Spearhead cybersecurity initiatives, overseeing the development and implementation of robust security protocols to safeguard client data, intellectual property, and sensitive information.Lead a team of cybersecurity experts, providing guidance, mentorship, and strategic direction to optimize security posture and enhance incident response capabilities.Conduct comprehensive risk assessments and vulnerability analyses, identifying potential threats and vulnerabilities to proactively mitigate risks and strengthen defenses.Collaborate cross-functionally with legal, IT, and compliance teams to align cybersecurity efforts with regulatory requirements and industry best practices.Manage cybersecurity incidents and breaches, orchestrating swift and effective response strategies to minimize impact and ensure business continuity.Stay abreast of emerging cyber threats, trends, and technologies, evaluating their potential impact and recommending proactive measures to stay ahead of evolving risks.Develop and deliver cybersecurity training programs and awareness campaigns to educate staff and foster a culture of security awareness and compliance.Maintain relationships with external partners, vendors, and industry stakeholders to stay informed about the latest cybersecurity developments and solutions.

* Update systems, processes, and documentation to make the company fully compliant with NIST CSF framework.

Develop enterprise security solutions for clients using McAfee suite of products including ePO, DLP, ENS, FRP, Threat Prevention, Endpoint Encryption and other McAfee products. Risk auditing and monitoring of critical systems. Incident handling and remediation of security incidents. Develop and implement run books for incident response procedures. Review of delivered projects and scope of details of future projects. Create an incident response strategy and develop methods to alert clients. Recommend and provide support for clients using threat intelligence. Architect and implement encryption technologies to help clients secure assets. Familiarity with frameworks like HIPAA, PCI, NIST, ITIL, Agile and others. Ability to work independently and as part of a team. Excellent written and verbal communication skills with the ability to use common language to describe technical processes.• Responsible for the securing fuel vendor ”video at the pump” systems with Endpoint Detection and Application White-listing solutions• Worked with teams to implement security for AWS infrastructure for containerized applications. • Work with risk and compliance team for implementation of CASB and integration with CWS• Assisted with vulnerability scanning and remediation of workstation and server assets• Developed runbooks for incident handling procedures to collect digital forensic data• Created monthly reports & documentation for security leadership, providing metrics for security infrastructure• Created baseline security configuration standards for servers, workstations and store devices to meet PCI objectives• Developed auditing, monitoring and logging documentation and dashboards for security leadership• Engage business application teams to ensure the proper deployment of security controls• Write effective training documentation for other IT teams to review and support installed security products. • Assisted in creating internal penetration testing platform development

Monitor the organization’s 15,000 node network for security breaches and investigate violations when they occurred, Install and use hardware and software solutions, firewall policies and DLP solutions to protect sensitive information. Conduct penetration testing to simulate attacks to look for vulnerabilities.Key Achievements: • Developed daily, weekly and monthly reports to identify gaps in McAfee endpoint security products for 14,000 endpoints• Conducted monthly phishing campaigns for more than 10,000 users and coordinated remediation efforts to report results to security leadership• Implemented McAfee Network DLP to monitor network for data loss• Worked with legal to implement DLP and Encryption processes to maintain compliance with HIPAA regulations• Provide guidance and policy updates for all McAfee products including VSE, ENS, HIPS, DLP, EEFF, FRP & MNE• Deployed endpoint encryption to 10,000 desktops and tablets• Developed SOP’s and documentation procedures for security baselines

- Create designated alerts and reports for both I.S. management and business unit management to ensure that suspicious activity is promptly addressed and reviewed- Responsible for the installation and administration of system software to include server based clinical and business applications.- Validate product upgrades, patches and daily McAfee ePO administration and deployment to both the server and desktop clients- Validate receipt of current .dat files and takes remedial action on affected assets- Validates and recommends exclusion and scanning McAfee ePO polices- Provides status and detail reports to management for review- Review existing system accounts to ensure that they are provisioned / de-provisioned on a timely basis with only authorized access levels and conduct process improvements as neededProjects• Lead project to upgrade and migrate McAfee ePO for 13,000+ nodes• Designed WSUS solution for applying security patches to DMZ servers. • Lead enterprise-wide patch management program using WSUS. • Wrote policy and guideline documents for proposed Anti-Virus policy. • Conducted ePHI asset assessment for Information Security team• Coordinated implementation of McAfee Network DLP Solution

Provide 1st and 2nd level application support for 4,000 internal and external users.Maintain, document, update and resolve ticket using Remedy ticketing system.Provided support for network and healthcare applications Epic and CernerIdentify security issues according to HIPAA and provide support to Information Security team to assist in incident resolution.Create, monitor and delete user accounts using Active Directory.Monitor hospital interfaces in a 24x7 environment for patient critical applications and escalate issues to appropriate support team. Wrote knowledge documents outlining procedures on various Service Desk support functions. Document incoming calls to create procedural information for best practice and guide for training for on-going first and second level support.Participated in team building exercises, and performed various other duties as assigned.

• Provided Tier 1 & 2 technical support for more than 5,000 end users.• Supported users via telephone, remote assistance, desk side support, and email. Supported technology requests include password resets, issues with internally developed software and vendor developed software.• Determined problem severity and escalated unresolved issues to appropriate teams for review. Analyzed potential security risks and reported issues to the Information Protection team for review• Responsible for the creation and deletion of team player accounts, and access to various supported applications.

• Configuration, installation, and maintenance of more that 100 end users, workstations, servers, and printers.• Coordinated desktop software and software upgrades and purchases.• Performed server patches and virus definition updates for servers.• Perform system backups using Veritas software, and test backups to verify data integrity.• Review and monitor security policies with regard to client health information, file and folder access, and web site browsing.• Resolved desktop support request and log resolutions in a contact database.• Interact with vendors, outsourcers, and contractors to secure network products and services.

Completed coursework in Microsoft Certified Systems Engineer and Microsoft SQL Server. Additional courses completed for CompTIA Security+. Certificate of Completion in all courses.