Information Security Manager
Resume:
SUMMARY
An IT executive with expertise in the design, delivery and operation of cost-effective and high-performance large-scale Network, IT Infrastructure, Security, Application Support, and Governance oversight.
Provided guidance on developing, implementing and effectively managing security processes and programs (BCP, Incident Response Planning, Risk Management, Vulnerability Management, and Privacy)
Developed IT Security Governance structure to reduce risks in business processes, enhance information security, and comply with regulatory requirements
Extensive knowledge in Network, architecture of hybrid cloud, virtualization, and BCP.
Extensive Program and Project Management experience on multi-million dollars programs and projects with usage of Earned Value Management techniques providing positive ROI.
Extensive experience in implementation of the Cyber security base on OCC 3 line of defense risk and control framework and global IT Risk strategy. Ensure that core IT processes meet business and compliance control objectives.
Proficient in building culturally diverse, team-centered operating units, with excellent business process and strategy development skills.
Extensive experience in Business Process Improvement (BPI) to enhance incident management, chronic management, capacity management, monitoring, Problem Management, and root cause identification.
Strong analytical and investigation skills with an ability to resolve issues in a high-pressure & time critical environment.
Possesses leadership skills and the expert knowledge to identify opportunities for change and the ability to convey the need for change.
Strong collaboration, negotiation, and relationship management skills with customers, partners and venders at all management level.
Continually seeks and capitalizes upon opportunities to increase internal client satisfaction and deepen client relationships
Areas of Expertise:
- Strategic Planning - Cloud Computing (Azure, AWS) - IT Infrastructure Architecture
-VMWare, Hypervisor, XenApp - Hyper Convergence - SDN, SDLAN, and SDWAN
- Program / Project Management - IT Security oversight and Mgmt. - Business Continuity Mgmt.
- Office365 and Skype for Business - Organizational Planning - SOX IT GCC, HIPPA, CCPA, CIP
- Talent Development - DevOps - IT and Business Strategy Alignment
- ITIL, COBIT, and Six Sigma - Governance and compliance - Application /Servers Management
EDUCATION
Bachelor of Science in Computer Science, Southwest Minnesota State University, Marshall, MN, 1982 - 1986
CERTIFICATIONS
ITIL Fundamental Certification.
Certified Information Systems Security Professional (CISSP).
Certified Information System Auditor (CISA).
Cisco Certified Design Professional (CCDP).
Enterprise Certified Network Engineer (ECNE).
TRAINING
PMI, ITIL, Six Sigma, DevOps, MS Azure, AWS, SDN, XaaS, Organizational Mgmt, and Leadership development.
TECHNICAL SKILLS
DevOps, Azure, AWS, VMWare, Citrix XenApp, MS Windows 2016 Servers, SCCM, Cisco IOS, F5 Load Balancer (3DNS), Checkpoint, SAP, Oracle, MS SQL, Documentum, Windows, Novell, AS400, UNIX, Linux, SAN, Virtual Server, Active Directory, MS Exchange, HP OpenView, Service-Now, Remedy, and Heat.
Protocols: Gigabits Ethernet, Fast Ethernet, Token Ring, FDDI, ATM, Frame Relay, XDSL, ISDN, X.25, TCP/IP, IPX/SPX, IPv6, WLAN, VoIP, FoIP, AppleTalk, VPN, SNA, Dec LAT and NetBIOS.
EXPERINCE
GILEAD Sciences, Foster City, CA Oct 2019 – Present
Consultant – Cyber Security Program Manager
Direct planning, budgeting, vendor selection, and quality assurance efforts for portfolio of IT Security projects.
