/VMware Virtual Center, VMware View, MS Hyper-V, SCVMM, Citrix XenDesktop (XenApp, XenClient & XenDesktop), MS Application Virtualization (APP-V), AppDNA, ChangeBase OK, AppZero.
Data Center/Cloud: Equinix & CoreSite Colocation DC, Microsoft Azure (Government Hubs), AWS, Google Cloud Platform, VMware Private Cloud, CSC Biz Cloud
Security Technologies: LogRhythm (SIEM), Splunk, Sophos X, McAfee, SourceFire Monitoring, Symantec DLP/EPP, Qualys Vulnerability and Configuration Management, ProofPoint, zScaler, Okta, Microsoft ADFS & MFA, Nessus, Cyberark PIM, ArcSight, Microsoft BitLocker Drive Encryption, Cypherix Cryptainer.
Product Implementation and Support: Salesforce, Workday, ServiceNow, SAP, Customer Care & Billing, GIS, Collaboration application – Slack, MS Teams
Professional Experience
Healthfirst
Director of IT Infrastructure and Operations July 2019 - Present
Visionary IT executive and innovative leader trusted to bridge the gap between modern technology and business needs ensuring seamless organization transitions. Proven track record implementing high-impact organizational improvement strategies through technology modernization and operational efficiencies. Able to introduce enterprise agility leveraging iterative planning, new technology adoption and recruiting versatile talent. Reporting to the CIO, responsible for development and implementation of strategies to manage and operate IT Infrastructure and Operations (Engineering CI/CD Pipeline, Operations/Command Center – Level 1 and Level 2), Organization by providing “White Glove” services to customers. In addition, functioning as a Business Relationship Manager to understand end user requirements and opportunities for improvements.
Establish the mission and vision of the IT Infrastructure and Operations Organization to foster a business-oriented culture and mindset driven by continual service improvement techniques
Critical initiatives:
oModern Desktop: Windows 10 Upgrade via Intune (Azure)
oOffice 365 Design & Deployment:
Policies, Governance and Operating Model
Campaign, Training, Communication & Delivery
oBRM Program:
Established BRM functions
Establish Field Support Services functions for multiple BUs
Championed adoption of an enterprise-wide hybrid cloud strategy simplifying and modernizing the technology stack enabling operational efficiency, stability and reducing technology sprawl
Product Owner for the following Infrastructure Services:
oNutanix Platform for Virtualization Environment
oModern Workplace
oMonitoring Services Roadmap
oLevel 1 Operations for Platform and Application Support
Risk Management Implementations:
oDevelopment and Execution of Healthfirst’s Information Security strategy and roadmap which included execution on Audit controls and build out of Risk Register
oDefining standards and policies covering all Healthfirst public/private cloud activities accounting for HIPAA, HITRUST and PCI compliance requirements
oForcePoint
oSplunk
oForceScout
oEndpoint Management solutions
Provide technology assessment and guidance of new and existing technologies.
Establish policies, procedures and coordinate activities to achieve targeted goals.
HBO
Director of Enterprise Infrastructure & Desktop Engineering November 2018 – July 2019
Reporting to the SVP, responsible for architecture, and implementation of digital products and back office solutions to manage and operate IT like a business, ensuring that the value delivered by IT was greater than its cost. Management of Enterprise Infrastructure, Platform Engineering & Operations, Architecture and Strategy and Desktop Engineering. Leader responsible for transformation of IT Infrastructure and Operations (I&O) for the organization into a successful strategic partner and built and led a world-class operation that included hybrid datacenters, global networks, security operations, servers, databases, program management, and service management.
Establish the mission and vision of the global IT Operations organization to foster a business-oriented culture and mindset driven by continual service improvement techniques
Data Center Consolidation and Migrations (4 Data Center from NY to Atlanta and Las Vegas)
End User Computing Strategy (Windows 10 with Intunes, Office 365, MACs with JAMF, VDI standardization, etc.)
Provide architecture review and implementation plan for all security initiatives and programs.
oDevelopment of HBO’s Information / Cyber security strategy and roadmap including build out of Risk Register
oExecution of Patch Management Strategy (Operating Systems and 3rd Party)
oDevelopment and Execution of IT Configurations standards (Operating Systems, Databases, Application Development)
oQuarterly monitoring and improvements of IT controls for Audit reviews
Ensures a continuous Global IT Risk Management dialog with leaders across the enterprise on the adequacy and effectiveness of IT security precautions, IT service levels, and IT disaster recovery plans.
Establish and implement organizational policies, “SMART” goals, objectives, and procedures by adopting a clear technology strategy and executing with extensive automation and centralized monitoring.
Provide technology assessment and guidance of new and existing technologies.
