Profiles search

Aaron Frankel, CCISO CISM GSLC

Information Security Officer at TriCore Reference Laboratories
Albuquerque, NM, United States

Details

Education: Bachelor's degree

Business/Information Systems

University of Phoenix

1998 : 2000

Southern Illinois University, Carbondale

1982 : 1983
Experience: Helping to increase TriCore's security posture while actively and efficiently improving the health of our communities.

2018 : Present

TriCore Reference Laboratories

Information Security Officer

Ensures technical and logical security mechanisms are in place to protect enterprise assets and information from unauthorized access. Provides technical expertise to implement and maintain security measures to protect confidentiality, integrity, and availability of enterprise electronic systems information.

Recommends, implements, and maintains technical and procedural controls to provide security in the most reasonable and cost-effective manner; interprets standards, requirements, and their application to the enterprise environment

Performs implementation, testing, oversight, and administration for enterprise security applications, platforms, and solutions, including but not limited to : firewalls, intrusion detection and prevention, identity and access management, encryption solutions, Virtual Private Networks, security event monitoring, log management tools, anti-virus/malware prevention tools, and vulnerability assessment solutions

Acts as a subject matter expert to process and respond to potential and actual cyber security incidents, or alerts issued through the ES-ISAC, ICS-CERT, US-CERT as applicable to enterprise systems and operations

Participates in internal and external audits and reviews to ensure compliance with regulatory standards, internal security policy, and coordinates with internal audit staff, as appropriate

Acts as a liaison with other internal groups in the implementation of solutions utilized by the Mandatory Reliability Standard Compliance Program

Develops, implements, and coordinates change/configuration management and security testing for enterprise systems

Assists Information Security team members and internal clients in addressing highly complex security issues applicable to enterprise environment

2015 : 2018

PNM Resources

Manager, Information Security Engineering & Operations

Responsible for improving and maintaining the security posture for NM-HSD. Accountable for audit and compliance for multiple federal agencies, such as IRS, CMS, SSA, OCR, OIG, and others. NM-HSD’s HIPAA Security Officer. Oversee and coordinate security efforts across the agency. Manage the development and implementation of state security policy, standards, guidelines and procedures. Oversee incident response planning as well as the investigation of security breaches. Development and maintenance of security awareness and education programs for NM-HSD. Maintain relationships with local, state and federal law enforcement and other related government agencies.

2013 : 2015

State of New Mexico, Human Services Department

CISO (Chief Information Security Officer)

Group manager of 18 FTEs and multiple contract personnel. Responsible for the current and future mode of operations related to Security, Citrix, Desktop, and Windows engineering for Presbyterian Healthcare Services.

• Participated in vendor selection for Infrastructure outsourcing.

• Supplied fiscal budget, vendor contracts, license management, and staffing analysis to TSNA.

• Volunteered for transition management for Citrix, Desktop, and Windows engineering.

• Responsible for Data Center migration planning and implementation for engineering functions to the TSNA cloud.

2012 : 2013

T-Systems

IT Security Manager + Interim Citrix, Desktop, and Windows Manager

Group manager of 11 FTEs and multiple contract personnel. Responsible for the overall IT security posture of the organization. System responsibility includes all Certificate management, Compliance reporting, Data Loss Prevention, next generation firewalls, IDS/IPS, IdM /Provisioning, Mobile Device Management, penetration testing, Privilege Access Management, Remote Access management, and Wireless Access. Direct multi-million dollar capital (infrastructure and project) and operations budget development and management. Manage team's involvement and contributions on key enterprise-level, high-impact projects such as HITECH Act, Epic EMR ,VDI (including mobile devices), and ICD-10 compliance.

Implemented the Presbyterian Information Security Management Framework (ISMS) for design and maintenance of a coherent set of policies, processes and systems to manage risks to the information assets.

Selected, configured and implemented a new Identity Access Management system that streamlined manual processes.

New installs and upgrades to security technology including firewalls, DLP, IDS/IPS, and Mobile Device management.

Complete DMZ redesign which significantly increased security as noted by CMS audit.

Implemented the Privileged Access Management system to better manage changes to the environment.

2009 : 2012

Presbyterian Healthcare Services

IT Security Manager
Company: TriCore Reference Laboratories
Years of Experience: 42

Skills

Active Directory, CISA, Cisco Technologies, CISM, CISSP, Citrix, Cloud Computing, Computer Security, Data Center, Disaster Recovery, DLP, Enterprise Architecture, Enterprise Software, Firewalls, Healthcare Information Technology, Healthcare IT, HIPAA, Identity Management, IDS, Informatics, Information Security, Information Security Management, Information Technology, Integration, ISO 27001, ITIL, ITIL v3 Foundations Certified, IT Management, IT Operations, IT Strategy, Mobile Devices, Network Security, PCI DSS, Penetration Testing, PMP, Process Improvement, Program Management, Project Management, SDLC, Security, Security Audits, Six Sigma, Software Documentation, Vendor Management, Virtualization, Visio, VMware, VPN, Vulnerability Assessment, Vulnerability Management, Healthcare Information, ITIL v3 Foundations

About

IT Leader with solid Security Management Background



Resourceful, results-driven IT management professional with demonstrated personnel,organizational and technical leadership skills. Security engineering and architecture deployment successes on complex enterprise initiatives and major projects. Leader and team player experienced in working with cross-functional teams in conceptualizing and collaborating to deliver measurable and significant cost savings in support of organizational revenue improvements, ITIL-based infrastructure service design and operations, streamlining and standardization, and process improvement.



Proven leader, mentor, and problem solver who thrives in dynamic, deadline-driven environments. Excellent communications and presentation skills. Project management skills and experience provide for budget-driven focus and ability to balance multiple efforts and initiatives while maintaining close attention to detail. Customer-focused, hard-working, and pleasant to work with.