Bassey Ben Etok
MS PM, Graduate Cert. Cyber Security, PSM,ITIL iV
Sr Project Manager/ Delivery Manager/Scrum Master
SUMMARY OF EXPERIENCE
Project Manager/security/scrum Master with over 12 years of professional information technology project management experience implementing IT solutions for Abbott, AMN Healthcare, Cardinal Health, JP Morgan, Nationwide Bank, Tenneco Automotive, Kellogg and State of Massachusetts Office of Technology Services and Security and Ameren in infrastructure, Application Development, Organizational Change Management (OCM) and Cyber security in a PMO environments. Adept at concurrently implementing multiple business, IT and security projects to save cost, maximize customer satisfaction, experience and, also create business value for my clients.
Also, successfully implemented international infrastructure refresh and integration, bank lending, mortgage, digital and marketing projects, ServiceNow( Service Desk platform ITSM and upgrade), ITAM RFI/RFP process, RSA Archer modules optimization and automation for robust end to end Incident, Risks and vendor risks management, and vulnerability program implementation -cloud and prem. Proven experience managing multiple medium to large enterprise-wide vulnerability and GRC projects -PCI, NIST 800, SOX 404, GDPR implementation and Cyber Events simulation and surface intrusion and endpoint remediation projects.
Technology Tools:
● Microsoft Office 365 applications -Word, Excel, MS Project 2013 server- PPM tools, PowerPoint, Outlook, Visio ● Clarity, Workbench, Planview ● ServiceNow ITSM, Remedy ● Microsoft Team Foundation Server ● c ● Cyber Security, Network monitoring, ITIL, PCI DSS 3.2.1, SOX, NIST CSF, HIPAA, ISO 27001/02, IAM ● PMBOK/Agile -Scrum methodologies, SDLC, DEV/Ops, Waterfall, Jira, Qradar, Nessus, SIEM, Tenable i.o, ForgeRock, AWS, Tableau and Splunk analytical tools.
Professional Experience
P&G 01/2022- Present
Cybersecurity Project Manager- Intelligence Operations
Responsible for managing all aspects of planning and delivering diverse simple to medium
complexity IT security and business intelligence projects.
Track the execution of project deliverables daily and participate in requirements gathering.
Establish the scope of work based on client input and business needs and be responsible for
estimating the budget and effort of the project.
Independently lead mid-sized projects and ensure stakeholder buy-in.
Establish and maintain a project communication plan.
Define phase deliverables, track milestones and incurred expenses versus planned expenses,
schedules resources, evaluate risks, and highlights dependencies.
Collect and analyze project metrics.
Navigate difficult situations and manage stakeholder expectations.
Work with Architects, Designers, Senior Testers, and Business Analysts at a technological and
functional level to ensure that the solution meets business needs.
Reef Cybersecurity 7/2021-12/15/2021
IT Security Project manager
Implement cybersecurity projects to protect key jewels and enhance security posturing.
Developing and maintaining the project schedule, RAID log and Budget/Forecast
Providing required communications including weekly Status report, monthly PMO status and relevant stakeholder notifications
Coordinating all tasks with relevant managers, assigned resources and external partners
Facilitating required meetings including weekly project review, vendor sessions, requirements gathering and cutovers
Proactively escalating risks, issues and decisions required in order to avoid impacts to project
Develop requirements and deliverables based on charter
KPMG 01-7/2021
IT Security Project Manager (Independent Consultant)
Project manager with overall responsibility for the successful planning, tracking and execution of multiple, simultaneous, small to medium complexity projects. Compliance for security, privacy controls, and protection of controlled unclassified federal information systems. Also responsible for the identification and maintenance of PM areas artifacts, such as tools, techniques, templates, samples, and gathering research materials on leading practices, NIST 800/53/171 and CMMC maturity model certification efforts.
Facilitate team meetings, publish meeting notes, and action items, ensure follow up with team members, update project documents and systems, and ensure timely completion of action items with owners.
