 Job duties include ownership and management of all aspects of the company Information Security Program. Create and maintain policy to meet and exceed FISMA guidelines and controls documented in NIST SP 800-53. Coordinates response and manages all third-party technical audits and assessments. Ensure design and operations teams meet control environment requirements for compliance, best practices, and meet the needs of the business process owners. Lead investigations into security incidents.

Information Security, Information Systems, and Network Consulting.

 Job duties include management of the Network Monitoring team resources to meet strategic and business goals; design, implementation, management and maintenance of West Corporation Network Monitoring and Application Performance equipment. Discretionary management of CA Spectrum and e-Health applications and architectures other network support applications. Respond to all client and third party assessments of network operations and network security posture. Accomplishments: Consolidated management of multiple applications to a single group. Planned and implemented Spectrum 8.0 application and architecture upgrade. Designed and deployed NetScout InfiniStream solution to assist in network troubleshooting issues.

 Job duties include designing, engineering, securing, and maintaining information systems and the wide area network. Systems managed include Cisco routers, switches, VOIP phone system, and PIX Firewalls; Linux servers; Windows Active Directory and Exchange servers; EMC Clariion disk array; and the physical security equipment. Also provides technical support to internal and external customers. Served as interim manager of the Systems, Network and Security Department, performing employee reviews, managing purchases, sales, and budgetary concerns. Developed capital expenditure budget for the 2005 Fiscal Year. Accomplishments: Designed and implemented a redundant LDAP server to handle centralized internal user management. Created the Solutionary Security Committee and served as chairman of the group. Created an ISO 17799 Corporate Security Policy.

 Established objectives, led teams of FDC Auditors, and participated in multiple, complex information technology (IT) audits and consulting projects, primarily focused on Information Security. Accomplishments: Managed FDC-wide project to obtain corporate certification of compliance with Card Industry Security Regulations. Established Key Management procedures for FDR Smart Card implementation, ensuring compliance with Visa specifications. Led a team that reviewed company use of Public Key Infrastructure (PKI), establishing a controlled environment and compliance with still-developing best business practices. Led team responsible for reviewing all FDC web sites for compliance with security policies and best practices. Developed audit program to evaluate all Internet-visible sites by a consistent set of standards. Led a team of Internal and External Auditors tasked with reviewing every line of suspect First Data Resources source code for Year 2000 Compliance. Received the Corporate Partnership Award.

 Designed, engineered, and implemented security precautions for FDC’s network connections with a primary focus on UNIX and TCP/IP vulnerabilities. Additional responsibilities included project management, the development of business cases, and documentation. Accomplishments: Championed and coordinated the project to establish the Centralized Security Platform for Distributed Systems. Designed and implemented the replacement Internet Mail gateway, saving FDC over $1,000,000 annually. Completed the research and documentation necessary for Direct Banking to receive ICSA Web Host Compliance Certification, establishing FDC as the first company ever to receive ICSA certification on the first inspection. Designed and implemented the first Internet Firewall for FDC. Engineered and co-implemented the firewall system for Internet Home Banking. Engineered and implemented the firewall solution for Offshore Programming resources, allowing FDC to securely utilize overseas programmers.

 Design, purchase, configure, and test UNIX solutions to USSTRATCOM SWPS computing issues. Responsible for a signature authority of $80,000.

 Performed System Administration functions for a network of over 200 Sun workstations, 25 Tektronix X-Terminals, and several IBM RS600’s, supporting over 400 individual users. The network supports the National Nuclear Defense Strategy, and (at the time) had a federally mandated 99.9% availability rating. Job functions included: User administration, system security, and system and network troubleshooting.