| Contact Information | |
| Name: | James Riley |
| Email: | nwbearcats98 (at) gmail (dot) com [email concealed] |
| Location: | Belton, Missouri, United States |
| Resume | |
| Position/Title: | Security Consultant |
| Resume: |
JAMIE RILEY, MBA, CISA, CISSP #63282 8206 E. 161st St • Belton, MO 64012 • 217.485.2303 • nwbearcats98 (at) gmail (dot) com [email concealed] SENIOR IT SYSTEMS SECURITY & COMPLIANCE PROFILE Highly experienced security & compliance engineer with strong technical skills and proven leadership ability Committed senior IT professional with expertise developing tailored solutions to provide enterprise systems security, contingency planning, and user support; adept at envisioning options within strategic context to assess risks, manage projects, and audit systems. Solid team leadership background backed by MBA to seamlessly integrate business administration, technical project management, and policy development functions. Results-oriented with exceptional communication skills, solid collaboration talents and unyielding commitment to organizational success; strong problem resolution abilities; thrive in challenging, fast-paced environments. Industry credentials include CISA, CISSP, ITILF, and CCSE certifications. Enterprise Security / Project Management / Policy Development / Risk Assessment Secure Network Architecture / Collaboration & Liaison / System Auditing / Strategic Planning PROFESSIONAL EXPERIENCE Information Security Manager, Amdocs, Champaign, IL 2007 – Present Lead a Managed Services team insuring contractual and regulatory security compliance for external customers. As the Manager for the Managed Services Information Security team, perform semiannual Risk Maps to identify risks within each customer environment. Create Work Plans from those results. Identify Best of Breed solutions to perform Proof of Concepts. Influence purchase decisions. Create Project Plans to implement new security solutions and delegate accordingly. Lead team members to successfully complete security projects. Lead internal assessments to meet regulatory and contractual obligations. Security Focal Point for external auditor during SAS-70 Attestation.  Lead annual internal PCI Compliance Assessment to prepare for external audit.  Managed project to implement Sourcefire IDS/IPS solutions in customer environments.  Implementing Imperva database security solution.  Managing IDM upgrade project.  Manage Vulnerability Assessment and Remediation program.  Manage Penetration Testing program for customer environments.  Managed Skybox (security correlation tool) implementation project.  Security Focal Point for management and change management. As the Sr. Security Consultant for a large Amdocs customer, led internal Information Security Audits and Assessments globally. Was the Focal Point for External Auditors. Reported directly to Vice President for the account. Performed reviews and updates to Security Addendums and Amendments for the overall customer contract. Performed semiannual Risk Maps to identify vulnerabilities and threats within the account. Identified technological solutions needed to mitigate gaps.  Led, from initial planning through remediation, Information Security Audits using customer based controls, with on-site audits of Limassol, Cyprus and Pune, India offices and data centers. Five sites in Israel were within scope and local representation helped audit these sites.  Led, from initial pre-planning through remediation, ISO 27001:2005 based Information Security Audits of three North American sites.  Worked with external auditors to allocate global resources for them to interview, collect requested evidence, schedule meetings/interviews, basically, was the liaison between them and the audited for all external Information Security Audits.  In charge of updating or creating new policies to help meet contractual and/or regulatory requirements.  Received commendations from multiple Amdocs Vice Presidents, the Amdocs CISO, and the customer’s Information Security Vice President on work performed for the global audits. Security Engineer, USDA via Unisys, Kansas City, MO 2006 – 2007 Team Lead for contract team supporting Network Security solutions for OCIO-ITS Security. Managed ISS vulnerability assessment and remediation projects. Helped implement and manage Red Hat Linux syslog-ng environment. Tasked with upgrading existing IDS servers' sensors' firmware and software as needed. Maintained security guides and policies. Change Manager for ITS Security on the Change Control Board. Performed ad hoc scans on external devices to ensure security compliance before connecting to internal network. Focal point for field service technicians with vulnerability remediation issues.  Lead the bi-monthly vulnerability scanning and remediation program for over 80,000 devices.  In charge of the Tier 2 support team supplementing the Network Security Help Desk.  