Summary
Overview
Work History
Education
Skills
Websites
Certification
Technologysummary
Keyproficiencies
Awards
Accomplishments
Timeline
Generic

George Velez

Staten Island,NY

Summary

Experienced IT Professional with 15 years of expertise in Information Security, Security Analysis, and Identity Access Management. Proven ability to quickly adapt to new technologies and applications with minimal supervision. Known for delivering exceptional client service and going above and beyond expectations. Strong team building and interpersonal skills, collaborating effectively with individuals at all levels. Excellent written and verbal communication, analytical, technical, and critical thinking abilities. Adept at focused, patient, and diligent work.

Overview

17
17
years of professional experience
1
1
Certification

Work History

Information Security Analyst – III (Access Management Analyst)

NET2SOURCE, INC
Somerset, NJ
03.2024 - Current
  • Assigned to Client: Federal Reserve Bank of New York, 33 Maiden Lane, NY, NY
  • Performs annual, semi-annual, and quarterly Recertification Reviews for all Federal Reserve Financial applications
  • Ensures completeness and accuracy when requesting user access listing
  • Prepare the email notifications to the business with instructions and the due date for the recertification reviews
  • Submit user access request using the SailPoint Identity and Access system
  • Provisions access to Fedwire & ABS applications, Oracle Database, Fed payments Manager Funds & Securities, LexisNexis, etc
  • Set up Production Token Activation for weekends for the development team
  • Assist and submit Service Now tickets for token request for the business
  • Provide the white glove treatment to the Federal Reserve Business by monitoring the dedicated FRFS Mailbox
  • Assist the business with inquiries, requests, and the recertification process

Information Security Manager, IAM

AMALGAMATED BANK
New York, NY
03.2023 - 03.2024
  • Defining the project scope and framework to support the end-to-end identity lifecycle management
  • Deploying IAM systems that facilitate efficient and repeatable access management controls
  • Including onboarding, offboarding, periodic user recertifications, and time-based access
  • Ensuring access privileges are granted according to policy, and all users are properly authenticated and authorized
  • Building the IAM team, including hiring and managing talent to support the IAM program
  • Implemented and managed the deployment of our new RSA IGL Governance and Lifecycle system from UAT test stage to production
  • On-boarded 28 SOX application into the RSA IGL system and performed the bank’s first automated recertification review
  • Analyzed data files (csv) feeds from third party vendors systems into the RSA IGL Tool to ensure accuracy of data reviewed files feeds to RSA ensuring users, roles and entitlements are following the company's security policies
  • Develop through understanding of applications, systems, and roles to manage effective and secure IAM function and guide stakeholders to ensure secure operations
  • Identify opportunities to optimize IAM environment and provide suggestions on improvements
  • Manage and mentored three information security personnel
  • Performed annual staff evaluations to ensure employees were meeting the goals
  • Prepare, coordinate, lead regulatory activities including, but not limited to DFS 500 and SOX
  • Provide Information Security consultation to relevant departments and communicate information security goals and recent programs effectively with other department managers within the organization
  • Support the CISO to address queries from Auditors and Regulators by coordinating requests for information and by coordinating responses to any observations
  • Collaborate with vendors to perform security audits ensuring they meet industry standards

