Professionnel de la cybersécurité

Capgemini – Assistant Director of Global Service Delivery Program Manager / SOC Americas ManagerGeorgia • 03/2022 - Current● Partner with the other engineering teams to deliver seamless service and infrastructure services to organizations within Capgemini as well as Capgemini commercial entities● Construct business case, cost estimates, ROI and successfully communicate solution to IIS Leadership● Monitor and approve program expenditures using Emonitoring.● Prepare financial statements and maintain records pertaining to internal program activities.● Schedule internal program work, oversee daily operations, coordinate the activities of the program and set priorities for managing the program.● Develop and provide reports on a regular basis to meet Global Cybersecurity Americas compliance and audit needs.● Ensure security detection, response, and recovery procedures are up-to-date, maintained and followed.● Successfully managed Capgemini NextGen SOC Phase 2, delivering it on time and within budget.● Led a team of 2 project members, providing guidance, coaching, and mentoring to ensure project success.● Established clear project objectives, scope, and deliverables, aligning them with organizational goals.● Implemented project management tools and methodologies, resulting in improved project tracking and reporting.● Conducted regular stakeholder meetings to ensure alignment and manage expectations.● Managed project risks and issues, implementing proactive mitigation strategies.● Developed and maintained strong internal GCS Operations and GIT relationships.● Extensive knowledge of network systems, network and data security of all associated hardware, software and associated protocols● Extensive knowledge of threats, risk analysis and the development of security systems and protocols● Guide direction of DevOps tools that allow for troubleshooting to be distributed to engineering and support teams. Build and maintain our monitoring and support capabilities● Ensure proper integration and handover of new security services within the monitoring and detection capability of the SOC.● Manage the multi-Tier SOC of Global Cybersecurity Americas 24x7 within shift environment.● Build and develop the SOC processes and hire new SOC employees.● Develop and maintain SOC related policies, procedures and processes in close cooperation with our SOC operations in other countries (such as Australia) to ensure all necessary information and security data is continuously being collected, correlated and analyzed to detect potential external and internal threats to our clients.● Define and review key security performance indicators that ensures proper service delivery and service improvements.● Ensure continuous SOC services improvement including employees, processes and technologies.● Manage all day to day activities within the SOC to ensure effective operation of incident detection and response processes● Work with all interfacing teams to define and baseline the system uptime SLAs● Work with other Cyber Security teams to effectively and efficiently manage security monitoring, tuning and incident response Capgemini - Cybersecurity Solution Architect (SA)New Jersey • 04/2021 – 03/2022● Currently Cyber Consulting Team, People Manager within the Center of Excellence (COE) Solution Architects.● Development of proposals for effective solutions to support the infrastructure security and risk remediation systems ensuring the application of current and emerging technologies relating to cybersecurity● Identify, design and deploy cybersecurity solutions, for a broad range of industries, to include, Cloud, OT, Finance and Retail● Work with Capgemini’ s wider business to develop standards, choose appropriate technology solutions and enable complete integration with or migration of our clients’ environments ● Identify, recommend, and coordinate training sessions to coach other teams about security-relevant technologies, processes and tools● Create new solutions that meet industry security regulations and developed plans for the implementation of any new compliant systems platforms● Developed and implemented Cloud Security Evaluation services based on current cloud standards. Capgemini - Cybersecurity ManagerNew Jersey • 02/2019 – 03/2021Demonstrate value to clients in network defense advancements and strengthened relationships with internal/external partners through successful cybersecurity consulting engagements across aerospace and defense, energy and electricity, oil and gas, chemical, retail, healthcare, and financial services industries● Manage clients with implementation of recommendations from Intelligence Driven Defense (IDD) and Knowledge of Security Framework (SF) assessments. Execute Security Operations Center (SOC) services and security assessments across variety of organizations● Lead contracted Security Operations Center (SOC) transformations by providing on-site client consulting, development of processes/procedures, recommendations to improve security posture● Manage teams of consultants responsible for building cybersecurity program strategic roadmaps, enterprise security policies, technical architectures, cybersecurity workflows, technical runbooks, and procedures to provide comprehensive guidance on prioritizing and executing initiatives for long-term program success● Drive cybersecurity projects across client enterprise environments in support of security transformation activities● Deliver cybersecurity briefings to client executive management, technical leadership, and industry analysts● Provide strategic cybersecurity program direction and incident response consultation to client executive leaders● Conduct security