Security Analyst Active Directory
Resume:
Information Security Analyst
Qualifications Profile
Hardworking, analytical, and solutions-focused professional, with a more than 20 years of experience in information analysis, testing and implementation, and security administration; complemented with comprehensive background in improving systems and applications. Adept at minimizing high-volume backlogs, with in-depth knowledge of software development in multiple platforms. Skilled at designing and implementing application solutions for the improvement of operations and performance. Effective at working with end users to determine requirements, address their needs, and resolve occurring issues.
Core Competencies
Software Analysis Technical Support and Troubleshooting Quality Assurance Testing
Network/LAN Administration User Account Management Trouble Ticket Resolution
SOX Compliance Audit System Implementation Client Service and Relations Process Improvement
Professional Experience
Harbor Freight Tools, Headquarters HQ, Calabasas CA
Information Security Compliance Analyst, Payment Card Industry (PCI) Data Security Standards, Nov 2016–Present
Carry out accurate payment card industry (PCI) internal self-assessments, quarterly analysis, as well as ad hoc tests and audits
Administer the documentation and maintenance of PCI compliance as well as monitoring and evaluation of IT Security controls to determine operational efficiency
Organize internal and external audits, scanning, penetration testing, and other security reviews
Apply best practices in enforcing Payment Card Industry Data Security Standard (PCIDSS) into business-as-usual processes, while assessing PCIDSS of the environment in compliance with the testing procedures for each requirement
Conduct systematic tracking and monitoring of all access to network resources and cardholder information
Execute consistent testing of security systems and processes as well as annual periodic analysis and communications to confirm placement of PCIDSS requirements and compliance of all personnel to secure processes
Take charge of determining PCIDSS requirements applicable to systems and networks affected by the changes as well as to update its scope and enforce security controls as needed
Perform annual review of hardware and software technologies to ensure support from vendor and adherence to the entity’s security requirements, including PCIDSS
Collaborate with the PCI auditor in guaranteeing effective management of the continuous compliance deliverables throughout the year
Keep an compliance documents updated for PCI by conducting monthly reviews as well as apply Information Technology General Computer Controls Audit Program (ITGC) in confirming existing controls for the analysis of control operating value
American Honda Motor Company HQ, Torrance, CA
Information Security Analyst EISO (Consultant), Identity and Access Management IAM–SOX Validation and Compliance, Aug 2016–Nov 2016
Determined security requirements by working on business units and other risk functions through the use of diverse methods, such as risk and business impact reviews
Rendered assistance in organizing and completing information security operations and documentation
Partnered with the information security leadership in generating strategic plans for the implementation of security requirements and resolution of identified risks
Verified key performance indicator (KPI) as well as captured IBM ITIM Tivoli Identity Manager records for all removals and/or terminations and for any refined in-scope Sarbanes-Oxley (SOX) request
Informed the management regarding residual risk, vulnerabilities, and other security exposures, such as the misuse of information assets and non-compliance
Guaranteed on-time addressing of security issues in the project life cycle by working directly on critical IT projects
Addressed all requests, such as:
oDevelopment, modification, suspension, removal, and verification of end user identities (user IDs) to determine users of several information system resources and applications’ as well as end user access to specific resources and functions in supported information systems and applications; and
oAd hoc requests for the resolution of identity or access issues
Executed thorough research, investigation, and reporting of any ad hoc requests to determine or access data
Analyzed the original request and validated the user's IBM ITIM Tivoli Identity Manager record to determine the status of audit ]
Southern California Edison, Irwindale CA
Identity and Access Management Administrator, Security Information Event Management, Dec 2014–Aug 2016
Took charge of properly maintaining the provisioning processing while overseeing and de-provisioning users across various internal and external applications