Establish policies, procedures and coordinate activities to achieve targeted goals.
SUEZ
Head of IT Infrastructure Services (Director) September 2016 -November 2018
Reporting to the CIO, responsible for development and implementation of strategies to manage and operate IT like a business, ensuring that the value delivered by IT was greater than its cost. Charged with driving five key operating requirements: IT Infrastructure delivery/execution, project transparency and risk management, prioritization and planning, status/performance visibility & communications and performance metrics & management.
Led day-to-day operations of IT Infrastructure Services (Data Centers, Platforms, End User Computing, Service Desk, Networking, and Security Engineering and Operations)
Strategy and execution of SUEZ’s North America top 7 IT initiatives
oIT Technology Roadmap
oSUEZ Data Centers and Cloud “First” Strategy
oSCADA redesign and Service Model Strategy
oITSM Strategy and Business Model
oNetwork & Voice Managed Services (WAN & IVR)
oGlobal IT Architecture Roadmap
oEnd User Computing Roadmap
Architecture and execution of SUEZ’s North America top 5 Business Demand and Growth initiatives:
oLinear Asset Management
oOperational Excellence and Workforce Mobility (WFM)
oCustomer Care and Billing
oAdvanced Metering Systems and Global Information System (GIS)
oCustomer Relationship Management (CRM)
Establish and implement organizational policies, “SMART” goals, objectives, and procedures by adopting a clear technology strategy and executing with extensive automation and centralized monitoring.
Run executive steering committee meetings across all “Line of Business” to distribute and finalize technology strategy roadmaps.
Provide technology assessment and guidance of new and existing technologies. Utilizes strategic planning and IT best practices to achieve short and long-term goals set by the CIO.
Prepare, justify and manage IT Department's budget of over 40 million dollars.
Establish policies, procedures and coordinate activities to achieve targeted goals.
Planned and initiated technology (hardware/software) purchases to best take advantage of new technology.
Delineated areas of responsibility for and coordinated work patterns of information systems to provide optimum service. Streamlined work production to enhance the overall operations of the information system.
TDAmeritrade
Sr. Infrastructure Manager, Risk Management July 2013 – September 2016
Led the complete transformation of technology ecosystem (application and infrastructure) for driving down risk and impact through influencing process owners. Responsible for developing and delivering dashboards, scorecards and analytics for multiple departments with the CTO organization to assist identification and resolution of problem trends, patterns, clusters and draw relationship between cause and effect.
Operational and Security Risk Management
Materiality Report redesign for reporting on risk and materiality reduction initiative
Improvement of Problem Management Metrics for Audit and compliance
Strategy and execution of Risk Management initiatives:
Rapid Miner Data Mining Implementation and logic build out of unstructured data mining for trend analysis
Improvement in ICAP Controls and Problem and Risk Management Workflow and Policies.
Technology Risk Committee Metrics Dashboards
Managed the operations of network and systems scans using Qualys, and AppSecurity; ensuring compliance to Security Technical Implementation Guidelines, System Requirements Reviews (SRRs); performing Vulnerability Assessments
Performed compliance audits, system reviews and physical risk environment assessments including gap analysis of policies and procedures. Conducted 600+ server security assessments; identified potential risks to critical information through assessments of operating systems, web applications, networking devices and other technologies
Assisted in defining access rights and privileges, and administered logical access controls and security systems. Scanning of Oracle and SQL databases in the enterprise; performed risk assessments to identify threats to information security, ensuring that data, systems, and databases are protected from unauthorized users
Managed strategy and framework for Third Party Risk Assessment
Developed internal security risk vendor assessment program
Development and delivery of an enterprise-wide information security awareness program
Developed framework for internal security awareness communications, including websites, in person training sessions, and virtual and online training sessions
Led the complete turnaround of IT Server infrastructure by establishing and fostering strong partnership with the CTO and Application Development organizations helping the leadership team meet their business plan and establishing IT Business Management as integral part of IT Operations and success.
Led day-to-day operations of Engineering and Operations/Management of Linux & Windows Platform which included Virtualization (VMware & Citrix) for 11000 Windows/Linux servers and 6000 end user devices. Managed a team of 30 employees and 40 contractors
Strategy and execution of top six CTO initiatives:
High Availability Data Center Build and Move with automation solutions
Compliance and Audit Deliverables:
Design and Implementation of “Delegation Model” solution for Operating systems utilizing Centrify and Active Directory GPO
User Access Control Management – Operations and Control Management.
