5
.
Resume of George Moraetes, CISM, CGEIT

Resume
Contact

 

 

 

IT Security Executive and Enterprise Architect

Accomplished and certified IT Security Executive and Enterprise Architect with a proven international track record of successfully completing highly complex enterprise-wide technical projects, developing and improving technical and security processes, reducing departmental costs, effectively managing project timelines and resources, managing and mentoring solutions-oriented, multi-disciplined, multinational teams.

Professional Experience:

Securityminders, Inc. - Oswego, IL
President and Owner
January 1996 - Present

Information Security Executive, Architect, Project Manager, Instructor and Engineer for Fortune 100 Corporations and the Federal Government managing, designing and implementing security architectures. Responsibilities include the delivery of security analysis, architectures and recommendations implementing new technologies into existing enterprise environments. In addition, providing project group leadership, budgets, forecasting, headcount, resource allocation, deployment, move planning, logistics, recruiting, team building, process design, methodology, mentoring and development of IT staff.

  • Developed Identity Management Infrastructure framework to apply policy-based authorization to applications and resources based on a user's business role or relationship to a given organization. This includes services relating to development, installation, testing, implementation, support and maintenance of role based access control (RBAC) and federated (SAML) infrastructures.
  • Developed system hardware, telecommunication and application architectures for UNIX and Windows server based Intranet systems.
  • Conducted various on site training seminars HTML, CGI programming, security and E-Commerce.
  • Conducted installations, configurations and technical support for Sun and Microsoft server applications.
  • Provided programming, architecture, analysis, systems integration, development, deployment, and training of Microsoft and Sun technologies.
  • Provided system architectures, web content methodologies acquiring focused content from multiple divisions/departments, deployment applications using Vignette and Interwoven, Human Resources and Finance web integration utilizing SAP and PeopleSoft.
  • Provided system analysis, installation and configuration of web and database servers, trouble shooting server issues, Windows 2000/2003 implementation and migration from NT, testing/QA and documentation.
  • Developed application and security infrastructure processes and policies adopted for E-commerce systems. Provided business contingency and system disaster recoverability analysis.
  • Provided security awareness to business users of web systems. Developed web security architecture for B2X initiatives.
  • Provided technical physical infrastructure architecture implementing DMZ, Firewall and back office integration.
  • Developed SSO security application architectures utilizing LDAP, WebLogic, CA Siteminder, Oracle Oblix, Entrust getAccess and RSA ClearTrust.
  • Designed the architecture and planned the roll out of Windows NT 4.0 migration upgrade to Windows 2000/2003 for various web system environments.
  • Produced security policies and procedures (both organization-wide and departmental). Updated existing policies and procedures and developed new ones.
  • Conducted a risk assessment to assess potential risks and vulnerabilities to individually identifiable electronic health information. Included in the risk assessment is the possibility of outside attacks if systems have Internet access or dial-up access.
  • Developed risk methodology to address identified risks, placing highest priority on the areas of greatest vulnerability.
  • Conducted SOX and HIPPA compliance assessments.
  • Analyzed network and application security architectures, conducting and documenting security testing validations, assessing and managing system performance, intrusion detection management, information systems security requirements development, certification and accreditation (C&A), studies and analysis, product and technology evaluations, log analysis, audit management and investigative support.
  • Developed technical system documentation, such as technical architecture and operations guides.
  • Defined, documented and conducted security subsystem integration tests of telecommunication networks.
  • Audited and provided security risk evaluations of Cisco switches, routers and firewalls.
  • Implemented IT Governance Process Improvements, Risk and Compliance.

    Project Assignments:

    CompTIA - Oak Brook Terrace, IL
    Security Consultant

    Served a subject matter expert developing the foundation of CompTIA's Security Trustmark Certification program. Trustmark is a vendor neutral accreditation around security business capabilities and processes that have been agreed upon by the IT industry to promote generally accepted security practices that will invoke the trust of end-users.

    • Developed the Trustmark Assessment Training Program.
    • Developed the Trustmark Assessor Certification Examination Program.
    • Developed the Trustmark online assessment database system.
    • Participated in several alpha and beta assessments nationally fine tuning the program prior to official launch.

    DeVry University - Oak Brook Terrace, IL
    Technical Security Project Manager

    Served as a technical security project manager for various infrastructure and security projects. Spearheaded the projects from design to production implementation with an emphasis in security and managed teams ranging from 5 to 26 staff members.

    • Managed the replacement of Checkpoint/Nokia with Juniper firewalls for the corporate data center and twenty six university campus locations.
    • Initiated the Data Loss Prevention and Network Access Control projects and participated designing the implementation architecture.
    • Assisted and trained staff on various compliance mandates such as PCI, SOX and enterprise security architecture fundamentals.

