| Contact Information | |
| Name: | Dominic Nardy |
| Email: | arcangel4588 (at) comcast (dot) net [email concealed] |
| Location: | Livermore, California, United States |
| Resume | |
| Position/Title: | CISO |
| Resume: |
Dominic P Nardy 2358 Broadmoor Street, Livermore, CA 94551 Phone: (925) 449-1070 Email: arcangel4588 (at) comcast (dot) net [email concealed] Education ========== BS in Information Systems Management, University of San Francisco. Achieved USF Dean's Academic Excellence List graduating Cum Laude with a GPA of 3.74/4.0 (Second in Class). USF published my Senior Paper on “How I know that God Exists.” AE in Electronic Engineering, Electronic Technology Institute, Cleveland, Ohio. Dean's List, 3.51/4.0 GPA (Third in Class) Summary of Management and Technical Skills ============================================ • No Fear attitude and experience that has allowed me to successfully meet all prior challenges. I never say No to an employer • Have a proven track record of learning or teaching myself a broad variety of skills and technologies. • Sr. Staff Member involved in the design/build two extremely large and complex Information Security Programs. I have designed and implemented two security approval processes and two incident response teams. Responsible for Security Approvals of projects and IS/IT change requests. • Extensive experience as a Sr. Staff Level Executive in Information Security, working as a project/program manager with Cradle to Grave Project Management on Multi-Million Dollar International Projects with budgets of up to $4.5 Million. I have managed from nine direct reports to over 350 indirect reports. • Helped build a PMO, adapting Summit D SDLC Methodology, while serving on a Corporate Project Management Advisory Committee ensuring that Information Security was involved at key points in their SDLC to help keep down the cost of security measures. • Excellent analytical/problem solving, leadership, mentoring, training, conflict resolution, solid organizational, communication, interaction skills and team building experience • Experienced Trainer/Instructor, Train-the-Trainer and Curriculum Developer Information Security and more • Technical Writing of Policies, Procedures, Processes, Standards and many forms of Guidance • Expert user of MS Office and Intermediate of MS Project and Visio • Designer/Developer/Retailer of Information Systems (RDBMS) in Oracle, FileMaker Pro, NPL/R, 4th Dimension, Nomad • Have knowledge of all Windows Operating Systems and Macintosh (< 8.1) operating systems Professional Work Experiences ================================ Archangel & Associates, 11/2004 – Present Security Consultant; Information Systems Designer/Developer; Writer ---------------------------------------------- • Designed/developed large information system for International Non Profit Organization, Knights of Columbus • Designing/developing information system for Church, Doctors’ and Dentists’ offices too • Designing/developing information system for a Carpet Cleaning company • Writer of three books (The Cure for Little League Fever, Humor According to Archangel, Archangel’s Outlook on Life), working on three more. • Information Security Program Manager Consultant • Working on for a startup company whose mission is to help reduce recidivism in parolees and youth at risk. Digital Resources Group, 7/2004 – 10/2004 Security Consultant (Contract) ------------------------------------------ • Security Compliance Assessments/Certifications/Program Management Franklin Templeton Technologies, 11/2000 – 11/2003 Program Manager, Global Information Security Group • Lead Point of Contact for Global Information Security Group and Security Program Management and Project Management Support for Compliance and Security Engineering staffs • Create/implement/interpret security policies, processes, procedures, standards and guidelines • Created/Managed Security Approval Process and Security Review/Approval of Change Mgmt • Responsible for the Content of the Information Security Web Site and Security Awareness Program • Designed/Managed the Security Approval, Change Mgmt and Compliance Exceptions Processes • Created Incident Response Team, their charter/procedures. Facilitated meetings and managed their action plans • Project Manager of Security Enhancements Project ($2.5 Million related to GLB ext. audit) • Project Manager of SB168 & SB1386 Projects ($1 Million) • Project Manager of Remote Office Security Certification Project ($0.5-1.0 Million) • Managed Security Projects for Penetration Testing of corporate computing resources • Support/creation of Action Plans for closing Security Audits, Internal, and External. • Managed multiple projects designed to establish the Information Security Infrastructure • Managed upwards of as many as 300 project managers during both business and security projects Predictive Systems, Santa Cruz, CA 1999 Sr. Information Security Consultant (Contract) ------------------------------------------------ • Revised Technical