Profiles search
Amir E.
Information Security Architect
Lewisville, TX, United States
Details
Education:
GSEC
Information Security
SANS Institute
2004 : 2004
LeTourneau University
1992 : 1994
Information Security
SANS Institute
2004 : 2004
LeTourneau University
1992 : 1994
Experience:
Assigned to Chief Information Security Office managing risk for Toyota Financial Services.
Responsibilities include : Cloud Security, Application Security, Security Design and Solution's, Security Architecture. Ensure Enterprise Security is incorporated into every project.
Lead and Participate in Technology Governance Board, Change Management Review and cross functional responsibilities.
Work with information security partners such as legal / privacy to provide security expertise to ensure compliance with regulatory bodies
Provide advisory and consulting services for very highly visible projects.
2017 : Present
Toyota Financial Services
Information Security Architect Consultant
Performing security review, ensuring security requirements have been meet.
Providing range of technical expertise to facilitate security solutions, design, risk assessment, compliance, technical reviews of various access (logical and physical, Cloud Security, Cloud implementations) to meet day to day business requirements, infrastructure security, application security, needs. Serving as Senior corporate information security architect in Rent-A-Center headquarter in Plano TX. Lead and designed RAC Cloud security models for transactional processing utilizing Amazon infrastructure. Provide leadership into how enterprise can implement policies that will secure enterprise information. Worked security staff, Risk and Compliance to ensure we have proper planning, implementation and testing processes to ensure security requirements are being adhered. Worked with Information Management Security staff helping educate users and admins on best practices and processes. In addition worked internal and external development teams, project management leadership and spent management organization to ensure that :
Company assets are protected in a cost-efficient manner.
Security is adequately implemented and socialized among the internal and external development and QA teams.
Security best practices are followed in order to maintain the company’s stated security posture throughout all phases of the development life-cycle, including all security requirements are met
Conducting Third Party Risk Assessment
Develop and validating Security Requirements
Working with Infrastructure and solution architects on various projects
Policy enforcement
Develop security architecture based on business requirements in mind
Risk Mitigation
2013 : 2017
Sr, Information Security Architect
Rent-A-Center
Served as Information Security Architect with limited supervision applying previous technical skills to recommend, implement, support, improve, and operate information security controls.
Develop secure system and network architectures
Assist other Teams in securing their architectures at the logical and physical levels.
Supply expertise to management, business area and IT Teams in risk assessment as well as implement appropriate data security controls and monitoring principal accountabilities.
Access, report on, and make recommendations regarding current and proposed architectures, strategies and systems.
Support IT related projects as an information security SME and provide support throughout their lifecycle.
Performed security checkpoint review, ensuring security requirements (standards) have been identified and adequate testing has been performed.
Review systems and processes for compliance of Ally Bank-GMAC clients and suppliers.
Provide information security assessment expertise for risk assessments.
Participate in Global Information Security process and improvements.
Continuously improve information security knowledge and skills.
Provide thought leadership by identifying new information security threats, emerging technologies, and counter measures as assigned.
Assist in responding to audits requests and issues.
Provide information security expertise for third party risk management.
Evaluate policy and standards exception requests and respond.
Conduct third party risk assessment
Review SSAE16 and third party documentations
2012 : 2013
Ally Financial-GMAC (KForce Consultant)
Information Security Architect
Senior security Analysts to work with business partners and IT technology to facilitate the development of secure technology solutions to meet business needs. Design and implement security monitoring and response processes, tools, and techniques. Identify and deal with often sensitive potential security violations, performing appropriate information gathering before turning issues for formal investigation. Work with partners to resolve identified vulnerabilities. Provide on the ground support to issues arising in the Southwest Regional office. Provide expertise to the information Security Governance and Information Security Operations groups as appropriate on a broad spectrum of information security questions and issues
2009 : 2012
Fannie Mae
Data Security & System Mgr
Create, review, and update of current security policies, process, and procedures. Created Windows best standards for workstations and laptops, and provide security recommendations. Perform LAN, DMZ, and internet facing security scanning of mission critical devices on corporate and guest network for potential vulnerabilities, malicious programs and recommend appropriate actions. Create outline documentation, project plan and project timeline for implementation of Data Loss Prevention. Conduct risk assessment of current computing environment and recommend actions in order to reduce the risk of loss to confidential data. Monitored IDS logs based on early warnings and intrusions. Coordinated with consulting firms on implementation of data classification of information residing on company’s computing environment. Implement security project as required.
2007 : 2009
Penson Financial Services
Security Engineer
Responsibilities include : Cloud Security, Application Security, Security Design and Solution's, Security Architecture. Ensure Enterprise Security is incorporated into every project.
