Consultant III

CISSP, ISSMP, CISA, BSN, MBA, Grad Cert Telecom Mgt

Gloria is a CISSP, ISSMP, and CISA certified Enterprise Information Security Manager with experience in the design, development and implementation of an Information Security Program and Information Security Architecture for a distributed, networked computing environment for over nine (9) years. The computing environment included IBM OS390 (RACF), DEC VMS, Unisys, HP3000 and HP 9000 operating systems, as well as Microsoft.

ISC2 Subject Matter Expert (SME) for Information System Security Management Professional (ISSMP) Certification who has participated in five (5) ISC2 workshops to develop Knowledge criteria and Exam questions that are given Internationally for the certification.

Senior Director/Manager who works effectively across industries with rapidly changing Business Models requiring new Business Process Improvement strategies. Skills and experience include the identification of existing problems, the definition of new requirements, and the development of cost effective solutions utilizing the implementation of Vendor Products, System Integration and new Systems Design and Development with particular emphasis on Information Security and Compliance; i.e., Sarbanes-Oxley (SOX), Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Statement of Auditing Standards No 70:(SAS70) and Payment Card Information (PCI) Data Security Standards.

In addition to managing people, large development and implementation projects, and ongoing support of large systems, had responsibility for IS Security at Blue Cross Blue Shield of Texas and Laboratory Corporation of America. During this period of time developed corporate security policies and procedures, employee security training and related confidentiality statements/forms. Established procedures to classify information ownership and criticality and developed file naming standards that would correlate to the corresponding owner entity. Worked closely with Internal Audit and Legal, as well as HCFA auditors to insure the reliability and legality of all manual, as well as automated security procedures. Reviewed and evaluated methodologies and vendor security products to integrate and improve the security functions of a distributed networked computing environment.