    Marriott International - Bethesda, MD
    Enterprise Technical Security Architect

    A key senior member of Marriott's Information Security team responsible for providing leadership across the systems development life cycle of Marriott IR systems. Develop architectures and solution blue prints for emerging security technologies and standards.

    • Developer of security strategies and road maps.
    • Author security best practices documents, templates and white papers.
    • Provide architectural patterns and technology standards guidance.
    • Provide guidance for security requirements and security related use/abuse cases.
    • Provide guidance on security risk assessments.
    • Facilitate preliminary and final review assessments providing recommendations.
    • Research and review emerging information security trends in the industry.
    • Lead security requirements, analysis and design for new technologies to meet Marriott enterprise business needs.
    • Consult with project teams to create security architectures for major Marriott initiatives.
    • Evaluate security technologies and provide security architecture direction.
    • Define IT security policies.
    • Develop framework for incorporating security processes to Marriott's SDLC initiatives.

    ABN AMRO - Chicago, IL
    Security Architect

    Served as a key member of the Technology Risk Management of North America (TRM) team responsible for implementing, improving, and enforcing bank information security policy, infrastructure security architecture and availability programs that secure ABN AMRO information assets.

    • Responsible for the risk assessment and regulatory analysis of technical security controls across all platforms.
    • Conducted Risk Assessment Compliance Reviews (Issue avoidance or mitigation), performed combined reviews with other IS areas to ensure appropriate controls and safeguards are in place to comply with corporate policy and regulatory requirements.
    • Conducted reviews for security, change control, segregation of duties, authorization, and recovery capabilities.
    • Maintained information on each application's ongoing level of compliance with corporate policies and regulatory requirements. Reported on the level of compliance and trends.
    • Assisted bank's business units with remediation by developing effective information security controls where total policy compliance is not achievable. Worked with operational support groups to resolve or mitigate control weaknesses.
    • Engineered and designed new security solutions to protect the bank from information security threats and vulnerability. Lead project initiatives to identify security solutions and mitigating controls based on regulatory requirements that affect the bank's business units.

    Unites States Department of Commerce - Washington, DC
    Security Architect

    Served as a member of the Certification and Accreditation Security Tiger Team to ensure the Commerce Department Census Bureau's information systems are in compliance with various Federally mandated laws such as the Federal Information Security Management Act (FISMA).

    • Analyzed network and application security architectures, conducting and documenting security testing validations, assessing and managing system performance, intrusion detection management, information systems security requirements development, certification and accreditation (C&A), studies and analysis, product and technology evaluations, log analysis, audit management and investigative support.
    • Developed technical system documentation, such as technical architecture and operations guides.
    • Defined, documented and conducted unit integration tests of telecommunication networks.

    General Electric Healthcare - Waukesha, WI
    Access and Identity Management Architect

    Served as a key member of the Single Sign On (SSO) and Identity Management teams. Responsibilities included designing standards and process for access management across multiple operating systems. Project Architect working with the IT Compliance, Provisioning, and Operations teams to implement access processes which meet business requirements.

    • Defined and maintained Sun and Active Directory (LDAP) security models.
    • Defined monitoring, maintenance and capacity planning for Siteminder policy servers.
    • Designed processes for enterprise Active Directory user, group, printer, file share and password policy.
    • Design process for enterprise UNIX and Windows account management.
    • Drove corporate initiatives involving account standards in global multinational environment.
    • Designed consistent single sign-on (standard account name across multiple systems).
    • SOX Compliance.
    • Designed account process for domain consolidation and business integrations.
    • Designed solutions for cross platform user administration.
    • Responsible for 55,000+ accounts across multiple OS platforms.
    • Develop and enforced SLAs for account management.
    • Delivered new global enterprise SSO and LDAP architectures for development, staging and production environments.
    • Provided project leadership for the deployment of new global SSO and LDAP architectures.
    • Provided technical leadership managing the global, domestic and offshore, SSO administration staff.

    Publix - Lakeland, FL
    Security Architect

    Served as a subject matter expert providing solution upgrade direction for Computer Associates Siteminder.

    • Provided solution upgrade project plan and direction for SiteMinder version 6.0.
    • Performed the upgrade from SiteMinder version 5.x to 6.0 in development, staging and production envioronments. This included all web server agents, policy servers and Active Directory policy stores.
    • Documented all design, development and upgrade efforts in testing, staging and production environments.
    • Assisted in 3rd level support and maintenance of all environments.
    • Instructed and cross-trained IT department personnel responsible for maintaining and administering the SiteMinder infrastructure.