Create and maintain long-term plans and strategies detailing security infrastructure improvements. Lead strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies
Oversight of delivery risks and issues in all programs, projects and services with accountability for IT Security delivery risk/issue register and assurance that risks/issues are appropriately managed throughout their lifecycles
Leads comprehensive impact assessments of all policy and process changes including operational, financial and compliance impacts
Improves the level and consistency of program and project controls including actual performance against critical success factors
Facilitates problem root cause analyses and identify corrective action plans to solve various business and process issues to achieve project/ program objectives
Build and maintain business relationships across the business units to oversee successful execution of the information security program
Builds relationships with key cross-functional IT Security stakeholders that result in transparent management of expectations
Conduct technology and system assessments, identify security issues and risks, develop and implement mitigation plans, and ensure system security functionality
Develop policies, plans, and procedures for security controls and inform management of impacts from updates to security standards and regulations
Work with business partners & IT leads to evaluate, document, and apply appropriate risk management measures
City National Bank, Los Angeles, CA Jan 2018 – Sept2019
Consultant – Data Governance and IT Security Program Manager
Utilized OCC3 three line of defense methodology to ensure the bank satisfy OSFI (Office of Superintendent of Financial Institutions – Canada) Cyber Compliance, Risk governance, and IT Security and Controls requirements.
Created cross functional Project management structures that capitalized on new and existing methodologies, technologies, and processes to meet the OSFI loan approval and to accurately calculate the required cash reserve against the loan.
Directed planning, budgeting, vendor selection, and quality assurance efforts for all related projects.
Worked closely cross numerous teams to improve data and information governance and developed data structures to ensure end-to-end data quality through upstream and downstream data channels.
Supported the development, communication, and implementation of data governance processes, polices across functions.
Provided thought leadership and participated with projects that involve data flows and processes.
Provided a comprehensive data quality service by working with IT and business owners to orchestra the data profiling, data definition, data validation, and data cleansing basing on the data roles and responsibilities.
Supported and advised the development for managing the synchronicity between multiple applications with IT and business owners.
Worked closely with IT and Internal Audit team to implement appropriate controls and information security policies.
Liaise with various departments regarding information governance and data quality issues by providing advice, guidance, and solutions to issues.
Bank of America, Agoura Hills, CA Jun 2008 – Oct 2017
Vice President of IT Operations, Infrastructure, and Security
Managed staff of 42 employees with 5 direct reports. Led the IT Operations team responsible for Network, Data center, Server/Client, Storage, Business Continuity, and Service desk.
Oversaw the end-to-end Operations of 76 applications with over 30,000 users including Incident, Problem, Change, and Release management.
Developed Policy and Procedures for Event Management, Incident Management, Monitoring Tools Configuration, KPI development, Problem Management, Root Cause Analysis, and Redesigned helpdesk call handling processes. Achieved 60% reduction in incidents, 75% improvement in incident resolution, and reduced the average number of open tickets by 80%.
Oversaw the first line of defense cyber-Security and Control for all applications and infrastructures including 1000 servers on bank datacenters, and 500 servers on cloud (AWS and Azure)
Conducted Threat and Risk Assessments and IT Security reviews to assess business and technology risks within the current operating model
Led development and implementation of global security policy, including policies and standards related to access control, data security, disaster recovery, and business continuity for Mortgage Applications.
Member of a security team to review Data Centers Security through in-depth analysis and implementation of PCI & ISO/IEC 17799 / 27000 Series Compliance; incorporated Business Continuity Plan and Disaster Recovery policies.
Led engagement and remediation of internal and external regulatory and IT general controls audits for a number of mortgage applications and pursuant to remediation of a few critical gaps, subsequent audit examinations resulted in 0 audit findings.
Led compliance oversight on maintenance, monitoring and security of network and Infrastructure systems.
Oversaw the Reduction of infrastructure OPEX by $40M (20%) for the business unit through more efficient use of hardware, infrastructure consolidation, virtualization, and cloud computing.
Managed large-scale deployment and migration of 5968 servers from Utility Compute VM platform to Apphost cloud across 245 applications.
Designed and Implemented High Availability for applications utilizing VM, and container and in hybrid cloud.
Led maintenance of the hosted application and database servers, patch management, software and security update. Ensured the highest levels of security and stability are maintained to protect customer, assets and staff.
Stabilized and achieved high system availability for a mission critical high-volume Operational Data Store application from 85% to 99.99% within 6 months.
