Marie Barrett **********@*****.***
Experienced IT professional implementing and supporting end-to-end enterprise solutions applying the ISC(2) CBK, PM BOK and the ISACA framework. She is an exceptional contributor either independently or as a team member. She has planned out appropriate defense in depth strategies mapped to the business vertical. She has successfully navigated across global functional units, departments and multi-cultural staffs in both the private and public sectors.. She evaluates and selects products for - IdM, SDLC, SLC, IPS, IDS, patch management, anti-virus, malware and endpoint protection. She has been a member of many governance committees and made presentations to senior management.
EXPERIENCE
MMIB current
Title: Director of Information Security
Position Summary:
Ms. Barrett provides information security services to clients in the NY area. She identifies areas for process improvement and implements change management to reduce their exposure to risk and implements mitigation steps. Her outstanding analytical skills and attention to detail enable her to identify potential problem areas, propose client specific solutions and oversee their agreed to acceptance and implementation.
Responsibilities:
• Conduct security assessments to identify PIM (privileged user management); SUPM (super user privileged access and (SAPM) shared account password management to mitigate insider breaches
• Define permission policies to support least privilege
• Interact with IT groups, users, customers and C level executives to develop security awareness programs
• Deliver security awareness training across the enterprise
• Provide support and guidance to all levels of employees, partners and vendors
NYC Dept of Education, New York, NY Duration: May 2007 – July 2010
Title: Director of Information Security
Position Summary:
Working with the CISO, as his Deputy, she provided input to the Information Security 5 year strategic plan to provide ‘an environment in which the right people within the greater NYCDOE community have the right access to the right data, when and where they need it.’ She assisted in the decision making processes for the selection of vendors and tailoring of approaches, methodologies, tools and initiatives; advocated for a Security Awareness Training program; streamlined communications to the stakeholders by creating and administrating a customized Sharepoint Portal. Facilitated weekly status meetings to streamline escalation processes across VPN, LAN, WAN, Applications, Exchange, Help Desk, the outsourced Help Desk and the SOC reducing the 72 hour resolution time to 24hours
Responsibilities:
• Lead architect in the deployment of the DOE citywide ARIS portal https://www.arisnyc.org serving 1700 schools
• PM for the development and roll out of customized security applications, e.g., PSAT for employee self authentication https://idm.nycenet.edu/selfservice/Login.do using AD Kerberos authentication with Java GSS
• Reengineered AD schema and data cleansing to identify and remediate privileged user creep
• Provided support and guidance to the PMO for their portfolio of applications through the SLC to harden security code within applications to prevent LDAP and SQL injections, and Cross site scripting
• Designed a security monitoring dashboard identifying and addressing some key performance indicators (PKI) and ensuring adherence to service level agreements (SLA) within the organization(s)
• Developed new and updated existing security policies, http://schools.nyc.gov/AboutThisSite/default.htm standards and guidelines such AUP
• Presented change processes across departments for the protection of information assets and resources
• Infrastructure architect for cloud hosting services for the iSchool initiative http://www.nycischool.org/
• Pioneered a Security Help Desk to handle security specific issues. Recruited and trained a staff on policies, procedures and guidelines for handling and resolving issues. This initiative reduced social engineering related issues by 90% within the first 12 months.
IBM Global Services, New York, NY Duration: 2002 – 2007
Client: NYC Dept of Corrections, NY
Title: Senior Security Architect / Project Manager
Position Summary:
Managed an on-site team of consultants and staff in designing and mapping a topology guide for the agency to be in compliance with Mayor Bloomberg’s 2007 NYC IT Strategic Charter and to achieve the mandated NYC Security Policy Memo 2006-02. She reviewed and updated agency policy guides to maintain compliance with NYC IT Charter
Responsibilities:
• Provided a FIT/GAP analysis of current and future state system integration
• Generated a role mapping and entitlements guide with clear separation of duties and system of record
• Automated 90% user and resource provisioning and deprovisioning
• Guided operational staff through change processes which resulted in tangible improvements in problem resolutions that resulted in an 80% decrease in escalations
Client: HBCBS, NJ
Title: Senior Security Architect/Project Manager
Position Summary:
Senior Architect in the successful implementation of Phase I of a SIEM Project to implement an IAM solution using the ISC CIA Triad. Phase I was a critical component in the larger Horizon Information Security Management Policy necessary for the organization to comply with HIPAA regulatory rules
Responsibilities:
• Member of Governance Committee as IT Security contributor
• Architected IdM solution to meet business and compliance needs that met the following deliverables:
o non-repudiation with clear SOD;
o centralized user authentication and authorization;
o provisioning and deprovisioning of infrastructure components, company assets and users
• Drafted security guidelines for the operational and support staff
Client: New York Life
Title: Security Project Manager
Position Summary:
Provided disaster recovery (DR) and business continuity (BC) across two physical locations that required infrastructure modifications. Conducted a Business Impact Analysis (BIA); presented findings and proposed solutions to executives for senior management approval while outlining the critical success factors.