Identity & Access Management Specialist

ABN AMRO
New York, NY
02.2020 - 03.2023
  • Hired to build out the new Identity & Access Management New York team to transition security administration responsibilities from the Information Technology Service Desk to the new IAM Team
  • Hired and trained two new Identity & Access Management analysts to assist with the transitioning project
  • Supported six hundred users located in New York, New Jersey, and Dallas, Texas offices
  • Provisioned and deprovisioned access to 128 applications
  • Created new Access Management Provisioning Policies and Procedures to cover all IAM tasks and responsibilities
  • Worked with Operational Risk Management and Audit to review all current audit findings and develop a project to address and resolve all Information Security and Identity & Access management findings
  • Responsible for the collection of all applications and system inventory and to take over the security administration of 128 applications
  • Work with senior management and third-party vendors to request to be set up as Security Administrator
  • Accountable for how users within an organization are granted an identity and how it is protected, including saving critical applications, data and systems from unauthorized access while managing the identities and access rights of user' both inside and outside the organization
  • Coordinated and managed audit initiatives stated by the CISO
  • Performed reviews and audits related to Identity & User Access and generated reports to verify compliance with policies, procedures, and regulations to drive resolution of access issues
  • Developed, maintained, and enforced strong information security policies, procedures, and IT control
  • Worked closely with Human Resources and Audit to completely revise the entire New Hire, Transfer, and Termination process to ensure we capture any flaws or gaps in the current process
  • Work closely with the Compliance Team to develop a new Mandatory Leave process and procedure where Identity & Access Management would implement the process and monitor users to ensure they do not log into the network or VPN during the 2 weeks mandatory leave
  • Performed Semi Annual Entitlement Reviews for all critical applications and annual entitlement reviews for non-critical systems with the business managers
  • Onboarded U.S applications into the global SailPoint (known as AGF-Access Governance Foundation) in the Nederland’s
  • Used SailPoint to request access and to place users in the correct business role
  • Monitored and reviewed user activity, inactive accounts and for users who have never logged on
  • Provided support to the business with audit requests involving the IAM process
  • Must be able to review own completed work for accuracy and perform Quality Assurance validation on other’s work to meet IAM Operations accuracy goals
  • Ability to perform research and investigation on setup issues and inquiries received by the client service teams
  • Hired to build a new IAM New York Team and manage the transitioning project
  • Hired and trained 2 Identity Access Analyst to assume Security Admin responsibility for 128 applications and systems
  • Inherited 172 Information Security and IAM Audit findings and worked diligently to resolve and close out all audit findings successfully
  • Successfully created an application, network, remote access, and file share Entitlement Review program process
  • Completely restructured the new hire, transfer, and termination process by creating a detail process and step by step procedures capturing the evidence for the entire process
  • Created a new Identity & Access Management Provisioning document to cover all the IAM tasks and responsibilities

Security Analyst/Identity & Access Manager

RABOBANK
New York, NY
11.2015 - 11.2019
  • Participated as a member of the regional Corporate Security Intelligence team
  • Conducts the weekly Human Resources new hire Information Security Orientation Presentation
  • Assisted Information Security Officer with mandatory annual Security Awareness Training
  • Managed, coordinated, and reviewed access recertification’s, Identity Access Management tool management and issue coordinating
  • Conducted annual user recertification activities and systems to ensure compliance with policy
  • Developed procedures and guidelines which effectively present a detailed overview of the annual user recertification process
  • Represented the team at technical and management meetings regarding DellOne Identity Access System as required
  • Designated as the first point of contact for all Internal/External Audits and work closely to ensure Rabobank delivers all requested artifacts, documents, policies, and procedures requested during an Audit
  • Conducted spot checking and reviewing of the Identity Access Management activities in the form of auditable review
  • Responsible for the recertification of 100+ banking applications (e.g., SOX’S, Payment Systems, and applications) followed up and responded to security incidents and escalated monitoring
  • Acting IAM Manager responsible for the transitioning of 4 Corporate Security Administration positions relocated to the New Identity Access Management Team in St Louis, MO
  • Managed, supervised, and trained four new IAM members responsible for support of system access and entitlements for the Americas region
  • Monitored CyberArk reports and responded to failed password verification alerts and worked with system account owners to resolve failure alerts
  • Create CyberArk Accounts and add system and application id is to specified Safe and vaults
  • Retrieve CyberArk system/application password is and assist Database, Linux, Wintel, and Core Application Support teams when passwords are requested
  • Nominated to manage the IAM Transitioning Project
  • Hired and managed 4 Identity Access Analyst position to work in the new IAM Team located in Saint Louis, MO
  • In addition, I had to train the team and teach them how to administer approximately 100+ Banking applications
  • Worked with DellOne Developers and DellOne Identity Access Teams in Utrecht, Nederland’s to work on high priority technical problems, bugs, and issues found here in the Americas Region
  • Set up weekly meetings to discuss how to resolve the problems and agree on a due date for resolutions

Access & Identity Management

FIRST REPUBLIC BANK
New York, NY
04.2014 - 08.2015
  • Assigned to the Identity & Access Management Operations Team to support the America’s region (San Francisco, Los Angeles, New York, Oregon, Connecticut, Florida, & Boston)
  • Responsible for on boarding all new hires, Contractor’s, Consultants, and Offshore staff and ensured all requested and approved applications, File Share, Distribution List, shared mailboxes, and remote access are provisioned
  • Processed all employee transfers, conversions, and terminations process
  • Performed accounts administration (provisioning and de-provisioning) using various applications and tools
  • Provided application and troubleshooting support when users encountered problems and issues
  • Processed creating, modifying, and applying the security groups to the File Share’s
  • Created, maintained, and updated all Access & Identity Management process and procedure documents
  • Contributed to the improvement of processes and training materials for fellow Access and Identity Management staff
  • Ran PowerShell scripts for new hires and transfers to set up profiles
  • Created and resolved Service Now request tickets and ensured timely resolution
  • Granted access and pushing out all applications to groups and users via SCCM system (System Center Configuration Manager)

