Security Manager Project Management
Resume:
TAMARA SAVINO, PMP
SR. SECURITY MANAGER, IBM GLOBAL SECURITY SERVICES
Summary:
IBM Sr. Certified Project Management (IT Infrastructure) Program leadership professional with extensive experience and SME in Information Systems and Information Security, Risk and Compliance. Capabilities include but are not limited to the following: FISCAM, NIST, PCI, ITSM and ITIL, SOX and Governance, Security Transition, Analysis and Expert Technical Writer.
EXPERIENCE:
IBM Security Services 06/2015 - Present
Sr. Security Manager
IBM Projects:
NextEra Energy. Florida Power Gas & Light / IBM Cybersecurity PM (June 2024 - Present)
Security Incident Manager for Escalations & Incidents
Security Ops Focal for Clients
Highly Proficient in IBM VSOC Portal Liaison between Client & IBM SecOps
Reports to CISCO at Client Organization doing end-to-end SecurityOps, Incident Management, VSOC & Stakeholder Management
McAfee ePO Redesign Plan for a $10B World-wide Financial Services Holding Company
PCI Compliance and Certification & PCI Assessment for an $83B Big-Box Store Global Company
Large-scale Security Transition Sr. Security PM for a $58B Global Financial Company
Steady State Managed Services Solution for a Privately held Fortune 500 Global Financial Company
Proposal Writer / Reviewer for a $3B Global Parcel & Secure Payments Commerce Company
Security Tower Transition Project for IBM for a 9.3B Financial/Holding Company
Data Encryption project for a Privately held 11B Multinational-mass media and information Company
IBM IDS and QRadar for a $891B Canadian-based Financial Services Company
ONNET Partner Migration for a $915M Financial Institution
Security Migration for a $935B Canadian-based Multinational Insurance Company – Indonesia Data Center
Transition Plan and Program Management for a $11.2B Canadian-based Aerospace Worldwide Subsidiary
RSA Archer Program for an American Fortune 500 Multinational 3rd largest Staffing Company in America
Identity and Access Management (IAM) Project for an American National Bank operating in 15 States
Sr. Security Manager to a National Insurance Company located in Atlanta, GA
IBM VSOC Portal Management / Concierge Service with Managed Security Services and SecOps
Management of Change Windows for Clients
Management of CAB Process and Oversight of Change Windows to ascertain Success
Sr. Security Manager of Weekly Stakeholder Meetings and Reports for National Insurance Company
Reports to CISO and Security Directors and Client Site – Client Facing
Assists with the Review and Provides Audit Evidence for Security Programs / Compliance Controls
Mentoring Programs to IBM Fellows
IBM Project Management Certification, June 2020
Sr. Security Manager for a National Healthcare Company – VSOC Portal Management, Change Management, Manages Client Relationship between NASCO and IBM MSS, Planning and Change Window Management
Supporting the IBM Security Services – Publishing to IBM Cloud Catalog, Project Management and Content Management of OM Content to Publishing to IBM Cloud Catalog.
Sr. Security Manager for IBM Blue Account in the HealthCare Industry
Sr Security Manager for International Financial Consulting Firm for IAM Infrastructure Program
COX Manheim – Technology Solutions, Alpharetta GA 03/2014 – 03/2015
Project Manager- IAM (Identity and Access Management)
Responsibilities:
Sr. Project Manager for the IAM Help Desk and Incident Reporting for COX Manheim. Manage Oracle Developers for the OIM 10g and OIM 11g Upgrade; RSA Archer and all Single Sign on (SSO) for Manheim.
Sr. Project Manager/Identity Management at Cox Manheim. Provides solution and implementation services. Tamara has had the role of Sr. Project Manager for several projects providing expertise and experience developing highly-available and scalable enterprise identity solutions. She’s had the responsibility of deploying of Oracle Virtual Directory, Oracle Identity Federation, Oracle Access Manager, Oracle Internet Directory as well as various other LDAP platforms.
Project Manager for the Cox Manheim Identity and Access Management (IAM) Help Desk, and Oracle OAM/OIM 10g and OIM 11g R2 Upgrade. Responsibilities include developing the overall design and strategy; Analysis to identify gaps in product and provide solutions to resolve; and Implementation/Deployment support.
Used Agile Methodologies extensively throughout the project.
Managed Data Center upgrade and Disaster Recovery.
McKesson Corporation – Technology Solutions, Alpharetta GA 10/2013 – 02/2014
Security Lead for Technology, Risk & Compliance
Responsibilities:
Performing Requirements Assessment with the internal organization for a Proposed SIEM Technology Solution (SIEM): Stakeholders, Risk Leaders, Business Owners, Security, SOC and Security Analysts for a new Security Technology RFP, Vendor Comparison, and Implementation Planning.