Managed the IBM ITIM Tivoli Identity Manager 4.6.; Cisco Secure ACS v4.2 remote access dial-in user service (RADIUS); and terminal access controller access control system (TACAS+)
Developed accounts; handled terminations; and validated SOX
Guaranteed adherence of all executed requests to the process as defined with appropriate approvals
Oversaw the enterprise active directory account management and application accounts
Supported and maintained the system as wells as added Windows Active Directory and deleted file shares folders
Applied the CyberArk RSA in securing the ID password of vault access management privileged account security
Utilized Splunk Enterprise search and reporting version 6.3.3 in overseeing and assessing security events
Worked as an integral part of the team, responsible for handling diverse accounts, such as key, elevated access, and local admin
Ensured accurate and on-time oversight and resolution of requests in the Remedy Case Management system
Live Nation Entertainment, Hollywood CA
Technical Operations Analyst, Technical Operations Center (TOC), Aug 2014–Dec 2014
Conducted keen monitoring, support, escalation, and tracking of mission critical servers, systems, and applications used globally, such as Live Nation Technical Infrastructure
Oversaw and resolved all internal mail servers, other mission-critical servers, as well as external ticketing data centers deployment and staging systems
Executed systematic gathering, review, and reporting of metrics information gathering from third-party service providers, such as keynote and Akamai
Utilized third-party; and supported the technical environment by managing an enterprise ticketing system
Escalated tickets to tier two technical personnel
IBM Global Services, Woodland Hills, CA
Systems Engineer, eSIEM Enterprise Security Information Event Management
Identity and Access Management Consultant, Tivoli Security Information and Event Manager (TSIEM), Oct 2014–Feb 2014
Performed various functions, such as the following
oDirect compliance access and identity oversight of the IBM Delivery Team;
oSemi-annual ITCS104 DB2 WebSphere application server (WAS) middleware health verification and remediation on TSIEM 2.0;
oIssue identification and resolution as well as root cause analysis to any reported Tivoli Security Information and Event Manager (TSIEM) system or environment problems; and
oEvent source data gathering configuration, which included components Target
Oversaw all servers for availability, including backup and recovery and performance
Aided customers at diverse accounts, including Morgan Stanley Bank, State Street Bank, Banco Itau, and Miller-Coors
Installed and configured the IBM TSIEM monitoring agents to endpoints across the data center network
Conducted testing of endpoint to Tivoli infrastructure connectivity as well as took part in monitoring of Tivoli Enterprise on Windows 2003, Windows 2008-R2 AIX, Linux, HP/UX, and Solaris-based operating systems
Administered audit machines and event sources, users, and roles at Tivoli Enterprise Portal
Aided with the implementation of critical systems monitoring for IBM Tivoli’s multicustomer community
Collected and reviewed information regarding system failures as warranted
Ensured the receipt of data at the TSIEM servers from all of the in-scope event sources
Enforced policy changes required by the modifications to the SARM global privilege monitoring policy
Applied the needed modifications for adding newly commissioned servers and removing decommissioned servers
WellPoint Health Networks, Woodland Hills, CA
Senior Data Security Analyst, Active Directory Engineering Information Security Consultant, Nov 2011–Aug 2012
Ensured precision in conducting the following initiatives:
oDomain consolidation project retirement and decommissioning of legacy Windows domains;
oLegacy domain controllers’ reports/traffic review;
oInventory for Infrastructure to determine the dependent applications and servers on each WLP domain; and
oDomain controllers’ inventory and dependencies, server owners, and application owners
Worked on the IBM TSRM incident tickets from help desk level 3-4 along with all work orders
Drafted daily check reports on domains to determine domain controller names, ping status, IP address, host name, and drive list, as well as submitted status reports of servers from both traffic and computer report
Used Hyena tool in extracting and querying information from Active Directory computers/groups and stale IDs as well as utilized DumpSec tool in extracting extract data from Active Directory for groups with or without members on Windows serversq
Managed query directory attributes as well as coordinated and prepared the reporting of data security events and incidents
Offered data on SOX, compliance, and IT security within IT and to IT security management
Dealt with providing master active domain inventory as well as system and network architecture assistance to data and network security technologies