Identity Access Manager

TD Securities
New York, NY
02.2013 - 04.2014
  • Reported directly to the Director & Vice President of Application Support and Production Services
  • Facilitated the provisioning of access to applications, infrastructure, databases, operating systems, Citrix/SecurID, network devices as per established procedures
  • Facilitated the review of access /attestation processes
  • Responsible for the on boarding of new applications and the processes and procedures
  • Ensured compliance with the Access Management process, policies, and procedures
  • Managed and supervised 2 Identity Access Analyst contractors
  • Reviewed and updated all TD Securities Access Management processes and procedures as required
  • Attended weekly Team Lead meetings to update and report on Access Management issues
  • Reviewed daily application exception reports and distributed them to appropriate teams to resolve findings
  • Supported troubleshooting applications with Identity or Access Management related issues
  • Maintained working relationships with the business and other IT teams (local and corporate)
  • Access Management representative assigned to work on the on boarding of Aveska Identity Management access control system
  • Managed the TD Securities Generic ID process and responsible for on boarding Generic IDs into CyberArk System
  • Evaluated and maintained all IT Security policies, procedures, and standards
  • Assisted in the deployment of IAM solution RSA Aveksa from test stage to production and on boarded forty-five out of approximately one hundred applications
  • Analyzed raw data files (csv) fed from third party vendors to Momentum to ensure accuracy of data
  • Reviewed XML files feeds to Aveksa ensuring users, roles and entitlements are following the company's security policies
  • Reviewed monthly attestations and initiate any necessary changes in access regarding LAN, VPN, Web applications, third party, proprietary and data (network share access)
  • Reviewed and investigated daily reporting from Aveksa of any anomalies and orphaned accounts reported
  • Provided documentation in adherence to monthly audit sample requests from internal/external auditors
  • Investigated generic ID password fail verification alerts and vault check outs within CyberArk

Security Operations Professional

MACQUARIE HOLDINGS
New York, NY
06.2007 - 11.2011
  • Hired as the first successful Security Operations representative to support the America’s region (United States, Brazil, and Canada)
  • Added, modified, and deleted approved user access to the Macquarie network
  • Created, reviewed, and modified all security administration policies and procedures
  • Processed new user, transfers, and termination of access to Macquarie’s applications and systems
  • Work closely with the data owners to review and modify user access to data, files, and applications
  • Enabling locked or disabled accounts for users after investigating the cause
  • Reviewed daily, weekly, and monthly security activity reports
  • Prepared, processed, and modified bi-annual user reauthorization forms for all employees
  • Oversee security investigations, including investigating and reporting of IT security breaches
  • Monitored and investigated all quarantined executable, encrypted, and non-business-related emails
  • Sent out warnings to users who violate Macquarie’s Email and LAN policies and procedures
  • Maintained and developed security operations documentation, policies, and procedures

Education

Diploma - Technical Support / Help Desk

THE CHUBB INSTITUTE
New York, NY
07.1999

Skills

  • Information Security
  • Application/System Recertification
  • Identity & Access Management
  • Policies & Procedures
  • Access Provisioning/Deprovisioning
  • System Risk Management Process
  • Security Awareness Training
  • User Training/Mentoring/Coach
  • Monitoring & Reporting
  • MS Excel
  • MS Access
  • MS PowerPoint
  • MS Visio
  • MS Word
  • MS Outlook
  • SharePoint
  • Active Directory
  • Active Directory ManageEngine
  • CyberArk
  • PowerShell
  • RSA SecurID
  • Safeguard
  • Surface Pro
  • Windows 2016
  • Windows XP
  • Windows 10
  • Lotus Notes
  • Microsoft Exchange Server 2010
  • Remedy
  • Service Now
  • HP Service Manager
  • RSA Governance & Lifecycle (Avekska)
  • SailPoint
  • DellOne Identity Manager
  • BMC Control-SA
  • BMC Enterprise Security Station Console
  • Aveksa RSA Compliance Manager
  • JP Morgan Access
  • BONY Nexen
  • BONY Access Edge/BDC
  • DTTC
  • RSA SecurID Token Console
  • Broadridge Impact
  • Debt Domain
  • Concur
  • EchoSign
  • Clear Par
  • FIS Loanet
  • LexisNexis
  • Actimize
  • Royal Bank of Canada
  • Wells Fargo
  • Application security
  • Access Control
  • Data Security
  • Regulatory Compliance
  • Reporting and documentation

