Hands-on Cybersecurity, Privacy and Controls expert tasked with providing multidimensional technology risk services in some of the most challenging operating environments. Delivered solutions and led previous consulting engagements at well-known organizations including Coca-Cola, McKesson, Computer Associates, Erie Insurance Company, Cooper Standard Automotive, Anadarko Petroleum Corp, and Reyes Holdings amongst others. Passionate about solving challenges while delivering innovation and value to businesses. One of the very very few seasoned IT experts with a formal legal education.

September 2007 - August 2008 Practice Leader of a multifaceted IT security consulting division at one of the world's leading technology services company. Expanded existing service offerings and led SunGard to become a one of the very few organizations certified by the Payment Card Industry (PCI) to issue compliance report on companies who process, store or transmit credit card information. Became the first SunGard employee to be become a qualified security assessor (QSA) of the PCI council. . Led and supervised the delivery of information security and risk management engagements in the following areas : # Payment Card Industry (PCI) Data Security Audit and Compliance Assessments # Penetration Testing and Vulnerability Assessments # Enterprise IT Risk Assessments # Web Application Assessments # Incidence Response & Computer Forensics # Network Security Design & Review # Security Awareness Training # Policies and Procedures Development # Database Security # Phishing attacks and multi factor authentication # Virtualization Security # Systems Security Audits

Leader in a technical group that consists of IT Auditors, Network Security Specialists, IT Audit Managers and Project Managers working on risk management services at leading companies in Europe, Asia and the Americas. Provided thought leadership to the consulting organization and clients, as well as expertise in speaking engagements at industry groups and professional associations.

. Security Audit of network systems including Routers, Firewall, Wireless Systems, Telephony & Intrusion Detection Systems (IDS) . Developing Security baselines, benchmarks, and optimum configurations for critical IT Infrastructure systems. Conducting pre-implementation review of security controls . Audit of Client/Server systems including HP-UX, AIX, LINUX, Sun Solaris, Tru64, Windows, Novell, AS 400 and IBM OS 390 . Security Audit of ERP systems such as SAP, Oracle Database, Oracle Financials, PeopleSoft, BPCS, Expandable, and JDE . Conducting pre-implementation review of IT security controls, post implementation review of controls within newly deployed or remediated systems . Vulnerability Assessment and Penetration testing of Systems using commercial and freeware tools such as Nessus, Retina, SARA, App Detective, and ISS . Conducting comprehensive and high-level IT Risk Assessment engagements, SOX readiness reviews, and Applications controls reviews . Evaluation of the effectiveness, reliability and adequacy of Internal Controls for SOX, HIPPA, Privacy Act, and GLB compliance using COBIT, COSO, FIS, and ISO 17799 frameworks . Developing process narratives, testing IT controls, and making recommendations on controls remediation to satisfy SOX-404 and corporate security and compliance requirements . Attending Audit committee or board of trustee meetings and presenting findings to upper management in a clear and consistent manner . Scoping of Audit and Security engagements, assisting business development managers in business proposal development as well as attending sales meetings . Managing IT staff on engagements, interviewing potential candidates, mentoring and training technical staff, and public speaking engagements . Conduct quality reviews of engagement reports and ensure that technical contents, observations and conclusions are appropriate and properly supported . Subject Matter Expert on IT Security

. Design & Review of Infrastructure Security Architecture and Business Continuity Planning . Implementation of High availability Microsoft SQL Cluster Server Systems with Compaq and Hitachi storage area network systems . Deployment of Windows 2000 Datacenter clusters on IBM x445 servers and EMC Storage Systems . Installing and configuring network switches, routers, firewall, wireless gateways and VPN . Network Vulnerability Monitoring and Testing using a variety of tools including Nessus, SARA, Retina and GFI LANguard . Business Process evaluation, identification of business process risks, process re-engineering and redesign of project implementation methodologies . Developing IT Security Policies and procedures . Design & Review of Infrastructure Security Architecture and Business Continuity Planning . Identification and Mitigation of IT Security Risks and Operational abnormalities . Recommendation of Corrective actions and best practices to enhance Systems Security

. Setting up a Compaq HSG 80 SAN infrastructure with Compaq StorageWorks for Fabric subsystems in Multibus Failover modes and providing support to Administrators whose systems need to interface with the SAN . Implemented the Brocade Fiber Channel Switches for Abbott International . Performing Storage Area Network administration, providing technical support for a BA370 Storage Enclosure using SecurePath, and troubleshooting storage availability issues. . Building, repairing and supporting Test and Production Servers on various models of Compaq Proliant including new generation G2, G3, and Blade servers . Complete Active Directory Administration, Data Migration and managing cluster servers . Installation and Configuration of Emulex and Compaq HBA & Fibrechannel Cards . Creating Zones, Allocating resources, and monitoring activities on Brocade Silkworm 3800 Switch . Creating Storage Sets and Virtual Disks, assigning SAN space, replacing failed sets, Disk Cloning, SAN Backup and Data Migration to the SAN . Supporting Oracle 8i Clusters for Supply Chain Management Projects, and SQL & Print clusters . Documentation of installation procedures and issues, support procedures, and special projects. . Backup and Restore using Veritas Backup Exec 8.6 and Net Backup 4.5 to StorageTek L180 & Compaq DLT, and Compaq StorageWorks SAN . Network Monitoring using Compaq Insight Manager 7 CIM and Whatsup Gold 7.0 . Monitoring and troubleshooting SAN and Brocade switches, bridges and routers . Supporting file, print, web and application servers and third level support

. Technical support, including repair Break-fix of IBM Netfinity servers, and Compaq Proliant CL 1850, DL 760, DL 580, DL 360, DL 380, DL 320, ML 570, ML 530, ML 370, 1600R, 850, 5000, 5500, 6000, and 8500 servers running on Windows NT 4.0, Windows 2000, Novell 3.12, 4.11 and 5.0 . Installation, configuring and setting up servers for network operations on both Windows and Novell . Supporting Mass Storage devices, Low Voltage Differential Disks, and DLT libraries . Supporting and Managing Compaq StorageWorks MA 8000 SAN in a HSG80 and HSG 60 Controller environment running SecurePath and Hitachi 9200 SAN running Path Manager . Creating Zones, allocating resources and monitoring activities on Brocade Silkworm 3200 and 3800 . Supporting both Bindery and NDS servers on Novell Netware/IntraNetware platform . Installation, Configuration and Troubleshooting Wireless Ethernet 802.11a/802.11b Desktops, Wireless PCMCIA, Wireless Barcode scanners, and other wireless hand-held devices . Supporting Oracle 7.3, 8.0 and 9.0 and Microsoft SQL Server 6.5 and 7.0 Standalone & Clusters . Data Backup using ArcServe, Backup Exec, and Netbackup to StorageTek, SAN, or Compaq DLT . Installation and Configuration of Pix 515 and 525 Firewalls . Installation and Configuration of Cisco 1700, 2600, and 3600 series routers . Installation of Cisco Catalyst 2900, 3900 and 6000 series switches . Mail Support on Lotus Notes, Outlook, Exchange, Eudora and GroupWise 5.5 . User and resource administration across multiple domains worldwide with Windows NT . Created and modified login scripts and batch files . Supported and administered DHCP, DNS and WINS Servers and managed Active Directory . Troubleshooting access to Network resources, supporting File and Print Services . Application support and task automation with batch files and scripts . Data Migration, project documentation, and managing team members . Third level Operating System Support for Win95, Win 98, Windows NT and 2000, Windows XP