WENDELL RITCHIE, CRISC wr1af301c@westpost.net ~ 972.740.

1042 c INFORMATION TECHNOLOGY SECURITY OFFICER ======================================= Notable success in planning and directing global security and change initiatives . Performance-driven technical leader with broad information security and enterpri se architecture knowledge for building and maintaining powerful, reliable, secur e, and cost-aligned systems. Conscientious and innovative; utilizing acute eye f or detail when researching and advising senior leadership on vulnerabilities and strategies for process and quality improvements. Collaborative manager; accompl ished in documenting and training on best practices, policies, and procedures. Technology & Management Expertise ================================= ** ** ** ** ** ** ** ** ** ** ** ** ** ** Security Management & Testing Strategic Planning & Implementation Security Policies Development Internal Systems & Risk Controls Security Event & Incident Management Content Filtering / Firewall Logs Building Access Controls Large-Scale Project Management Business Continuity / Disaster Recovery Network / Host Intrusion Prevention Security Audits / Regulatory Compliance Budget Administration / Cost Control Team Training & Leadership Log & Event Management

PROFESSIONAL EXPERIENCE ======================= SOUTHWEST BRIDGE CORPORATE FEDERAL CREDIT UNION, Plano, TX IT Security Officer, 9/2000 - 9/2011 Spearheaded corporate information security to protect operations, automated syst ems, transactions, and information assets for not-for-profit financial cooperati ve that serves member retail credit unions. Collaborated closely with senior lea dership to formulate comprehensive security strategy. Liaised with vendors to se lect and implement cutting-edge technologies and solutions. Established supporti ng policies and procedures, as well as server and workstation best practices. Su pervised team of three analysts in configuring, installing, testing, and monitor ing optimal security system functionality. Consulted with auditors on vulnerabil ity assessments; and ensured regulatory compliance. ~ Honored by Digital Defense with best network security award for developing top 10% rated program and minimizing vulnerabilities throughout the infrastructure. ~ Earned internal annual customer satisfaction rating of 99.2% through enforceme nt of a strict change management and pre-notification approval process. ~ Successfully planned and directed Multi-Factor Authentication (MFA) rollout to

over 10,000 users to meet NCUA regulatory requirements on member portal. ~ Saved $150K annually while maintaining service levels through reduction in per sonnel. ~ Improved security detection capabilities, while simultaneously reducing costs by $60K, by investigating and comparing five new products. ~ Eliminated malicious traffic by proposing and implementing an enterprise-wide intrusion prevention / detection system consisting of multiple in-line internal & external sensors. ~ Gained experience in utilizing COBIT, NIST, and ISO 17999 methodologies, frame works, and best practices to conduct IT risk assessments. Familiar with concepts related to PCI, SOX and COSO. ~ Maintained current knowledge of industry security events and responses as memb er of Risk Management and Information Security Incident Response (ISIRT) teams. PEROT SYSTEMS, Plano, TX Project Leader - Y2K Core Team, 12/1998 - 9/2000 Charged with creating and directing 100-staff Y2K command center to support all global accounts through millennial change for leading provider of IT services an d business solutions. Managed team of three in writing Y2K audit methodology and scheduling audits. Traveled throughout Europe and U.S. interviewing stakeholder s across wide range of industries; reporting status to senior management. Prepar ed Y2K progress reports for board of directors. ~ Contributed to development of global facilities disaster recovery plan. UNIX Firewall Administrator - Information Systems, 2/1998 - 12/1998 Administered eleven TIS UNIX Gauntlet Firewalls; performing daily proxy service changes, troubleshooting, system performance tuning, monitoring, and patching. D eveloped documentation and standardized procedures for team members. ~ Monitored and maintained usage of VPN for Swiss Bank. Information Security Analyst, 5/1995 - 2/1998 Drafted security standards and procedures for maintaining client / server securi ty solutions. Trained team members and provided documentation and procedures. Pa rticipated in disaster recovery planning and testing activities for all customer and infrastructure teams. ~ Installed and configured Axent Omniguard products (ESM, ITA, IPM, URM) on 22 U NIX AIX systems. ~ As Project Leader, managed team of ten on mainframe helpdesk administration. L ed Swiss Bank ACF2 database migration project at their New York City data center . ~~ Early career success as Information Security Administrator with EDS and Resea rch Technician for Pioneer Hybrid. ~~ EDUCATION AND TRAINING

====================== DES MOINES AREA COMMUNITY COLLEGE, Ankeny, IA DIPLOMA OF COMPUTER OPERATIONS ~ AS IN LIBERAL ARTS Professional Affiliation & Certification ======================================== Information Systems Audit and Control Association (ISACA) - Member, 2011 Certified in Risk and Information Systems Control (CRISC) - ISACA, 2011 Information Systems Security Association (ISSA) Member and Pursuing CISSP TECHNICAL PROFICIENCIES ======================= Platforms: Windows 7/XP/2008/2003/2000/NT/98/95, Linux, UNIX Skills and Equipment: Network Intrusion Prevention (NIP), Vulnerability Assessme nts, Host Intrusion Detection (HID), Authentication, Content Filtering, Monitori ng Applications Hardware: AS/400, Mainframe, ACF2, RACF, PC