THOMAS HERNER, PMP, SECURITY
Port Barrington, IL 60010
adle5e@r.postjobfree.com
SUMMARY
Successful technical security senior program manager with over twenty years total Information Technology exposure. Security certifications obtained in HIPAA, PCI, DLP and Social Engineering. Currently seeking a Certified Information Systems Security Professional (CISSP) certification. Current Project Management Professional (PMP). Understanding with ITIL framework (service support and delivery), and Six Sigma Green Belt certified from an Operational perspective which enables a successful SOC and Incident Response team. Qualified with Microsoft Azure Cloud Computing/Virtualization, Windows, LAN/WANs. Comfortable with Governance, Risk, and Compliance processes. Partnering with the appropriate Audit resources, and am able to implement the appropriate resources on remediation efforts. Comfortable working with external vendors, partners, MSSP’s on Vulnerability Scanning and Penetration Testing.
EXPERIENCE
GOGO/Intelsat 2019 – Present
Gogo is an inflight internet company which provides air travelers the freedom to be entertained or work more productively. Connect air crews in new way for better service and safer operations. Gogo provides innovative technologies to talk to airplanes themselves to deliver higher performance and cost savings.
Senior Manager/Director – Cyber Security
Working with our CISO, manage the security program while leading the organization related to risk items such as governance, compliance, network and application security, and incident response
Manage the current PCI and ISO compliance activities
Involved with security posture from our datacenter to Cloud security implementations (AWS/Azure)
Engaged with Senior Leadership Team providing guidance, communicating risk and planning migrating strategies based on security posture priorities
Managed several vendors related to Penetration Testing and MSSP provider on Incident Response
Involved with improving our Application developer environment by utilizing tools such as SonarQube
ARTHUR J. GALLAGHER & CO 2013-2019
Arthur J. Gallagher & Co., is one of the largest insurance brokerages and risk management services firms, providers of full range of retail and wholesale property/casualty (P/C) brokerage and alternative risk transfer services globally, as well as employee benefit brokerage, consulting and actuarial services.
Director – Security Program Management – Infrastructure
Engaged with Management in building a Security Program. Working with auditors on key compliance action items. Working with Compliance and Audit to successfully improve the security posture/landscape by building policies, standards, procedures, baselines and guidelines and to perform risk analysis and implement mitigating strategies. Prioritizing projects based on Risk (Threats/Vulnerabilities/Impact). Monitoring environment to ensure confidentiality, integrity and availability
Managed IT security analysts and teams with other IT groups to ensure that all infrastructure and associated systems are functional, secure and their processes are documented. Working closely with network, systems, business teams to drive IT security improvements throughout the organization. Working on and with the Service Desk/SOC.
Implemented solutions such as Data Loss Prevention (DLP – in use/motion /rest), Intrusion Detection/Prevention Systems utilizing SourceFire, Bring Your Own Device (BYOD/MobileIron), Endpoint/Malware (McAfee), Full Disk Encryption, Security Information Event Management (SIEM), Privileged Accounts and Identify Management (IDM). Knowledgeable with Penetration tests/Vulnerability Assessments and Red/Blue team exercises and Incident Response.
Certified in HIPAA, PCI, IPS/IDS, Social Engineering, Data Security and DLP. Knowledgeable with NIST CSF, ISO 27001/27002, PCI, HIPAA, GDPR and Security Management (Governance, Program Management and Incident). Member of the ISSA. CISSP/CISM Trained.
Managed Server, Network, Datacenter and Security teams on high-level, business critical activities:
oSecurity - DLP, Encryption, IDPS, SIEM, MDM (MobileIron), multi-factor authentication and penetration testing
oServer - SCCM, SCOM, AD, Messaging, Architectural Design
oDatacenter – Vendor Management, Capacity Planning, Storage
oNetwork – LAN, WAN, Router/Switch, Load Balancing
WELLS FARGO 2011-2013
Wells Fargo & Company is a diversified financial services company providing banking, insurance, investments, mortgage and consumer and commercial finance through more than 9,000 stores and 12,000 ATMs and the Internet across North America and internationally. Wells Fargo has 1.3 trillion in assets, employees 270,000 associates and has over 70 million customers.
