Development Manager Risk Management

AHMED TAHA

Richardson, TX ***** 214-***-****

***********@*****.*** linkedin.com/in/ahmed-taha01

PROJECT/PRODUCT & PROGRAM MANAGEMENT SECURITY – COMPLIANCE (CISM/CDPSE Certified) RISK MANAGEMENT IT ADVISOR & CROSS PLATFORM DEVELOPMENT MANAGER

• Dynamic and accomplished World Class Security/Compliance and Development Solutions Professional with extensive experience in Cross Platform Development and Integration contributing to technical thought leadership for Fortune 10 and Fortune 500 Organizations within the Continental United States.

• Balanced combination of people management skills, scoping and budgeting abilities as well as technical skills, in addition to a solid business acumen. Recognized ability to evaluate data to identify exploitable IT Trends that contribute to an organization “Bottom Line” by driving efficiencies through leveraging existing technology frameworks blended with cutting edge industry IT frameworks.

• Solid foresight ability to read and apply future industry trends and recognize the clearest path to completion and delivery. Superlative interpersonal abilities and works well with all organizational levels including C Level Executives. Highly organized, directing many projects concurrently while attending to all details. Diligent and deeply committed to performance excellence. Consistently ranked within the Top 5% of the all-career organizations by internal vertical delivery organization peers as well as external clients.

AREAS OF EXPERTISE, CERTIFICATIONS & TRAINING

Certifications: Project Management Professional (PMP), Certified Information Security Manager (CISM), and Certified Data Privacy Solutions Engineer (CDPSE).

Cybersecurity and Compliance: Skilled in implementing and aligning cybersecurity practices with industry standards, including the NIST Cybersecurity Framework (CSF), NIST 800 series publications, ISO 27001, HITRUST, PCI DSS, and GDPR. This expertise is instrumental in managing risks and enhancing the organization’s security posture.

Agile and Kanban Methodologies: Proficient in Agile/Scrum and Kanban practices, with experience in utilizing tools like Asana, Jira, MS Project, Planview for project tracking and management. Proven track record on optimizing ROI through strategic planning and execution.

Cybersecurity and Privacy SME: Adept at interpreting complex compliance documents, converting them into comprehensive rule sets, and integrating robust security controls throughout the enterprise.

Cloud Computing: Completed Google Cloud Platform training, gaining foundational knowledge in cloud services and architecture.

Software Development Lifecycle (SDLC): Comprehensive understanding of the full SDLC, including process engineering and improvement methodologies such as RUP, Waterfall, UML, and Extreme Programming.

Leadership: Strong people management skills, with a track record of leading customer-facing projects to successful completion.

Demonstrated awareness of network security principles, including firewalls, intrusion detection, and network segmentation, within the context of security and compliance projects PROFESSIONAL EXPERIENCE

Project Manager – IT Product and Planning Data Analytics & Business intelligence In Assignment at Cigna Group (eviCore Health) Springfield, TN (06/2024 – Present) Leading strategic projects in data analytics, delivering insights to optimize operations and drive decisions. Managing analytics platforms with a focus on scalability, data security, and compliance. Technical Product Manager – Amazon Control Framework In Assignment at Amazon (Security Foundation Team), Seattle, WA (11/2023 – 06/2024) Project Manager – CONTROL LIBRARY INITIATIVE

In Assignment at Humana Health Insurance Company, Louisville, KY (04/2021 – 11/2023) Leading the project management effort for the Control Library Project Initiative. The Control Library Project aims to create a centralized and authoritative source of truth for control information. This initiative will enhance transparency for business and control owners by establishing clear lines of accountability, defining scope requirements, and implementing a predictable assessment schedule with proactive planning capabilities. The final product is designed to support various compliance and assessment reviews, including HIPAA, PCI, SOC, and SOX Selected Achievements

• Exhibited exceptional leadership skills by spearheading cross-functional teams to customize, enhance, and seamlessly integrate RSA Archer’s Governance, Risk and Compliance (GRC) solution. This strategic initiative aimed to significantly improve compliance and audit processes, resulting in increased effectiveness and automation functionalities. Successfully delivered a robust and streamlined solution that optimized resource utilization, enhanced productivity, and effectively reduced audit fatigue.

• In close collaboration with cross-functional teams, lead the project team to collect control data, customize the GRC platform according to the organization's needs, implement best practices, and assist in building a more secure, robust, and resilient security posture for the organization. Technical Program Manager – VEHICLE CYBERSECURITY

In Assignment at Toyota Motors North America, Plano, TX (03/2020 – 03/2021)

Liaise with the Data Privacy Office to direct technical integrations of privacy specifications into the vehicle engineering processes; synchronize the implementation of Privacy by Design principles.