Lead information security assessment, identify gap, work across business areas to create POAMs and remediation.
Work across business service areas (HR, SMEs, App owners, vendor, and KPMG stakeholders to identify and remediate gaps, vulnerabilities, and ensure CMMC standards are maintained per requirements for certification.
Prepare and implement effective security and compliance training to employees to ensure that any changes in regulations are communicated in a timely manner.
Review and update narratives mapped to current and future state business process and controls requirements.
Collaborate with stakeholders in creating POAMs for identified weakness and non-compliance and track to completion.
Execute control validation, policies and procedures update and development per PCI requirements.
Perform technical, operational and compliance review of policies, controls, processes, and procedures.
Develop and automate compliance process and triggers.
Work with business process owners in support of weakness mitigation/remediation.
Support implementation of security package delivery, policies, and procedures and SSPs.
Collaborate with internal customers and appropriate teams on behavioral change management plan to ensure user adoption of new systems, processes, and procedures.
Client: Ameren Power Company- St Louis Missouri January - August 2020
Position: Sr Digital Project Manager/Delivery Manager/Cybersecurity
Implement ServiceNow-ITSM service definition and External Identity Access Management (ForgeRock) and special enterprise integration operational projects.
Coordinate requirements gathering with various teams and impacted areas to formulate roadmap.
Implement ITSM process to identify and capture business processes digital supports, define Digital Services that support those business processes, develop mutually agreed upon Service Levels, create a Service Catalog to house the above information. Also create Service Maps showing the connections between business capabilities, SLAs/SLOs and all the supporting Services and technologies.
Successfully managed $2.5m project cost processes from estimating, forecasting, budgeting control and variance reporting to stakeholders.
Manage and provide oversight to milestones, development activities and project progress.
Work across functional areas and stakeholders to develop SAM governance, policy and process development.
Successful scope, change, issues and risks management from initiation to project completion
ITAM policy and process creation, improvement and update to align with the corporate digital posturing.
Conduct workshop with cross-functional teams and stakeholders.
Reviews and escalate incidents and open action items to initiate appropriate actions as assigning an incident owner and resolving issues and roadblocks.
Ensures that Incident Management processes and tools are integrated with other processes.
Develop best practices and communication plan for horizontal and vertical dissemination.
Review and update status of tasks in Jira
Maintain, update and version control all software artifacts in the repository.
Provide, validation and review code for promotion for each environment.
Successfully managed challenges associated with enterprise solution delivery with multiple vendor (Accenture) and cross functional interdependencies to meet aggressive timelines in support of identity access management and platform integration.
Managed concurrent vendor applications (iSupplier, PayAgent, MyEnergy, LiHeap, Wiring Okay etc), integration projects with tight delivery timelines, diverse teams making sure technical issues, risks and requests are resolved in a timely and expeditious manner.
Collect and analyse business requirements into technical requirements for project scope and solution delivery using agile methodology.
Managed integration build activities in integration requirements gathering, collaborate with engineering, vendor and architecture teams in IAM design development, testing, UAT, production migration to ForgeRock platform.
Client: VACO Consulting- Cincinnati Ohio June 2019 -December 2019
Position: Sr IT Governance Risks and Compliance Project Manager
Senior consultant for the Cincinnati market assisting companies leading Information Security and Compliance engagements. This involves performing activities in support of creating and maintaining IT compliance such as NIST 800, PCI-DSS, GDPR, SOX ITGC Information Security controls, BCP/DR and other contractual compliance obligations, standards and requirements per clients' needs. This ensures compliance and security related Policy, process, guidelines, and standards for compliance to the requirement as per client needs.
Review business continuity and recovery plan with stakeholders and functional leads
Identify, recommend, prioritize and implement agreed upon changes.
Work with business leads, stakeholders to review business impact analysis.
Responsible for ensuring SOX/PCI-DSS/NIST Compliance with all IT related functions.
