Profiles search
Kendall Smith, CISSP
Information Security Generalist - Manager at PwC
Dallas, TX, United States
Details
Experience:
Proactively assist in the management of a portfolio of clients, while reporting to Senior Managers and above. Involved in the financial management of clients while actively involved in business development activities. Help identify and research opportunities on new/existing clients. Contribute to the development of your own and other team’s technical acumen while developing strategies to solve complex technical challenges. Assist in the management and delivering of large projects
Train, coach, and supervise staff. Stay current with local and national business and economic issues. Continue to develop internal relationships and the PwC brand.
2018 : Present
PwC
Information Security Generalist - Manager
Responsible for on-time delivery of Information Security related projects at the client site. Projects typically range from 4 week to 12 months and may require an independent effort or a coordinated team effort. Projects include :
o Client Name – Implementation of a 2-factor authentication solution (Quest Defender) as part of a network segmentation effort required for PCI compliance. Solution was in use by 2000+ users for secure authentication or a Citrix environment. The project was completed on time under budget.
o Client Name – End to end Implementation and documentation of a firewall management solution (Tufin). The solution consolidated the management of 160 firewalls (Checkpoint and Cisco) into one appliance.
o Client Name – Aided in the development of the Information Security strategy for Client Name (a divestiture of the another Client Name division).
o Client Name – Independently managed the documentation and remediation of internal audit deficiencies for Texas Health Resources.
o PwC (internal) – Managed the project team responsible for the assessment of the internal PwC Information Security Policy.
o Client Name – Developed, implemented and completely documented a patch manage governance program for Client Name (Divestiture of another Client Name).
o Client Name – Performed an end to end security assessment of the call center workflow/processes for various Client products.
o Client Name – Performed security architecture review for vendors that manage, process and/or store Client employee or customer data.
2013 : 2018
PwC
Sr Associate - CyberSecurity & Privacy, Core Security Management Consultant
o Administration of security appliances including Q Radar log management, CheckPoint firewalls, PaloAlto firewalls/web filter, McAfee ePO, Tripwire file integrity monitoring, SolarWinds network monitor, Juniper VPN and SecureAuth 2 factor authentication.
o Responsible for Information Security Policy drafting and revision as well as security related solutions architecture, evaluation and upgrades.
o Management of compliance remediation activities (primarily for PCI and SOX audit findings).
o Incidents and investigations concerning data breaches, privacy, intrusion, acceptable use and monitoring procedures.
o Responsible for Information Security awareness and training sessions for other departments within the company.
o Improved visibility of the Network Security department through effective communication with the business, other departments within IT and upper management.
2012 : 2013
A. H. Belo
Lead Network Security Engineer
2012 : 2012
A. H. Belo
Sr. Network Security Admin
o Effectively maintained security infrastructure to include implementation and management of Security Event Information Management solution (TriGeo), Virus protection (ePO-McAfee), Forefront Unified Access Gateway, Websense web proxy and Data Loss Protection solutions and TopLayer IDS/IPS
o Solid project and relationship management used to ensure compliance with Federal, State and local mandates as they pertain to information security (Company policy, PCI, HIPAA and FDA regulations).
o Responsible for effectively handling investigations and Incidents concerning data breaches, privacy, intrusion, acceptable use and monitoring procedures.
o Execution of security awareness, IT Security training sessions for other departments within IT, risk assessments, ongoing research, patch management and policy development.
2010 : 2012
Cook Children's Hospital
IT Security Analyst
Train, coach, and supervise staff. Stay current with local and national business and economic issues. Continue to develop internal relationships and the PwC brand.
2018 : Present
PwC
Information Security Generalist - Manager
Responsible for on-time delivery of Information Security related projects at the client site. Projects typically range from 4 week to 12 months and may require an independent effort or a coordinated team effort. Projects include :
o Client Name – Implementation of a 2-factor authentication solution (Quest Defender) as part of a network segmentation effort required for PCI compliance. Solution was in use by 2000+ users for secure authentication or a Citrix environment. The project was completed on time under budget.
o Client Name – End to end Implementation and documentation of a firewall management solution (Tufin). The solution consolidated the management of 160 firewalls (Checkpoint and Cisco) into one appliance.
o Client Name – Aided in the development of the Information Security strategy for Client Name (a divestiture of the another Client Name division).
o Client Name – Independently managed the documentation and remediation of internal audit deficiencies for Texas Health Resources.
o PwC (internal) – Managed the project team responsible for the assessment of the internal PwC Information Security Policy.
o Client Name – Developed, implemented and completely documented a patch manage governance program for Client Name (Divestiture of another Client Name).
o Client Name – Performed an end to end security assessment of the call center workflow/processes for various Client products.
o Client Name – Performed security architecture review for vendors that manage, process and/or store Client employee or customer data.
2013 : 2018
PwC
Sr Associate - CyberSecurity & Privacy, Core Security Management Consultant
o Administration of security appliances including Q Radar log management, CheckPoint firewalls, PaloAlto firewalls/web filter, McAfee ePO, Tripwire file integrity monitoring, SolarWinds network monitor, Juniper VPN and SecureAuth 2 factor authentication.
o Responsible for Information Security Policy drafting and revision as well as security related solutions architecture, evaluation and upgrades.
o Management of compliance remediation activities (primarily for PCI and SOX audit findings).
o Incidents and investigations concerning data breaches, privacy, intrusion, acceptable use and monitoring procedures.
o Responsible for Information Security awareness and training sessions for other departments within the company.
o Improved visibility of the Network Security department through effective communication with the business, other departments within IT and upper management.
2012 : 2013
A. H. Belo
Lead Network Security Engineer
2012 : 2012
A. H. Belo
Sr. Network Security Admin
o Effectively maintained security infrastructure to include implementation and management of Security Event Information Management solution (TriGeo), Virus protection (ePO-McAfee), Forefront Unified Access Gateway, Websense web proxy and Data Loss Protection solutions and TopLayer IDS/IPS
o Solid project and relationship management used to ensure compliance with Federal, State and local mandates as they pertain to information security (Company policy, PCI, HIPAA and FDA regulations).
o Responsible for effectively handling investigations and Incidents concerning data breaches, privacy, intrusion, acceptable use and monitoring procedures.
o Execution of security awareness, IT Security training sessions for other departments within IT, risk assessments, ongoing research, patch management and policy development.
2010 : 2012
Cook Children's Hospital
IT Security Analyst
Company:
PwC
About
Specialties: • IT Security and awareness training
• IT Security Auditing
• IT Security Vulnerability and Risk Management
• CISA (Certified Information Systems Auditor)
• IT Security, Intrusion detection
• Firewall administration, IT Security
• Incident Management and response, IT Security
• CISM (Certified Information Security Manager)
• IT Security Policy revision
• Patch management, IT Security
• CISSP
• IT Security Compliance (PCI, SOX, HIPPA)
• Network+
• ISACA member
Profile Photo