Lead and Participate in Technology Governance Board, Change Management Review and cross functional responsibilities.
Work with information security partners such as legal / privacy to provide security expertise to ensure compliance with regulatory bodies
Provide advisory and consulting services for very highly visible projects.
2017 : Present
Toyota Financial Services
Information Security Architect Consultant
Performing security review, ensuring security requirements have been meet.
Providing range of technical expertise to facilitate security solutions, design, risk assessment, compliance, technical reviews of various access (logical and physical, Cloud Security, Cloud implementations) to meet day to day business requirements, infrastructure security, application security, needs. Serving as Senior corporate information security architect in Rent-A-Center headquarter in Plano TX. Lead and designed RAC Cloud security models for transactional processing utilizing Amazon infrastructure. Provide leadership into how enterprise can implement policies that will secure enterprise information. Worked security staff, Risk and Compliance to ensure we have proper planning, implementation and testing processes to ensure security requirements are being adhered. Worked with Information Management Security staff helping educate users and admins on best practices and processes. In addition worked internal and external development teams, project management leadership and spent management organization to ensure that :
Company assets are protected in a cost-efficient manner.
Security is adequately implemented and socialized among the internal and external development and QA teams.
Security best practices are followed in order to maintain the company’s stated security posture throughout all phases of the development life-cycle, including all security requirements are met
Conducting Third Party Risk Assessment
Develop and validating Security Requirements
Working with Infrastructure and solution architects on various projects
Policy enforcement
Develop security architecture based on business requirements in mind
Risk Mitigation
2013 : 2017
Sr, Information Security Architect
Rent-A-Center
Served as Information Security Architect with limited supervision applying previous technical skills to recommend, implement, support, improve, and operate information security controls.
Develop secure system and network architectures
Assist other Teams in securing their architectures at the logical and physical levels.
Supply expertise to management, business area and IT Teams in risk assessment as well as implement appropriate data security controls and monitoring principal accountabilities.
Access, report on, and make recommendations regarding current and proposed architectures, strategies and systems.
Support IT related projects as an information security SME and provide support throughout their lifecycle.
Performed security checkpoint review, ensuring security requirements (standards) have been identified and adequate testing has been performed.
Review systems and processes for compliance of Ally Bank-GMAC clients and suppliers.
Provide information security assessment expertise for risk assessments.
Participate in Global Information Security process and improvements.
Continuously improve information security knowledge and skills.
Provide thought leadership by identifying new information security threats, emerging technologies, and counter measures as assigned.
Assist in responding to audits requests and issues.
Provide information security expertise for third party risk management.
Evaluate policy and standards exception requests and respond.
Conduct third party risk assessment
Review SSAE16 and third party documentations
2012 : 2013
Ally Financial-GMAC (KForce Consultant)
Information Security Architect
Senior security Analysts to work with business partners and IT technology to facilitate the development of secure technology solutions to meet business needs. Design and implement security monitoring and response processes, tools, and techniques. Identify and deal with often sensitive potential security violations, performing appropriate information gathering before turning issues for formal investigation. Work with partners to resolve identified vulnerabilities. Provide on the ground support to issues arising in the Southwest Regional office. Provide expertise to the information Security Governance and Information Security Operations groups as appropriate on a broad spectrum of information security questions and issues
2009 : 2012
Fannie Mae
Data Security & System Mgr
Create, review, and update of current security policies, process, and procedures. Created Windows best standards for workstations and laptops, and provide security recommendations. Perform LAN, DMZ, and internet facing security scanning of mission critical devices on corporate and guest network for potential vulnerabilities, malicious programs and recommend appropriate actions. Create outline documentation, project plan and project timeline for implementation of Data Loss Prevention. Conduct risk assessment of current computing environment and recommend actions in order to reduce the risk of loss to confidential data. Monitored IDS logs based on early warnings and intrusions. Coordinated with consulting firms on implementation of data classification of information residing on company’s computing environment. Implement security project as required.
2007 : 2009
Penson Financial Services
Security Engineer
Company:
Toyota Financial Services
Years of Experience:
26
Skills
Computer Security, Disaster Recovery, Enterprise Security, Enterprise Software, Firewalls, Information Security, Network Security, Penetration Testing, Risk Analysis, Security, Vulnerability Assessment
About
Background in Security Architecture, Security Design, Vulnerability, risk assessment, penetration testing, remediation and mitigation, security investigation, implementation and configuration security tools, risk management, security awareness and mentoring, Infrastructure security design, Cloud (AWS) Security design, third party risk assessments
Specialties: Enterprise security and infrastructure, vulnerability assessments, risk analysis, vulnerability management, security audits and information protection awareness, security design.
Profile Photo
