Dynamic and energetic hands on leader with a proven ability to direct quality programs, and deliver enterprise projects. Able to train, lead, and motivate effective cross-functional teams. Exceptional presentation and communication skills. A strategic planner adept at getting in the dirt, assessing the technology needs of the business and developing workable roadmaps for delivering creative solutions. Proven track record of positioning IT and Security as a business partner whose seat at the table is essential to driving winning objectives. Recognized as an organizational thought leader and subject matter expert. Demonstrated history of continuous improvement across the people, process, technology triad. An established proficiency in IT governance, policy creation, and standards implementation.
Professional IT consulting services include:
• Recommend cost-effective technical solutions to mitigate risk and improve productivity
• Implement, administer, and troubleshoot various platforms, technologies, products, and services
• Perform vulnerability, productivity, and efficiency assessments on client’s focus areas
• Prepare audit reports and provide recommended remediation strategies/solutions
• Serve as technical expert and provide ongoing optimization and problem-solving support
• Report emerging trends and provide recommendations for improvements and upgrades
• Install and configure hardware, software, and peripheral equipment for system users
• Oversee installation, implementation, configuration, and support of network components
• Develop and implement policy, programs, and guidelines
• Raise awareness and perform training on various technologies and best practices
Having been the leading IT Security SME in the organization, I was tasked with creating its first IT Security Department and Program, and placed at its head. The primary duties of this role were as follows:
• Advise senior management on cost/benefit analysis of information security programs, policies, processes, systems, and elements
• Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel
• Manage departmental, interdepartmental, and enterprise projects through full life-cycle
• Communicate the value and promote the visibility of IT security throughout all levels of the organization
• Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance with regulatory bodies including: PCI-DSS, GLBA, FTC, and CFPB
• Lead and align IT priorities with the security strategy
• Monitor and evaluate the effectiveness of the enterprise’s security safeguards to ensure they provide the intended level of protection
• Author, implement and oversee IT and IT Security standards, guidelines, policies, processes, and best practices.
• Oversee the information security training and awareness program
• Track audit findings and recommendations to ensure appropriate mitigation actions are taken
• Establish, implement, and manage an effective cross-functional incident response team (IRT)
• Establish and maintain a secure SDLC practice in collaboration with in-house development
• Implement a standards-based (ITIL and COBIT) approach to IT service management
This role was a hybrid between the leadership and technical job ladders and required a high-level adaptability to a rapidly changing and ambiguous environment. Responsibilities ranged from day-to-day operations to consulting on enterprise projects to management and oversight of subordinate roles such as junior administrators and analysts.
• Provided senior-level subject-matter expertise and support on all security services, both information and physical.
• Acted in an advisory capacity on all current and future security technologies, strategies, procurements, and decisions.
• Aided in the architecture of security directives in congruence with the enterprise security strategy.
• Provide operational management on technology products and services ranging from Active Directory to SIEM to SSO.
• Helped to write policies, procedures, and best practices, and training on such was not uncommon.
This position required a broad and deep technical knowledge on many platforms, products, services, technologies, systems, hardware, and software. Responsibilities included:
• Acting service owner and SME on: Active Directory, SharePoint, Group Policy, Microsoft Exchange, Windows Server, Solarwinds, MDM, RBAC, Telecommunications, VMWare, NAC, Endpoint, many more.
• Configure and optimize network hubs, routers, and switches
• Patch network vulnerabilities to ensure information is safeguarded against outside parties
• Test and maintain network infrastructure including software and hardware devices
• Check server availability, functionality, integrity, and efficiency
• Design group policies and access control lists
• Install server fixes, updates, and enhancements
• Monitor and maintain server configuration and maintenance
• Diagnose and resolve internally reported system incidents
• Design, implement, monitor, and maintain physical security hardware, software, and systems