Resume for Richard T. for IT / Technical Support / Computer & IT Services in Hilliard, Ohio
[var] => content
[type] => preview
[var] => cut_url
RICHARD A. T.
INFORMATION SECURITY & RISK MANAGEMENT
Proven IT Security and Risk Management Professional with Security+ certification and pending CISSP.
Proven ability to aid in development of highly effective security policies, procedures, and business /
technical infrastructure as well as managing related regulatory compliance issues. Experienced in
managing teams of , including local, remote, and offshore / outsourced teams in India. Resultsdriven
professional with exceptional communication and team leadership skills who thrives on highpressure
AREAS OF EXPERTISE INCLUDE:
|Information / IT Security |IT Security Policies and Procedures |Identity & Access Management |
|PCI Data Security Standard |Risk Assessment / Risk Management |Regulatory Compliance |
|SOX , SAS Audits, HIPPA|Data Integrity, Classification, & |Business Impact Analysis |
| |Recovery | |
|NIST, COBIT, ISO /|Access Recertification & Remediation|Network & Systems Security |
GalaxE.Solutions, Somerset, NJ
Information Security Analyst, December – Present
• Establish and implement IT security policies, procedures and standards to achieve HIPAA, SAS and
ISO / compliance.
• Conduct IT security assessments and reviews for compliance.
• Establish and implement security best practices and standards for the Software Development Life
• Responsible for information security audit responses.
• Research, analyze and recommend software and security application solutions for effective cyber
• Conduct security awareness and training.
Yeshiva University, New York, NY
PCIDSS Consultant – Internal Audit, June – August
• Conducted Compliance Risk Assessment of the cardholder data environment.
• Conducted Payment Card Industry PCI Data Security Standard DSS SelfAssessment.
• Reviewed Payment Applications for compliance with the Payment Application Data Security
• Advised on successful submission of Attestation of Compliance.
• Advised on Report of Compliance.
• Formulated roadmap and strategy to achieve compliance by remediation of identified
deficiencies and procedural improvements.
CIT Group Inc, Livingston, NJ
Project Manager / IT Security Consultant – Information Security Department, Sept – June
• Managed Enterprise Privileged Access Project as part of SarbanesOxley Section SOX
• Led comprehensive Privileged Access audit to conduct gap analysis related to regulatory compliance.
• Developed and implemented standardized Privileged Access request process and automated request
• Contributed to design planning for Active Directory Role Based Access Control RBAC framework,
that satisfied NIST National Institute of Standard & Technology requirements.
• Designed framework for establishment of Privileged Access governance.
• Provided updates to corporate project management team for project review meetings.
• Effectively interfaced with Legal / Compliance and Internal Audit departments.
Town Sports International, New York, NY
Information Security Analyst – Information Security Services, June – January
• Researched, analyzed and recommended software and security application solutions for PCI DSS
Compliance for club locations and Data Center.
• Effectively interfaced with Information Technology IT staff and endusers regarding
development of security specifications and enduser security awareness.
• Drafted, modified processes and procedures to resolve security problems resulting in a high
level of security.
• Installed security updates, patches, fixes, for servers/workstations and devices.
• Served as technical liaison with third party vendors.
• Provided technical assistance to IT staff in the detection and resolution of security problems.
• Researched business requirements and evaluated vendor products and services.
• Effectively communicated and reported issues, status, and results to senior management
• Contributed to successful implementation and maintenance of information security
requirements related to Disaster Recovery and Business Continuity.
• Coordinated sub projects as assigned and prioritized by management.
• Participated in system testing activities.
JPMORGAN CHASE, Jersey City, NJ
Wintel Security Analyst Level II – Risk and Security Management, November – March
• Handpicked from among pool of regional Team Leaders for creation of high level team of five security
professionals developing global security standards, policies, and procedures for new globalization
restructure spanning Asia, Europe, and North America.
JPMORGAN CHASE and IBM Global Services Jersey City, NJ
Information Security AnalystLead – Identity & Access Management, December – October
• IBM Global Services January January IBM / CHASE Outsourcing Agreement
• Promoted to train and manage geographically dispersed teams onshore and offshore of security
and risk management professionals located in New Jersey, Florida, and India using Citrix MetaFrame.
• Oversaw information security, systems security, and physical access security for + Intel
Environments with ,+ user accounts across Novell, NT, Active Directory, and Notes
• Traveled to India twice to develop / present security training to outsourced security staff of .
• Ensured compliance with IT Control Policies and Standards, identified and mitigated risks and
implemented procedures that achieved successful audit ratings.
• Oversaw Information Risk Analysts in conducting more than annual risk assessment
• Led comprehensive analysis of privileged supervisor access, which identified substantial
• Collaborated with Vulnerability and Recertification Groups on semiannual access re
• Worked with internal and external auditors on indepth internal SAS and SOX audits.
• Reduced budget by semiautomating offboarding of terminated users.
• Provided guidance to IT & Business management on information risk and control.
• Coordinated risk assessment of Gap Remediation Projects and project deliverables.
• Trained / managed staff of ensuring compliance with regulations, standards, and customer
• Developed and implemented standards for network security issues such as access
management, including formal escalation and SLA and establishment of x administration.
• Enforced IT Control Policies and Standards and managed LAN Security and Remediation
Group for Wholesale Line of Business throughout JPMorgan Chase.
• Investigated and prevented unauthorized access of supported environments; oversaw
administration of user, special purpose functional, privileged, and emergency accounts.
• Enforced compensating controls to minimize security risk; implemented privileged access
• Conducted gap analysis on environments to identify security gaps and managed several gap
remediation projects; aided IT Risk Management with internal and external security audits.
• Implemented information management database to track users across all supported
• Named subject matter expert SME on Information Security policies and standards across
Intel environments and participated in several securityrelated projects / initiatives owned by
IT Risk Management, Global Technology, and Lines of Business.
JPMORGAN CHASE, New York, NY
LAN Administrator – Investment Bank/Global Security Operations Management, October –
• Started as merger related consultant.
• Rapidly hired and promoted to lead administrator on security team providing user account
and group administration on multiplatform Windows and Novell operating systems.
• Handled user and group account creation, deletion, password and account / station
restrictions and access privileges.
• Provided Lotus Notes user administration.
• Reviewed and archived security logs with Event Viewer; maintained monitoring system and
ran server reports using rd party products Bindview, Logcaster, Kane Securities, etc..
• Effectively partnered on Disaster Recovery Testing with both line of business and technology
groups, ensuring smooth cutover from production to disaster recovery mode.
• Involved in migration / transition projects to standardize access across businesses /
Sorry but this resume is not available for download. Please choose another!