Assessed existing control frameworks and implementations within enterprise platforms against the security, risk, and compliance requirements of the bank (FFIEC, COBIT, NIST, CSA).
•Provided subject matter expertise to strength controls design and implementation effectiveness.
•Communicated platform control gaps and remediation plans to internal and external stakeholders.
•Implemented processes for continuous compliance of enterprise technology platforms against control framework across people, process, and technology.
•Partnered with product managers of enterprise platforms to ensure control gap remediations were incorporated into platform delivery roadmaps and were prioritized.
•Developed metrics and reporting to provide visibility to leadership and stakeholders on maturity of adoption of the control frameworks across enterprise platforms.

Managed and participated in the development and implementation of COBIT based risk and cyber process workflows by interfacing with process stakeholders and Subject Matter Experts (SME) to assess existing cyber risk management processes and procedures to determine overall control effectiveness from a cyber security and regulatory perspective.
•Developed risk and cyber security standards in alignment with the Unified Compliance Framework controls and worked with Advisory and Executive Committees to approve and publish security standards.
•Led the design and implementation of COBIT based risk and cyber security processes in the areas of risk management and cyber security services with particular focus on Risk Strategy, Network Security Architecture, End Point Security, Third Party Risk and Vulnerability Management.

Led teams in performing cyber security maturity assessments based on leading frameworks (NIST, ISO, CSA, PCI, HIPAA) to identify high impact risk gaps and worked closely with various line of business stakeholders in the development of remediation activities while reporting to Executive Leadership on the overall risk posture and remediation progress.
•Performed 3rd Party SIG (Standardized Information Gathering) vendor assessments to identify compliance, security and operational risks and made recommendations to clients on how to manage vendor risks more effectively in alignment with internal policy and regulatory requirements.
•Designed and implemented vulnerability management programs including governance processes as well as the creation of VM process flows, asset security configurations and day to day VM program execution activities. (e.g. RACI Matrix, SLA, Vulnerability Risk Exceptions)

Conducted Business Impact Assessments (BIA) for Shell upstream/downstream business critical applications which included the valuation of information being processed and stored on applications and systems.
•Assessed systems/applications for risk control gaps and advised stakeholders on required security/IT controls to help mitigate identified risks.
•Managed risk register relating to compliance gaps and made recommendations on mitigation techniques to address cyber risk.
•Reported overall compliance on remediation efforts on business-critical applications and systems.

Established cyber security policies and processes for the identification, management, and protection of business-critical assets.
•Managed vulnerability and remediation program including asset scanning, vulnerability triage, remediation coordination and VM program risk metrics collection.
•Lead engineer responsible for the deployment and configuration of cyber tools relating to endpoint threat detection, web application firewalls and content filtering.
•Designed, configured and deployed application whitelisting solution to harden employee KIOSK on oil drilling platforms out at sea.

Performed vulnerability assessments and remediation management on externally facing systems (DMZ) and internal systems including false positive validation, determining potential exploit impact, and recommending effective solutions to various internal departments of MD Anderson.
•Routinely monitored the SIEM tool to identify abnormal and suspicious network activity across Firewalls, IDS/IPS, AAA, Active Directory, and other critical IT and security assets to fine tune threat management processes in detection, prevention, and incident response.
•Performed advanced malware analysis using "Exploit Detonation Virtual Sandboxing" via FireEye to understand malware behavior and worked with the cyber team to develop detection rules using the SIEM tool.
•Lead engineer responsible for the overall security architecture analysis of virtualized environments (VMware) in MD Anderson's Data Center and the deployment planning of advanced security technologies utilizing host-based firewalls, IDS/IPS,

Designed, deployed, and configured a SIEM (Security Information Event Management) solution for the identification, correlation and analysis of suspicious activity on the corporate network and applications.
•Developed Incident Response Plan including IR playbooks to streamline the investigation of cyber events across the incident response life cycle (Preparation, Detection and Analysis, Containment and Recovery).
•Provided expert consulting services to Lyondellbasell in the following areas:
-DLP (Data Loss Prevention)
-IDS/IPS, SIEM
-Web Application Security
-Vulnerability Assessments
•Developed Incidence Response procedures for DLP events such as data ex filtration and inadvertent sensitive data disclosures.

Provided subject matter expertise relating to Data Loss Prevention, Host Based IDS/IPS, SIEM, Web Application Security, Vulnerability Assessments, Application Control (Whitelisting) and Network Security Design Compliance.
•Advised clients on several compliance regulations including PCI, HIPAA, SOX, GLBA.
•Performed PCI Gap Analysis on eCommerce web applications to reduce risk exposures.
•Developed and made security recommendations to protect web-based services and supporting infrastructure.

Designed, implemented, and managed a Security Incidence Response Plan to document all information security incidents. Kept detailed information on the nature of the security breach, systems affected and the potential impact the security breach represented to the organization.
•Was directly involved in the investigation of several security breaches utilizing various security tools such as Firewall logs, SIEM event logs, Host event logs and protocol analyzers (Wireshark) to determine root cause. In addition, gathered intelligence regarding the security breach and took corrective measures to strengthen network security.
•Identified external /internal security risks and implemented security remediation controls to strengthen the network security infrastructure.
•Managed Rapid7 Nexpose Vulnerability Management tool to routinely assess core Cisco infrastructure, databases, Windows servers, endpoints, and web applications. a

Implemented and configured Third Brigade's HIP (Host Intrusion Prevention) solution at customer sites for product capability demonstrations, evaluations and supported post deployments.
•Conducted host and application vulnerability assessments using industry leading third-party tools and communicated risk to stakeholders while making recommendations for remediation.
•Worked with stakeholders to understand cyber security challenges around host intrusion prevention, IDS/IPS, Firewall rules configurations.