    Veterans Heath Administration - Washington, DC
    Security Architect

    Served as a member of the Certification and Accreditation Project to ensure VA hospital information systems are in compliance with various Federally mandated laws such as the Federal Information Security Management Act (FISMA), Health Insurance Portability and Accountability Act (HIPPA), Government Information Security Reform Act (GISRA) and executive branch directives.

    • Duties conducted include analyzing various operating systems, applications, conducting security testing validation, assessing and managing system performance, intrusion detection management, information systems security requirements development, certification and accreditation (C&A), studies and analysis, product and technology evaluations, log analysis, audit management and investigative support.
    • Developed technical system documentation, such as technical architecture and operations guides.
    • Defined and conducted unit integration tests.

    Internal Revenue Service - Lanham, MD
    Security Architect

    Served as a member of the Infrastructure Engineering Project, a major business systems modernization initiative of the IRS. Contributed to the design and deployment of the infrastructure, which is a combination of custom software modules and commercial-off-the-shelf (COTS) software, hardware and security solutions, integrated to form the technical foundation for the IRS modernization.

    • Supported infrastructure Single Sign-On (SSO) architecture in development and test environments.
    • Served as a Computer Associates Siteminder subject matter expert for development and production environments.
    • Managed the SSO administration, testing and troubleshooting in development, staging and production environments.
    • Created and managed configuration and policy domain objects.
    • Implemented and managed LDAP administration with 24x7 support.
    • Assisted in preliminary design planning and integration support.
    • Documented all design and development efforts in accordance to CMM and Enterprise Life Cycle standards.

    State Farm Insurance - Bloomington, IL
    Security Architect

    Provided solution development consulting for Computer Associates Siteminder implementations and 3rd level support for State Farm employees, Agents, Claim Representatives, Mortgage Lenders and automotive body shops.

    • Provided solution development consulting for Computer Associates Siteminder implementations for State Farm employees, Agents, Claim Representatives, Mortgage Lenders and automotive body shops.
    • Siteminder and Identityminder product installation, testing and implementation consulting.
    • Provided Siteminder 3rd level support and maintenance.
    • Managed authorization privileges (user entitlements).
    • Created rules and policies to implement authorization permissions to web resources.
    • Support distributed, delegated, and administration for Siteminder administrative activities.
    • Provided support integration with affiliate web sites (portals).
    • Lead project consultant upgrading Siteminder version 4.61 to version 5.5 and Indentityminder implementation.

    KeyBank NA - Cleveland, OH
    Security Architect

    • Evaluated online Internet banking applications, code reviews and architectures to ensure transactional security.
    • Conducted ethical hacking to assess potential risks and vulnerabilities to online banking applications.
    • Researched and evaluated various Web Security Application Assessment Tools for assessment automation.

    Allegheny Energy - Greensburg, PA
    Network Security Architect

    • Evaluated and re-architect the Internet infrastructure from both the hardware and software perspectives to provide 24 x 7 operations.
    • Designed a highly available e-infrastructure the will withstand hardware, circuit, network and software outages.
    • Documented the current environment, including software, hardware, support maintenance processes, ownership, business and technical interdependencies.
    • Designed a tiered Internet infrastructure with information security as a primary focus. The design included network infrastructure components, protocols, ISP/ASP services, load balancing, failover, disaster recovery, monitoring, firewall topology, configuration and policies.
    • Designed reverse proxy infrastructure topology and security configurations with Netegrity Siteminder.

    AI Imperial Credit (AIG Insurance) - New York, NY
    Security Architect

    • Designed network infrastructure and security architecture supporting over 20,000 insurance agency users.
    • Developed and implemented iPlanet LDAP and Netegrity Siteminder single sign on solution on a NT/Windows 2000 platform.
    • Evaluated corporate Internet/Intranet security policies and recommended modifications and additions to support the new implementation.

    Motorola - Schaumburg, IL
    Application Security Architect

    • Designed and developed divisional Intranet system for the sales, marketing, human resource, information systems, accounting/finance and executive departments.
    • Administered development and production IIS Web, Site Server, Exchange 5.5 messaging/collaboration servers.
    • Implemented and administered a secured VPN solution connecting various manufacturing facilities supporting over 6,000 users.

    Advantis (IBM) - Schaumburg, IL
    Application Security Architect

    • Developed document-handling architectures for Intranet sub-nets with direct DB2 database integration using Netscape and Interleaf based technologies.
    • Designed and implemented a custom Intranet system to support over 25,000 users using Netscape Enterprise, Messaging, Proxy, Collabra, Compass and Directory server technologies.
    • Developed PKI certificate based architecture for client access via Internet.