Infrastructure/Security IT Manager/Project Manager
Managing a large data circuit installation and remediation project. This project consists of 9,000 circuits and a budget of 25M. Cost savings is over 10M
Working with Carrier Engineers on an agreed upon network design for implementation. Also working and managing the circuit management, network engineers and network installation team
Multi Factor Authentication (MFA) process implemented, supported and communicated
Worked on Cisco Security related to VPN and IPS implementations
NAC requirements based on internal compliance and appropriate controls
Partnering and managing vendors such as Verizon and CenturyLink (formally Qwest)
Managing a VoIP implementation across 23 large call centers domestically and internationally. Project consists of site remediation/buildout and implementation related to WAN circuits and Cisco router/switches
Working with engineers on site design and partnering with Cisco on installations
Successfully created new processes and procedures and have provided lessons learned to improve methodology
HOSPIRA/WIPRO 2010-2011
Hospira is a global specialty pharmaceutical and medication delivery company driven by its vision of advancing wellness. Hospira provides solutions to help improve the productivity safety and effectiveness of patient care.
Infrastructure IT Manager/Project Manager
Engaged in multiple high level, high profile projects estimated at over 40M
Working with distributed onshore/offshore virtual resources to successfully implement complex technology in local and remote datacenters
Service delivery responsibility for delivering global implementation solutions for infrastructure projects in a shared services environment. Assumed responsibility for overall management of IT Projects where required
Identifying gaps, promote and initiate new processes and methodologies to improve the delivery and stability of IT services
SIEMENS IT SOLUTIONS AND SERVICES 2009 -2010
Siemens AG is a global powerhouse in electronics and electrical engineering, healthcare sectors, operating in the industry and energy sectors. The company has around 430,00 employees working to develop and manufacture products, design and install complex systems and projects, and tailor a wide range of solutions for individual requirements
Transformation Project Manager – Infrastructure Transformation
Engaged with Solution Architects to document and approve designs for future infrastructure transformation
Working with appropriate individuals (export customs and controls/data protection) to resolve legal aspects for offshoring infrastructure solutions
Utilized ITIL processes for planning, execution, and problem resolution. Successfully exercised unified communication processes to help streamline decisions and provide instant collaboration. Organizational effectiveness and comprehensive contact management provided within the SharePoint environment
Offshoring activities amount to 4M in cost savings per year
Involved with Infrastructure activities (data center, voice, network, service desk). Managed several teams in a matrix environment. Resources consisted of 5-15 highly skilled individuals per workstream
ABN AMRO 2008- 2009
ABN AMRO Holding is a Dutch treat for Royal Bank of Scotland, Fortis, and Banco Santander, which bought the leading bank in the Netherlands in 2007 – the largest deal in European history. The three owners carved up the bank as follows: Banco Santander laid claim to ABN AMRO’s Brazilian and Italian operations, Fortis got the Dutch consumer banking arm and the asset management and private banking operations and RBS took the North America and Asian banking and investment banking units. ABN-AMRO operates some 4,000 offices in 50 countries.
Senior Project Manager – Decommission and Data Retention
Worked on a datacenter decommission and data retention project. Partnered with IBM to execute project
Engaged with third-party vendors, infrastructure and application teams to successfully “exit” the Chicago datacenter.
Methodology consists of a request for service, data retention requirements, a request for change process and a review board gate. A final action item consists of application shutdown and hardware decommission.
Aggressive project timelines and budget are tracked via the program management plan. Project team consists of approximately 40 individuals
FIRSTGROUP AMERICA/LAIDLAW EDUCATION SERVICES 2006-2008
The largest provider of school and inter-city bus transportation, and a leading supplier of transit services. The company’s business operates well-recognized brands including Laidlaw Education Services, Greyhound Lines, Greyhound Canada and Laidlaw Transit
Manager/Senior Technical Infrastructure Program/Project Manager
Several projects completed such as Telecom Expense Management, Data Center Migration/Relocation and a WAN Redesign initiative. All projects addressed enterprise wide cost savings, and managed service objectives
Successfully implemented an outsourced Telecom Expense Management solution. Provided a centralized management process utilizing Six Sigma (DMAIC) methodology. Experience with business/vendor management
Helped close out a data center migration project entailing hardware/software migration utilizing proper project management (PMBOK) structure and process
Led a program that drove the requirements and design for a new data network. Implemented the agreed upon Cisco solution at an accelerated rate by executing proper resource, risk, and vendor management
DISCOVER FINANCIAL SERVICES/DISCOVER CARD 2002-2006
Nation’s fastest growing card and is accepted by more than 4 million merchant partners, 50 million card members, and cash access locations throughout the United States. The nation’s largest independent credit card network
Senior Technical Infrastructure Project Manager
In order to reduce cost, staffing, and provide business improvement, successfully completed many key high visibility, large to enterprise level projects, which supported the IT organizational goals. Utilized rigorous project management methodologies to initiate, plan, execute, control, and close (PMBOK-based), for the following projects: Data Center consolidation/relocation, EMC Storage upgrade, DB2 Application/Database migration, IT Governance/Architecture Review Board, Radio Frequency Identification (RFID) Contactless Transaction, and Configuration Management Database (CMDB).
