Experience

• 

  Allianz Life

  • United States
  • Insurance
  • 700 & Above Employee

  • Information Security Consultant, Principal

    • Apr 2022 - Present

    • Assess risk to the confidentiality, integrity and availability of the organization’s information assets; make risk treatment recommendations to management; research, evaluate, and recommend new security products, processes and procedures.• Collect and analyze security requirements from internal and external customers; reconcile any conflicts identified with information security policies and standards.• Design and test security solutions utilizing existing products in the security engineering portfolio: firewalls, proxy servers, intrusion detection/prevention, data loss prevention, anti-virus, anti-spam, vulnerability scanning, security information and event management.• Provide day-to-day operations of threat intelligence, security engineering, risk management, and oversight in the delivery of security services designed to ensure the reasonable confidentiality, integrity and availability of information resources, systems, and information technology services maintained and operated.• Work with users, information technology, support staff and vendor partners to troubleshoot and resolve problems associated with security products and related processes to identify and recommend opportunities for improvements to IT Security & Risk Management.• Work with vendor partners to monitor security products for evidence of unauthorized activities or violation of the organization’s security policies, standards and procedures; report incidents and violations to management.• Develop, implement and execute control activities to ensure that security products, processes and procedures are working as intended; remediate any deficiencies detected; provide documentation and other artifacts related to the design and operation to audit group as requested.• Develop and collect metrics that measure the volume and trends of work activities and events within the security operations capability; provide regular reports to management.

  • Principal Security Engineer

    • Sep 2013 - Apr 2022

    • Assess risk to the confidentiality, integrity and availability of the organization’s information assets; make risk treatment recommendations to management; research, evaluate, and recommend new security products, processes and procedures.• Collect and analyze security requirements from internal and external customers; reconcile any conflicts identified with information security policies and standards.• Design and test security solutions utilizing existing products in the security engineering portfolio: firewalls, proxy servers, intrusion detection/prevention, data loss prevention, anti-virus, anti-spam, vulnerability scanning, security information and event management.• Provide day-to-day operations of threat intelligence, security engineering, risk management, and oversight in the delivery of security services designed to ensure the reasonable confidentiality, integrity and availability of information resources, systems, and information technology services maintained and operated.• Work with users, information technology, support staff and vendor partners to troubleshoot and resolve problems associated with security products and related processes to identify and recommend opportunities for improvements to IT Security & Risk Management.• Work with vendor partners to monitor security products for evidence of unauthorized activities or violation of the organization’s security policies, standards and procedures; report incidents and violations to management.• Develop, implement and execute control activities to ensure that security products, processes and procedures are working as intended; remediate any deficiencies detected; provide documentation and other artifacts related to the design and operation to audit group as requested.• Develop and collect metrics that measure the volume and trends of work activities and events within the security operations capability; provide regular reports to management.

  • Security Analyst

    • May 2009 - Sep 2013

    Screened inbound and outbound e-mail for viruses and spam, blocked messages according to rules set on the e-mail gateways for the company. Provided policy rules for desktop clients on the network and for laptops that connect remotely using VPN network. Provided policy and rule analysis for proxy services, created requests to vendor for modifications to those policies and rules. Created and monitored data loss prevention policies for the enterprise, worked closely with Compliance on modification and exceptions to those policies, also monitored events being reported to data loss prevention system for analysis and trend reporting. Blocked directed attacks on the network from penetrating the end user systems; also provided reporting of attack attempts to the console server. Provided visibility into attacks, viruses, and unusual behavior on the internal and external networks. Produced on-demand and scheduled reports for intrusion-detection systems. Audited system parameters for user accounts network settings, patches, and other security factors. Ensured availability and accessibility of Allianz Life infrastructure systems accordingly to established Service Level Agreements. Collaborated with third party vendors and manage delivery of contracted services ensuring compliance with Allianz Life processes and best practices. Engaged with other IT departments and business partners to translate business objectives into cohesive recommendations and solutions, define infrastructure design, and deliver quality services and solutions.

  • Service Mgmt Tech Sr

    • Aug 2008 - May 2009

    Provided oversight for service management processes for security systems. Measured and evaluated process performance and made recommendations for process improvements to expand service levels. Developed and executed action plans to improve process performance to all service levels. Coordinated service management activity across multiple vendors. Provided oversight responsiblities to vendor management for instruing , directing and checking others work. On multiple occasions, evaluated and reviewed new technologies for security team. Acted as project leader for project with small budgets and limited duration for security team. Ensured defined and agreed upon processes were followed, interfaced with all other relevant processes, set performance targets, conducted process audits and effectiveness / efficiency reviews and managed the process improvement cycle. Designed, specified and implemented detailed service and process metrics. Created and maintain the billing payment process for Infrastructure Services. Responsible for the accrual and variance reporting for Infrastructure Services.

  • Principle Metric Analyst

    • Apr 2006 - Aug 2008

    Updated and developed process and procedures regarding Infrastructure Services performance measurements to IT Senior Management. Responsible for metric life cycle process from creation, collection and reporting through analysis and trending, to recommendations and implementation of changes of all metrics. Performed data analysis and trending to support change recommendations, identified areas of improvement including metrics and processes, and implement metrics changes. Facilitated reviews with IT Senior Management and Infrastructure Services Management to define and refine metrics results are specific, measureable, attainable, realistic, and timely. Mentored Infrastructure Services teams for continued metric tracking success. Produced periodic performance reports and communicate metric information including reports, changes, and best practices to teams and management as necessary. Reviewed and implemented metric change recommendations and communicate status to individual requestors. Responsible for the budget/re-forecasting process for three cost centers and help coordinate a forth within Infrastructure Services. Created and maintained bill payment process, responsible for the accrual and variance reporting for Infrastructure Services.

