Profiles search
Paul F.
Senior Manger, Information Security
Bohemia, NY, United States
Details
Experience:
2021 : Present
The Bountiful Company
Senior Manager, Information Security
• Implemented DUO multifactor
• Implemented Corporate password reset tool
• Policy engineered and facilitated the implementation of Cisco Identity Services Engine
• Implemented Microsoft LAPS
• Implemented Cisco Umbrella formally OpenDNS (Replacing Cisco Ironport Proxy)
• Designed firewall changes workflow for approvals and change execution
• Manage Symantec Endpoint Protection 14 policies and oversee the operations
• Implemented security.txt for use on our ecom site
• Implemented Ironkey encrypted USB storage
• Developed endpoint firewall policies for our UK retail environment
• Implemented a global DDOS protection solution
• Implemented and maintain an employee monitoring system
• Designed safeguards around wire fraud phishing emails
• Assist the information security analysts with investigations
• Create basic dashboards and alerts within Splunk
• Maintain Stealth Intercept (AD & File) monitoring system
• Participate in annual policy reviews
• Review security bulletins, assess impact, and work with teams to implement updates
• Review new security products and make recommendations on purchases
• Provide articles for our internal IT newsletter
2015 :
The Nature's Bounty Co.
Information Security Engineer
Transitioned from the Data Center Operations Group to Information Security Group. Responsible with overseeing NBTY’s Vulnerability Management Program. This includes assessing the security of systems deployed including, external web servers, internal servers, workstations, and point of sale systems.
• Evaluate system security using advanced tools such as Nexpose and Metasploit to identify and confirm system vulnerabilities, assess the severity of these issues and resolve weaknesses with responsible stakeholders with remediation plans
• Manage SIEM Solution and track incidents in our internal ticketing system
• Executed whole disk encryption to protect notebooks
• Collaborate and maintain ongoing security policies and controls to strengthen NBTY’s security posture
• Control endpoint security utilizing Symantec Endpoint Protection in a global environment
• Responsible for Internet proxy configurations, policies and reports
• Document the architecture of information security systems
• Create documentation to assist users in enrolling in security services
• PCI Compliance V3.0
2012 : 2015
The Nature's Bounty Co.
Information Security Analyst
Responsible for deploying, maintaining, and troubleshooting of servers in the datacenter along with
remote branches and subsidiaries. Currently managing over 500 physical and virtual servers.
*Deploy virtualization technologies remotely to reduce expenditures of multiple servers.
*Participate in monthly patching of critical infrastructure systems.
*Assist help desk staff to expedite advanced troubleshooting of complex issues and resolve
issues without need for further escalations.
*Support and cultivate both physical and virtual servers with hardware and software
upgrades
*Skilled in monitoring the computer environment utilizing tools such as HP insight Manager,
Solarwinds Network Performance Monitor, IPSwitch, What’s Up, Solarwinds Virtualization
Manager, and Microsoft System Center Operations Manager to get a detailed view into the health of the environment
*Utilizing tools such as Twitter and corporate blog sites, to assess security vulnerabilities
that may impact patching cycles
*Track and regulate trends in current security attacks
*Execute daily checks of the datacenter to scrutinize for any issues or concerns before
problems arise
2010 : 2012
NBTY
Data Center Operations Engineer
*Manage all spects of users and security using Active Directory and Microsoft Exchange.
*Manage and document group policy changes
*Troubleshoot, Patch, Upgrade, Cisco Call Manager and Cisco Unity Messaging.
*Add new devices in Cisco Call Manager, and create/change/delete voicemail accounts in Cisco Unity Messaging.
*Evaludate and recommend new software to be implemented throughout the organization.
Maintain and Install Riverbed WAN Accelerators for branch offices.
*Maintain Cisco Maintenance Contracts.
Assist service desk with issues that pertain to the systems side of the business.
Implment, Deploy and Maintain VMWare vSphere 4.
Maintain and support Qual Logic iSCSI SAN adding new storage and replica volumes.
Maintain and support Bluecoat Proxy server.
Responsible for maintaining and supporting our Citrix Xenapp farm.