assessments of vendor solutions being considered for procurement● Work closely with business units to remediate assessment recommendations, through the change management and business process● Initiate and/or managed Vulnerability Assessments across the client’s businesses. This includes reviews and process/policy changes and identification of risk and recommendations of potential mitigation steps● Work directly with departmental managers to address and remediate all vulnerability and risk issues that are in line with company and compliance policies● Provide security requirement guidance to businesses on hosted third-party services/secure data exchanges● Review and update information security policies, standards, and procedures to ensure confidentiality, integrity, and availability of systems and data● Review Requests for Proposals (RFPs) for procurement of cybersecurity products and services● Lead Threat Intelligence and Threat Hunt engagements as Cybersecurity SME● Produce risk reports and metric packages for client engagements Lockheed Martini, Leidos, Capgemini - Cybersecurity Manager New Jersey • 08/2016 – 02/2019Perform technical security assessments, penetration testing, remediation management and other security consulting services for commercial clients and internal research projects.● Perform Advanced Persistent Threat (APT) Simulation Project, working with client● Assist clients with implementation of recommendations from Intelligence Driven Defense® and SF assessments● Participate in contracted SOC transformations by providing on-site client consulting, development of processes/procedures, recommendations to improve security posture● Developed response plans, playbooks, exercises, communications plans, client relationships Consolidated Edison - Cybersecurity ManagerNew York • 12/2013 – 08/2016 Manage Security Network Operations Center Team; worked in Risk and Threat Detections Business Teams; Project Management Lead for segmentation and islanding projects of network systems.● Configure and implement Splunk Security Information and Event Manager (SIEM)● Work with substations to prepare for North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) V5 compliance● Work with Federal agencies on information-sharing and network investigations● Maintain roles within Threat Detection and Risk Management Teams● Participated and Coordinated Annual Incident response exercises: GridX, C-CIRT● Coordinate IT risk assessments performed internally and by third-party consultants● Responsible for drafting a quarterly vulnerability audit and presenting the results to management.● Participate in contracted Security Operations Center (SOC) transformations by providing on-site client consulting, development of processes/procedures, recommendations to improve security posture● Work closely with business units to collect/analyze documentation required for vendor risk reviews● Run monthly Corporate Cybersecurity Team meetings● Deliver periodic presentations to management on cybersecurity issues, proposed standards (e.g., NERC CIP), and industry trends● Collaborate with regulatory resources to identify and understand emerging threats and vulnerabilities● Develop and maintain corporate cybersecurity awareness program using various communication methods to educate employees and raise awareness of cybersecurity issues at work and at home● Develop and maintain 3rd Party Risk program as a cyber liaison with procurement teams● Participate as Subject Matter Expert (SME) on Department of Energy (DOE) Electricity Sector Cyber Risk Management Maturity Model Drafting Team● Participate in various Electricity Information Sharing and Analysis Center (E-ISAC), Grid Security Exercise (GridEx), and Crisis and Emergency Risk Communication (CERC) Drills● Work with business groups to comply with security guidelines and data loss prevention● Work with external auditor to acquire documentation and support● Implement and manage security PII/PHI projects with external devices, secure printing, file monitoring● Configure and manage Intrusion Detection System (IDS), Intrusion Prevention System (IPS) security tools Magi Technologies – Network ConsultantNew York • 10/2011 – 12/2013 Direct manager of 5 employees leading the recruitment and employee development process, while engaging in special project work, problem solving, monitoring, and installing data communication equipment and software.● Refer major hardware/software problems or defective products to vendors/technicians for service● Provide recommendations to security architecture and design● Develop information security policies/standards for medical centers in connection with Health Insurance Portability and Accountability Act (HIPAA), International Organization for Standardization (ISO) requirements● Perform in-depth research on requests for applications/software for proper security policies/effectiveness● Utilize comprehensive knowledge of business continuity/technical disaster recovery planning, testing● Manage HIPAA/HITECH Risk Assessment Consultants for clinical/business applications used by hospitals● Install, manage, and troubleshot applications used for clinical units● Demonstrate and produce audits of 180 health, business, and enterprise applications● Responsible for Risk Assessment for EMR system and process US Navy – NavigationNew Jersey, Virginia, California Serve aboard USS Dwight D Eisenhower; answered directly to Officer and Executive Officer of ship.● Configure and operate satellite, GPS, and sonar systems for updates and upgrades Create and maintain charts for daily navigation; Monitor operations and systems within bridge of aircraft carrier; Man Helm, and maintained courses at forward steering