Reassigned people and processes to a new locality. Created project plan, defined consolidation objectives, clarified project scope, identified high-level project phases, and setting major milestones, as well as a gap analysis and software inventory. Cost savings of 1M per year
Managed associates, consultants, and vendors in a complex technical/matrix environment on a 16M EMC storage upgrade. Ability to work with limited supervision which established confidence in upper management
Successfully managed a critical database application migration with minimal downtime, which provided a reliable and redundant 24x7x365 environment. Drove to completion while maintaining proper service level agreements (SLA)
Established new processes (SOX compliant), while aggressively implementing high-risk projects. Provided new processes to improve the business success rate during migration and for improved on-going operations. Processes improved employee moral
Proactively provided status reports, risk assessments, staffing needs and budgetary items, which allowed senior management the ability to make proper decisions
Understood the work drivers that map to a clear understanding of the WBS, key milestones, and proper resource allocation. This understanding consistently led to on-time, under budget projects
Single point of contact and a leader for escalation issues. Pro-active and energetic with strong communication and networking skills. Have the ability to deal with complexity without it becoming an obstacle for improvement. Strong sense of urgency and superior problem solving and decision making skills.
SEARS ROEBUCK AND CO, Hoffman Estates, Illinois 1997-2002
The fourth largest retail company with revenues exceeding $44 billion
Technical Infrastructure Manager/Project Manager
Managed a staff of 12 highly skilled individuals for the largest PeopleSoft HRMS implementation project in North America. Partnered with IBM/Deloitte & Touche to execute the project. Supported the full end-to-end environment, 35+ databases, and the PeopleSoft infrastructure. Established technical manager with diverse skills in UNIX, NT, Citrix, Informix, DB2, PeopleSoft, WebSphere, LAN/WANs, data communications, and E-commerce. Accomplished client/server background, and the ability to grasp new technology quickly. Utilized team building skills to successfully build a technical staff with cross-functional abilities. Worked with business partners to appropriately set expectations. Proven leadership skills and abilities. Demonstrated superior problem solving and decision making aptitude. Effectively used Microsoft Project for work breakdown structures.
Successfully managed the PeopleSoft Infrastructure providing end-to-end troubleshooting abilities and an understanding of PeopleSoft HR, PeopleTools, Benefits Administration, and Payroll. Mentored individuals and improved associate morale, which resulted in a perfect retention rate and over $1M in savings
Over 3 1/2 years experience with PeopleSoft 5.12, 7.0 and 7.5. Competently created project plans for implementation, configuration and migration. Employed PeopleTools for customizations and successfully ran SQR reports. Managed several upgrades and conversions. Coordinated daily activities and supported users
Supervised the helpdesk and support for the PeopleSoft architecture, infrastructure, and application. Ability to troubleshoot and resolve issues quickly. Escalated problems to the appropriate point of contact. Created helpdesk scripts during transition.
Engaged Six Sigma strategy and principles by producing a QA/full cycle environment from installation, development, test, QA, and production. This reengineering development process resulted in $2M in savings and reduced timelines by 45 days
Effectively managed the technical and infrastructure team, and installed the first WebSphere environment for the Sears Home Services division
Managed outside vendors’ contractual obligations and relationships. Partnered with vendors while providing performance metrics, root cause analysis documents, and post mortem reports. Escalated problems and issues to vendors. Lessons learned provided an invaluable experience for associates. Improved uptime to over 99%
Skillfully initiated, tested, and implemented a disaster recovery procedure and process based on the business criteria
EDUCATION
Bachelor of Arts, University of South Florida, Tampa, Florida
Security Certifications – HIPAA, PCI, IDS/IPS and Social Engineering
Project Management Professional (PMI/PMP)
Security Certified in Risk Management
ITIL Foundation Service Management
Six Sigma – Green Belt
Cloud Computing Foundation Certified