Documentation Process • Performed Information Security Policy reviews • Created/validated installation/security guides for multiple operating systems and applications Southwestern Bell Corporation, Long Distance Div., Pleasanton, CA 1999 Sr. Project Manager (Contract) ------------------------------------------------ • Project management of multiple projects dealing with new telecommunication products and services Pacific Gas & Electric Co, Learning Ctr., San Ramon, CA 1998 Lead Instructor, Outage Information System Project (Contract) • Designed/developed curriculum for 2500 students and 88 power users • Trained the trainers (9) on regular and power user curriculum Lawrence Livermore National Laboratory (LLNL) Livermore, CA, 1978 – 1998 Computer Security Organization (CSO) - Staff Level; DBA; Computer Security Consultant ------------------------------------------------ • One of the first three members of CSO, the first Inspector of Computer Security for LLNL and the first one in the US Depts. of Energy and Defense. • First ever Program Manager and Inspector of Computer Security for entire US Government • Created, implemented and administered Security Policies, Standards and Guidelines • Designed/implemented/administered CSO Internal Auditing • Trained each Computer System Security Officer (over 100 professionals from the Business Units) • Created/performed Security Education and Awareness training for all employees • Organized Incident Response Team and facilitated its monthly meetings • Represented LLNL in many External Audits and on many LLNL committees, such as Strategic Planning, Training, Security, SW-HW Standards • Performed Risk Assessments, Risk Analysis, and Risk Management for CSO • Managed the creation/completion of action plans for resolution of audits findings and compliance issues • Managed ~100 Computer System Security Officers on security projects • Managed teams of engineers performing penetration tests on computing resources • Liaison for CSO to other security disciplines and on several Site-Wide Standards Committees • Designer/Developer of information systems, including project/support documentation from cradle to grave • Successfully converted a Software Change Management System (75 tables) from Oracle 6.x to 7.3.4 without help, prior experience or training Summary of Skills / Experiences as Sr. Information Security Professional • As a key senior staff member of the Corporate Information Security Groups at Lawrence Livermore National Laboratory (LLNL) and Franklin Templeton Technologies (FTT), I was involved with the building of security programs for both employers. • One of the first 80 Information Security Professionals to have a CISSP certification • Program Manager of Information Security, with prime directive being to help business units achieve their business goals securely • Developed/Implemented Corporate Information Security policies, procedures, processes and technical standards • Provided guidance and assistance in the identification, development, implementation, and maintenance of organizational security policies and standards to ensure compliance with the Security Policies • Served as first Point Of Contact for both Corporate Security Groups at LLNL and FTT. Managed the Security Approvals Processes. • Developed Guidance helped to ensure business units had a clear understanding of what their security responsibilities were and how to conduct them with the least amount of negative impact to their normal daily routines • Represented employers during outside audits performed by third party vendors and government agencies. • Performed risk assessments on computing resources from large computing centers to small networks, frequently managing teams of 12-100 technical and administrative employees. Conducted planning meetings prior to audits to clarify the audit events. Performed mock briefings, with representatives from the business units involved in the audits, directly or indirectly, to ensure all were properly briefed, and were prepared prior to the commencement of the actual audit activities. Officiated daily audit finding meetings. • Worked with many business units to develop, manage and resolve security risks to achieve an acceptable level of risk at a practical cost thus ensuring proper compliance to corporate and regulatory requirements while reducing the negative impact of the precautionary security measures as much as possible and to ensure that those security measures will not hamper their ability to achieve their business goals. Documented all action items and followed up on their completion on or before their agreed due dates. • Developed / Implemented / Administered Corporate Incident Response Teams (IRT) for LLNL and FTT. • Periodically conducted IRT "Fire Drills" to ensure that all involved business units would be contacted as needed and that the IRT could respond properly and in a timely manner • During the past three years, I have managed projects ( ~$3.5M) to bring FTT into compliance with CA SB168, CA SB1386 and