IT core infrastructure security expert (operating systems, networking security, Auth/Auth).
Seasoned and experienced communicator with senior management and technical staff.
Well versed in legal, privacy, technology-risk, standards, compliance and framework issues.
Certified Information Systems Security Professional, No. 29416 (CISSP)
Certified Information Systems Auditor, No. 0646445 (CISA)
Project Manager Professional, No. 1604404 (PMP)
Diploma, 700 hours, USAF Advanced Communications-Electronics Course
Associates degree, Electrical Engineering Technology (analog-digital systems)
Bachelor’s degree, Information Systems (UNIX operating systems, TCP/IP networks)
Master’s degree, Information Security (thesis “27001:2005 ISO Framework Implementation”)
Master’s degree, Project Management (thesis “Using waterfall (SDLC) methodology”)
5/11 – 9/12. Consulting SME to Kaiser Permanente Foundation, Pleasanton, California
Led team of five auditors to compile, edit and refine source documents to create validate Kaiser’s
Information Security program (to include: network security and AAA (identity management)).
Prepare polished Corrective Action Plans for review by Governing Board to enable risk
management, prioritization of future mitigation plans, weighting of options, etc.
7/08 – 4/11. I.T. Security Lead, General Cellular Corporation, Lancaster, California
Develop risk-based information technology security assessment capability to assess network
security and authorization policies and procedures used by military defense contractors.
Create review processes for telecommunications planning documents, enterprise infrastructure
designs, etc. for evidence of compliance to support FISMA certification and accreditation (C&A).
11/06 – 7/08. Manager - Information Security, j2 Global Communications, Los Angeles, California
Supervise three (3) direct reports to manage day-to-day cyber security hygiene for 500 employees.
Lead PCI assessment and remediation; attest to compliance based upon my credentials.
Build VMware imaging capability to enable self-policing activity exposure and forensics (SOX).
12/05 – 9/06. Senior Consultant to Delta Dental, Sacramento, California
Perform assessment of I.T. Controls (SOX, HIPAA) to document operational effectiveness (based
upon NIST 800 special publications as standard framework). Evidence attestation.
RECENT CAREER HIGHLIGHTS:
Formed initial HIPAA Security evaluation team leader to Kaiser-Permanente (18 mos)
Created certification and accreditation capability for military contractor per FISMA (36 mos)
Led IT Control development for PCI and SOX as Information Security manager for J2 Global (18 mos)
Wrote and institutionalized HIPAA Security standards and guidelines for Delta Dental (9 mos)
Organized and led PCI testing and remediation driver and consultant for eFUNDS (6 mos)
PKI-based projects (digital signature, large scale directories)
Seven years working as security infrastructure architect with project focus relying on Public Key
Infrastructure (PKI), digital signatures, directory services, federated identity (IdM), identity and access
management (IAM), etc. to create business-driven solutions; such as:
* 2005/5: Organize, define, specify and implement comprehensive patch remediation and server hardening
program to secure 375 PCI-DSS regulated servers within EBT/Card clearinghouse (eFunds, Wisconsin).
* 2004/5: Refine, recommend, review architecture of SAFE Bio-Pharma Bridge CA (see below) to support multi-
agency (cross border) validation of heterogeneous PKI credentials (X.509v3 certs). Deployed prototype Web
servers architecture relying on cross-organizational certificate validation for the Chief Information Officer of the
U.S. Department of Homeland Security (DHS).
* 2003/04: Security architect for RouteOne credit portal who assisted in the definition of SAML security messages
to authorize authenticated users into highly sensitive credit ratings database. Assisted in developing complex IBM
WebSphere use cases to support Ford, GM, Chrysler and Toyota credit operations.
* 2002/03: Drive development and deployment of secure LDAP directory services for Lexmark Corporation to
support 55,000 employees, contractors and partners with attribute based access control (pseudo-RBAC).
* 2001/02: Deployed prototype Bridge CA in Luxembourg on behalf of the Luxembourg Bankers' Association to
create a European wide certificate validation authority. First widespread using of Online Certificate Status
Protocol (OCSP) as a pre-processor to X.500/LDAP key management system.
* 1999/2001: Secure LDAP directory services to support PKI for Chase Manhattan Bank (CMB). Engineering
architect to define X.509v3 PKI exchange via the Federal PKI Bridge Certificate Authority (CA).
* 1998/99: Secure X.500 directory services to support U.S. National Security Agency (NSA) populated with key
attributes for all military Defense Messaging System users (X.400) on multi-classification (Top Secret, Secret,
etc.) using PCMCIA card authentication.
Network Security and Infrastructure build-out projects
Five year career focus on building out developing Internet architectures to support emerging applications; such as
directory services (x.500), secure messaging (X.400), network management (SNMP), DMZ deployments (DNS,
SMTP, firewalls, Web services).
* 1996/97: Consultant to support Lucent's network management center by monitoring client (5-12) network
activities for anomalies and performance issues (to include troubleshooting broadcast storms, relying on HP
OpenView SNMP utilities, deep packet inspection, etc.)
* 1995/96: Establish, configure, operate and upgrade all Internet services (SMTP, DNS, etc.) for U.S. Army
modeling and simulation users (2,000) to support secure messaging and interactive messaging simulations to
support various war game scenarios (see Distributed Interactive Simulation (DIS)).