Lithium Battery Recycling

-Regulatory compliance - IS0 27001, NIST, HIPPA, SOX, PCI DSS, R2 Recycling/data destruction.- Coordinate Security Audits\Assessments on high value business operations.- Managed Data Destruction services.- Provide on site architecture consulting and Incident response services.

- Develop/managing a Corporate ISO 27000 Information Security program- Achieved ISO 27001 certification. - Implement Security Intrusion Protection and Monitoring program.- Lead the Global Security Incident Response program.- Advising departmental business managers and technical personnel as to the implementation of the security program in their respective areas- Perform compliance activities to ensure the successful implementation of the security program.- Acting as the liaison with the physical security department regarding overlapping information security issues- Acting as liaison with human resources about personnel issues related to information security- Implement Cisco IPS Intrusion Detection security solution.- Develop comprehensive Security Vulnerability reporting program.Technical Achievements.- Deployed Corporate wide Network Access Control ( NAC ) solution using ForeScout's CounterAct product.- Implement Cisco IPS Intrusion Detection security Monitoring - Develop comprehensive Security Vulnerability reporting program leveraging Tenable Nessus Security software.- Deploy Security Patch Management solution for Microsoft Operating systems.

- Information Security Analyst- Report to CISO - Develop an agency Information Security Program based on ISO 27002. - Achieve PCI DSS level 2 compliance. (Visa/Master Card)- Develop agency wide policies, standards and procedures.- Deployed Q1 Labs QRadar central security information and event log manager (SIEM). - Implemented Citrix Netscaler Web Application firewalls.- Deployed HP TippingPoint IPS system for credit card network segments.

• Develop security program around ISO 27000 standards• Architect and manage company wide Fortinet Firewall infrastructure.• Manage central Security Event Manager and Symantec Endpoint protection security event log systems. • Provide security Subject Matter Expert support for product and application development teams. • Implement security vulnerability assessment and internal audit program.• Manage SAS70, PCI DSS and Customer audits.• Implement Microsoft Certificate Authority and PGP PKI solution.• Work alongside corporate counsel as Information Security Coordinator.• Respond to customer’s security assessment questioners. • Develop and implement company wide security training program.• Provide 3rd level support to Network and Operations team when required. ( Cisco, Microsoft, and VMware)

- Security Incident Response- Manage Cisco and Enterasys Dragon IPS infrastructure.- Develop new operational polices and procedures- Intrusion Detection, Forensics, and Event/Risk Mitigation- Detail technical analyses of security breaches.- Engage global customers at all levels, including C level management.

Security Incident ResponseISO 17799 Gap AnalysesSecurity Architecture reviewsSecurity Policy, Standards and ProceduresVulnerability assessments and Penetration testing Forensic and Electronic discovery workSARBANES-OXLEY I.T. security audits

Security Liaison for Windows 2000/2003 ADS deployment. (2,500 servers, 100,000 desktops )Performed security audits on internal Microsoft Server systems. ( 10,000+ servers )Subject Matter Expert for ISS security software deployment. Security Data Analyst for Computer Incident Response GroupSubject Matter Expert for Host Based Intrusion Detection Implementation & architecture of ISS Real Secure Server Sensor IDS deployment. (3500+ systems )Manage day to day operations of Intrusion Detection/Prevention infrastructureISO 17799 Security assessments and vulnerability analysisTechnical assessments of Firewall, Router and Network perimeter security.Utilized gap analysis methodology to identify risks and vulnerabilities.

Responsible for developing tools and procedures to locate, audit and secure server systems within a Class B 10,000 desktop network.Performed system audits to address HIPAA requirements. In less then 4 months we had successfully secured 90% of the systems. ( 340 total server systems ) Responsible for the development of a central MS-SQL database to store the system audit data and interfaced with the Helpdesk software.Developed security tools such as IDS systems and system scanners to help enhance overall security.Project consisted of a multi-site vulnerability assessment, Firewall/Router deployments, CIRT development and an IDS evaluation.IDS software evaluated was Dragon from Enterasys ( Snort was also used heavily for data analysis )

Provided critical contract systems consulting and major project technical support to key Datanet customers, including: WIN 2000 deployments, tape backup systems support, server configuration troubleshooting, 3rd level day-to-day technical support and various security solutions. Worked closely with the District Technology Director for each county on specifications and review. Consulted on plans sent to the NC state legislature. Analyzed and ensured all school districts followed mandated policies, security guidelines, budgeted direction and deployment times.As project manager for the NC Department of Public Instruction, designed, built and ran North Carolina’s enterprise NT web system for the department. Technical projects included deployment of: WIN NT 4.0, IIS 4.0, MTS, Site Server, SQL 6.5, SQL 7.0, Novell NDS, Exchange 5.5Deployed and supported WIN 2000 systems, including: firewall systems, intrusion detection setups, VPN, IPSec, server installs and router deployment.

Multi-task management and project successes included WIN NT roll-out to 60 remote WAN branch sites.Maintained, backed up, troubleshot and monitored server systems 24/7.Products supported included: Exchange, SNA, WIN NT 4.0, Novell 4.11 and 3.12, OS/2, and SQL servers.Enforced Security hardening standards and performed routine Security Audits. Analyzed process engineering waivers and change order; updates associated technical documentation.Supported software and hardware workers on appropriate systems for specific network configuration requirements.

Back filled retiring I.T. Manager.Upgraded all computer systems to current releasesRewired office complexBuilt and maintained MS Access database systemsUpgraded backup systems