WAF (Web Application Firewall)
IAM (Identity Access Management)
Security Operations Center (SOC) Controls, Testing and Audit Readiness
SIEM (Security Information and Event Management)
MDM (Mobile Data Management)
VMO (Vendor Management Liaison to Vendor Vetting Process)
Test Plans (13)
RFP Creation
SIEM Requirements
Stakeholder Executive Meetings
SharePoint Administration
Regulatory and Compliance: HIPAA, PCI, ISO, SOX
Oversight Systems, Inc. – Marietta, GA 03/2013 - 10/2013
Security Lead for Technology, Risk & Compliance
Responsibilities:
Familiar with IS audit methodology consistent with GAGAS and FAM used to conduct Compliance Audit reviews (FISCAM), including planning, testing and reporting.
Understand FISCAM, ISO 27K, NIST, DoD, PCI and other IT/Security Controls required under the Audit Readiness guidance.
Requirements for Identity Access Management and overall Access Management IT/Security and Security Operations Center (SOC) Controls, Testing and Audit Readiness including IAM Policies, Standards, Procedures and Best Practices.
Provide support to the PMO by performing Security Leadership and Reviews.
Provide feedback as appropriate on products that include, but not limited to, control activity descriptions, test results for general computer controls, test procedures scripts and test results, action plans, written plan on effective method to assess IT controls, written plan on effective methods to assess operating effectiveness.
SunTrust Bank, Atlanta GA 01/2013 - 03/2013
PMO Project Manager/ Access as a Service (IAM)
Responsibilities:
Project Manager supporting a Bank VP of a department – Access as a Service, a service team dedicated to Technology Risk and Compliance and Secure Application Development Projects. Led a team of over 15 people including Employees and Contractors with Agile SDLC Lifecycle projects and services to SunTrust Bank. Project Management support included Demand Management, SharePoint, Weekly and Monthly Metrics and Reporting as well as Daily Operations Management of Projects and SunTrust Personnel.
Identity and Access Management for Access as a Service team at SunTrust Bank. Led team in developing Use Cases, Test Cases, Requirements and Testing for Identity Access Management and IT/Security Solutions to comply with SOX.
Worked across teams and with North American leadership teams by working with business and technical teams to manage IT Demand. In this capacity, I possess the capability to performed the following:
Determine and track all business and IT Services that can influence the demand
Develop a plan for Demand and Forecasting
Analyze Patterns of Business Activities
Manage IT Demand to understand future IT capacity requirements
Support other ITIL Service Management processes as required.
ING Investment Services, Atlanta GA 10/2012 - 11/2012
Project Management
Responsibilities:
Scope of Work and Project Launch Planning at ING or Asset Management in Technology Risk and Compliance. Project was placed on hold after the completion of Planning, pending Budget approvals by the Stakeholders. Identity and Access Management Project Manager (IAM) for ING Stakeholders, Executives and led team through 2 for Access Management solutions.
First Data Corporation, Atlanta, GA 11/2011 - 6/2012
Project Manager
BPI Bank of America Merchant Services Platform Integration to First Data
Role required the initiation, management and execution of a 3 year IT/Business program to deliver $64M dollars of revenue to First Data Corporation via First Data’s BANA Migration and Rehosting of Distributed and Mainframe Systems from Bank of America Merchant Services. Divestiture of over 750+ Bank employees and rehosting efforts.
Responsibilities:
Execution of Employee Day One plan triggers increase in monthly fixed service fees – from $680k to $1.3M.
Work collaboratively with multiple stakeholders, business, IT teams and vendors, to develop and refine IT demand forecasts
Forecast IT project demand, including required people resources and skills, and IT infrastructure and application resources
Forecast operational demand for IT resources based on business requirements, seasonal cycles, end user, IT and other trends or events.
Develop incentive plans to influence demand
FD hosted application and infrastructure rehost (lift and shift) planning session
Operations teams planning for migrations
Launched program governance
Project Management Office (PMO)
Georgia Department of Education 01/2010 - 06/2011
Business Analyst
Security Analyst and Policy Writer for the Chief Security Officer of the GaDOE
Performed full life cycle Business analysis, systems testing and user acceptance testing. Supported the IT Infrastructure team with Audit documentation for the IT Security Policies, Standards, Procedures and Best Practices. Reported to the Chief Information Security Officer (CISO) of the GaDOE.