the GLB • Worked with business units to develop and implement action plans to address information security risks as they were found, either as a result of an audit or the risk assessment of an IS/IT project. • Developed and delivered many security awareness training sessions. • Historian for Corporate Security Groups at LLNL and FTT • Developed information systems to archive all facets of the Corporate Security program to ensure consistency and appropriateness • Demonstrated ability to structure, drive/manage projects with complex multi-disciplinary issues to closure with minimal or no direction. • At LLNL, managed programs/projects for secured cable plant; waste, fraud, and abuse; Insider Threats; Security Awareness; Incident Response; Destruction of Electronic Media; and external access to ensure proper protection of all computing and information assets • Designed/Developed Information System to be used by 18,000 Knights of Columbus groups internationally • Have managed very large projects ($4.5M in 2000-2003 at Franklin Templeton) for privacy related government regulations (GLB, SB168, SB1386) • Able to communicate using good judgment and to interact with business units with candor, assertiveness, directness and the ability to communicate an understanding of multiple points of view through many years of experience and the attendance of personal enrichment workshops • Superior communication (oral & written), consulting, facilitation, negotiation, conflict management, problem resolution, change management skills and consensus building skills. • Wrote first US Dept of Energy (DOE) Classified Cable Plant Security Plan/Design & Implementation Guide. • Achieved consensus with 44 business units at LLNL while creating their classified cable plant security plan / design & implementation guide • Saved a business unit $3.5M by analyzing their business requirements, associated security risks, DOE regulations and determined what they really had to do versus what someone else told them they had to do. • Demonstrated ability to structure, drive and manage projects with complex multi-disciplinary issues to closure with minimal direction. Project Management Skills and Experience Summary • Managed multi-million dollar projects with as many as nine direct reports and over one hundred indirect reports • Managed projects in IS/IT, Information Security, Church, Community and Volunteerism • Program Manager experience building Information Security Programs • Experience in designing and implementing a PMO while serving on a Project Management Advisory Committees to both help build a PMO and to ensure all Security Risks are properly addressed • Have managed projects involving privacy information legislations at the state and federal levels. • Extensive knowledge and experience handling budgets and project documentation • Experienced in small to very large project tracking using MS Project and other applications • Experience with several SDLC’s and familiar with CMM • Expert at people skills, communication skills, management skills, writing skills, conflict resolution skills, problem solving, and planning/strategy skills • Have had duties and responsibilities of a project / program manager since entering the workplace, sometimes without the title. • Have honed and developed personal skills in several workshops involving developing or improving people skills, conflict management, being assertive, creating presentations, making presentations, managing people, making timely decisions, handling crisis’s, how to identify and deal with difficult people and more. Keywords Program Manager, Project Manager, Information Security, PMO, Manage, SDLC, Compliance, Policy, Risk Assessment, Standards, Visio, MS Project, Cradle to Grave, Organization, Communication, Skill, large projects, Security Awareness Training, IS/IT Projects, firewalls, management reports, security guidance, audit IT/IS, Incident Response Team, Customer Buy-In on Security, Action Plans, Audit Reports, Audit Findings, Security Consulting, Technical Standards, Security Approvals, Curriculum Developer, Consultant, Trainer, Action Plans, IRT, Big Picture, No Fear Attitude, Technical Writer, Analyst, Process Analysis, International, Domestic, Facilitating Meetings, Teaching, Mentoring, Resource Manager, Born Leader, Multiple Security Knowledge and Experience, Power Generation, Boiler Controls, Process Controls, Flexible in mind and processes, Genius, Fearless, Open-Minded, Team Player, Senior, Practical Approach, Disaster Recovery, Business Continuity, Remote Access Security, Role Based Security, Risk Management, Change Management, Integrity, Honest, Stress Management, Solutions Provider, Teacher, Professor, Coach, Awareness, Web Site, Content Management, Legislation, Classified, Unclassified, Privacy, Private Information, Policy creator, Auditing, Certification, Government, Security Clearance, Honesty, Manager, Director, Security Analyst, Business Analyst, Challenge Metter, Successful, Road Warrior, International, Domestic |
