Download PDF


To secure an challenging information security / compliance / risk management position where I could add value as an experienced team player.


Seasoned information security professional with diversified industry and corporate experience. Consulting, project management, and training in the information security and networking arenas. Large enterprise experience including Accenture, Microsoft, NCR, Verizon, Time Warner Cable, Department of Defense, and Walt Disney World. Well versed in risk management, vulnerability assessments, security policies/standards, governance (HIPAA, GLBA, Sarbanes-Oxley, Visa/CISP/PCI, DITSCAP/DIACAP, NIST, ISO 17799/27001). Designed and delivered CISSP Boot camps, SCNP, CCNA, MCSE, and Security + training classes in the corporate environment and academia. Expertise in Project Management, security management practices,.infomation systems auditing, access control, cryptography, network security, operations security, physical security, business continuity, disaster recovery, penetration testing, legal/compliance, and applications security.

Work experience

Nov 2008Present

Sr. Security Professional & Trainer

Intrinsic Security Partners
Information Security Training & Consulting. Risk Management, Security Policies/Standards/Guidelines, Vulnerability Assessments, Payment Card Industry (PCI) assessments & remediation, Security awareness training, CISSP, Security+ intense training, Public Key Infrastructure (PKI), Encryption, Information Assurance, DITSCAP/DIACAP, ISO 27001, FISMA, Auditing, Access Control, Network Security.
Jul 2009Present

Supplier Security Assessor

Conduct information security and business continuity assessments of vendors providing services to Bank of America.  Assessments are conducted using wide range of information security controls and processes used for evaluating their design and effectiveness. Conduct both online and on-site assessments which requires travel to the US-based vendor sites.  Document findings, recommendations, and summary reports and communicate clearly and concisely to non-technical business partners.
Nov 2007Nov 2008

Program Manager - Global Information Security Awareness

Estee Lauder Companies, Inc.
Work directly for the VP of Risk Management & Compliance/Chief Compliance Officer. Responsible for implementing a global information security awareness program. Conduct needs analysis, design & develop content, and manage training delivery.
Jun 2007Oct 2007

Information Security & Risk Management Professional

Homeland Technologies Inc.
• Delivered intense training to prepare for the Certified Information Systems Security Professional (CISSP) exam. o Training consisted of a 5 day intense boot camp covering all information security domains including: Security Management Practices, Access Control, Security Models and Architecture, Physical Security, Telecommunications and Network Security, Cryptography, Disaster Recovery and Business Continuity, Law, Investigation and Ethics, Applications and Systems Development, Operations Security. o To support theory, practical examples are given including the use of security tools for intrusion detection, password cracking, cryptography, assessment, auditing, forensics, exploiting, and wired and wireless penetration testing. • Provided network security consulting services to small and mid-sized businesses • Provided thought leadership and mentoring to aspiring information security professionals
Oct 2006Jun 2007

Sr. Information security analyst

Walt Disney World
* Participate in reviews of proposed projects or systems. * Conduct reviews of projects to help determine the appropriate level of security, privacy and business continuity controls for new systems or enhancements to systems within the constraints of our architectural standards and business requirements. * Coordinate periodic assessments of systems in production. * Review security controls design, recommends improvements. * Create and document security architecture and controls for projects. * Develop security tests for projects. Coordinate security policy exception requests for systems under review. * Maintain, track, and follow up on assigned security design review requests.
Feb 2006Oct 2006

Sr. Info Assurance Officer

Department of Defense
Perform all aspects of Information Assurance (IA) support at an expert level Capability to analyze complex IA problems and issues and recommend solutions that impact the enterprise Effectively communicate with senior management, both orally and in writing. Responsible for oversight of DoD IA policy and regulations. Provide Information Assurance support in accordance with current DoD policies for IA and IA related matters, and with appropriate public law, National Institute of Standards and Technology (NIST), industry best practices and Defense Information Systems Agency (DISA) guidance.
Mar 2005Feb 2006

