THEODORE DARKO |CISSP, CISA, CISM, CCNP, MSCE-SEC, SEC+, ITIL
9 Henry Street, South River NJ 08882 Phone:
(917) 742-8060 Email: Theodore.Darko@yahoo.com
Information Security
Specialist
Extensive, proven
cross-platform experienced systems, network and information security
professional with over ten years of specialized knowledge in systems and
network operations, information security assurance, security processes and
security procedure design. Possess outstanding client and vendor relationship
management skills with a natural ability in deep analysis and critical
thinking. Has consistently throughout his career, exhibited a stark
ability to adapt quickly to complex dynamics of different cultures and
working environments, experiencing success in connecting leaders across
different business and technology functions; ultimately gaining a better
understanding of business and enterprise IT operations security,
processes, controls and industry best practices.
TECHNICAL SKILLS
Info
Security:
Information Security
Management | Vulnerability Management | Internet Security |
Patch
Management | Incident Handling | Penetration Testing| Change
Management | Network Security | Incident Response Management | Configuration
Management | Encryption | ISO, NIST, COBIT, SOX, ITIL Standards | PCI-DSS |
OWASP | HIPPA| ISO 27002 | HIPPA | Vendor Management | Cloud Computing | IoT
| AV | DLP | IDS/IPS | Nessus | Trustwave-SIEM | BCP-DRP program | SDLC |
CMMI
Platforms:Windows 7 Clients and Server 2000 - 2008
O/S and basic UNIX knowledge
Tools:
Remedy, VMware ESX, Office 2000 - 2007, Blackberry Enterprise Server,
Symantec
Ghost, Trend Micro Anti-virus, MacAfee
Anti-virus, RSA/ACS, Cisco VPN, Altiris
(Helpdesk Ticketing, Deployment Server and
Asset Management System), Backup
Exec, Lotus Notes, MS Outlook 2003 and
Exchange 2003
Networks:
SonicWall and ASA Firewalls, IPSec, LAN, WAN, HSRP, VRRP, Subnetting, RIPv2,
EIGRP, OSPF, BGP, VoIP, ACL, VLAN, VTP,
CUCM/CME, IP Phones, STP, Inter-
VLAN, Ether-Channels, VPN concentrators, NAT,
Active Directory, DNS, DHCP,
WINS, IIS, ISA, DFS, PKI (CA), FTP, IIS Server
Setup and Administration, Terminal
Server Administration, Group Policy, TCP/IP,
NTFS File System, Cable Termination
and Wireless Networking
Routers/ Switches:Cisco 2600, 2800, 3600 Series Routers, Cisco 2950, 2960, 3550, 3750,
and 4500 ,
Series Switches, Cisco ASA550x and Juniper SRX firewalls
PROFESSIONAL EXPERIENCE
Standard
Chartered Bank- Americas July 2012 – Present
Network-
InfoSEC Manager
·
Regulatory Compliance
(OCC/OFAC/FFIEC/PCI): Interfaces directly with
compliance, legal, internal audit and regulators to understand requirements,
risks and issues and establish practical and sustainable administrative and
technical control solutions.
·
Information Security Policies and
Standards: Develops and enforces information security policies,
standards, baselines, procedures and guidelines across the organization based
on ISO/IEC 2700:2013 and NIST Cybersecurity Framework supporting business
goals, objectives and applicable laws/regulations.
·
Works with group
security engineering team in establishing strong Identity security controls
and auditing and ensuring security policies are enforced across the board
·
As a SME/Consultant, I
Participates in various Planning and designing of information security
projects architecture where key projects were successfully implemented such
as: deployment of Symantec DLPs, Cyber Ark Identity Management program,
NIDS/NIPS and risk remediation activities as part of an external risk
assessment. Support also, the Vulnerability and Patch management programs,
Penetration test and security audits programs.
·
Oversees the implementation of
Configuration Management program and security baselines of desktops, servers
and network devices and serves as a member of the group’s Change Advisory
Board to oversee and enforces established change control processes and
ensures no unauthorized changes are carried out in the enterprise.
·
Advocates and promotes security
awareness program throughout the organization with focus on; enforcing
established security policies, end users Security
Responsibilities, Threats, Vulnerabilities awareness vectors, as well as
teach users how to identify and report incidents to the appropriate support
teams promptly.
·
Communicates through presentation,
progress made on the Information Security program, recommendations and
security maturity levels to management.
·
Security Incident Response
Management: Serves as a member of the bank’s Cyber
Incident Response Team(CIRT) and has lead on various events and
incidents towards closure by the support of our robust in-placed security
monitoring control tools such as: Trust-wave SIEM tools, IDS/IPS, Abhor
/hybrid Anti- DDOS, Data Lost Prevention (DLP) , Encase,
Identity and Access Management (IDAM)tools, Anti-phishing and
Domain monitoring.
·
Continuously
researches and evaluates on new security tools and products
and makes the necessary recommendation for enhancement of our in-place
security and internal controls
·
Provides Information Security
expertise and guidance to the business stakeholders, systems owners and works
with the IT department as a whole to communicate the importance of ensuring
Confidentiality, Integrity and Availability (CIA) being key consideration in
every system and network build and ensuring security is embedded in their
design projects and not retrofit.