    W.W. Grainger - Niles, IL
    Application Security Architect

    • System transfer planing for Sales and Product Management Internet Web environment to internal Extranet.
    • Installation and configuration of development and production servers using Microsoft IIS.
    • Performed technical system security audits of web infrastructure and provided detailed security recommendations.
    • Provided web architecture analysis and proposals for Human Resources.
    • Developed developed company-wide architectures for legacy integration with SAP, Tesseract and Mobius.
    • Implemented SAP Security across all standard modules.
    • Configuration and use of Profile Generator, role base security using single and composite roles, user administration, naming convention, testing support, change control management, security design, audit support and documentation.

Ben Franklin Retail Stores - Carol Stream, IL
Information Systems Security Audit Manager
January 1992 - January 1996

Responsible for complete audit engagements evaluating the security controls of corporate computer system environments. Served as a subject matter expert for various e-Commerce implementation projects.

  • Conducted Systems Development evaluations for purchasing/receiving, A/P, A/R, payroll, general ledger, human resources and various sub-systems integration from mainframe to client/server.
  • Conducted systems security evaluations, access privileges of all users.
  • Senior advisor to management on evaluating the implementation of a corporate wide point of sale system and Internet E-Commerce.
  • Conducted disaster recovery and business recovery readiness analysis.
  • Provided guidance for the development of corporate-wide IT security policies.
  • Administered compliance of corporate IT security policies reporting back to the CEO and to the Audit Committee/Board of Directors.
  • Provided IT audit recommendations and implementation plans to the Board of Directors for security compliance.
  • Developed and executed multiple concurrent IT audits, including reviews of existing production applications, systems currently being developed, and specialized technological components.
  • Identified and assessed application-related risks (both business and technological) and to provide advice to management regarding these risks.
  • Lead various engagements and, in doing so, required to manage the budgeted hours, resources and project timelines while assessing the controls over physical and logical security; systems acquisition and development; system and network infrastructure; system architecture; change management; computer operations; and production support.
  • Conducted risk evaluations and audit prioritization and scheduling processes.
  • Mentored audit staff in areas of IT audit and technology expertise to develop a broader skill base and level of understanding of IT risks.
  • Assigned work to staff auditors based on their level of proficiency and personal development plan.
  • Counseled and educated staff auditors on the most effective ways to perform assigned work.
  • Developed IT Governance, Process Improvement and Risk & Compliance Management through Capability Maturity Model Integration (CMMI) Appraisal and CobiT.

Technical Skills:

Security Applications:
Sun Identity Management, Federation, Intrusion Detection/Response, Ethical Hacking, Cisco Routers, Cisco PIX, Checkpoint Firewall, SOCKS, RSA ClearTrust, CA Siteminder, CA Identity Manager, Sun Identity Management (Waveset), Oracle Oblix, Proxy, Reverse Proxy, IBM Tivoli, VPN, PKI, Foundstone, Axent, ISS, Forensics, RACF, ACF2 and Top Secret.

Business Applications:
Sun Messaging, Web and Directory, Injoin Critical Path Directory, CA eTrust Directory, Microsoft Active Directory, Meta/Join Directories, WebSphere, WebLogic, Cold Fusion, J-Run, Tomcat, New Atlanta, CA TransactionMinder, Microsoft Exchange, IIS, SNA, WebTrends, Lotus Domino/Notes, Novell eDirectory, Vignette, Broadvision, Corporate Yahoo Portal (Tibco), Plumbtree and Interwoven.

Operating Systems:
Windows Vista/XP/NT/2000/2003, MVS/TSO/CICS, AIX, BSD, Linux, Solaris and HP-UX.

Hardware Platforms:
HP/Compaq Proliant and Dell Power Edge servers.

Development Technologies:
CGI, PERL, REXX, JCL, FORTRAN, Cobol, Easytrieve, Quiz, ColdFusion, SAML, HTML, DHTML, XML, SGML, DHTML, XML, VRML, TCL, ASP, SQL, JavaScript, Java Servlets, JSP and Java/J2EE.

Network Protocols:
TCP/IP, IPSec, TACACS+, SNA and IPX.

DBMS:
Oracle, DB2, Access and SQL Server.

Education:
University of Iowa, Iowa City, IA
Bachelor of Arts

Black Hawk College, Moline, IL
Associate in Arts

Certifications:
CISM, Certified Information Security Manager
CGEIT, Certified in the Governance of Enterprise IT

Publications:

  • Member of the Institute of Internal Auditors (IIA) E-Commerce Task Force board for developing auditing security standards.
  • Information Systems Audit and Control Association (ISACA) volunteer for reviewing framework for Internet/Intranet security controls.

Affiliations:
Information Systems Audit and Control Association

Brokering, marketing, and/or distribution of this resume, in full or in part, without prior written consent of the subject professional is expressly prohibited. Violators will be prosecuted to the fullest extent of the law.

Copyright © all rights reserved.