Assist in developing and maturing Risk Management program; Identify, communicate and monitor information security risks; Specify enterprise-class security systems for all environments; Collaborate with application and infrastructure architects to ensure security concerns are addressed; Align standards, frameworks and security with overall business and technology strategy; Develop solutions that balance business requirements with information risk and cyber security requirements; Identify security design gaps in existing and proposed architectures, and recommend changes or enhancements; Ensure compliance to standards, policies, and procedures; Develop delivery center specific security policies and standards documents; Mentor cyber security and risk management team members.

Responsibilites include: Design/specify enterprise-class security systems for pre-production and production environments; Collaborate with application and infrastructure architects to ensure security concerns are addressed throughout the entire system lifecycle. Align standards, frameworks and security with overall business and technology strategy; Identify and communicate current and emerging security threats; Design security architecture elements to mitigate emerging threats; Develop solutions that balance business requirements with information and cyber security requirements; Identify security design gaps in existing and proposed architectures, and recommend changes or enhancements; Ensure compliance to standards, policies, and procedures; Develop training and awareness programs; Provide guidance and mentoring for security team members.

Technical Security Program Manager at Pennsylvania Office of Administration - Infrastructure and Economic Development Delivery Center (PennDOT, DCED and PEMA). Responsible for the coordination and execution of multiple, simultaneous projects associated with the delivery of the Information Security Program.

Responsible for development, delivery and oversight of the organization's information systems security program. Coordinates risk assessments to ensure electronic information are adequately protected. Develops and maintains policies, guidelines and standard operating procedures in accordance of current regulations including HIPAA and PCI, and best practices.

Architect and maintain information security technology, policies and procedures necessary to protect patient and company information and the IT infrastructure. Configure and maintain firewalls and other technical security solutons. Mentor and oversee technical resources in the delivery of security administration.

Develop exam content for GIAC certification exams including GISF, GCED and GISP

Accountable for overseeing information security policy development, disaster recovery/business continuity planning, and HIPAA-mandated enterprise risk assessments. Duties include configuring/managing VPN, SSL, TACAS+, RSA Token and other secure access technologies, reviewing security logs and developing security policies and best practices. Additionally, establish project plans and build technical project teams.

Focused on guiding business direction by assessing company’s technology needs, providing technology infrastructure oversight, and developing data security policies. Responsible for negotiating SLAs with second-tier Internet/data center providers and hardware/software vendors, and planning initiatives that establish intrusion prevention for Internet, email, and FTP services