Implementation of “Break Glass/Fire Call” solution utilizing Cyberark PIM technology and ICAP controls for verification
Security Patch Management Strategy and execution utilizing process workflows and IBM Tivoli Endpoint Manager
Unified Communication Strategy
Factory:
Design, Deploy, Maintain & Operate operating pillars to deploy new infrastructure and application systems
Hadoop Implementation for Analytics and Data Warehouse utilizing Tableau as the front-end and Hortanworks Hadoop with 300 TB storage
Life Cycle Management for EOL systems
Windows 2003 Operating System migration utilizing AppZero, automated OS deployment and SCCM
SLES 9, 10 & 11 migration utilizing Puppet, and automation tools
Developed an expense optimization program for all technology domains under my department’s umbrella. This helped in showing better transparency on avenues to reduce optimized cost
Led the negotiation and finalization of multi-million dollar Enterprise ELA agreement for following vendors:
Microsoft
IBM
Built an IT Governance model using committees and boards that have defined charters, chairs, and membership, covering Information Security, Operational Risk Management - Controls, Portfolio Planning and Demand Management, IT Strategy, Asset Management, Capacity Management, Service Management and Operational Performance
Establish and implement departmental policies, “SMART” goals, objectives, and procedures by adapting a clear technology strategy and executing with extensive automation and centralized monitoring
Redefined project execution practices such that over 94% of business and infrastructure projects are on-time and on-budget
Adaptation of Lean belief system to provide actionable metrics and incident reduction by 30% in the materiality reports, track and improvise improve processes leveraging “Lean” problem solving.
Run executive steering committee meetings across all “Line of Business” to distribute and finalize technology strategy roadmaps
Provide IT leadership, project management, relationship partnering, and budget planning for strategic and tactical technology direction
Set up budget estimations and control operating expenses for each department
Guardian Life Insurance Company of America
Sr. Systems Architect/IT Manager February 2000 – July 2013
During my tenure at Guardian, I have been fortunate to be involved in key initiatives and projects across all lines of business as well as work in a number of management roles with diversified teams.
Worked initially as contractor and converted into a FTE.
Led day-to-day operations of Server Engineering/Operations, Desktop Engineering and Enterprise Monitoring Systems. Provide IT leadership, project management, relationship partnering, and budget planning strategic and tactical technology direction. Domains include Windows Desktop, Servers and Virtualization (VMware & Citrix) for 8000 Windows/Linux servers and 9000 end user devices, Microsoft Active Directory, HP Operations Manager/Business Service Manager Suite, IBM Netcool Event Management Suite. Manage a team of 28 employees and 20 contractors
Data Center Consolidation project including Planning, QA, and Migration of IBM and Dell servers to VMware. As technical manager, led enterprise-wide virtualization effort, overseeing architecture/design, migration planning and reduced the company’s server hardware footprint by 40% leading to savings in power and cooling
Strategy and Execution of the top five initiatives:
Work Force Mobility via Virtualization
Standardization and Migration
Application Delivery on Demand
Enablement of Mobile Devices via MDM
Ease of doing business – productivity and collaboration tools
Designed a reliable and consistent desktop experience in the work place, at home and through mobility. This included the re-design of the Active Directory infrastructure leading to one “Gold” Image for all end users and the introduction of Roaming Profiles and Global Client/Applications Settings
Deployment of Windows 2000, Windows XP, and Windows 7 in national environment with over 14,000 end users for associates and brokers. Managed a team of 10 engineers and 50 contractors from Siemens Business Services
Operational risk assessment for IT infrastructure via KPI and data analytics dashboards to for risk reduction initiatives
Outsourced the day-to-day site support operations to Siemens Business Services and managed the relationship
Increased team morale and technical retention through leadership style and business improvements and soliciting feedback
Building strong relations with right vendors to reduce cost, improve support. Review proposals from vendors including SOWs, RFPs, ELAs
Barclay Bank, New York
System Administrator (Consultant) January 1998 to February 2000
Managed Installation of SMS 1.2 environment for the Barclay Bank infrastructure.
Reengineering of more than 500 workstations & 150 Servers for Y2K compliance.
Implement and deploy system policies and user profiles for the Windows NT environment.
Education and Certification
Masters of Science in Computer Science – NYIT, New York.
Vinod Chachra IMPACT Lab at Radford University’s Cybersecurity Program
Bachelors of Science in Hospitality Management – NYC Technical College, New York
Operational excellence: Six Sigma, TQM, & Lean training.
ITIL Foundation Certified
Leadership Training – Leadership “Coach and Lead” trainings.
Microsoft Certified IT Professional.
Microsoft Certified Technology Specialist.
Currently pursuing Certified Information Systems Security Professional (CISSP) Certification.
Attended Microsoft Management and Red Hat Summits yearly to keep up with emerging technology.
Knowledge of Security Standards and regulation (SOX, HIPAA, ISO 27001, NIST)
Contact this candidate