Post Job Free
Sign in

Information Security Loss Prevention

Location:
Wilmington, OH
Salary:
105000
Posted:
November 03, 2023

Contact this candidate

Resume:

Professional Summary

Seasoned CISSP with ** years of experience establishing and maintaining compliance with NIST 800-171/53, CMMC, HITRUST & SOX; Defining conditional access and Data Loss Prevention policies and implementing MFA.

Skills

Verbal communication

Implementation and management of MDM/EDR/NDR platforms

SIEM

Fortigate and Checkpoint firewall management

AAD Administration

Microsoft 365 security stack

Creating Conditional Access Policies

Creating Data Loss Prevention Policies

CrowdStrike

Writing IT related Policies and procedures

And more

Experience

Senior Security Engineer - September 2021 to October 2023

Alternate Solutions Health Network

●Responsible for safeguarding all Alternate Health Solutions Health Network and their patient's sensitive data PII/PHI

●Responsible for preventing and mitigating the potential impact of cyber-attacks by developing, distributing, and sharing countermeasures that may impact networks and information systems.

●Analyzed and assisted with the development of information security governance, including organizational policies, procedures, standards, baselines, and guidelines concerning information security and the use and operation of information systems.

●Designed, implemented, maintained, and operated information system security controls and countermeasures

●Respond to information system security incidents, including investigations, deployment of countermeasures, and recovery from computer-based attacks, unauthorized access, and policy breaches; interact and coordinate with third-party incident responders, including law enforcement.

●Coordinate with Infrastructure teams to update all systems including desktops, servers, networking equipment, and other various IT equipment.

●Evaluate, recommend, and implement new technologies such as Endpoint Detection & Response (EDR) solutions to improve our security posture.

●Coordinate annual vulnerability testing including but not limited to PEN testing and Purple teaming.

Accomplishments:

●Collaborated with Infrastructure to Configure Microsoft Teams to be HIPAA Compliant.

●Configured and deployed Microsoft Conditional Access Policies.

●Configured and deployed custom Microsoft Data Loss Prevent policies.

●Evaluated, Configured, and deployed CrowdStrikes Falcon platform to all endpoints.

●Enabled SAML SSO for all cloud applications.

●Configured and Deployed CrowdStrike policies restricting access to USB mass storage devices for all non-approved users.

IT Manager/ISSO – April 2017 to September 2021

UES Inc. (a DoD contract Research company)

●Identify and safeguard all CUI data

●Developing new network troubleshooting strategies to help reduce downtime and decrease maintenance costs.

●Creating strategies for upgrading the company’s network software whenever a new update is available.

●Constructing and implementing plans to ensure the company’s network continues to operate smoothly in the event of a problem.

●Staying current with new technology and reporting this information to the executive team.

●Coordinating with other department Directors and their Managers to assess the growth needs and maintenance of the company’s network.

●Coordinate annual vulnerability testing including but not limited to PEN testing and Purple teaming

Accomplishments:

●Managed the project of migrating legacy exchange server and office products to Office 365 GCC High.

●Deployed and configured a software solution for a secure FTP server now known as The File Collaboration Space.

●Established and reviewed security response plans for both cyber and physical.

●Established annual pen testing.

●Established Monthly vulnerability scans followed by remediation.

●Implemented an MDM solution that works for company phones and BYOD.

●Collaborated with Global Security Ops Inc and Security Cyber Defense to establish an Access control list to harden network security and allow ease of access to the internet for visitors.

Infrastructure Technician II/IT Manager April 2013 to April 2017

Hennegan Printing/CGX/RR Donnelley

Responsibilities

●Evaluate and recommend new technologies to increase functionality.

●Coordinated with business leadership to establish appropriate windows for maintenance downtime.

●Worked with Infrastructure teams to implement updates to servers and networking equipment.

●Responsible for preventing and mitigating the potential impact of cyber-attacks by developing, distributing, and sharing countermeasures that may impact networks and information systems.

●Analyzed and assisted with the development of information security governance, including organizational policies, procedures, standards, baselines, and guidelines concerning information security and the use and operation of information systems.

●In partnership with the Director of Information Security, architects, design, implement, maintain, and operate information system security controls and countermeasures

●Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.

Accomplishments:

Education and Certification

Such and Such University, City and State

Associate Degree in Computer Networking Sciences

CISSP Certification

References Upon request



Contact this candidate