·
Third Party Vendor Management: Oversees
and manages the on-boarding of third party vendors who provides services and
support the bank. By ensuring that the vendors have a robust Information
Security and Cyber security Program to protect the bank and its clients from
various security threats. Assesses the adequacy and effectiveness of vendor's
IT Disaster Recovery and Business Continuity Program.
·
Ensures that all the vendor
relationships are managed in compliance with SCB bank's Third Party Services
& Risk Management Policy by performing following assessment on annual
basis: Business Impact Assessment, IT/Security Risk Assessment, BCP Risk
Assessment, Financial Risk Assessment, and Legal/Reputational Risk
Assessment.
·
Reviews audit
reports (SSAE16s) as well as performing an onsite physical/Operational
assessments and providing feedback reports on findings to management
whether contractual terms protect the bank’s interest.
·
Maintain Knowledgebase:
Regularly maintain up-to date knowledge of current attack
surfaces, knowledge of new threat and vulnerabilities vectors and
regulations/law by way of attending security conferences and seminars,
webinars, security articles and training.
Department Of Homeland Security, New York, NY
Aug 2009 – June 2012
Sr. Systems Security Administrator- QinetiQ-NA
Contractor
·
Provided support
for assets management by implementing RFID technology for asset tracking and
monitoring, remediation and patch management programs.
·
Ensured
confidentiality, integrity and availability of information systems by
implementing and enforcing strong internal and identify controls and systems
redundancy.
·
Provided
comprehensive technical support, undertook troubleshooting of network and
system issues using network analyzers and TCP/IP tool such as wire shark and
Cisco works.
·
Call logging and
problem analysis and managed installation and configuration of email client’s
software and ensured secured Internet connectivity for end point systems by
implementing robust Anti-virus system both on client systems and centrally.
·
Analyzed
existing network and system procedures for efficiency and effectiveness;
evaluate potential network enhancements which involve the implementation of
network load balance cluster on critical systems to eliminate single point of
failure and increase systems availability and business continuity.
·
Coordinated network
systems administration and performance requirements with others in the
information Systems department and tunes appropriate systems and
ensured optimum level of performance
·
Periodically
interacted with vendors and client management to answer questions, problems
and requests regarding complex system issues.
·
Oversaw and
applied appropriate support packages and patches using Microsoft WSUS
servers to maintain end point and server systems OS updates
integrity on a regular basis.
·
Developed,
updated and maintained appropriate system configuration documentation which
ensured documentations were current and met client guidelines and policies.
·
Resolved
escalated technical issues as presented by the Help desk team and
trained junior engineers in systems/network concepts and helped them with
troubleshooting issues
·
Researched on
new technologies, interacted with vendors and makes technological
recommendations to management and assisted in the procurement of new
equipments and services in meeting business goals.
EPA,
Edison, NJ
Feb 2009 – Aug 2009
Sr. Technical Support Analyst –CSC Contractor
·
Assisted in the migration of Novell servers into Windows
Active Directory environment, created, tested and organized OUs, GPOs, User
and group accounts setting, permissions and user authentication.
·
Provided users with desktop, laptop, printers,
peripherals, telephone and blackberry support and performed basic network
troubleshooting to isolate and diagnose common system problems.
·
Performed daily hands-on administration and maintenance of
network equipment, installed and configured computer equipment with required
software applications and prepared computer equipment for operation.
·
Maintained server room tidiness, network closets, cabling
and IP address management; performed regular systems updates using Update
Expert, Anti-Virus signature files, server backups using Symantec Backup Exec
software.
·
Provided Level III intranet, internet, and network support
and resolved critical LAN, WAN routing and switching issues; also remediated
Windows XP/2003 clients and servers problems.
Intralinks Inc., New York,
NY
Jul 2007 – Dec 2008
Systems Support Specialist
·
Provided level III support on Microsoft Windows 2000/2003
servers, Active Directory, Group Policies, DNS, DFS,DHCP, Terminal Services,
Exchange, user account management & Permissions and responded to helpdesk
support calls on network connections issues, hardware/software issues and
resolved problems within the agreed time parameters for over 400 users
globally.
·
Installed, Configured, maintained servers, workstations,
network printers, and desktop applications on a daily basis and also created
user accounts in ACS/RSA and troubleshot VPN authentication issues.
·
Served as a primary point of contact for Blackberry
Enterprise Server administration, Blackberries enterprise activation and air
card set up. Also created documentations for the Support knowledgebase, user
manuals and provided technical support training for new employees.
EDUCATION
DeVry University, North Brunswick, NJ
Bachelor of Science, Networking and Communication
Management - GPA: 3.82
Certifications:
CISSP, CISA, CISM, CCNP, MSCE-SEC, SEC+, ITIL,
CCNA-Security, CCNA-Voice, Net+, MCDST, MOS, A+
Clearance
Status: Top Secret- expired but can be renewed.