Summary
Overview
Work History
Education
Skills
Accomplishments
Timeline
Generic

Paul Mankarious

Elmwood Park,NJ

Summary

Strategic Information Security Manager skilled in guiding navigation of modern technology all through a 'secure' lenses. Accustomed to driving efficiency and effectiveness by developing, delivering and supporting strategic plans. Demonstrated skill in translating technical requirements to business solutions through several business facing security roles. Successful 7-year record of building positive relationships with internal and external stakeholders.

Overview

9
9
years of professional experience

Work History

Cybersecurity Manager

Johnson & Johnson
03.2020 - 09.2023
  • Supporting and responsible for the Janssen Global R&D portfolio as the Business Information security contact.
  • Previously supported three major portfolios: Visioncare and Surgical Vision, and Consumer commercial and R&D organizations. Acted as BIS representative to multiple sectors of the overall organization
  • Consulting to IT and business teams on the design, implementation, and testing of secure applications, cloud environments, and IoT devices and supporting the secure development and implementation of new and innovative applications, systems, and partnerships
  • Performing application and infrastructure assessments, design reviews, and providing assurance over existing and future solutions and environments, prioritizing risks, and coaching on remediation of any application and/or system gaps
  • Evaluating third party vendors for security risks
  • Assessments of operational processes, identifying, and mitigating risks across the company's Line of Business' through effective tools, training, and guidance, while working with IT management on creating technical solutions that prevent and detect user data protection gaps
  • Facilitate education and training to the organization on cybersecurity procedures and controls and being the BIS (Business Information Security) Cyber Awareness Champion

Senior Information Security Specialist

Celgene
01.2018 - 02.2020
  • Developed and successfully deployed Celgene's Third-Party Risk Management Program, in conjunction with Developing and implementing solutions to ensure security and privacy policies are correctly implemented to align advanced technologies and Privacy by Design principles from the first stages of development and ensure that the data use meets established regulatory compliance needs (GDPR)
  • Complete and oversee all day to day operations for the Third-Party Risk Management program that drives end-to-end process from initial assessment to remediation
  • Lead, designed, and owned newly created Vendor Risk Management portal through Service-Now, and utilized various tools/technologies such as Security Scorecard, and Prevalent, to fit companywide objectives in identifying risks
  • Performed regular privacy assessments of operational processes, identifying, and mitigating risks across the company's Line of Business' through effective tools, training and guidance, while working with IT management on creating technical solutions that prevent and detect user data protection gaps in Celgene environment
  • Acted as a McAfee Data Loss Prevention SME and Tier 3 Incident Response Handler (This includes conducting corporate investigations with legal, to ensure any company wide data loss is tracked.)

Technology Consulting Analyst

Accenture
06.2017 - 01.2018
  • Assigned as Security Consulting practitioner, and assisted with the implementation of a centralized and consolidated Cybersecurity risk reduction Program
  • Conducted Periodic Vulnerability and risk assessments to firms supporting technology
  • Assessed Patch management framework, and revitalized endpoint security teams patching process
  • Assisted with implementation of User and Privileged access management tools and processes
  • Developed/modified Cyber Incident response plan, runbook, and coordinated workshops for cyber incident response process
  • Performed Governance and Compliance control reviews with C-Suite stakeholders to determine existing and new Policies and Procedures in regards to the Firms Security department.

Cyber Audit Summer Analyst/Year Round Intern

JP Morgan
06.2016 - 04.2017
  • Worked closely with business and technology auditors to ensure that key risks are identified and assessed specifically within the Markets & Investor Services group
  • Acted as liaison between Investment Bankers and technology team in analysis of systems
  • Conducted control evaluations, documented detailed reports of functional changes, and identified opportunities for improving business processes through Investment banking Trading Systems
  • Worked with Global technology team to evaluate and assess Access/System controls for applications used on the trading floor within the Market & investor services group.

IT Full Time CO-OP

Johnson & Johnson
01.2016 - 05.2016

IT Security Summer Intern

CIT Group
06.2015 - 08.2015

Global IT Networking & SAP Security Intern

Movado Group HQ
10.2014 - 05.2015

Education

Bachelor of Science - Information Technology - Networking & Security

NJIT (New Jersey Institute of Technology)
Newark, New Jersey

Skills

  • Microsoft Office Suite Google Analytics
  • Oracle
  • SAP experience
  • Duo
  • Centrify
  • Tenable
  • McAfee/Symantec DLP toolsets
  • ServiceNow
  • Security Scorecard
  • Knowledge of different cloud platforms, cloud-based infrastructure, migration, deployment, and security (AWS, GCP, Azure)
  • Familiar with OSX, Windows processing systems
  • Application Security/API assessments
  • Security Planning
  • Governance reviews
  • Third-Party Risk Audits
  • Security and Privacy controls tester and examiner
  • SOC 2-3 Reports
  • Working knowledge of various regulatory and broad security best practice standards and guidelines: ISO 27001/27002, NIST, SANS top 20 GDPR etc

Accomplishments

  • Serve on the board of the NJ ISSA (Information systems Security Association) chapter as Communications lead.
  • Founder of Matthew 25:40 (Non-Profit).
  • Former President- Coptic Society of Rutgers Newark & NJIT.


Timeline

Cybersecurity Manager

Johnson & Johnson
03.2020 - 09.2023

Senior Information Security Specialist

Celgene
01.2018 - 02.2020

Technology Consulting Analyst

Accenture
06.2017 - 01.2018

Cyber Audit Summer Analyst/Year Round Intern

JP Morgan
06.2016 - 04.2017

IT Full Time CO-OP

Johnson & Johnson
01.2016 - 05.2016

IT Security Summer Intern

CIT Group
06.2015 - 08.2015

Global IT Networking & SAP Security Intern

Movado Group HQ
10.2014 - 05.2015

Bachelor of Science - Information Technology - Networking & Security

NJIT (New Jersey Institute of Technology)

Similar Profiles

  • ANIS TRIKI

    ANIS TRIKIANIS TRIKI

    Medical Science Liaison – Urogenital Tumors at Johnson & Johnson Innovative MedicineMedical Science Liaison – Urogenital Tumors at Johnson & Johnson Innovative Medicine

  • PATRICIA OSWALD

    PATRICIA OSWALDPATRICIA OSWALD

    Executive Administrative Assistant at Johnson & Johnson - Strategy & Business Services, Global ServicesExecutive Administrative Assistant at Johnson & Johnson - Strategy & Business Services, Global Services

  • Marzena Kulis

    Marzena KulisMarzena Kulis

    VP, Strategy and Market Development EMEA at Johnson & Johnson MedTechVP, Strategy and Market Development EMEA at Johnson & Johnson MedTech

  • Russell Kyle Kennedy

    Russell Kyle KennedyRussell Kyle Kennedy

    Warehouse Associate at Johnson & JohnsonWarehouse Associate at Johnson & Johnson

  • Renzo Aguirre

    Renzo AguirreRenzo Aguirre

    MRI Technologist at Hackeansack Univercity Medical CenterMRI Technologist at Hackeansack Univercity Medical Center

CREATE PROFILE
Paul Mankarious