Profiles search

Marcel Jean

Cybersecurity Specialist: PCI-DSS | Vulnerability Management | QualysGuard Specialist | Data Loss Prevention | File Integrity Monitoring | SIEM | SOAR | Governance Risk & Compliance
Atlanta, GA, United States

Details

Education: Bachelors of Science (B.S.) Degree

Information Technology

Western Governors University

2013 : 2017

Associate of Science (A.S.) Computer Engineering

IT, Computers

Keiser College

2000 : 2002
Experience: → Manage functions pertaining to planning, implementing, managing, monitoring, and upgrading security measures

→ Work with supplier and Business Unit Service Managers to document appropriate action plans to remediate risk

→ Developed procedures for File Integrity Monitoring daily operations.

→ Helps detect sensitive patterns, insecure features, and malicious activities in the infrastructure

→ Manage the lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation

→ Conduct scans to identify vulnerabilities or confirm compliance to security standards

→ Perform in-depth analysis of vulnerabilities by correlating data from various sources

→ Determine if critical systems or data have been impacted by vulnerabilities and advise on remediation

→ Support Incident Detection and Response team in performing day-to-day operations

→ Ensure that the organization's data and infrastructure are protected by enabling the appropriate security controls

→ Implements governance process to ensure information security policies are aligned with regulatory compliance frameworks and corporate initiatives.

→ Streamlined the process for identifying system vulnerabilities on critical systems such as firewalls and endpoint systems by performing internal and external vulnerability scans and developing remediation plans to address issues.

→ Utilized vulnerability scanning solutions such as Nessus to identify system vulnerabilities on critical infrastructure as well as developed remediation plans to address risk.

→ Assisted in assessing vulnerabilities, security controls, and level of residual risk of systems while serving as an advisor and consultant on information security matters

→ Utilized vulnerability scanning solutions such as Nessus to identify system vulnerabilities on client’s critical systems.

2021 : Present

Mohawk Industries

Sr. Cybersecurity Engineer

→ Maintained working knowledge of NIST, PCI, HIPAA, GDPR, ITIL Privacy frameworks, regulations, and best practices

→ Assisted in defining, implementing, and maintaining information security policies, standards, and procedures

→ Removed over 15,000 security vulnerabilities by implementing a vulnerability management program to address system security flaws around the enterprise.

→ Collaborated with Internal Audit Team to evaluate the compliance of critical systems and network infrastructure to improve security

→ Developed, implemented, and documented security programs and policies and monitored compliance across departments

→ Provided research and reporting for vulnerabilities and risks in hardware and software systems

→ Managed the Data Loss Prevention (DLP) implementation, working with legal and human resource team to develop policy and response procedures to meet regulatory compliance.

→ Utilized vulnerability scanning solutions such as Qualys to identify system vulnerabilities on client’s critical systems.

→ Enhanced system security by creating SIEM alerts for systems with Antivirus violations allowing IT specialist to remediate the issue.

→ Watched for abnormal traffic and events with Splunk SIEM tool.

→ Created custom security alerts and triggers for Splunk SIEM solution.

→ Watched for abnormal changes and events to configuration files using Qualys File Integrity Monitoring module, and provided evidence of controls to Internal Audit

→ Monitoring security patch levels of the servers, workstations and network devices to ensure vulnerabilities are addressed efficiently.



→ Helped detect comprisable patterns, insecure features, and malicious activities in the infrastructure

→ Managed lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation

→ Assessed the status of company IT, network, and security systems

→ Configured Tanium reports for IT Risk and exports to Splunk ES

→ Troubleshoot / managed Tanium modules, Connect & Patch

2017 : 2021

InComm Payments

Information Technology Security Specialist

I pioneered the efforts across handling the entire gamut of functions pertaining to running SQL routine and ad hoc queries, transaction reports, across multiple databases for Billing, Finance, product owners, Acct Managers. Configured Metadata manager to set up FTP & email subscriptions for Remittances, invoices. Modified existing scripts/reports for partners, Acct Managers, and employees. Resolved reporting conflicts and negotiated mutually beneficial agreements between parties. Increased customer satisfaction by resolving Data integrity issues. Resolved BI reporting problems, improved operations and provided exceptional client support.

2015 : 2017

InComm Payments

BI Reporting Analyst at InComm

• Analyze data and build the configuration of new merchant programs for customers being launched to IBO

• Evaluate customer requirements to determine setup and configuration of new products launched to merchants on IBO

• Develop the configuration and enrichment of data for all products in IBO

• Develop and implement the configuration of all new Closed Loop Platform data

• Analyze and develop the configuration of all new ITP Platform data

• Analyze and develop the configuration of all new ICT data

• Follow up with Sales Rep/Account Manager/Product Management Teams to obtain additional data for merchant billing and transaction processing configuration

• Assist Billing Team with related questions and inquiries

• Assist Closed Loop, ITP and ICT with related questions and inquiries

2011 : 2015

InComm

Data Administrator

2007 : 2011

InComm

Inventory Analyst
Company: Mohawk Industries
Years of Experience: 30

Skills

Analysis, Business Analysis, Business Intelligence, Business Process Improvement, Cross-functional Team Leadership, Data Analysis, DLP, GRC, Information Security, Management, Office 365 Administration, Payment Card Industry Data Security Standard (PCI DSS), Process Improvement, Project Management, SDLC, Security Information and Event Management (SIEM), SOAR, Splunk Enterprise Security, Team Management, Vulnerability Management, Vulnerability Scanning, Customer Service, Account Management, Telecommunications, Troubleshooting, Program Management, Software Documentation, Vendor Management, Team Building, Product Management, Inventory Management, Operations Management, Sales, Integration, Visio, Forecasting, Access, Cross-functional Team

About

An accomplished and performance-oriented professional with comprehensive experience in cybersecurity, vulnerability assessment, vulnerability management, risk management, data loss prevention, file integrity monitoring, SIEM, security orchestration, and governance risk and compliance. Agility in finding the most efficient way reducing the attack surface and improving security posture of enterprise systems, networks, software, data, and information systems against any potential attack vectors. Adaptable at testing and analyzing assets for potential security threats, corroborating with clients to discuss security measures, and suggesting improvements to existing security systems





Areas of Expertise:

RMF/Compliance Frameworks |Payment Card Industry Data Security Standard Compliance (PCI DSS) |Risk Management | Data Loss Prevention (DLP) | File Integrity Monitoring(FIM) | NIST CSF| SIEM | SOAR | Security Strategy| Vulnerability Management |Information Security Policy |Application Security |Patching and Remediation Management | Technical Writing | Governance Risk and Compliance(GRC)