Charged with updating or creating new Information Security policies based on NIST standards to mitigate gaps. Security Engineer / Systems Administrator, DST Systems, Inc., Kansas City, MO 2001 – 2006 Provided leadership as network and operating systems point-of-contact for security concerns within Enterprise Command Center while supervising team of 4 for financial services company. Managed internal Check Point FireWall-1 firewalls and intrusion detection systems (IDS) as well as ensured operating systems security for Sun Solaris, IBM AIX, and MS Windows servers. Developed environmental architectures in conjunction with Enterprise Monitoring Team, Network Team, and other staff. Reviewed documentation and MS Visio diagrams to analyze project requirements. Served as Team Procurement Agent by completing requests for proposals (RFPs) and purchase orders (POs). Aided manager in developing budgets. Authored security policies leading to SOX compliance; and documented troubleshooting procedures. Directed test implementation of ISS RealSecure Workgroup Management Console / Sensors; aided in evaluation of RealSecure throughout enterprise. Performed Nmap and Nessus scans. Identified OS vulnerabilities. Implemented controls. Designed site-to-site virtual private network (VPN) solutions for clients and subsidiaries; envisioned and installed clustered firewalls; configured and managed VERITAS Cluster, Volume Manager and File System solutions; created encrypted root password repositories; installed BMC monitoring software. Served as ADSTAR Distributed Storage Manager (ADSM) / Tivoli Storage Manager (TSM) Administrator. Configured EMC storage area network (SAN) connections for remote file systems / storage.  Provided key contribution as one of 3 members of team that designed company’s newest e-Commerce environment by creating VERITAS clustered Solaris file system servers.  Improved security and decreased expenses by developing proof-of-concept and cost justification analyses to demonstrate feasibility and cost-effectiveness of using VPN over leased lines.  Designed and implemented firewall infrastructure for enterprise PeopleSoft environment.  Consistently delivered superior results by leveraging technical skills, analytical abilities and business administration background. Network Security Engineer, FishNet Security, Kansas City, MO 1998 – 2000 Served as Check Point Certified Security Engineer (CCSE) and Instructor for security solutions provider. Installed, configured, monitored, and upgraded Check Point FireWall-1 on Windows NT, Sun Solaris and Nokia IPSO systems. Installed and configured Netscreen firewall solutions for clients. Implemented Security Dynamics ACE Server two-factor authentication solution. Performed client scans using ISS Internet Scanner and Network Associates / PGP CyberCop Scanner. Assisted in vulnerability remediation with clients.  Helped design firewall security solution for Kansas Department of Corrections under direction of Kansas Bureau of Investigation; single-handedly implemented solution at various state-wide facilities.  Aided in development of firewall security solution for STE Enterprise, Ltd., and led implementation of solution at telephone service facilities located throughout U.S.  Aided in the creation of initial customer support team for this major information security solutions provider. EDUCATION AND CREDENTIALS Master of Business Administration  Information Security (10/2005) Keller Graduate School of DeVry University, Kansas City, MO Bachelor of Science  Business Education (05/1998) Northwest Missouri State University, Maryville, MO Certifications: ~ Certified Information Systems Auditor (CISA) ~ Certified Information Systems Security Professional (CISSP), #63282 ~ ITIL Foundation ~ Check Point Certified Security Instructor (CCSI) ~ Check Point Certified Security Administrator (CCSA) ~ Check Point Certified Security Engineer (CCSE) ~ Nokia VPN-1 Appliance Certified Professional Development/Courses: ~ Advanced Management Skills ~ Project Management Essentials ~ ITIL Foundation ~ MS Project ~ Presentation Skills ~ Advanced Presentation Skills ~ Negotiation Skills ~ Advanced Negotiation Skills ~ eEye REM and Retina Administration ~ Check Point / Nokia VPN-1 Appliance Course ~ Netscreen Administration ~ Shell Programming for System Administrators ~ VERITAS High Availability for Solaris ~ SANS Securing UNIX ~ Sun Solaris 8 Operating System Administration I & II ~ Sun Solaris TCP/IP Network Administration ~ Administering Security for Solaris 2.x Operating Environments Associations International Information Systems Security Certification Consortium, Inc. (ISC2), 2004 – Present Information Systems Security Association (ISSA), Kansas City Chapter, 2004 – 2007 Kansas City Linux User Group, 2002 - Present TECHNICAL PROFICIENCIES Platforms: Suse Linux; Sun Solaris; IBM AIX; Windows 95/98/NT/2000/XP/2003 Systems Security & Administration: BMC tools (PATROL, Perform and Predict); Sourcefire; SNORT; eEye Retina and REM; Skybox; Imperva SecureSphere; CA eTrust Audit and Admin; Check Point tools (FireWall-1, VPN-1, SecuRemote/Client); Firemon; Cisco VPN; PGP VPN; CORE IMPACT; MS Exchange Server; nmap; Nessus; VERITAS Foundation / Storage Suite & other tools (Volume Manager, File System, Cluster Server); ISS/IBM tools (Internet Scanner, RealSecure, SiteProtector); RSA Ace Server; RSA enVision; BEA Weblogic 6.0/8.1; iPlanet; Websense Enterprise; Webtrends Networking: PGPnet PKI Server; TCP/IP; LAN/WAN; DNS; DHCP; OSPF; RIP; Cisco Routers (IOS); Virtual Router Redundancy Protocol (VRRP) Applications: MS Office; MS Visio; Lotus Notes Languages: UNIX Shell Scripting; HTML |
