Senior IT Security Specialist, Identity & Access Management

• Mar 2021 - Present

Its been a great two years at the NYISO.I have found a lot of success improving the day to day operations of the IAM program. I have excelled at identifying a problem and taking corrective actions to fix it. I have:Reduced a backlog of unauthorized change detections and account inventory "alerts". Implement a 25 check daily, weekly, and monthly checklist to ensure the right things are looked at the right intervals. This has been so vital for our 4 member team to ensure all 4 of us are doing things consistently and nothing gets missed(So important for compliance!). When items inevitably come up our team knows we can fix it by adding a check in our process. This avoids repeat issues.Used Powershell and Python to augment our daily checklists. I am not a fan of doing things over and over when a script can be whipped up to address it. My favorite so far has been writing powershell to take a CSV and craft emails for reviews. Saved SOO much time not having to craft 90 emails, copy/paste etc. etc.I've had a great time learning more SQL. I use SQL to generate reports and dashboards. Including modifying some of RSA's 12 Dashboards of christmas to fit our organization. If you don't measure it - it doesn't matter!I also use SQL to provide audit reports. These replaced screenshots which were time consuming and inconsistent.I run our application security meetings with great success. This was a great experience. I helped find focus of a bi-weekly application security meeting. I got to work with many talented developers. I created a bi-weekly dashboard to track and prioritize Third Party Vulnerabilities and Static Code Vulnerabilities. I worked with developers and management to provide focus at the meetings and get the "ball" rolling to allow for growth of the Application Security Team and Meetings. Show less

IT Security Specialist, Identity and Access Management

• Jul 2019 - Mar 2021

Administrator, System Services

• Sep 2010 - Mar 2021

-Use Powershell , Windows Batch, Unix Bash, and C#.net scripting to automate processes including local administrator password changes, file system rights changes, software installation on new systems, audit server configuration, server inventory report, sql inventory report.-Support the day to day management of three VMWare clusters and assisted with the addition of a new ESXi server to the farm.-Primary administrator for a Citrix farm of seven XenApp 6.5 servers focusing on the delivery of published applications to end users.-Responsible for the administration of 25 Microsoft SQL servers including 2005, 2008, and 2008 R2 standard and express editions. Responsible for implementing and managing weekly maintenance plans. Experience with reporting services, linked servers, and maintenance plan management.-I introduce improvements to operations including reorganizing file share, improving documentation practices, daily operations checklists, regular server audits, and script audits.-Proactively drive good documentation practices including server build checklists, documentation templates for servers and applications, procedural documentation, code repositories, decision and change tracking.-Managing project to migrate 30 Windows 2003 servers to Windows 2008 R2 including web and database servers.-Assist with help desk tickets for server associated issues and assisted other departments on related tickets.-Responsible for the administration of a Compellent SAN environment including restoring virtual machines from replay, managing storage profiles, and creating and deleting datastores.-Actively participate in change control processes, meeting regularly to discuss technology changes that may affect internal departments or customer facing applications.-Experience working in a fast pace team environment with rotating on-call schedules and after hours work. Show less

IT Security, Governance, and Compliance at SEFCU

• Dec 2017 - Jul 2019

• Improved monitoring of Palo Alto Firewall Logs and Log Logic Log Vault logs. Added Monitoring for tracking firewall attacks, users logging in with a different username, event log clearing, Active Directory group modification, and local administrator use. • Used PowerShell to gather reporting information for monthly board report for ISO.• Used PowerShell to focus monitoring practice on high value activities.• Responsible for auditing weekly provisioning and deprovisioning process.• Tasked with implementing Forcepoint Data Loss Prevention system including creating and modifying initial policies for FFIEC and PCI.• Reviewed and modified policies and standards to ensure relevance. • Used Red Cloak, and Traps agents to monitor endpoint activity. Show less

Analyst

• Jan 2007 - Aug 2010

Converted electronic documents using windows and unix scripts and advanced Microsoft Office Techniques Converted electronic documents using windows and unix scripts and advanced Microsoft Office Techniques

IT Assistant

• Jul 2006 - Nov 2006