Information Technology Specialist (adm & App Dev)
Act as the key IT Specialist for MIC. Champion the usage of security features including: least privilege, strong passwords and pass phrases, role-based access control, explicit denial in addition to other security controls. Design preliminary security drafts for Internet, acceptable use, Anti-Virus, data retention, CP/DR, email, and archiving. Implement network, email and web security controls to block unauthorized access to database and system resources.
- Extensive knowledge of overall IT functions and business operations, policies and practices and years of experience translating strategies into action plans; 15+ years of hands-on experience in server/desktop operations, system administration, system security, network security, and application security areas.
- Created and maintained Public Key Infrastructure (PKI). Designed Hierarchical Certificates infrastructure to support multiple organizational units. X.509 certificates supporting SSL and S/MIME. Administered and created: new certificates, CRL, end user and server ids.
- Extensive working knowledge of Authentication/Authorization technologies, secure passwords creation techniques, digital certificates, multi-factor authentication, federated identity, Symmetric/Asymmetric encryption/decryption and Digital Signature.
- Directed conversion to role based access control (RBAC) from discretionary access control (DAC). Continuous review and monitoring of "Least Privilege" principal to provide the correct access.
- Increased corporate efficiency and productivity with research, evaluation and installation of Good Technologies Mobile Device Management (MDM) solution supporting Bring Your Own Devices (BYOD). Decommissioned and migrated Good Technologies to IBM/Lotus Traveler MDM BYOD solution providing support for: Android, iOS, Blackberry and Windows devices.
- Lead forensic investigation of security breach, performing root cause analysis, including a review of SIEM, system, IDS and application logs, reconfiguration/rename of multiple breached databases, monitored of unauthorized communication channels, harden operation systems, secure and move file system.
- Developed new applications using Secure Software Development Life Cycle (SSDLC) design principals. Multiple mission-critical business databases including: Inquiry, Quotes, Customer Drawing, Engineering Change Request, Travel Authorization, Design Guidelines, Sales Transfer, FPC Cost Calculation, Quarterly Rolling Sales Plan, Sales Report, Inventory and Project Management. . Security focused data sanitization: input validation, extensive use of pick list, buffer overflow checking, field filtering, parameterization and stored procedures.
- Strong working knowledge of all Information Security domains including but not limited to: network protection, policies, intrusion detection/prevention, access control, and incident response; proven ability to expertly coordinate Risk Assessments, technical vulnerability assessments and/or external/internal audits.