154-23A Riverside Drive
Beechhurst, NY 11357-1339
(917) 579-5238
Certified Information Security Professional with 15 years background in Financial Services. Experienced team leader and skilled technician with strong knowledge of industry software. Multi disciplined and effective communicator with analytical problem solving skills and history of successfully implementing innovative solutions.
Risk Management Analyst
·
Project involving analysis, review and conversion of IT
risk management audits of critical applications, vendors, service providers,
third parties and outsourcers to be migrated from a legacy online system to a
new web interface.
Assistant Vice President, Corporate Information
Security (2002 – 2005)
Operations Manager, Data Center Services and
Support (1999 – 2002)
·
Administer information security automation and
mainframe batch processing. Responsible for administration of security profiles
for 83,000 RACF accounts worldwide, Windows NT, Win2K, Novell and associated
applications for Prudential Securities Inc., Wachovia Securities, Wexford
Clearing and subsidiaries. Supported and administered Vanguard VRA/VSR. Create
and maintain coding in a heterogeneous computer environment. Extensive
programming experience using Focus and SAS. Maintain JCL, COBOL, ASM and C
code. Led team to develop new CICS and online security interfaces.
· Oversee engineering for centralized security and provide feeds to all platforms: Lotus Notes, Novell, Win2k, WinNT, AIX, SUN, VAX, etc.
· Took charge of proxy logs, archival and monitoring.
·
Key manager for the SWIFT bank wire system serving
insurance and brokerage.
·
Create code and automation to facilitate RACF and other
security changes necessary for the corporate takeover and transitioning of
Prudential Securities to Wachovia Securities.
·
Authored documentation, procedures and policy standards
for information security.
·
Worked on emergency response and incident resolution.
·
Initiated a campaign working with network engineers and
trade support to educate users and eradicate emerging malware and spyware
threats.
Depository
Trust Company - NY, NY 1995-1999
Senior Systems Security Analyst, RACF Management
·
Provided data security, augmented controls and oversaw
the engineering and modernization of information security policy for a large
financial institution with $22 trillion in assets, processing $12 trillion in
transactions annually.
·
Extensive experience leading technical teams on complex
project assignments involving cross platform initiatives from vendors, telecom
and systems programmers to application developers and end users.
·
Strengthened
authentication process by coordinating the implementation of SecurID and
NC-Pass, drafted implementation plan, and oversaw securing remote access and
token authentication for production TSO access. Coordinated project to develop
multi-platform secure single sign-on, substantially reducing user ID
administrative overhead. Budget on hardware and software alone approached $1
million.
·
Member of high-level committee charged with the
investigating Internet implementation and security methodologies (PKI, SSL, VPN,
LDAP, Kerberos, token authentication and biometrics), modernizing mainframe
CICS applications and integrating them into a web based strategy and leveraging
legacy systems with new technologies.
·
Member of high-level committee to investigate
implementing a PKI (Public Key Infrastructure) with DTC as the CA (certificate
authority) for the financial services industry.
·
Developed and coded security reporting (violations,
exceptions, events, etc.) to monitor, detect, document and remediate computer
security related errors and events.
·
Directed the corporate Security Awareness Program aimed
at protecting information assets and raising the standard for responsible
employee computer usage.
·
Revised RACF group structures according to cost center
for effective cost accounting.
·
Assisted
senior management in creating and developing presentations to upper management,
regulatory agencies and other financial institutions.
·
Instrumental in the establishment of the RACF Help
Desk, which centralized security related calls.
Dean
Witter - NY, NY 1987-1995
Project Leader, Data Security
·
Provided Data Security for large brokerage firm using
cutting edge IBM systems serving 350 branch offices, 7 regional operations
centers, numerous trading areas and extensive home office support.
·
Led and directed groups of three to five analysts in
the development, testing and implementation of RACF/CICS security, defining
RACF user ID’s and resources for branch office staff of 2500 and 7000 Account
Executives. Worked with technical units and application developers in New York,
Dallas, Chicago and Columbus toward development and implementation of an
integrated enterprise data security policy.
·
Facilitated significant audits conducted by internal
and external auditors.
Prudential-Bache
Securities - NY, NY 1986-1987
Production
Control Manager, Technical Support, New York City
Troubleshooting hardware, operating system and software
problems. Managing staff of 4-6.
Bear
Stearns and Co. - NY, NY 1985-1986
Systems Assurance Analyst
Insurance
Services Office - NY, NY 1983-1985
Scheduling Supervisor, Operations Support
Supervising staff of 9 employees.
Certified Information Systems Security Professional
(CISSP) – 1997
N.Y.U. Continuing Ed., Internet Technologies,
Certificate – 1998
Cisco CCNA – In-Progress
Microsoft Certified Systems Engineer (MCSE) –
In-Progress
M.S.,
Computer Science Program, University of Phoenix – Projected 2007
B.A., Political Science, The City College of New
York