Profiles search

James Berry

Information Security Specialist at HNTB
Independence, MO, United States

Details

Experience: - Develop and implement security policies, procedures, and standards that meet regulatory and organizational requirements.

- Identify and assess risks to the organization's assets and data, develop security plans to address those risks.

- Act as the primary liaison between Corporate IT and other business units on matters related to information security.

- Responsible for tactical and operational aspects of information security.

- Suggest and implement new security operations technologies to meet changes in business needs.

- Provide leadership and guidance to the organization on security best practices and policies.

- Respond to security incidents and conduct investigations as necessary.

- Review and comment on contract language as needed.

- Monitor compliance with security policies and standards and provide regular reports to senior leadership.

- Collaborate with other departments to ensure security requirements are integrated into system design and development.

- Keep up-to-date with emerging threats and vulnerabilities and recommend appropriate risk mitigation strategies.

- Collaborate with other departments to implement supply-chain risk management.

- Implement and monitor endpoint security solutions.

2021 : Present

HNTB

Information Security Specialist

⦁ Responsible for conducting, coordinating, testing, implementing, deploying, and operational maintenance of all information security systems.

⦁ Developed and executed plans to maintain data integrity and safeguard data against modification, destruction or disclosure.

⦁ Reviewed violations of computer security procedures and developed risk mitigation plans.

⦁ Developed plans to safeguard computer files against modification, destruction or disclosure.

⦁ Monitored use of data files and regulated access to protect secure information.

⦁ Monitored computer security policy, virus, encryption, web usage, and network threat reports to identify, assess, and remediate any violations or risks.

⦁ Equipped and organized facility to comply with company strategy for online and offline quality controls.

⦁ Updated quality control standards, methods and procedures to meet compliance requirements.

⦁ Recommend and implemented improvements in security systems and procedures to achieve and continue our existing security governance ISO 27001 certification.

2015 : 2020

Shook, Hardy & Bacon L.L.P.

Senior Information Security Engineer

Upon returning to Shook Hardy & Bacon, I resumed my previous role as a level 3 systems administrator. My duties included administration, support, and documentation of all systems related to remote access. Systems including RSA SecurID Authentication Manager, Citrix XenApp Farm, Checkpoint firewall, F5 ISP load balancer, External DNS management, individual and site to site VPN management, and Microsoft Server 2012 R2 Direct Access. I also worked with planning and testing Disaster Recovery scenarios for all systems I was responsible for.

Along with supporting the key parameter technologies for allowing remote access I was responsible for managing Identity and access to the firms internal resources from outside of the firm. I worked with the Information Security team to plan and design our remote access and parameter defense systems to coexist with the Information Security technologies to allow normal work flow while minimizing threats.

2012 : 2015

Shook, Hardy & Bacon L.L.P.

Senior Network Engineer

I worked as a senior level consultant to provide multiple services and support to WordTech clients. My duties included but were not limited to evaluating existing networks, explaining new technologies, training technical staff, planning projects, managing projects, implementing projects, diagnosing and solving all IT related issues.

Technologies I primarily worked with during this time were Citrix Presentation Server, Microsoft Active Directory 2003 and all related servers, Microsoft Exchange, Medium to enterprise level firewall installation and configuration.

As a consultant I gained exposure to multiple different client networks. I was able to use my technology and product experience and apply it to a large variety of scenarios and configurations as needed by my clients.

2005 : 2008

WordTech Business Solutions

Senior Systems Engineer
Company: HNTB
Years of Experience: 15

Skills

Access Control, Active Directory, Analytical Skills, Business Process, CISA, cissp, Citrix, Content Filtering, Cybersecurity, Data Privacy, Disaster Recovery, DLP, DNS, Enterprise Risk Management, ePolicy Orchestrator, FedRAMP, Firewalls, Incident Response, Information Technology, IPS, Microsoft Direct Access, Microsoft Exchange, Network Administration, Networking, NIST, Project Management, Risk Management, security framework, Security Information and Event Management (SIEM), Security Policy, Server Administration, Servers, SharePoint, Software Installation, Software Requirements, Technology Security, Threat & Vulnerability Management, Troubleshooting, Windows 7, Windows Services, Windows XP

About

The only Information Security Professional on staff at current organization. Works directly under the Director of IT and collaborates with groups such as IT Operations, Dev Operations, Human Resources, Legal, and Risk. Ensures that the organization's security policies and procedures are compliant with industry standards and communicates security risks and recommendations to IT leadership and other stakeholders.