Sr Product Manager, EG Security

• Nov 2018 - Present

Manager, Cyber Security

• Mar 2017 - Aug 2018

Responsible for managing IT Security team and program overseeing Security Operations, Vulnerability Management, Cloud Security, Application Development, and GRC. I worked closely with all functional and business unit leads to address security issues, align processes and procedures, and develop and implement solutions to business blockers while maintaining an acceptable risk posture. Chartered and facilitated cross-functional Corporate Security Steering Committee to asses, interpret, and determine IT security risk, develop enterprise security framework, and review and approve IT security program policies and standards. Authored and published 32 corporate IT security policies and related standards with mappings to compliance frameworks (NIST CSF, NIST 800-53, SANS CSC, PCI, GDPR).Devised and implemented ServiceNow workflows, reports, and dashboards to manage security requests and workloads including KPIs and SLAs to ensure security function remained solvent.Developed SSL/PKI certificate program, implemented SaaS based public and private root CAs, redesigned ADCS PKI and managed upgrade to meet SHA2 compliance requirements reducing outages caused by SSL issues to 0.

Security Architect

• Apr 2014 - Mar 2017

Responsible for developing MHE security program during the divestiture from McGraw-Hill Financial which required analysis and recommendations on changes in technology, people, and process to align with business and regulatory compliance requirements in the following areas: Cloud Security, Vulnerability Management, Application Security, Vendor Risk, Security Operations, Incident Response, and GRC.Designed, implemented, administered vulnerability management tools and program across the enterprise resulting in the reduction of critical and high vulnerabilities in deployed environments by 45% and by 85% for new projects.Reduced the cost and overall GRC spend on PCI-DSS level 4 compliance by $450K by integrating tokenization services. Researched vendors, designed solution, and managed implementation project for IPS and network fabric aggregator yielding 250% improvement in coverage of corporate networks at a 70% reduction in cost.Established, trained, and mentored a team of 8 to support the transition from outsourced MSSP.Responsible for customer response of security function including managing, authoring, and responding to IT security and privacy RFPs and external audits.

Infrastructure Architect

• Jan 2012 - Apr 2014

Responsible for understanding industry standards and best practices, keeping current with trends and emerging technologies, and providing guidance and direction to the various business units that drive quality and performance across all infrastructure foundations (server, storage, network, data, and applications). Responsible for researching, recommending and implementing improvements and enhancements to legacy and future operations. To set standards for the organization on IT projects and processes.Responsible for ensuring all server, storage, network, and security needs are met and infrastructure foundations are designed for scalability, availability, performance, and compliance. Responsible for translating PCI-DSS level 2 requirements into technical specifications and ensuring those specifications are met across all infrastructure foundations.Designed and implemented Public Key Infrastructure (PKI) for 2 factor authentication using EAP/TLS over wireless and certificate restrictions for remote access.Designed and implemented 802.11i WLAN Robust Secure Network (NIST SP 800-97).Installed and configured Microsoft Network Policy Server/RADIUS for 802.1x wireless and network device management access authentication and accounting in a high availability configuration. Lead architect for hardware/software refresh projects: VMware 4.1to 5.0; 5.0 to 5.1; NetApp Data OnTap 7.3.4 to 8.1.3; Juniper SSG320 to SRX240 firewall replacement.Lead architect for design and implementation of core, aggregate, and edge switch upgrade for both NYC datacenters resulting in increased network performance and redundancy.Redesigned remote access on Juniper SA-4500s SSL-VPN for a secure, compliant, and unified user experience across all datacenters/sites.Installed, configured, and deployed Alienvault SIEM. Developed and documented related operational procedures and standards.

Senior Systems Administrator

• Jun 2011 - Jan 2012

Responsible for effective provisioning, installation, configuration, operation, and maintenance of systems hardware, software and related infrastructure. Provided leadership and mentoring to the other Systems Administrators.Responsible for the daily operation, maintenance and security of multiple datacenters including physical and virtual servers, network equipment, and SANs.Supervised the installation, configuration and migration of production environment at both NYC datacenters. Designed and implemented backup system for all critical systems and files in New York region providing RPO and RTO to business specifications.Designed and implemented server patching program for windows OS patches.Coordinated and executed upgrades to ABRA HR system and GIFTS grants management system.Provided Tier 3 support to helpdesk

Network Management Engneer

• Apr 2007 - Jun 2011

Responsible for the development, deployment, maintenance, and security of the desktop and server environment.Responsible for solving complex technical problems spanning networks, servers and workstations (Tier 2 issues).Administered Active Directory, Group Policy, Windows Update Service, McAfee Endpoint Protection, McAfee Endpoint Encryption, SMS, SCCM, Blackberry and Exchange messaging environment.Researched and implemented OS hardening standards for all internal and remote end-user computers.Member of Incident Response Team responsible for responding to virus and malware outbreaks as well as cleaning and verifying security and health of flagged remote end-point devices.Assisted with the upgrade of Cisco VPN client-side development and testing to ensure security standards were met.

PC Specialist

• May 2002 - Apr 2007

Coordinated with vendors and stakeholders to develop, implement and test PACS system (Picture Archiving and Communication System) for use in an Active Directory environment allowing remote access to PACS without duplicating expensive hardware at satellite locations and ensuring the system conformed to our security standards and HIPPA regulations. Identified process and technical issues with payroll system and implemented upgrades which reduced downtime and payroll errors by 75%.Provided technical support to enterprise-wide operations in a team environment for ~10,000 users and ~6,000 PCs.Helped develop, test and support IT dashboard to provide tools to technicians working throughout the enterprise decreasing onsite call resolution times by ~20%.

Interior Communication Electrician

• Dec 1995 - Apr 2001

Supervised and coordinated repair crew of 8 technicians, responsible for meeting maintenance deadlines and emergency response.Operated and maintained satellite up-link to provide live broadcast and telecommunications to ship’s crew.Developed ship’s broadcast channel intended for multimedia based dissemination of critical crew information.Maintained ships security, fire and flooding alarms as well as central damage control and security consoles. Member of the ship’s Security Assessment Team.Achieved rank of Petty Officer Second Class (E-5).Awarded Navy Achievement Medal for role as team leader in a berthing reconstruction project consisting of 40 personnel and spanning 2 berthing compartments. Responsible for organizing teams, workload and quality assurance to comply with Navy Berthing Standards.