Providence St. Joseph Medical Center, Burbank, CA
Systems Account Management Specialist Information Systems (Consultant), Aug 2011–Oct 2011
Administered the Forefront Identity Management (FIM) and provided enterprise active directory and exchange account administration
Handled and maintained the security log-on IDs and information assets
Rendered provisioning to Lawson (Lawson Systems Foundation 9), Meditech Camis 6.0, Citrix, Awaris, Isite, CPN, Epic, Microsoft Office communicator applications
Managed the HP system management ticketing system (HPSM)
American Honda Motors Company HQ, Torrance, CA
Enterprise Information Security Systems Administrator EISO (Consultant), Feb 2010–Jun 2011
Assumed tasks in user login scripts for network drive mapping
Directed the restoration of shared files from accidental deletion or file corruption
Gave New Lotus notes and instant messaging account and granted the access to Lotus notes existing databases, applications, groups calendars, and groups mailboxes
Conducted the periodic access review (PAR) for all accounts as well as supported Blackberry issues and synced contacts
Rendered 2nd-level assistance with 100% accuracy to CCSC, Deskside, and TAC for password and login issues,
Administered a multiplatform environment and executed active network administration in generating and changing inter network user and administrator accounts
Enhanced the efficiency and accuracy of mainframe/RACF, TSO, ISPF resource, and dataset rule creation, maintenance, testing and troubleshooting
Earlier Career
AIG Insurance Group (21st Century Insurance Group), Woodland Hills, CA
Applications Security Administrator (Consultant)
American Honda Motor Company HQ, Torrance, CA
Enterprise Information Security Analyst EISO (Consultant)
Countrywide Financial Corporation, Simi Valley, CA
Enterprise Information Security Engineer, IT Operations
WellPoint Health Networks, Woodland Hills, CA
Senior Data Security Analyst
Professional Development
IBM Net view Users Workshop
IBM Delivery Team Compliance Access and Identity Management
Administrating Window 2000 Server
ITIM/TAMeSSO Overview
Novell 4.11 Administration
IBM User ID and Access Administration
ACF2 Fundamentals of Daily Administration
IBM ITIM/TAMeSSO for Practitioners
ACF2 Advance Rule Writing Techniques
IBM Tivoli Identity and Access Management
Windows NT Administration
IBM User ID Revalidation Tool URT for Practitioners Unix Fundamentals
IBM Managing Risk in the user ID Management Environment
Unix TCP/IP
IBM Privilege Authorization Review Process
Data Communications I
IBM EV, CBN, and Privilege Revalidation Process
Data Communications II
IBM Privilege Monitoring Process
Peoplesoft
IBM Password General Security and Requirements
Maxmc System Administration and Configuration
IBM Shared ID Database Overview
Achieving Extraordinary Customer Relations
IBM Shared ID Re-Justification and Password
Technical Skills
Blackberry Enterprise JES2, HASP, RJE, APL Citrix Metaframe ICA Exchange Management Console
CRYPTOCard Admin VPN Enterprise User Management Tool (EUM) Exchange Server Account Administration
File-net Imaging/Ultera Gramm–Leach–Bliley Act (GLBA) FIM MS Identity Forefront Identity Management
Health Information Trust Alliance (HITRUST) Health Insurance Portability and Accountability Act (HIPPA)
IBM ITIM/TAM/TFIM and TCIM HPSM System Management Ticket System Hyena / DumpSec Tools
IBM Mainframe ACF2/RACF/Vanguard IBM Tivoli ITIM 4.6 IBM Directory Integrator (IDI)
IBM NetSpy/Netview/OpenView/VTAM IBM Tivoli Service Request Manager (TSRM)
IBM Tivoli Monitoring Manager IBM Tivoli Identity Manager 4.6 Interactive Network Administration
LAN/WAN Environments IRAM Identity Resource Access Management Meditech / Camis 6.0
MacAfee Endpoint Encryption Lightweight Directory Access Protocol LDAP Office Communicator
Microsoft Windows Active Directory Group Policies and Trust Lotus Notes Administration
NetIQ DRA Console One Microsoft Active Directory Domain Trust, Policies Folders and Permissions
Magic Service Desk Novell Netware Microsoft Lync 2010 Microsoft Office Suite Oracle SQL Plus
Microsoft Windows 2000, 2003, 2008 R2 Servers Microstrategy8 Desktop PeopleSoft PC Anywhere
OS/ISPF/OS/MVS/IMS/CICS Mainframe Systems RAS/VPN User Token RSA Certificate Authority SSL Administration
Remedy Software Tracker Remedy Tracking System Scripps -based tools CSH/KSH/Perl SOX
Remote Desktop Single Sign-On Systems UNIX Operating System AIX Linux Security Siebel e-Business 6.0
Tivoli Security Information and Event Manager (TSIEM) Vanguard Terminal Server Virtual Private Network (VPN)
VERITAS Backup Tivoli Compliance Insight Manager (TCIM) WebConnect Windows XP, Vista 7 Splunk Enterprise Vanguard Rio Vision Security Center 7.1 Websense Internet Web Filtering Serena TeamTrack
Contact this candidate