Experience

• 

  Deloitte & Touche

  • Greater Atlanta Area

  • ERS Specialist Manager

    • May 2009 - Present
    • Greater Atlanta Area

    To improve security and privacy, I advise health care and public service clients on technology risk issues by:- Creating policies and standards to align with an organization’s strategic objectives, and defining measurable objectives on the project plan- Defining internal controls to mitigate risk, remediate vulnerabilities and improve security- Implementing security infrastructure and integrating systems to protect logical and physical assets- Improving affiliation (onboarding) and separation processes through identity and access management solutions

• 

  BearingPoint

  • Greater Atlanta Area

  • Senior Consultant

    • Oct 2007 - May 2009
    • Greater Atlanta Area

    For a Federal agency, led project IAM kickoff, garnered support from key stakeholders and enrolled 11 project managers to identify milestones, work breakdown structures and project management plans. Created strategic roadmap, provided business process reengineering for procedures, and created scheduling strategy.For a regional healthcare provider, performed IT assessment covering technical architecture and platforms, security, BCP/DR, process maturity (CMMI, CoBIT) and resource capacity. Led analysis discussions, created a gap analysis and presented findings to the CIO. Instead of simply providing an operational audit, a detailed technology roadmap and recommendations to leverage existing resources, mitigate risk and evolve to next level of process maturity.For Federal DoD agency, identified how various security tools addressed policy requirements and wrote incident response procedures. Developed Risk Treatment Plan (RTP) to address deficiencies with existing security controls. Authored System Change Request for DNS blackhole list and presented to Change Control Board. Positioned agency to pass DISA audit.

• 

  General Dynamics Information Technology

  • Greater Atlanta Area

  • System Security Manager

    • 2004 - 2007
    • Greater Atlanta Area

    Responsible for designing, configuring, implementing and maintaining all network security Infrastructure devices for a 988 site, 45,000 node wide area networkCreated an Extranet using multiple VPN using NetScreen / Juniper firewalls. This eliminated the need for an additional Internet Point of Presence and saved the organization $216,000 annually.Evaluated and implemented a SSL VPN solution. This is projected to eliminate maintenance requirements for 15,000 laptops. It also enhances security by limiting client’s interaction with network through portals and provides greater granularity checking client configuration prior to resource access.Designed, configured and implemented F5 BIGIP Load Balancers so intelligent decisions would be made regarding directing traffic. Phase 1 scope consists of load balancing Content Filter Devices used by 65,000 users. Phase 2 consists of providing greater availability for IronMail. Incorporating Local Traffic Manger with 3DNS will eventually allow Internet Points of Presence (PoP) consolidation from seventeen to four. This will provide increased redundancy and enable the organization to have increased bandwidth due to economies of scale. Projected saving estimated $4M annually.Configured and implemented NetScreen / Juniper firewalls to replace Secure Computing Sidewinder firewalls. At larger PoP, increased performance allowed the organization to reduce the number of firewalls from seven to two. Legacy firewalls needed to be replaced and changing vendors provided a one-time cost savings of $450,000.

• 

  CIBER, Inc.

  • Greater Boston Area

  • Senior Network Engineer

    • 2001 - 2005
    • Greater Boston Area

    Responsible for evaluating existing and new technologies, driving the highest level of customer satisfaction and overseeing 5 direct reports. Responsible for risk management and active monitoring of a 43 site WAN, 6900 users, 9000 node enterprise. Utilized customers’ feedback of information assets relative value to provide analysis of threats to confidentiality, integrity and availability. Played an instrumental role winning a help desk contract.