In conjunction with multiple entities, lead the coordination with global stakeholders in evaluating/implementing the NIST Special Publication 800-53. Revision 5. Security and Privacy Controls while simultaneously validating compliance with ISO/SAE 21434 Best Practice Principals.

Spearhead the planning/execution of the Vehicle Cybersecurity Education and Awareness initiative focused on aligning with Auto-ISAC Best Practices guidelines.

Selected Achievements

• Exhibited adeptness in efficiently managing a cutting-edge cloud-based solution, encompassing data extraction, classification, and secure transport for unclassified vehicle data. Leveraged advanced technologies like Amazon Web Services (AWS) and Microsoft Azure to optimize operations, bolster overall solution performance, and ensure compliance with privacy regulations.

• Project management of the Open-Source Program Office initiative aimed to ensure compliance/alignment with the organization's goals and strategies.

Technical Advisor Project Manager Technical Architect – CVS Health / Caremark / AdvancePCS (Acquisitions) Fulltime - CVS Health Dallas, TX 01/2000 – 01/2020 Played several roles in different groups, within the organization. Security & Compliance Lead covering eCommerce/Middleware systems, Web Application Development Lead, Enterprise Architecture PM role and other leading technical roles. Provided technical and team management direction across multiple projects encompassing the implementation of full SDLC, Software Integration and Infrastructure architectures; thereby making vital contributions to strategic and directional decision-making. Leadership Responsibilities/Accomplishments

Handling Risk Management and Vulnerability Remediation Governance matters. Providing oversight with respect to all governance aspects to ensure all the Middleware Systems are up-to-date on the required patching level. Furthermore, oversight and assurance that scanning (utilizing the Qualys vulnerability management) is taking place on a regular basis. Ensuring that security gaps are identified and addressed within the prescribed policy timelines in accordance with 100 % compliance directives.

Managed and provided oversight for the SOX, HIPAA and Med-D compliance and audit efforts related activities within defined delivery timelines.

Demonstrated strong leadership and communication skills by follow-up with teams on a regular basis to help them understand the Unsecured Protocol (FTP & Telnet), File Integrity Monitoring, and Logging and Monitoring policy requirements, in addition to obtaining and updating status, and solving issues before they cause completion delays.

Lead the infrastructure implementation of major strategic initiatives and integration efforts (Maintenance Choice Project, Strategic Testing Platform Project, Parallel Development Environment project, etc.)

Coached various teams on enhancing processes of QA / Code Deployment. Technical Responsibilities/Achievements

• Spearheaded efforts to incorporate user-centric design models into clients’ development methodology.

• Led teams of developers in building several enterprise web applications utilizing Made several BroadVision Platform.

• Co-led BroadVision 5.5 to 6.0 migration planning and execution.

• Guided and mentored a team of eight developers to develop solid code using BroadVision and WebLogic.

• Customized payment handlers within BroadVision Retail Commerce to enable credit card verification.

• Re-designed and developed the shopping cart and order processing scripts to reduce errors by over 50%.

• Performed observation logging to track user site interaction for later use in business reports.

• Designed and developed a complex module to enable the persistence and recovery of crucial session information in case of a single server failure – thus preventing disrupted user experience.

• Coded several JSPs and servlets to enhance the site under the J2EE compliant BroadVision 6.0 architecture. Technical Lead/Software Engineer - Liberty Financial Companies, Boston, MA 1998 – 2000 Provided Technical and Team Management Direction across multiple projects encompassing full SDLC development and integration. Provided Team members with performance-based indicators for career development. Primarily responsible for all resource acquisition and allocation from external consulting houses for Web Projects. Mentored new hires and junior developers. Responsibilities/Achievements

• Played a lead role in the design, development, testing, and deployment phases of the site.

• Gathered requirements, designed web pages, and created unit test plans.

• Designed and developed matching rules and communities to enable personalization for investors and brokers.

• Led BroadVision 3.0 to 4.1 migration planning and execution.

• Coded 95% of entire website’s server-side Java Script pages to make the launch possible. PRIOR PROFESSIONAL EXPERIENCE

Context Integration, Boston, MA 1998

Technical Lead/Software Engineer

CommPlus, Inc., Philadelphia, PA 1997

Role: Programmer/Analyst

GeoTech Communications, Inc., Brampton, Ontario, Canada 1995 – 1997 Role: Senior RF Systems Designer

The Fishel Company, Columbus, OH 1992 – 1993

Role: CAD Operator/Designer

EDUCATION

Bachelor of Science (BS), Electrical Engineering

Ohio University

Executive Juris Doctor (EJD)

Concord Law School, Purdue University Global

PROFESSIONAL MEMBERSHIPS

Information Systems Audit and Control Association (ISACA) The Project Management Institute (PMI)

Contact this candidate