Roberto A. Email and Phone Number

• Interacted and led the different IT teams needed to test and implement the McAfee Data Loss Prevention software on network, workstation, cloud (CASB), and internal repositories for data at rest, in use, and in motion.• Responsible for the identification, verification, and mitigation of vulnerabilities and threats in Microsoft and Linux systems using Tenable Security Center, Rapid7 AppSpider, Microsoft ATP & O365 Security Portal, IBM QRadar SIEM, Cisco FTD (IDS/IPS), Indicators of Compromise, and open source programs such as WireShark, Kali Linux, and DecentSecurity Suite to investigate, quantify risks, and prepare to neutralize any threat actors.• Responsible for troubleshooting systems and calling on the different IT teams needed to repair systems’ connectivity and function that may occur during changes to configuration or incidents, ensure QoS, and minimize impact to the client/patient.• Managed the CIRT intake to the SOC to achieve preparation, identification, isolation, eradication, recovery, and lessons learned/documentation of all malicious events system-wide.• Assisted in the implementation of an Information Security Awareness policy and program (Proofpoint, formerly Wombat) to run tests and mock phishing campaigns on the user base and obtain a reading on the level of training needed to enhance the users’ security practices.• Ensured all findings in the SOC as result of remedy for malware are documented and archived to help develop versioning and precedent for future instances where incidents may replicate.• Responsible for Risk exception/identification in multiple systems, processes, and solutions spanning the network and our partners’ system where our data may reside/transit. These assessments are sent to the executives and data owners for signature and archive and re-verification once the exception dates were up.

• Implemented vendor, application, and contract assessments using Allgress software to identify our business associates’ security controls to achieve Meaningful Use certification, and extend our internal controls around HIPAA, SOX/GLBA/Financials, and PCI data when it is sent to or resides in our partners’ environments.• Aided in the creation of Security process workflow/ticketing using MS ServiceNow, where there would be intake, processing, and completion of tasks, requests, incidents, and change tickets.• Helped review and prepare clinical systems reports to ensure corporate practices are within guidelines of regulation for both public and government health plans (USFHP).• Aided other IT teams in the weekly Change Advisory Board on all system-wide updates/upgrades/go-lives by reviewing requests and providing risk assessment to ensure changes do not disrupt patient care and QoS across the system. • Created and assisted in the implementation of CIRT run books and RACI charts to ensure adequate documentation of incidents and events in corporate systems.