Profiles search
Mark Goldblum
LEAD INFORMATION SECURITY ENGINEER
Gilbert, AZ, United States
Details
Education:
Bachelor of Science - BS
Accountancy
Arizona State University
Graduate Coursework in Information Systems
Keller Graduate School of Management of DeVry University
Accountancy
Arizona State University
Graduate Coursework in Information Systems
Keller Graduate School of Management of DeVry University
Experience:
Identify and implement new security products, driving the ground-up build-out to meet operational goals while minimizing impact on end users.
Worked directly with IBM to lead the design of Password Sync tool; partnered with IBM design team to facilitate testing, develop product modifications and rollout across the company. Product has since been adopted by IBM as a solution for their clients.
Built and managed strong relationships with vendors, providing feedback on security solutions to help them reposition their products as leaders in the field.
Served as strategic resource for internal customers, including Enterprise Access Management group, providing security utilities to ensure compliance with enterprise policies; assisted various lines of business in minimizing security risks and optimizing security platforms to ensure application availability.
Selected as Business Continuity Administrator, ensuring processes were configured to fail over to BCP LPARs during production outages. Developed Business Continuity plan, test scripts and annual testing to mitigate issues.
Received 3 Top Performer Awards, highly distinguished honor, as well as 7 Gold Coin Awards throughout tenure.
2013 : Present
Wells Fargo
VP Lead Information Security Engineer
Promoted to serve in a leadership capacity, overseeing the maintenance and security of IBM i LPARs across the enterprise. Supervise and mentor a team of 7 engineers and 1 contractors, both onsite and offshore responsible for supporting information security efforts for IBM i servers. Partner with cross-functional leadership to create data policies and security awareness programs, as well as system testing, evaluation and recommendation of network and application security controls. Delegate responsibilities to all team members to ensure attainment of corporate goals.
Manage team of offshore developers charged with conducting all coding operations for custom security solutions, ensuring alignment with SDLC procedures and corporate policies. Assist with designing solutions and conduct QA on all solutions, making code changes accordingly.
Conduct risk assessments on IBM i security servers and evaluate policies, introducing risk mitigation strategies to maintain information security and internal control.
Partner with senior management and Compliance teams on the facilitation of internal and external audits, as well as the development of policies and procedures to meet compliance standards.
Lead the IBM i Detailed Security Assessment (iDSA) program to assess and identify risks across the IBM i platform; create remediation strategies to resolve risks and prevent future issues.
Support iDSA projects, reviewing team’s documentation to ensure accuracy and alignment with business goals; participate in iDSA meetings and guide team members through all projects and processes.
Facilitate a high-volume of data analysis and collection from various data sets; interpret data and establish recommendations for developing processes for supporting security across all LPARs.
Support and maintain security software packages for IBM i platform, leading the installation, patching and configuration of software solutions.
2017 :
Wells Fargo
IBM i Security Engineering Team Lead
Functioned in a dual role with direct accountability for testing information security systems to ensure optimal performance, as well as serving as technical lead for Quality Assurance (QA) group. Coordinated and led team members through the full QA release cycle, ensuring attainment of strict deadlines and corporate expectations. Held responsibility for management reporting, creating automated test scripts and facilitating application testing.
Created SQL Server stored procedures and queries to conduct QA testing for various enterprise applications; identified potential security risks and developed automation solutions to mitigate risk exposures.
Generated and presented reports to management to communicate information security data.
Recognized as subject matter expert (SME) for iSeries and SafeNet/i applications, providing top-level security application support. Led the migration of SafeNet/i manual certification for servers to Access Certification Tool (ACT). Performed patches and updates across legacy Wells Fargo iSeries Servers.
Supported the resolution of key audit finding by transitioning SafeNet/i from the Midrange Support Services team to Security Application Technical Services.
2006 : 2013
Wells Fargo
AVP Information Security Analyst 4
Contributed to the ongoing assessment and optimization of enterprise applications and hardware to maintain operational security by identifying and mitigating risks. Prepared and presented reports, supported technical solutions and developed and maintained SharePoint site. Developed strategies for driving process improvements, as well as supporting the development and management of applications for Subpoena and Legal Order Processing.
Led various system upgrade and application optimization projects to drive the improvement of operations.
Developed security plans and introduced strategies for resolving business issues and potential security risks.
Served as liaison between Technology and Legal Order Processes and Exception Payment departments, making recommendations for the implementation of technology upgrades to meet business and security needs.
Initially hired as Senior Accounting Specialist within the ACH Operations line of business.
1998 : 2007
Wells Fargo
Operations Analyst 4 – Legal Order Processing/Exception Payments
Worked directly with IBM to lead the design of Password Sync tool; partnered with IBM design team to facilitate testing, develop product modifications and rollout across the company. Product has since been adopted by IBM as a solution for their clients.
Built and managed strong relationships with vendors, providing feedback on security solutions to help them reposition their products as leaders in the field.