2007 : 2010
Allied North America / AON
Systems & Network Administrator
The Bountiful Company
Senior Manager, Information Security
• Implemented DUO multifactor
• Implemented Corporate password reset tool
• Policy engineered and facilitated the implementation of Cisco Identity Services Engine
• Implemented Microsoft LAPS
• Implemented Cisco Umbrella formally OpenDNS (Replacing Cisco Ironport Proxy)
• Designed firewall changes workflow for approvals and change execution
• Manage Symantec Endpoint Protection 14 policies and oversee the operations
• Implemented security.txt for use on our ecom site
• Implemented Ironkey encrypted USB storage
• Developed endpoint firewall policies for our UK retail environment
• Implemented a global DDOS protection solution
• Implemented and maintain an employee monitoring system
• Designed safeguards around wire fraud phishing emails
• Assist the information security analysts with investigations
• Create basic dashboards and alerts within Splunk
• Maintain Stealth Intercept (AD & File) monitoring system
• Participate in annual policy reviews
• Review security bulletins, assess impact, and work with teams to implement updates
• Review new security products and make recommendations on purchases
• Provide articles for our internal IT newsletter
2015 :
The Nature's Bounty Co.
Information Security Engineer
Transitioned from the Data Center Operations Group to Information Security Group. Responsible with overseeing NBTY’s Vulnerability Management Program. This includes assessing the security of systems deployed including, external web servers, internal servers, workstations, and point of sale systems.
• Evaluate system security using advanced tools such as Nexpose and Metasploit to identify and confirm system vulnerabilities, assess the severity of these issues and resolve weaknesses with responsible stakeholders with remediation plans
• Manage SIEM Solution and track incidents in our internal ticketing system
• Executed whole disk encryption to protect notebooks
• Collaborate and maintain ongoing security policies and controls to strengthen NBTY’s security posture
• Control endpoint security utilizing Symantec Endpoint Protection in a global environment
• Responsible for Internet proxy configurations, policies and reports
• Document the architecture of information security systems
• Create documentation to assist users in enrolling in security services
• PCI Compliance V3.0
2012 : 2015
The Nature's Bounty Co.
Information Security Analyst
Responsible for deploying, maintaining, and troubleshooting of servers in the datacenter along with
remote branches and subsidiaries. Currently managing over 500 physical and virtual servers.
*Deploy virtualization technologies remotely to reduce expenditures of multiple servers.
*Participate in monthly patching of critical infrastructure systems.
*Assist help desk staff to expedite advanced troubleshooting of complex issues and resolve
issues without need for further escalations.
*Support and cultivate both physical and virtual servers with hardware and software
upgrades
*Skilled in monitoring the computer environment utilizing tools such as HP insight Manager,
Solarwinds Network Performance Monitor, IPSwitch, What’s Up, Solarwinds Virtualization
Manager, and Microsoft System Center Operations Manager to get a detailed view into the health of the environment
*Utilizing tools such as Twitter and corporate blog sites, to assess security vulnerabilities
that may impact patching cycles
*Track and regulate trends in current security attacks
*Execute daily checks of the datacenter to scrutinize for any issues or concerns before
problems arise
2010 : 2012
NBTY
Data Center Operations Engineer
*Manage all spects of users and security using Active Directory and Microsoft Exchange.
*Manage and document group policy changes
*Troubleshoot, Patch, Upgrade, Cisco Call Manager and Cisco Unity Messaging.
*Add new devices in Cisco Call Manager, and create/change/delete voicemail accounts in Cisco Unity Messaging.
*Evaludate and recommend new software to be implemented throughout the organization.
Maintain and Install Riverbed WAN Accelerators for branch offices.
*Maintain Cisco Maintenance Contracts.
Assist service desk with issues that pertain to the systems side of the business.
Implment, Deploy and Maintain VMWare vSphere 4.
Maintain and support Qual Logic iSCSI SAN adding new storage and replica volumes.
Maintain and support Bluecoat Proxy server.
Responsible for maintaining and supporting our Citrix Xenapp farm.
2007 : 2010
Allied North America / AON
Systems & Network Administrator
Company:
The Bountiful Company
About
Detail-oriented, hands on Senior Information Security Manager with over 20 years of expertise in information technology. The last 10 years have been in various information security roles within IT, responsible for risk management to architecting zero-trust. An innovative problem solver whose strong critical thinking skills yield forth inventive and effective approaches to the organization. Consistently achieving and surpassing objectives through creative dynamic contributions of organization, communication and leadership. Able to flourish in a fast-paced, exciting environment where precision and productivity matter.
Profile Photo
