Sie sind auf Seite 1von 4


26000 Ave Aeropuerto #216 * San Juan Capistrano, California 92675
951.746.6486 *

SENIOR-LEVEL POSITION: Security Analysis & Administration, Compliance

Highly skilled information security professional with 10+ years of demonstrated
expertise spearheading the design, implementation, and administration of compreh
ensive network and security solutions for industry-leading corporations. Consumm
ate security and compliance manager with extensive experience shepherding large-
scale projects through all stages of the development life-cycle and a long track
record of achieving all deliverables on time and within budget.
*Proven expertise across numerous platforms, protocols, tools, regulations, and
standards sets.
*Significant experience building, managing, and leading teams to provide outstan
ding performance and service.
Internal & Remote Security Administration * Policy & Process Creation * Assessme
nt & Analysis * Troubleshooting * Documentation Project Management * ISO17799 Be
st Practices * Data & Network Security * Identity Management * Security Modeling
* Auditing Government Compliance * Server & Workstation Hardening * Incident Re
sponse * Threat Investigation * Patch Management

WACHOVIA\ WELLS FARGO, Irvine, Ca *05\ 2007- 04\2009
One of the largest financial services companies in North America.
Senior Network Security Analyst: Performed detailed application and system asses
sments to determine vulnerabilities and ensure compliance with all security stan
dards and guidelines. Designed and managed targeted policies, procedures, and pr
ojects to enhance the overall security posture. Served as the point of contact f
or Symantec and Infosec to advance IT maintenance and administration. Conducted
security and use violation investigations and produced and analyzed reports and
documentation. Led Windows patch management. Created metrics to generate system
*Cut Windows Enterprise patch-related vulnerabilities from 60% to 0% over the co
urse of 1 audit cycle.
*Created and implemented focused IIS 6.0 security standards and hardening proced
ures across the enterprise.
*Daily and ad-hoc review of Windows based security logs, Unix syslogs and Cisco
concentrator VPN logs to identify security violations in support of Company poli
*Lead analyst on CIRT team to address both internal and external threats to Wan\
Lan in support of operations security. Utilized Symantec SII portal for signatur
e analysis, event triangulation and correlation to reduce attack vector\s.
*Provided on-call after-hours point of contact acting as liaison and threat inci
dent analyst between "Symantec Security Operations" Center experts and Wachovia,
providing response and incident\s methodology for presentation to upper managem
ent for de-brief.
*Performed minimum baseline host hardening standards assessment and certificatio
n sign off for pre production and release of Windows based servers.
*Assisted in bucket initiative Arcsight SIEM solution gathering requirements whi
le working with internal support teams to create connectors, define clipping lev
els, provide database integration, roll-up schedules and alerting methods.
*Lead analyst and project manager in support of annual security posture assessme
nt, including vulnerability scans of Network, Telecommunications, Intel and Appl
ications. Engaged vendor from inception of audit through remediation process wit
h asset owners as well as remediation solutions.
*Assisted lead security architect, performing Firewall audits to ensure that ing
ress and egress filtering were properly configured, up to date and aligned with
corporate standards of information flow.
*Authored and updated computer policies and procedures as requested to support B
usiness goals and objectives.
*Addressed Ad-hoc requests via ticket tracking system in support of accountabili
ty management requests, service account creation and access requests to ensure l
east privilege concept and proper label clearance.
*Lead analyst in support of Enterprise wide patch management committee for Windo
ws and Unix noc's. Analyzed ratings and ranking of patches, zero day threats, se
curity advisories and applicability to environments for alignment with corporate
policy concerning level of risk and patch rollout schedules.
*Authored and maintained corporate security policies, procedures, standards and
*Perform application impact analysis in support of SDLC.
*POC representing security operations team in change control process and provide
ISO17799: 2005 guidance to cross platform teams.