Sr Info Security Process Analyst

Time Warner Cable
• Composed Information Security framework including policies, standards and procedures • Created Computer Security Incident Response Team (CSIRT) including standards & procedures • Designed Security System Development Life Cycle (SDLC) including risk assessment, vulnerability analysis, security questionnaire and security review • Ensured compliance to VISA/PCI, SOX & ISO 17799 • Managed Payment Card Industry (PCI) compliance audit • Report directly to the Director of Enterprise Security • Instructed and prepared colleagues for CISSP exam • Accepted position as Director of Education for the local ISSA Chapter • Lead team to create the network security section of the Generally Accepted Information Security Principles (GAISP) through the ISSA • Selected as Director of Education for the Charlotte Chapter of the ISSA.
May 2004Mar 2005

Information Security Officer

Functions through the Chief Information Officer Infrastructure and Dedicated Teams to provide security resources to the business units.

Acts as a dedicated security resource to help educate and support the business units on security controls and standards; establish security checkpoints in business unit processes; facilitate ongoing compliance monitoring and security oversight; and provide security consulting to projects using the Information Security methodology: Risk Assessment, Security Analysis & Reviews, Physical Site Surveys, Disaster Recovery Planning, Access Controls, Compliance Monitoring, and Vulnerability Analysis. Delivered Network Security Awareness Training to Wachovia employees.

Aug 2003May 2004


Homeland Technolgies, Inc
• Provide consulting and training on all aspects of today’s computing environment including Network Security design and implementation, security audits, intrusion detection and prevention, installation and maintenance of high-speed Internet access, corporate servers, and software applications, on-site and remote support. Projects completed on time, within budget, and with the expected results and benefits. • Employ skills obtained over 16 years in computer industry to clients such as Microsoft, Accenture, NCR, Blue Cross/Blue Shield, Compuserve, MCI, World Bank, Gannett, Northrop Grumman, XLconnect, Smith-Klein-Becheem, Cigna, Regions Bank, JC Penny, Kmart, Walmart, AT&T, Alex Brown & Sons, Fidelity, Techtrain, New Horizons, GTE/Verizon, Sears, Phillip Morris, Belk’s • Provide training for clients including CISSP, CCNA Boot camps, MCSE training, Security+ and SCNP.
Jan 2002Aug 2003

Program Chair/Instructor-Network Administration

Central Piedmont Community College
Delivered training classes including: Introduction to Networking, Windows NT/2000, Active Directory, Security Fundamentals, Cisco Certified Network Associate thru the Cisco Network Academy. Delivered classroom instruction as well as distance learning via Blackboard. • Advised Director of Information Technology of critical issues facing the IT Department and worked closely with the Faculty on instructional and personnel matters. • Responsible for overseeing general operation of the Network Administration Program and the Cisco Networking Academy • Developed job performance review and goal-setting process. • Reviewed Networking and Information Security Textbooks and Lab manuals. • Acted as Subject Matter Expert for Comptia’s Security+ Certification exam . (
Oct 2000May 2001

Sr Consultant

• Worked closely with and supervised Information Technology organization to build secure infrastructure & Operation architecture for This included Microsoft Windows 2000 Advanced Server, Active Directory, and Clustering, Load Balancing, Application Center Server 2000, Storage Area Networks (SAN), N-tier architecture, Fiber Channel, SQL, Exchange, CISCO routers and Information Security & Acceleration Server (ISA) Server etc. • Acted as Project Manager over Technical Infrastructure & Operations Architecture team in the overall design of an n-tier, Microsoft .NET network and security architecture for the Accenture Corporate Portal. Effectively managed projects, including budgeting, deadlines, deliverables, staff, training, risk management, change management, project reporting
Sep 1997Jul 2000