  • Capability Manager, Change Management

    • Apr 2005 - Apr 2006

    Accountable for daily implementation and governance of Change Management disciplines, associated standards and ITIL processes for Information Technology. Responsible to ensure all IT teams efficiently comply with all the Change Management policies, processes and procedures in order to minimize the impact and risk of Changes introduced into our environment. Required continual interaction with all IT teams and managed service providers along with daily relationship management responsibilities. Worked with the operations and infrastructure teams to make sure the teams are aware of any upcoming changes, that change impact has been adequately assessed, and to ensure the team is ready to support new changes/releases within the environment. Worked closely with IT management and teams to prioritize changes and develop a mutually agreeable change schedule. Ensured appropriate action was taken in regard to various personnel actions, including hiring, work assignment, performance appraisals, promotions, vacation schedules and performance and development plans and effectively managed team budget.

  • Capability Manager Service Operations Center

    • Nov 2002 - Apr 2005

    Provided leadership to Information Technology teams through performance management, efficient work assignments, and effective resource management, which included, organize and monitor all team projects and detailed work assignments. Responsible for the supervision, coordination and execution of all team deliverables, to include after-hours support and to ensure correct policies and procedures are in place and adhered too. Provide leadership, training and mentorship to team. Ensure a well-trained team through use of appropriate education and training. Communicate and coordinate with Information Technology Management and Directors to provide quality service to department and entire company. Maintain after hours support schedule to allow for necessary support coverage. 24 hours a day, 7 days a week, 365 days a year.

  • AVP, Director of Operations

    • Jul 1998 - Oct 2002

    Responsible for anticipating and resolving system operations problems on an enterprise level, as related to Information Technology operations, monitored reports and tracked all production outages. Anticipated future direction and related to future operation needs and projects. Developed and implemented policies and procedures for the Data Center, Copy Center, Desktop Support, Service Desk and Operations Support functions. Performed proactive analysis on all factors impacting high availability and service level attainment. Requires interaction with appropriate IT and business unit personnel. Interfaced across several areas, acted as a sounding board, to proactively assist in defining direction for future projects. Remained continuously aware of business, technical and infrastructure objectives to aid in the development of creative solutions for each. Significant exposure to users, capable of interfacing with all levels of management and outside vendors. Proven track record of managing diverse technical staff while maintaining a high level of user trust and confidence in the Operations team’s knowledge of and concern of business needs.

  • Data Center Manager

    • Jan 1997 - Jun 1998

    Responsible for system, security operations, coordination and execution of production processing, management of expendable data center supplies and completion of system maintenance and security deployment in the Data Center facility. Provided leadership and management for planning, provisioning, implementation, and support of these areas and services critical to provide smooth and efficient operations and achieve up-time service level agreements. Overseen preventative and operational maintenance, maintained a secure environment and processes, running of networking and power cables, created and maintained documentation for policies and procedures. Provided overall management of the data center environment to provide overall staffing management, and tasking for 24 by 7 by 365 facility operations.

• 

  LifeUSA Insurance Co. (MN), Allianz Life

  • St. Louis Park, MN

  • Shift Supervisor

    • Sep 1995 - Jan 1997
    • St. Louis Park, MN

    Provided leadership and knowledge transfer to other operations staff and exercised substantial independence of judgment in performing job duties. Performed variety of tasks including operations of multi-processing computers and a variety of peripheral and communication equipment in the production of necessary reports and other documents, quality control of data and reports, job control setup and scheduling, office operations, and organizing maintaining, processing and distributing reports. Ensured all changes to the production environment did not adversely affect operations and met data center defined standards, including changes to application software; operating software; and hardware changes placed into production. Planed, designed, developed, coordinated, tested and implemented system schedules, job streams, procedures and standards for the data center.

• 

  Overholt Crop Insurance Company

  • Bloomington, MN

  • Senior Computer Operator

    • Apr 1992 - Sep 1995
    • Bloomington, MN

    Supervised and supported operations during production processing, to include scheduling, coordination, and execution of job streams, report distribution, backups, and file maintenance. Communicated with Management all system failures or production problems. Took ownership of problems and/or new procedures and follow them through to completion. Responsible for monitoring production/QA environments first level support of issues/alerts, communications with engineers/shift manager, managed conference bridge, validated new procedures, suggested new procedures, monitored or managed backup jobs and responded to print and check printing jobs.

• 

  US Army

  • Korea, Ft Hood TX, Germany, Ft Carson CO

  • Senior Operations Specialist

    • Feb 1982 - Mar 1992
    • Korea, Ft Hood TX, Germany, Ft Carson CO

    Monitored all production systems, which included servers, telecommunications, storage, network, applications and operations. Managed all incidents to include initial troubleshooting, conference bridges, timeline, start and completion of remediation management. Managed all escalations via e-mail, phone call, pager or SNCO support. Managed operations tools used in monitoring infrastructure. Monitored facilities and datacenter infrastructure, production/QA environments, operated and implemented all operational infrastructure and procedures. Participated in incident and problem support activities, investigate, diagnose, and take prescribed actions on all operational events, alarms and incidents. Monitored all operations and services to ensure service quality is being delivered on a daily basis. Maintained operational logs and journals on all events, warnings, alerts and alarms, recording and classifying all messages; maintain all operational data collection procedures, mechanisms and tools. Maintained all operational documentation, processes, management and diagnostic tools and spares, ensuring that spares were maintained at the agreed levels. Ensured that all routine maintenance tasks were completed on all operational infrastructures. Ensured that all infrastructure equipment was maintained according to policies and recommendations and perform regular checks on environmental equipment and conditions.