CAPITAL GROUP, Brea, Ca * 02\2007- 04\2007

Leading manager of mutual funds and investment portfolios for investors.
Security Administrator (contract position): Ensured continual security and SAS70
compliance for an array of 75 Windows 2000/2003 servers. Reviewed and refined u
ser access policies and procedures to ensure data and code security, utilizing I
SO17799 best practices. Led enterprise-wide rollouts, including performing strat
egic planning and creating procedures and processes to advance change management
and compliance.
AUTO CLUB OF SOUTHERN CALIFORNIA, Costa Mesa, Ca * 06\2006 -12\2006
The nations largest automobile roadside assistance and insurance carrier
Senior Security Analyst (contract position): Provided security direction and lea
dership for 12K users in a mixed Windows NT, XP, 2000, and 2003 environment. Cre
ated corporate use policies and standards and performed risk assessments to ensu
re system security and compliance. Led internal audits to advance PCI and SOX co
mpliance. Analyzed security controls to determine success of corporate policies.
Performed troubleshooting to resolve access and security issues. Assisted netw
ork and desktop teams in successfully rolling out Symantec corporate edition ant
i virus software to desktops, laptops and managements servers to ensure database
of definitions were properly updated as released. Generated Internet usage repo
rts and assisted Legal council, performing forensic investigations.
AMERIQUEST MORTGAGE, Orange, Ca * 07\2003 - 05\2006
National financial services corporation.
Information Security Analyst II: Delivered complete Tier II support for 15K user
s spanning 3 business lines in a 24/7 Windows 2000 environment. Directed impleme
ntation projects to enhance system security and performance. Proactively identif
ied and resolved security, sharing, and data issues. Performed extensive applica
tion, database, account, and group administration. Generated security and update
hierarchies and best practices to ensure compliance and access. Conducted inter
nal audits to increase security posture. Coordinated external audits with third-
party providers and served as the point of security contact for users and custom
ers. Investigated e-mail and data abuses and served as the primary source for th
e resolution of SOX vulnerabilities.
Information Security Analyst II cont'd:
*Migrated 285 thin-client retail branches to CPS4 using Active Directory termina
l services at a rate of 20 per day.
*Resolved security issues during off hours as on-call expert resource.
BANK OF AMERICA, Brea, Ca * 02\2002- 04\2003
Nation's leading financial institution.
Senior Analyst LAN/WAN Administrator: Administered a Windows 2000-based LAN/WAN
used by 3K individuals across 6 business lines. Led network administration and p
roject planning and management to ensure 24/7 operability, connectivity, perform
ance, and access. Performed troubleshooting and generated solutions to resolve d
iverse mainframe, server, web application, and hardware issues. Served as the pr
imary point of contact for user security, permissions, and profile management co
ncerns. Tracked help tickets and issue resolution.
*Led multiple aspects of 4 internal hardware relocation projects, delivering all
objectives on time and with zero post-implementation problems.
*Delivered a large-scale Windows migration project 2 weeks ahead of deadline, re
ducing project costs by 15%.
*Designed and deployed WSH scripts that significantly shrunk resource hours and
enhanced overall accuracy.
UNISYS, Los Angeles, Ca * 1999-2002
Worldwide information technology consulting services and solutions company.
Windows 2000 Security Migration Engineer (2002-2002): Conducted extensive troubl
eshooting, solution generation, and Tier III support to ensure continual operabi
lity and performance of remote systems. Resolved connectivity, hardware, softwar
e, and application issues. Executed complex migrations, including from Windows 9
x/NT to Windows 2000 and from NT4 PDCs/BDCs to Windows 2000 advanced database se
rvers. Directed post-migration configuration.
*Led the design and implementation of Active Directory security models for 9K LA
N/WAN users and delivered all goals under the project's budget.
LAN Administrator (1999-2002): Provided Tier II engineering expertise for the L.
A. County help desk/NOC. Delivered comprehensive setup, support, and management
of Cisco routers and switches, 3Com hubs, and networked workstations and printer
s. Performed OS and application installations and upgrades. Directed networking
projects to enhance operations.
*Consistently closed support requests within 3-hour time frame to ensure all SLA
s were continually achieved.

Professional Affiliations: National Society of Compliance Professionals, Informa

tion Systems Security Association, International Information Systems Security Co
Certifications: MS Certified Systems Engineer, Microsoft Certified Professional
+ Internet, CompTIA Security+, ISC2 CISSP; (Exam scheduled August, 2010)
Platforms/OS: DOS, MS Windows 9x/NT/XP/2000/2003 Enterprise and Workstation, Uni
x, Citrix
Infosec Administration: Active Directory Administration, Authentication/Authoriz
ation, Cryptography, IPSec, Lotus Notes Administration, SOX, HIPPA, PCI DSS, SAS
70, GLBA Compliance, Itsec-08 Approvals, ACL audits
Applications/Tools: Active Directory, Citrix, Hyena, Lotus Notes 5/6, MS Project
, Nessus, NetIQ, Peregrine, Remedy, Terminal Services, Web Sense, Surf Control W
eb Filter Firewall, Tumbleweed E-mail Filtering, Web Inspect, Qualsys, SMS, Syma
ntec Enterprise Edition Anti-Virus Software, Bind View, Blue Lance, Foundstone V
ulnerability Assessment Software, NMAP, Cain and Able, Wireshark, PGP
Networking: LAN/WAN, Ethernet, IIS 5x-6x, RAS, TCP/IP, VPN, DHCP, DNS, RAID
Hardware: Cisco Routers, Hubs, and Bridges; PC Desktops and Laptops; HP Prolient
Servers; Proventia IDS Appliance, RSA Tokens