Develop user access administration and review policy and procedures, new hire and termination procedures, privilege access management, segregation of duties etc.
Review analyses current state controls for SOX ITGC and GDPR compliance
Implement vulnerability management cadence as part of standards compliance requirements.
Managed user access privilege review and change management process and compliance.
Develop, maintain risk and security management plan for the engagement and provide periodic updates to the management on the Information Risk and Security Compliance
Lead the implementation of contractual compliance requirements ITGC controls including Information Security, SOX 404, NIST, PCI-DSS, GDPR and BCP/DR.
Liaise with functional teams and SMEs to triage discovered vulnerabilities, analyse, create and monitor the risk mitigation plans.
Work across business service areas and stakeholders to conduct PCI/NIST assessment, identify gaps, vulnerabilities, and ensure standards are maintained per requirements.
Implement PCI road map, plan, compliance testing and remediation.
Conduct Risk Assessment based on NIST and ISO standards controls.
Implement PCI/NIST standards and compensatory controls like building secure network systems, strong access controls, vulnerability management, network monitoring and protection, test and monitoring cadence, building and maintaining security policy, etc.
Prepare and implement effective security and compliance training to employees to ensure that any changes in regulations are communicated in a timely manner.
Engage with external auditors & customer visits for Information Security and Compliance assessments.
Successfully managed scope, changes, issues and risks from initiation to project completion.
Plan and ensure Internal Information Security compliance audits, reviews and reconciliation as part of compliance abidance.
Ensure IT systems, policies and procedures comply with applicable regulations and the master service agreement signed for the client engagement.
Monitor and evaluate security measures to protect against reasonably anticipated threats or risk to the security of Client sensitive information.
Produce reports highlighting issues and providing potential solutions.
Review security exceptions for the engagement and identify risks.
Responsible for user access permissions, privilege access audits to ensure compliance with SOX ITGC.
Client: Massachusetts State Office of Technology Services and Security - Boston, MA
Position: Sr. Cyber Security program/ Project Manager/Scrum Master - Nov 2018 -June 2019
Manage onsite and remote(international) teams using remote agile/scrum practices and values.
Supporting and educating the product owner on grooming and maintaining product backlog
Assessing the scrum maturity of the team, coaching to attain high productivity, quality.
Manage and lead sprints planning, stories and moving impediments and resolving issues.
Implement PCI, AD and framework compliance using Splunk data analytics.
Implement vulnerability management tools, security assessment and establish and promote.
process across 9 state secretariats.
Facilitating discussion, decision making, conflict resolution and creating transparency via communication
Create asset inventory, provision, and prioritize scanning, and collaboration with Red teams.
Successfully managed patching across 9 secretariats for effective vulnerability management posturing for Windows and Linux systems and apps
Collaborate, participate and drive remediation work streams on engagements with secretariats and CIO, CISOs relating to endpoint security including mobile threat defence, endpoint detection and response, patching, compliance and system hardening.
Review and validate vulnerability findings using tools, data sources available and identify new sources as needed.
Provide a consolidated daily status report of critical vulnerabilities and emerging threats to stake holders and CIO.
Implemented Splunk design, architecture, use case development and integration with data and security systems and monitoring, alerts, compliance and dashboard implementation.
Successfully assess cyber security risks linked to vulnerabilities and develop enterprise-wide mitigation and remediation project plans.
Collaborate with secretariats’ cyber security and risk management teams for issues resolution, vulnerability mitigation plans and escalations.
Collaborate with secretariats to develop approaches for system patching, deployment of controls, coding, infrastructure changes etc.
Manage on premise and cloud infrastructure security landscape to increase visibility, security posture and prevent unauthorized access.
● Managed Ernst &Young, and remote Red Teams for successful delivery per SOW.
Client: Kellogg- Oakbrook, Illinois May 2018- November 2018
Position: Sr. GRC Security consultant/ Project Manager
Implement governance, risk and compliance (GRC) – GDPR, PCI, IAM and RSA Archer projects.