Responsibilities:
Created trusted relationship with the PM, business lead and vendor Manage requirement changes and inform PM of impacts and change control needs
Worked with PM to develop project activities and work plans as it relates to BA activities
Assisted in estimation of project activities
Experience in the financial services industry or equivalent regulated industry Strong consumer knowledge of banking products, services and channels Experience working with vendor delivered solutions
Demonstrated project leadership and/or management experience
Demonstrated self-motivation, quality focus, and flexibility to succeed under evolving business constraints and priorities
Working knowledge of cyber threats
Knowledge of Clarity, SharePoint and the Microsoft Suite of solutions
SDLC
FISMA Best Practices: Policies, Standards and Procedures
All NIST and FISMA Controls and Policies, Standards and Operating procedures including Identity and Access Management (IAM)
Matrix Resources 11/2004 - 01/2010
Project Manager (PMO)
Project Management Office methodologies with experience in Application Development / PMP Qualified.
Responsibilities:
Deliver IT Services Management (ITSM) solutions based on ITIL best practices that focused on the people, process, and technology, and information perspectives of providing business solutions within the IT infrastructure. This includes all aspects of ITSM best practices and methods from analysis, architecture and design, planning, implementation, and support.
PMO Project Manager and Business Analyst for SDLC applications for an ASP Recruiting Candidate Portal application.
Internal SAS 70 Type I and Type II Lead Internal Auditor of Finance/Accounting and IT Internal Controls for Bank of America and MBNA Bank client and leading IT organization for the CFO and Controller and VP of Managed Services with external Auditing firm CBIZ, Atlanta.
Delivered Web-based application (.net Website application) for leading Atlanta-based Cellular Communications Company.
Used RUP and Agile Methodologies.
The Gartner Group and META Security Group, Inc., Atlanta, GA 7/1999 - 11/2004
Manager, Enterprise Engineering
Security and Managed Services and Professional Services Consulting. Engineering R&D Program Manager of ASP Security Managed Services Portal application.
Responsibilities:
Project Management Office methodologies with experience in Application Development / PMP Qualified.
Developed and delivered IT Services Management (ITSM) solutions based on ITIL best practices that focused on the people, process, and technology perspectives of providing business solutions within the IT infrastructure.
Developed and delivered solutions that assess, plan, architect and design, and implement technology solutions for enterprise wide heterogeneous IT and Security environments to meet business requirements. These solutions included Change and configuration management, service level and problem management, capacity and performance management, cost and risk management, etc.
Developed ASP IT/Security Managed Services Portal application. Engineering R&D Program Manager of Command Center ASP Security Portal.
IBM Internet Security Systems (50th Employee of IBM ISS) 7/1996 - 07/1999
Manager, Enterprise Engineering
Responsibilities:
Award-winning Technical Publications Manager, Security Vulnerability and Exploit Database, and Online Help Systems
Project Management Office methodologies with experience in Application Development / PMP Qualified.
Manager of Enterprise Engineering Department, Technical Publications for the world-leading Intrusion Detection Systems Company IBM Internet Security Systems.
Managed project schedules, traceability and management objectives for the Engineering Department, Technical Publications.
Led Vulnerability/Exploit Content Management of Online Help Systems Development and documentation for the IBM ISS Security Vulnerability Database (X-Force Database).
Document WhiteHat Security Professional product suite of Administrator and Security-level Administrator Guides.
Led Technical Publications team members and created Society for Technical Communications Award-winning Technical Publications and Industry Award-winning Leading Online Help Systems in IT and Security Trade Journals.
Led team of Sr. Technical Writers, Researchers, Content Managers, and Online Help Developers to successful delivery of printed and online media distribution for a suite of Award-winning Leading Intrusion Detection Systems solutions.
Hired by and reported to the VP of Enterprise Engineering; CEO and CTO of IBM Internet Security Systems respectively.
Education:
Harvard Extension School Fall 2016-Present pursuing Global Security Certification, Psychology (3.25 GPA)
St. Leo University, Criminal Pre-Law (3.25 GPA)
IBM Blue Ambassador at UCLA – Summer of 2017
IBM Certifications:
Certifications:
Completed IBM Project Management Workshop
Earned IBM Sr. Expert Badge
IBM Sr. Security PM
Member of the PMI and Atlanta PM Chapter – Sitting for PMP in 2017
IBM Certifications - IBM Think40 Training Program
5,500 hours of Approved PM Hours; PMI Institute, PMI Atlanta Chapter; PM (PMO)
SANS.org – Policy Management Certification / Trusted Member of SAN.org
Skillsoft Training – Project Management Certificate
Contact this candidate