Post Job Free
Sign in

Information Security Manager

Location:
Phoenix, AZ
Salary:
155,000.00
Posted:
March 01, 2021

Contact this candidate

Resume:

Pamela Palestini, PMP, CISM, CISA

***********@*****.***

Scottsdale, 55th 85254

602-***-**** linkedin.com/in/pam-palestini-pmp-cism-cisa-a388776/

Information Security Executive

Highly skilled multifaceted leader with extensive experience successfully managing national and international IT teams and programs. Possess an extensive background in information security, IT management, application development, portfolio management, as well as merger experience in the financial industry. Certified CMMI SCAMPI Internal Auditor and certified ISO 9001 internal auditor. Solutions-driven and accustomed to managing in both virtual and matrix-based environments. Skills in working with industry regulations including Sarbanes-Oxley, Basel regulations and OCC Regulators. Experience working with Jira using the Kanban method of agile and Confluence collaboration tool. Honored multiple times by the Project Management Institute (PMI) to assist with re-writing the bank of questions for the PMI certification exam. Areas of expertise:

Team Leadership Leadership Project Management Portfolio Management Vendor Management Risk Management

IT Strategy Software Development Life Cycle (SDLC) and Agile Business Process Improvement

Experience

WELLS FARGO, Phoenix, Rose Garden ST AZ October 2013 - Present

Information Security Manager, Enterprise Information Security

Manage two mid-range Security Engineering teams (iSeries & HP NonStop). Manage large, complex information security projects /work and a number of smaller specialized security efforts with direct impact to organization wide information security objectives with high risk and complexity. The programs were all run and tracked in an agile method using Jira with Kanban boards.

Oversee all activities and people associated with initiatives that are highly complex and strategic in nature, and unique with enterprise-wide scope, high risk, resulting in a substantial increase to the companies’ risk posture.

Manage and mentor both direct and indirect reports on a day-to-day basis.

Maintain an in-depth knowledge of Information Security Technology, Enterprise Information Management, business strategies, and the company, to manage programs associated with major initiatives.

Interact with senior leadership and major stakeholders to establish strategic plans (1 year, 3 year and 5 year strategy) and objectives for programs and projects.

Set high-level strategy on business, products, and customer service needs to drive business growth and profitability.

Analyze profitability, programs and staffing to ensure optimal business results.

Initiate and direct complex, high risk programs and projects, including those managed by both direct and indirect reports. These were established first based on inherent risk level followed by deep dive analysis.

Oversee staff in their identification of requirements, development of project plans/ strategies, and preparation of business cases.

Regularly influencing and negotiating with executive management ensuring compliance with government regulations and enterprise policies keeping our baselines current.

Wells Fargo - Program Manager, Information Security Technology – Large Systems Security Engineering February 2009 – 2013

Managed the merger of two large financial institutions, setting direction for the go forward company and the initiatives to success.

Managed seven mainframe and mid-range merger integration initiatives with a team of 40+ staff resulting in clear, concise playbooks for our go forward direction.

Managed a portfolio budget of $9.3MM within 0.94% of forecast.

Built and managed a team of 35+ resources comprised of project managers, technicians, analysts, SMEs, and line of business partners and users.

Directed core team sessions, identifying scope as well as building the financial business case and supporting materials to complete the target operating model for the go forward merged company.

Interviewed, hired, and managed 5 project managers and 3 business analysts to work with a multitude of SMEs while bridging the gap between the engineers and the users.

Mentored and trained legacy Wachovia peers to the new tools and processes holding multiple training sessions. Coached and mentored junior PMs throughout the merger.

Received Success Awards for the lowest forecast-to-actual variances and for leadership and accountability.

Pamela Palestini Page 2

All projects within the merger program experienced zero severity 1, 2 or 3 outages from the onset.

Consistently mitigated operational risk through testing, readiness reviews, conflict assessment and process reviews.

Managed the ongoing communications and decommissioning team of 15 legacy Wachovia applications and their migration to surviving Wells Fargo applications. Negotiated a change to the application decommissioning playbook that resulted in financial savings $500K per application being decommissioned.

Selected to absorb additional responsibility as a result of department efficiencies.

Met formally with sponsor, their directs, SMEs and PMs weekly to cover status, issues, risks and upcoming events, and informally as required ensuring the sponsor always had current data and was prepared for all situations.

Successfully managed an Advanced Peer to Peer Network Security Team in the rollout of SNA firewall rules along with the associated monitoring software. Supported the team in establishing secure session keys with all of our external vendors and the implementation of improved security controls in the mainframe environment. Worked with the Operational Risk Management group to enhance their assessment process and eliminate risk initiative redundancy.

Managed the Mainframe Security Remediation program (Self-Identified Security Assessments) in the first 4 of 49 remediation efforts. This was the start of one of the largest, most complex initiatives. Managed 25+ staff and a budget for the first 4 efforts of over $6MM. Throughout the forecast to actuals had a zero percent variance. As part of a group effort, we changed some of the Bank’s security policies to increase the security posture and mitigate operational risk to the company. Also studying for the CISA (Certified Information Security Auditor).

Project Manager, Enterprise Information Management, June 2007-2009

Managed the Access Management Lifecycle project to migrate 123 high-risk ranked applications to centralized processes for provisioning, de-provisioning and certification.

Consulting Firms (ATR, Productive Solutions & Ajilon) March 2005 - July 2007

Led the success of all IT related projects from initiation to closing using PMI best practices. Responsible for the overall project lifecycle including developing scope, budget, resource planning, schedule development, managing project budget, vendors, risk, execution, testing, implementation, and handover. Oversaw measuring project performance and all areas of communication, including stakeholder presentations, leading all project related meetings, and proving all written project artifacts to the stakeholders.

Managed the migration for their remote access solution. Played an integral part in vendor contract negotiations for the remote access tool.

Managed the implementation of 65+ extracts from a financial database to two main data warehouses as part of downstream activities.

Managed a number of merger related projects. These projects were financial application projects and were extremely time sensitive.

Initially managed the technical implementation of several Basel initiatives, but later took on the management of the overall suite of Basel programs at Wells Fargo. This suite of projects was initially intended for one line of business, but quickly became enterprise-wide initiatives.

Technical Project Manager for US Airways: Managed several merger related projects. These projects were financial application projects and were extremely time sensitive.

Education

Master’s Certificate in Project Management, York University – 2-year program

Business Management Certificate, Ryerson Polytechnic University – 2-year program

Dbase IV & Dbase IV Advanced, Seneca College

Certifications

Certified Information Security Manager, Information Systems Audit and Control Association

Certified Information Systems Auditor, Information Systems Audit and Control Association

Project Management Professional Designation, Project Management Institute

CISA (2017) – Certified Information Systems Auditor

CISM (2012) – Certified Information Security Manager

PMP (2001) – Project Management Professional

CMMI SCAMPI Internal Auditor (2005)

ISO 9001 internal auditor (2003)

Professional Memberships and Associations

PMI, Phoenix Chapter (since 2007)

Chair of the Bank of Montreal’s Project Management Council & Symposium -2005

Excellent References Gladly Provided



Contact this candidate