Fostering a Risk-based Secure Operations by Leading, managing, and directing the organizational Information Security program. Working closely with the CEO & President, to administer the Information Security governance program, as well as with the CFO, implementing security initiatives, policies, regulations and procedures. Responsible for developing, directing, and executing the corporation’s strategic, tactical, and operational information security goals in alignment with corporate business goals, reducing risk to an acceptable level.Responsible for developing global security strategy based on ISO27001 standards and implementing across the enterprise. I am responsible for the architecture, engineering of all of the following domains and implementing and aligning a Global Security Program as well as strategic alignment with globalized team. I am also responsible for the strategic and tactical direction for all areas listed below.Technology:Encryption, PKI, TLS, Data Loss Prevention (DLP), Firewalls, IDS/IPS, Internet Content Filtering, Secure tunnels, Security Gateway, EDR HIDS/HIPS, Multi-factor AuthenticationOperations:SOC/SIEMArchitectureForensic Analysis (disk and network)Threat ModelingCERT/CSIRTBlue/Red/Purple teamingForensic Analysis (disk and network)Mgmt:Architectural ReviewIncident Handling PlanResource planning/managementLegalAudit/ComplianceSecurity AwarenessRisk Management Frameworks, Assessment Methodology, Assessment ProcessAwareness TrainingCloud Security ArchitectureFrameworks:ISO 27001 / ISMS developmentNIST FrameworkITIL

Information Security Consulting for Small to Medium size businesses. Build company sites from the ground up and/or re-engineer their current infrastructure and perform security assessments to determine current security posture.Standard work can range across all layers … from re-cabling closets and drops, ordering circuits, configuring WAN technologies (routers, firewalls, IDS, and VPN solutions), segmenting the network, standing up server environment, hardening OS’s and applications, and developing a security maturity plan for clients.Services can also include Emergency Response Team functions such as network forensics, disk forensics, and data investigation.Provide stand-alone Information Security assessment and implement best practices.Ordering and configuring servers and desktopsConfiguring NOS security and management (usually 2008-later or Linux)Designing and implementing mail serversConfiguring switches and VLANS (mainly Cisco, and Brocade)Building web servers (IIS and Apache), and preparing analysis for turn-key web solutionsDeveloping backup, retention, archive, and disaster recovery strategyProviding support after network is functional and stable focusing on business continuityProviding forensic analysis and support during security incidences with documentation and recommendations in order to avoid outages.

 Managed the on boarding security compliance posture for all newly signed SSO IBM accounts. Advised on Security Technical Specifications for all mid-range OS levels, Network, as well as middleware and applications. Served as security audit focal for all SCS (Security Compliance Services) covered service lines for reviews, IBM internal audits, customer driven audits, third party audits, government and regulatory audits, and internal reviews, with 100% success rates across all my accounts (spanning over 200+ Accounts) Created and developed primary roles and streamlined processes for my position. This included documentation, tracking database, project plan, as well as boarding requirements for all SSO accounts. Subsequently, this was later adopted as the model for SCS Global Transition Team.  Subject matter expert for Security Compliance and Audits and was actively sought by global teams to participate and contribute to new offerings and develop IBM Best Practices documentation. Responsible for Steady State compliance activities, such as maintaining the Health Checking tools configured, managing and storing artifacts and evidence, and meeting notification and remediation deadlines. Ensured proper boarding of global teams with respect to each geography’s local requirements. Traveled to Brazil to train and develop the SCS team on global security practices, as well as the Health Checking tool use and configuration training. Trained and shadowed global resources when travel has not been an option, and attained a level of proficiency to allow for shorter transition and remediation time frames while still maintaining a positive audit posture on the accounts, lowering the transition costs.

 Initial Primary function was to successfully in source the corporate Data Center from third party support. Refreshed Intel and Unix server environment and consolidated non-essential servers within a 12 month span. Met SLA’s on the account which included 24x7 support consistently for over a year. Managed Intel and Unix environment, as well as network and network security appliances. Lead the restructuring and design of AD, WINS, DNS, SMS, and RILO environment. Maintained physical wiring in data center: Ethernet, telephony, and fiber. Remotely managed several additional data centers, and provided 3rd tier support for Intel and Unix servers on local remote locations. Responsible for BUR and DR. Developed DR from design to proof of concept with additional collocation vendors. Developed data center designs and processes for builds, refreshes and server hardening.