Responsibilities:
• Provided architectural solution for the upgrade of Sun DS 5.1 to 5.2 (Removed proxy servers, due to redundancy). Migrated users from 5.1 to 5.2 and enabled 4 way Multi-Master Replication
• Eliminated any single point of failure (SPOF)
• Drafted the recovery time objective (RTO) established the recovery point objective (RPO)and the service delivery objective of 24 X 7 other than scheduled maintenance outages (SDO)
Client: UBS USA
Title: Senior Federated Identity Management Architect
Position Summary:
Deployed a FIM v 1.0 solution of a global enterprise security initiative. Conducted entitlements review with business owners to provide assurance compliance with the business ‘ need to know’ by reviewing the existing ACLs.
Responsibilities:
• Created detailed technical architectural and configuration documentation
• Identified product deficiencies directly with vendor to ensure SLA compliance
Client: Northrop Grumman USA
Title: Senior Security Architect
Position Summary:
Provided SSO to DoD veterans and active military personnel to access their HR and Payroll systems globally. Reviewed existing security policies. Monitored user permissions creep and resolved PIM issues
Responsibilities:
• Redesigned user workflow for on boarding and off boarding of employees, consultants and contractors
• Synchronized data from disparate user and data repositories
Client: Schneider I’nal, Greenbay
Duration: January 2004 – July 2004
Title: Senior LDAP Architect
Position Summary:
Designed and deployed an Enterprise LDAP for national trucking and shipping company and its business partners
Responsibilities:
• Architected the enterprise iPlanet Directory Server (LDAP) x.500
• Developed architectural blueprints that included system configurations, data flows and design considerations for recoverability, availability and administration (HACMP) using SunOne DS and iPlanet application server
• Provided documentation for user acceptance testing (UAT) and scheduled production roll out
Client: United Health Care, Unisys MN
Duration: May 2003 – October 2003
Title: Senior Security Architect
Position Summary:
Presented best practice approaches to secure data (in-flight and at rest), applications and hardware between UHC data center and partners
Responsibilities:
• Reviewed infrastructure architectural plans and presented policy recommendations to stakeholders
• Interacted with service manager leads in Unix Support Services, Database Administrators, Help Desk and Networking Teams. The environment consisted of UNIX and Windows NT OS, Java and J2EE for application development, SunOne DS, HP OpenView for monitoring, Legato Networker for backups, Brocade Solution for SAN and Remedy for Help Desk services
• Created action plans to address life cycle hardware and software incidents to improve response times
IBM Global Services, New York, NY Duration: 2002 – 2003
Title: Senior Security Architect (Band 10)
Position Summary:
Provided security consulting services to IBM Global clients in end to end identity access management engagements
Responsibilities:
• Reverse engineered manual data management activities to automated processes against silos of data (flat files, RDBMS, and RACF)
• Provided role mining and engineering to support role management for the enterprises and role-based access Control
• Documented end to end data protection for data in-flight and data at rest
SUN MICROSYSTEMS INC., Santa Clara, CA Duration: 1999 – 2002
Title: Global Program Manager
Position Summary:
Global Program Manager for internet adoption strategies to Sun clients in ASIAPac, EMEA and the Americas (Indosat – Indonesia; Intec, BestPolymer – Korea; PSA – Singapore; Sector, Ava – Venezuela; Espresso, France Telecom – France) delivering generation 1web applications using the Sun stack
TECHNICAL SKILLS
Platforms Windows, Solaris, Linux, AIX
Project Management Ms Project 2007, Visio, PVCS
Endpoint Security Symantec
Network Monitoring Cisco
Virtualization VM Ware, Hyper-V
Identity Management Stacks IBM, Sun, Oracle, Microsoft, BMC, Sailpoint
Directory Servers IBM, Sun, Oracle, AD, Virtual Directory
Web Servers IBM, Sun, Oracle, HTTP, Apache, IIS
Relational Databases Db2, Oracle, SQLBase
HR data access tools People Tools, Eurekfy
Help Desk Remedy Magic Ticketing System,
Application Frameworks and Design patterns ASP, .Net, J2EE, MVC
Other RBAC, OWASP, SANS
EDUCATION
Post Graduate Diploma Social and Health Education, Department of Higher Education, Ireland
Post Graduate Diploma Education, University College Cork, Ireland
Bachelor Arts, University College Cork, Ireland
HNC Computing, Telford College, Scotland
Extra Mural in Theology, Maynooth University, Ireland
CERTIFICATIONS AND TRAINING
(ISC)2: CISSP training
ISACA: CISM training
CEH training
ISACA: Security of Social Networks
Auditing Firewalls: Yesterday, Today & Tomorrow
IT Risk & Information Security
IBM Professional Certifications:
• Project Management
• Global Services Methodology
• Professional Consultant
• Tivoli Security Suite Product courses: ITIM, TAM, IDI, DS, WebSphere
Sun Professional Certifications:
• Installation, Configuration and Administration of Sun Directory Server (co-author and trainer)
• Developing applications with Java and J2EE (co-author and trainer)
• Understanding and Writing JSP’s, Servlets and EJB’s (contributor and trainer)
• Unix administration
New York City Training:
• Hiring Etiquette, Goals Training, Sexual Harassment
CONFERENCE PRESENTATIONS
• Sun Developer Conference(s)
PROFESSIONAL ORGANIZATIONS
• ISACA
Social media presence
• LinkedIn; Twitter; Facebook;; Google+; Pinterest