Sr. Consultant - Professional Services

• Acted as project manager for the planning, installation and configuration of Internet capability in condominiums, apartment complexes and hotels using existing Telco lines. Managed cabling and wiring vendors to lay cable according to specs. Interfaced with property management personnel to achieve established goals. • Fully documented NT network by creating design, domain, TCP/IP-DHCP and top level drawings with Visio 5.0 Professional • Installed configured Internet Information server, Proxy server, SQL, Exchange and CISCO routers. • Composed Year 2000 scripts, test plans and tested corporate applications for Y2K compliance, assessed equipment in need of Y2K remediation • Designed workstation images and rolled-out over 600 desktop and laptop machines with new, Y2K compliant Hardware, BIOS’ and Applications • Designed fault tolerant / fail-over systems using NCR 4300 series servers and
Nov 1996Sep 1997

Technical Account Manager


• Architect large-scale BackOffice client/server solutions and acted as project manager for implementations and roll-outs at strategic enterprise accounts • Managed projects for Fortune 500 clients to implement Microsoft large-scale network solutions • Provided account and escalation management for Microsoft premier support issues. Conducted research and provided consulting support for Premier customers. • Acted as Project Mgr. for Premier customers to interface with various Microsoft groups including BackOffice Support, Enterprise Support Systems, SMS, SQL, Desktop Systems, Application groups, Microsoft Consulting Services, & Product Development. • Major accounts included: World Bank, Gannett Corp., Smith-Klein Beecham, Xlconnect Solutions, Independence Blue Cross, Northrop Grumman, Alex Brown & Sons, and Cigna

Nov 19951996

Sr Systems Engineer


• Provided telephone support for Fortune 500, MS Premier Customers using Windows NT Workstation, Server and LAN Manager. This included all facets of Networking, routing, bridging, protocols, replication, name resolution, Unix interoperability, NetWare interoperability, MAC interoperability, Fault Tolerance, Exchange, Setup and Installation, Printing, H/W compatibility, S/W compatibility, registry editing, performance monitoring, capacity planning. • This support was provided in Business as Usual and Server down “Hot Site” situations. • Dispatched to customer “hot sites” to solve critical problems that could not be accomplished over the phone. • Designed and maintained intranet website for team.

Aug 1988Nov 1995

Sr Systems Analyst


• Acted as project manager/leader on several medium to large scale projects including: Client/Server system integration team, Budget System Implementation, Computer-based Training (CBT) development team, internal applications implementation Team, Corporate network printer deployment, software testing, systems development, LAN software standardization and administration • Managed cross-functional groups to successfully implement and support systems nationally • HP-UX, AIX, IBM RISC 6000, installation, system administration, networking, operating systems, middleware, RAID 1 & 5, fault tolerance, logical volume management, Informix, ARPA services, kernel configuration, TCP/IP protocol suite, Print spool management, NCD Terminals, modem pools • Designed and delivered implementation training to GTE Budget Administrators nationwide. • Developed on-line CBT applications using Authorware* and IconAuthor Object Oriented CBT development environment.

Jun 1988Mar 1990


Univ of Texas at Arlington
Instructed Operating Systems and Networking classes. Windows 3.1, Windows 95, Intro to Networking, Microsoft Office, Microsoft Publisher
Aug 1987Aug 1988


Designed and Instructed over 18 courses - Operating system, word processing, spreadsheets, database, communications, programming.
Jan 1988Jun 1988


Univ of South Florida
Instructed Operating System, Office Automation, and Networking Classes
Jul 1978Apr 1987

NonCommissioned Officer In Charge

USAF - Unit Administration
Managed all aspects of personnel administration for Squadron, 56 CES, MacDill AFT, Fl. Analyst in secure message center, US Readiness Command, MacDill AFB, Fl (Top Secret Clearance) Also stationed at McGuire, AFB, NJ; Taegu AB, Korea

Administrative Supervisor






University of Tampa



Andrew Jackson HS
Currently the President of the AJHS Alumni Association


Information Security Training (CISSP)
Information Security Applications Security
DOD Info Assurance / DITSCAP
Info Security Policies / Standards
Information Security Awareness
Information Security Assessments