Certification

  • Comp TIA Security + Certification, currently pending
  • Certified information Security Manager (CISM), currently pending
  • RSA Governance & Lifecycle System Introduction, 05/12/23
  • RSA Governance & Lifecycle System Fundamental, 05/12/23
  • Introduction to AWS Identity & Access Management (IAM), 02/10/22
  • A+ CompTIA Certified Technician, 09/99
  • Google Analytics for Beginners Certificate of Completion, 02/22
  • ITIL Version 3 Certified, 07/10
  • Identity & Access Management (IAM) Certificate of Completion, 03/22

Technologysummary

MS Excel, MS Access, MS PowerPoint, MS Visio, MS Word, MS Outlook, SharePoint, Active Directory, Active Directory ManageEngine, CyberArk, PowerShell, RSA SecurID, Safeguard, Surface Pro, Windows 2016, Windows XP, Windows 10, Lotus Notes, Microsoft Exchange Server 2010, Remedy, Service Now, HP Service Manager, RSA Governance & Lifecycle (Avekska), SailPoint, DellOne Identity Manager, BMC Control-SA, BMC Enterprise Security Station Console, Aveksa RSA Compliance Manager, CyberArk, JP Morgan Access, BONY Nexen, BONY Access Edge/BDC, DTTC, Active Directory, RSA SecurID Token Console, Broadridge Impact, Debt Domain, Concur, EchoSign, Clear Par, FIS Loanet, LexisNexis, Actimize, Royal Bank of Canada, Wells Fargo

Keyproficiencies

  • Information Security
  • Application/System Recertification
  • Identity & Access Management
  • Policies & Procedures
  • Access Provisioning/Deprovisioning
  • System Risk Management Process
  • Security Awareness Training
  • User Training/Mentoring/Coach
  • Monitoring & Reporting

Awards

Winner of 2 Macquarie 2011 Information Technology Group Awards for outstanding client service skills

Accomplishments

KEY ACHIEVEMENTS AT ABN AMRO

Hired to build a new IAM New York Team and manage the transitioning project. Hired and trained 2 Identity Access Analyst to assume Security Admin responsibility for 128 applications and systems.

When hired, I Inherited 172 Information Security and IAM Audit findings and worked diligently to resolve and close out all audit findings successfully.

Successfully created an application, network, remote access, and file share Entitlement Review program process.

Completely restructured the new hire, transfer, and termination process by creating a detail process and step by step procedures capturing the evidence for the entire process.

Created a new Identity & Access Management Provisioning document to cover all the IAM tasks and responsibilities.

Timeline

Information Security Analyst – III (Access Management Analyst)

NET2SOURCE, INC
03.2024 - Current

Information Security Manager, IAM

AMALGAMATED BANK
03.2023 - 03.2024

Identity & Access Management Specialist

ABN AMRO
02.2020 - 03.2023

Security Analyst/Identity & Access Manager

RABOBANK
11.2015 - 11.2019

Access & Identity Management

FIRST REPUBLIC BANK
04.2014 - 08.2015

Identity Access Manager

TD Securities
02.2013 - 04.2014

Security Operations Professional

MACQUARIE HOLDINGS
06.2007 - 11.2011
  • Comp TIA Security + Certification, currently pending
  • Certified information Security Manager (CISM), currently pending
  • RSA Governance & Lifecycle System Introduction, 05/12/23
  • RSA Governance & Lifecycle System Fundamental, 05/12/23
  • Introduction to AWS Identity & Access Management (IAM), 02/10/22
  • A+ CompTIA Certified Technician, 09/99
  • Google Analytics for Beginners Certificate of Completion, 02/22
  • ITIL Version 3 Certified, 07/10
  • Identity & Access Management (IAM) Certificate of Completion, 03/22

Diploma - Technical Support / Help Desk

THE CHUBB INSTITUTE

Similar Profiles

  • Ethan Mathews

    Ethan MathewsEthan Mathews

    Environmental Monitoring Technician at Merck via Net2SourceEnvironmental Monitoring Technician at Merck via Net2Source

    View Profile
  • Oluwatosin Johnson-Osinuga

    Oluwatosin Johnson-OsinugaOluwatosin Johnson-Osinuga

    Youth Development Coordinator at Christian Pentecostal ChurchYouth Development Coordinator at Christian Pentecostal Church

    View Profile
  • Adem Guven

    Adem GuvenAdem Guven

    Client System Technician at United States Air ForceClient System Technician at United States Air Force

    View Profile
George Velez