Successfully implemented IT Security Risk Management aimed at increasing a robust ability to mitigate risks of new system integrations.
Work across business service areas and stakeholders to conduct PCI and NIST assessment, identify gaps, vulnerabilities, and ensure standards are maintained per requirements.
Implement PCI road map, plan, compliance testing and remediation.
Successful scope, change, issue and risk management from initiation to project completion
Maintain Archer GRC platform components – Server hardware, SQL databases, Windows services, RSA Archer product software.
Collaborate across functional areas and SMEs to recommend solutions and provide expertise for the platform development architecture.
Managed data analysts SMES to develop eGRC dashboards and produce key information for CIO/CISO and leadership reporting and decision making.
Successfully integrated RSA Archer with key source systems - IT4IT sources such as (iServer), ServiceNow, and Tableau, SIEM and Splunk compliance tool.
Configure and customize core solutions enhancement like Incident management, Enterprise and vendor risks modules.
Design, configure and implement Archer enterprise and IT risk assessment modules, populated with business hierarchy, processes, technologies and resources.
Research, evaluate and analyse vendor risks in Archer.
Configure applications, workflows, dashboards, and data feeds using API.
Coordinate Security Risks Evaluation reviews for vendors and internal projects.
Generate reports for executive review and decision-making assistance.
Client: Tenneco - Lake Forest, IL November 2017 -May 2018
Position: Sr. Projects Delivery Lead Manager
Manage infrastructure, app dev and security projects from ideation to completion.
Managing and delivering of IT Infrastructure from scoping, setup, execution, and completion. including racks, UPS, switch configuration, patching, server builds, LAN, WAN Wi-Fi network configuration and upgrade.
Successfully managed $3m project cost processes from estimating, forecasting, budgeting control and variance reporting to stakeholders
Facilitate and moderate IT weekly/monthly board and stakeholder meetings.
Coordinates buy in and adherence to business processes and compliance to IT governance and security risks assessment within projects and business service areas.
Implement ServiceNow (ITSM) and Service Desk platform ITSM workflows upgrade.
Conduct ServiceNow upgrade workshop.
Define, document and communicate project objectives, status, risks and issues to stakeholders.
Plan and coordinate project meetings and discussions related to progress, issues, risks and day to day activities and open action items.
Analysed requirements for various reports, dashboards and created them using Tableau desktop server.
Manage new building IT implementation working with vendors and other stakeholders.
Successful scope, change, issues and risks management from initiation to project completion
Implement Hyperion Financial reporting for enterprise reporting.
Perform and document IT service and compliance weekly audits and status update.
Managed and coached onsite/offsite developers and test teams
Create customization (APIs) and automation for archer tasks fulfilment and compliance reports.
Manage day to day tasks/activities for all resources assigned to projects and ensure completion per requirements and charter.
Manage OCM related projects and metrics to align projects with enterprise expectation and change directions.
Work with vendors, shape requirements, deliverables, timelines ensuring integration and communication across teams, management, and vendors.
Ensure compliance with security requirements.
Client: Fifth Third Bank Cincinnati, OH March 2017 - November 2017
Position Cyber Security Project Manager
Collaborate with senior management, IT engineering, and implementation, operation teams to identify, prioritize, develop, and track strategic IT security project initiatives aimed at remediating vulnerabilities in enterprise infrastructure and operational environment.
Analyse penetration test results and engage with technology partners and IT SMEs to resolve identified vulnerabilities.
Work across business service areas and stakeholders to conduct PCI assessment, identify gaps, vulnerabilities, and ensure standards are maintained per requirements
Review business continuity and recovery plan with stakeholders and functional leads
Identify, recommend, prioritize and implement agreed upon changes.
Update business continuity and disaster recovery plan
Work with business leads, stakeholders to review business impact analysis.
Implement proof of concept network security projects to choose a network security and surface intrusion prevention application.
