Mobile app development
Ronnie M. Wideman
IT Security Professional
Atlanta, GA,GA
Summary
Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Experience developing and testing security framework for on-prem and cloud-based solutions across the global enterprise. Extensive experience in vulnerability management, risk management, and network security at the Enterprise level. Versed in robust network defense strategies and driving compliance with internal and external security controls.
Overview
12
12
years of professional experience
3
3
years of post-secondary education
2
2
Certification
Work History
Compliance Specialist
Ernst and Young
Alpharetta, GA
05.2018 - Current
- Advises managers and other leaders concerning overall status of portfolio compliance in regards to findings and associated remediation plans and exceptions.
- Advise vendors on process for remediating urgent vulnerabilities in order to facilitate compliance of applications or services.
- Trained new team members on Compliance processes and procedures and served as senior point-of-contact for escalations regarding their portfolios.
- Report on metrics to gauge effectiveness of security policy framework and publish periodic metrics report.
- Decreased number of untreated findings by 25 percent through increased engagement and guidance of portfolios.
- Decreased number of untreated vulnerabilities by 30 percent through development of technical remediation plans.
- Manage security deficiencies through documentation of findings, monitoring follow through of remediation, and validates closure to increase security maturity of enterprise security program and reduce overall risk.
- Analyze data contained within GRC system and other security information repositories to identify security trends, root causes and notable risks.
- Advise others, helping to enhance and improve their understanding of information security and its importance to our overall enterprise security program.
- Developed and recommended remediation plans to SDL teams in order to resolve vulnerabilities.
- Directed and implemented strategic improvement plans to integrate solutions to audit findings and workflow process issues
- Served as subject matter expert by advising staff and customers and working directly with external agencies throughout audits or to remedy compliance issues
- Supported Automation by pitching in to complete special projects
- Developed analysis methodologies under close supervision of Compliance Manager.
- Used GRC and Spotfire to create reports to keep senior management informed of operations and progress of compliance efforts
Network Vulnerability Remediation Administrator
Ernst and Young
Alpharetta, GA
02.2013 - 05.2018
- Coordinated network vulnerability remediation plan implementation with regional network operations teams to ensure successful deployments.
- Executed LAN/WAN audit to proactively identify issues with baseline configurations throughout global network environment.
- Enhanced configuration management by utilizing HP Network automation to standardize network configuration deployment and track changes to infrastructure.
- Authored Network packet broker standard for Global Networking Services.
- Reduced noncompliant items in portfolios by 40 percent.
- Served as technical lead on project to evaluate new network packet broker technologies.
- Presented Vulnerability Data and Management Dashboard reports to senior management.
- Collaborated with various internal teams to support Information security audits resulting in successful certifications for ISAE 3402 and SOC.
- Developed remediation plans for vulnerabilities affecting Global Network infrastructure including servers, routers, switches, and wireless devices.
- Analyzed and communicated findings of vulnerability assessments to key stakeholders and recommends course of action to be taken in order to resolve findings.
- Developed policies, procedures, and guidelines for Global Network services in adherence with EY Global Information Security policy.
- Managed and maintained global TACACS+ infrastructure and creates solutions for TACACS+ and RADIUS authentication as required.
- Managed and maintained Splunk infrastructure (including Syslog-NG) for Global Network services.
- Created Splunk Dashboards to monitor and capture potential authentication breaches across Global Network infrastructure.
- Created reports to capture default login activity and reported to management.
- Prepared, arranged, and tested Splunk search strings for users to generate required information for projects.
- Managed and maintained Global network packet broker infrastructure to facilitate security monitoring and adherence to agreed upon Service -level-agreements.
- Collaborated with project team to configure and deploy new or replacement network packet brokers across Global Data Centers and data rooms.
- Collaborated with Cyber defense teams on Proof-of-Concept testing for numerous security monitoring technologies.
- Managed Network Packet Broker vendor and contract renewals for firm.
- Evaluated new vendor for network packet broker infrastructure, resulting in reduced expenditure.
Senior Network Administrator
06.2012 - 01.2013
- Held Top Secret security clearance.
- Nova-Dine.
- Served as team lead for Classified network and systems division.
- Coordinated team schedules to ensure support and coverage during critical efforts.
- Managed and maintain multiple secure networks for Network Operations Support center.
- Organized and maintain vendor support contracts for multiple networks within our assigned area of responsibility.
- Created network and system diagrams to plan upgrades and document changes in existing architecture.
- Used Cisco Security center and DISA IAVA's to stay abreast of latest threats and vulnerabilities that may affect network operations.
- Developed secure baseline configuration for network infrastructure.
- Collaborated with Network Architecture team in order to implement WAN accelerator technology.
- Served as Network Project manager for multiple network accreditations resulting in successful DIACAP audits.
Intermediate Network Administrator
04.2011 - 09.2011
- Held Top Secret security clearance.
- Nova-Dine.
- Troubleshoot and resolved connectivity and system issues for units across multiple secure networks and systems.
- Troubleshoot and resolved issues with BGP, OSPF, EIGRP, STP, and VOIP across multiple secure networks for DOD.
- Managed, maintained, and secured Cisco Unified Communications Manager across multiple secure networks for DOD.
- Applied Security Technical Implementation guides to Classified Network Operating centers and points of presence network infrastructure.
- Developed Firewall rule sets and Access Control List in order to implement Boundary Defense across multiple secure networks.
- Used Wireshark to analyze packets for troubleshooting purposes.
- Collaborated with Information Assurance Division on finding, interpreting, and mitigating network security issues across multiple security enclaves.
- Collaborated with system administrators to open ports, protocols, and services to ensure connectivity for Windows servers on multiple networks.
Education
Some College (No Degree) - Computer Networking And Telecommunications
Augusta Technical College
Augusta, GA 06.2007 - 01.2010
Skills
Access Control
undefinedCertification
GIAC Critical Controls Certification (GCCC)
Affiliations
Information Systems Security Association (ISSA)
Cloud Security Alliance (CSA)
Association of Information Technology Professionals (AITP)
Interests
Cooking
I enjoy trying out new recipes that I find online and trying to create healthy versions of my favorite dishes.
Timeline
Compliance Specialist
Ernst and Young
05.2018 - Current
Network Vulnerability Remediation Administrator
Ernst and Young
02.2013 - 05.2018
Senior Network Administrator
06.2012 - 01.2013
Intermediate Network Administrator
04.2011 - 09.2011
Some College (No Degree) - Computer Networking And Telecommunications
Augusta Technical College
06.2007 - 01.2010
Similar Profiles
Sandhya CSandhya C
Assistant Manager – People Advisory Services at Ernst and YoungAssistant Manager – People Advisory Services at Ernst and Young
Ammar AlqatawiAmmar Alqatawi
Audit Staff at Ernst and YoungAudit Staff at Ernst and Young
Tom JosephTom Joseph
Advanced Analyst at Ernst and Young Global Delivery ServicesAdvanced Analyst at Ernst and Young Global Delivery Services
Lamyaa AltuwairqiLamyaa Altuwairqi
Consultant at Ernst and YoungConsultant at Ernst and Young
Molique DunnMolique Dunn
Caregiver at Prime Care Health CareCaregiver at Prime Care Health Care