Bank of America, Agoura Hills, CA
Sr. Manager, Centralized Reporting Security and Governance Oversight Jan 2010 – Jun 2011
Led a team to re-assess Servicing Centralized Reporting department’s key work processes, optimize them, and then operationalize newly designed processes.
Conducted Threat and Risk Assessments and IT Security reviews to assess business and technology risks within the current operating model
Implemented the end-to-end request to delivery governance Processes for Internal and External report requests which resulted in 75% improvement in Efficiency and 100% in reporting accuracy.
Created a centralized documentation repository that documented report generation process and captured vital information for approximately 750 recurring monthly reports.
Bank of America, Agoura Hills, CA
Sr. Manager, Enterprise Content Imaging Security and Engineering Jan 2008 – Jan 2010
Led a SWOT team to conduct Threat and Risk Assessments of department’s key work processes, optimize them, and then operationalize newly designed processes. Created dashboards and reports on key metrics, to communicate progress.
Led migration of 1200 servers from Countrywide Datacenter to Bank of America Datacenter
Led the design and Implementation of Disaster Recovery plans for all ECI application systems.
Identified each application DR rating, coordinated DR schedule and executed the plan.
New Horizons Corporation, Anaheim, CA Dec 2003 – Jan 2008
Managing Director of IT Operations, Infrastructure and Security
Managed worldwide infrastructure operation with over 250 locations.
Managed venders and partners relationship.
Led effective and rigorous operational oversight of Production Support and infrastructure.
Oversaw and directed the IT Application Support, Network and Infrastructure Support, Governance and SOX Audit, and Project Office.
Led IT Security, Governance, and SOX audit team in all phase of audit. Designed and implemented operational governance and program offices to improve efficiencies and accountability through increased work ownership as well as individual accountability to high priority deliverables within budget.
Worked closely with Auditors to remediate all audit finding.
Led Implementation of ITIL Service delivery and Service Management. Led development of SLA and OLA for applications Support, Network Infrastructure, and Systems Support. Developed Policy and Procedures for Event Management, Incident Management, Monitoring Tools Configuration, KPI development, Problem Management, Root Cause Analysis, and Redesigned helpdesk call handling processes. Project resulted in 60% reduction in incidents, 40% staff reduction, 75% improvement in incident resolution, reduced the average number of open tickets by 80%.
Managed budget of $9.5Million and staff of 35 Project Managers, administrators, engineers, and analysts with 5 direct reports.
Spearheaded business process improvement based on six sigma methodologies and delivered significant cost savings by reducing service level agreement credits.
Design Net Corporation, Universal City, CA May1998 – Dec 2003
VP of IT Operations, Infrastructure and Security
Management and Technical Consultant to various CIOs and IT Executives.
Managed nationwide and global LAN and WAN design and implementation, Application support, IT Infrastructure and Security organizations budgets ($2M-$15M).
Managed staff of 60 Application Support, Network and security Engineers, project managers, IT Managers, System Administrator and Quality Assurance.
Managed vender’s relationship with Compaq, Cisco, HP, Dell, Microsoft, SAP, IBM, Oracle, etc.
Packard Bell, Westlake Village, CA June 1992 - May 1998
Senior Manager of Production Support and Network Infrastructure
Managed Application support team and network infrastructure with twenty-five locations and eight thousand users.
Managed staff of twenty-four Analysts, Network Engineer, System Administrators and Project Managers.
Developed architectures and plans for enterprise wide tactical and strategic requirements, systems definition and feasibility determination within a complex systems environment.
Led design and implementation of central 24/7 call center to accommodate 900 PC Analysts utilizing Avaya PBX and Remedy Helpdesk
Computer Sciences Corporation, El Segundo, CA Aug 1986 - June 1992
Network Operations Manager
Managed network infrastructure and Security operation at Los Angeles Air Force Base.
Managed staff of 18 Network and security Engineers, System Administrators and Project Managers.
Planned and implemented procedure for disaster recovery.
Active member of IT strategic planning group, which dictate the IT architecture 5 years into future.
References: Will be furnished upon request.
Contact this candidate