Implement surface intrusion solutions-email protection and anti-virus (McAfee/Symantec) software to harden end user protection.
Incorporate and manage enterprise OCM requirements and deliverables in cyber security projects.
Successfully managed $1.5m project cost processes from estimating, forecasting, budgeting control and variance reporting to stakeholders
Monitor and analyse syslog for network events generated from network security tools and controls.
Scheduling service and project meetings with vendors and clients to plan and implement project deliverables and engaged supporting teams for tasks completion.
Lead and participate in the development, review and delivery of project deliverables identified in the project plan.
Communicate project issues, progress, expectations and build commitment from key stakeholders.
Worked with vendors and customers to identify and manage RFP/SOW deliverables in project scope and plan.
Successfully planned and managed cyber events simulation and preparedness projects within the bank and specialized third-party actors.
Executed key program requests, technology project deployment coordinating with business, project team and operations to ensure requests are communicated across the enterprise.
Manage critical project dependencies to ensure that all requirements are syndicated to relevant work streams and business partners.
Identify critical risks and issues, drive resolution, and escalating to senior management, stakeholders using contingency planning and appropriate risk management procedures.
Client: Nationwide Bank - Columbus, OH June 2016 - March 2017
Position: IT Projects Manager/Scrum Manager
Agile/waterfall environment) Manage onsite and remote teams using remote agile/scrum practices and values.
Participate in daily scrums with team.
Review Jira requirements definition and provide estimated level of effort and expected task duration.
Database migration from P2P/C2C
Maintain the status of the assigned Jira epic/story/task and add tasks as appropriate.
Provide functional end to end validation and/or demo of sprint prior to initiating code promotion.
Designed and implemented solutions that increased sales, revenue, marketing experience for end users and customers.
Supporting and educating the product owner on grooming and maintaining product backlog
Assessing the scrum maturity of the team, coaching to attain high productivity, quality.
Manage and lead sprints planning, stories and moving impediments and resolving issues.
Facilitating discussion, decision making, conflict resolution and creating transparency
Responsible for leading agile teams in implementing financial IT projects within IT Solution Areas (Bank Business Service Areas- Mortgage, Lending, and Marketing).
Managed Call centre and mobile applications development projects
Lead all aspects of information technology projects and multiple IT projects, including project planning, execution, timing, functionality, quality, communication, and budgeting.
Successfully implemented security requirements for Beacon projects
Managed and coordinated internal resources, third party vendors in executing integration projects.
Supply recommendations and subject matter expertise for the development/architecture of the tableau platform.
Prepared, tracked and analysed project budgets for variance and control.
Produced WBS and define project phases, activities, tasks, and deliverables for multiple bank IT projects.
Managed IT Building/Data center migration and deployment using manual and automated SQL DB.
Produced and coordinate project communication, metrics, and weekly updates to relevant stakeholders on project performance and progress.
Client: Cardinal Health, Dublin Ohio - Dublin, OH July 2015 to June 2016
Position: M&A International IT Project Manager
Manage multiple with low to high complexity Tech Refresh/infrastructure integration/data centre migration projects in China for Cardinal Health.
Gather and agree on project objectives, requirements, deliverables and develop scope and project plan for new building move and IT implementation.
Managing and delivering of IT Infrastructure from scoping, setup, execution, and completion. including racks, switch configuration, patching, server builds, LAN, WAN Wi-Fi network configuration and upgrade.
Define solution, team structure, set expectations, lead, coach and motivate team.
Perform project risk assessment and issues management.
Manage cross-functional US and China teams for effective project alignment and delivery.
Effectively manage cost, schedule and scope for timely and quality project delivery
Produce WBS; define project phases, activities, tasks and deliverables for multiple projects.
Produce and coordinate project communication, metrics and updates to relevant stakeholders on project performance and progress.
Gather and agree on project objectives, requirements, deliverables and develop scope and project plan.
Define solution, team structure, set expectations, lead, coach and motivate team.