Served as strategic resource for internal customers, including Enterprise Access Management group, providing security utilities to ensure compliance with enterprise policies; assisted various lines of business in minimizing security risks and optimizing security platforms to ensure application availability.
Selected as Business Continuity Administrator, ensuring processes were configured to fail over to BCP LPARs during production outages. Developed Business Continuity plan, test scripts and annual testing to mitigate issues.
Received 3 Top Performer Awards, highly distinguished honor, as well as 7 Gold Coin Awards throughout tenure.
2013 : Present
Wells Fargo
VP Lead Information Security Engineer
Promoted to serve in a leadership capacity, overseeing the maintenance and security of IBM i LPARs across the enterprise. Supervise and mentor a team of 7 engineers and 1 contractors, both onsite and offshore responsible for supporting information security efforts for IBM i servers. Partner with cross-functional leadership to create data policies and security awareness programs, as well as system testing, evaluation and recommendation of network and application security controls. Delegate responsibilities to all team members to ensure attainment of corporate goals.
Manage team of offshore developers charged with conducting all coding operations for custom security solutions, ensuring alignment with SDLC procedures and corporate policies. Assist with designing solutions and conduct QA on all solutions, making code changes accordingly.
Conduct risk assessments on IBM i security servers and evaluate policies, introducing risk mitigation strategies to maintain information security and internal control.
Partner with senior management and Compliance teams on the facilitation of internal and external audits, as well as the development of policies and procedures to meet compliance standards.
Lead the IBM i Detailed Security Assessment (iDSA) program to assess and identify risks across the IBM i platform; create remediation strategies to resolve risks and prevent future issues.
Support iDSA projects, reviewing team’s documentation to ensure accuracy and alignment with business goals; participate in iDSA meetings and guide team members through all projects and processes.
Facilitate a high-volume of data analysis and collection from various data sets; interpret data and establish recommendations for developing processes for supporting security across all LPARs.
Support and maintain security software packages for IBM i platform, leading the installation, patching and configuration of software solutions.
2017 :
Wells Fargo
IBM i Security Engineering Team Lead
Functioned in a dual role with direct accountability for testing information security systems to ensure optimal performance, as well as serving as technical lead for Quality Assurance (QA) group. Coordinated and led team members through the full QA release cycle, ensuring attainment of strict deadlines and corporate expectations. Held responsibility for management reporting, creating automated test scripts and facilitating application testing.
Created SQL Server stored procedures and queries to conduct QA testing for various enterprise applications; identified potential security risks and developed automation solutions to mitigate risk exposures.
Generated and presented reports to management to communicate information security data.
Recognized as subject matter expert (SME) for iSeries and SafeNet/i applications, providing top-level security application support. Led the migration of SafeNet/i manual certification for servers to Access Certification Tool (ACT). Performed patches and updates across legacy Wells Fargo iSeries Servers.
Supported the resolution of key audit finding by transitioning SafeNet/i from the Midrange Support Services team to Security Application Technical Services.
2006 : 2013
Wells Fargo
AVP Information Security Analyst 4
Contributed to the ongoing assessment and optimization of enterprise applications and hardware to maintain operational security by identifying and mitigating risks. Prepared and presented reports, supported technical solutions and developed and maintained SharePoint site. Developed strategies for driving process improvements, as well as supporting the development and management of applications for Subpoena and Legal Order Processing.
Led various system upgrade and application optimization projects to drive the improvement of operations.
Developed security plans and introduced strategies for resolving business issues and potential security risks.
Served as liaison between Technology and Legal Order Processes and Exception Payment departments, making recommendations for the implementation of technology upgrades to meet business and security needs.
Initially hired as Senior Accounting Specialist within the ACH Operations line of business.
1998 : 2007
Wells Fargo
Operations Analyst 4 – Legal Order Processing/Exception Payments
Company:
Wells Fargo
Years of Experience:
26
Skills
ASP, Business Analysis , Business Process Improvement , Crystal Reports, Information Security , Information Security Assessments & Reporting, iSeries, IT Compliance, Management Reporting , Mitigation Strategies , Onsite/Offshore Team Management, PERL Scripts, Project Management, Quality Assurance, Query400, Quick Test Pro, Remote Leadership , Risk & Vulnerability Analysis , Risk Assessment/Management, SharePoint, SQL Server, Strategic Planning, Team Leadership, Technical Solutions Development , Vendor Relations , Visual Basic
About
Information Security Engineer with demonstrated success in administering secure operations through risk management, process assessment, reporting, auditing and system optimization. Advanced security engineering background with proven expertise in designing, deploying, mitigating and supporting critical systems and applications. Demonstrated career in conducting IT risk assessments, developing information security plans, policies and procedures and creating disaster recovery plans and protocols. Dynamic leader adept a supervising, mentoring and managing remote and offshore teams responsible for security engineering functions. Over 20 years experience on the IBM i (previously known as AS/400 and iSeries) platform.
Profile Photo