Perform project risk assessment and issues management.
Track activities, open action items, and report project progress
Manage project budget, resources cost and infrastructure expenses.
Successfully monitored vendor expenses, performance and resolve issues.
Responsible for managing project costs, estimating, forecasting, and reporting on variance.
Schedule and moderate web and onsite meetings using Lync, Skype, WebEx, take and develop minutes to communicate to project teams.
Perform project closing activities and final report to stakeholders.
Client: AMN HealthCare - Irving, TX
Position: MS Implementation Project Manager February 2015 to July 2015
Develop project plans in alignment to scope and schedule.
Enterprise-wide healthcare software implementation incorporating medical staffing, benefits, eligibility, scheduling and payer system in a cross functional environment.
Coordinating 21 concurrent Shift Wise software conversions and implementation projects in a cross-functional agile team environment. Resolved problematic technical issues.
Documented workflows and incorporated comprehensive training plan to medical staff that more than doubled access intake and compliance rate.
Coordinated Shift Wise software project that integrated medical and paramedical staffing with scheduling, onboarding, eligibility, benefit and payer system.
analyse and discuss the potential risks/benefits involved in using the Shift Wise software technology solution to address the business and Affordable Care Act requirements.
Track and document risks, opportunities and open action items/issues to meet quality and project goals.
Create charts, document, analyse and manage KPIs/dashboards for ongoing projects.
Schedule and execute project team meetings and develop minutes.
Monitor project progress and develop weekly/monthly updates and status reports for team and C-level executives.
Client: Abbott - Columbus, OH Aug2014 to Feb 2015
Position: Project Manager/BA
Coordinate software license transfers and software harvesting projects.
Managed assets allocation project between Abbott and Abvie separation process
Managed the vendors on boarding, offboarding, configuration and integration.
Collaborate with other functional project managers to ensure alignment with projects scopes and goals.
Conduct workshop with cross-functional teams and stakeholders.
Develop best practices and communication plan for horizontal and vertical dissemination.
Coordinate with solution architects, vendors, stakeholders, and team meetings to communicate project deliverable, set expectations, lead, coach and motivate.
Perform project risk assessment and issues management.
Manage risks, issues and change management.
SharePoint maintenance: create, edit and update project plans, communication artifacts etc.
Collect and analyse business requirements into technical requirements for project scope and solution delivery using agile methodology.
Convene and moderate meetings for Software Licence Transfer project team and core group.
Monitor and manage risks metrics with owners until resolution.
Performed Work Breakdown Structure to align teams with tasks, timelines and budget.
Maintain Microsoft Project Schedules, monitor tasks durations, completions, delays, costs, variance report.
Client: JPMorgan Chase, Columbus OH August 2009 to August 2014
Position: IT Project Manager
Produce and coordinate project documentation and updates to relevant repositories.
Coordinate enhancement, security and compliance and mobile applications projects on financial platform.
Implement Mortgage lending and marketing initiatives.
Tracked variance, schedules and project resources and assigned duties by managers.
Managed projects using Excel spreadsheets, MS Word, Adobe Acrobat and SharePoint for updates and data management.
Manage multiple workstreams with low to high complexity Tech Refresh/infrastructure integration/data centre migration projects.
Gather and agree on project objectives, requirements, deliverables and develop scope and project plan.
Successfully managed $2.6m project cost processes from estimating, forecasting, budgeting control and variance reporting to stakeholders
Define solution, team structure, set expectations, lead, coach and motivate team.
Perform project risk assessment and issues management.
Develop process documentation, standards, policies, and collaborated with business partners and works cross-functionally with departmental team members.
EDUCATION
Master of Science in Management/Project Management (MSPM) Strayer University - Columbus, OH
Master of Art International Affairs (MAIA) Ohio University Athens Ohio
Graduate Certificate - Cyber Security IT Auditing, Governance & Policies, CISSP (on-going studies) Keller School of Management
PMP- (enrolled)