User:Glenn Wetz

GLENN WETZ 2372 Heights Avenue, Maplewood, MN 55119 (651) 731-2966 [email protected]

INFORMATION SECURITY ANALYST

Information Technology professional with extensive experience in information security and global project management. Broad-based knowledge of intrusion prevention systems (IPS), vulnerability scanning and analysis processes, security governance and metrics. Proven ability to manage global projects involving the evaluation, development and implementation of technology, processes and controls. Analytical problem solver experienced in process automation and application design and development. Excellent communication, organizational, teamwork and collaboration skills. Six Sigma Green Belt trained. Areas of expertise include:

IPS tools and processes Security automation Vulnerability scanning tools and processes Project management Policies, standards and procedures Global team leadership Compliance and exception management processes Process improvement Security metrics Vendor relationship management

PROFESSIONAL EXPERIENCE

PRIME THERAPEUTICS, Eagan, Minnesota Senior Security Analyst (Contractor) 2011-2014 • Expanded, matured and managed the vulnerability assessment and remediation process. Managed penetration test remediation. Developed policies, standards and procedures to support these processes. • Managed the information security policy exception (PEX) process. Developed policy, standards and guidelines to support the process. • Provided security analysis and consulting for Information Technology projects.

WELLS FARGO COMPANY, Minneapolis, Minnesota Technical Project Manager (Contractor) 2010-2011 • Managed Unix audit, remediation, compliance and security projects, including server middleware patching and upgrades. Managed a Windows 2000 end-of-life remediation project. Managed the technical aspects of a data center restacking project.

3M COMPANY, INC., St. Paul, Minnesota Specialist/Project Manager, IT Security 2000-2009 • Managed a $1.5M project to implement a global intrusion prevention system (IPS), replacing multiple existing intrusion detection systems with standard, centrally-managed technology and processes. • Managed vendor relations, establishing a successful partnership between 3M and the vendor. • Led the IPS Analysts team responsible for tuning the IPS signatures and monitoring alerts. Created an efficient and effective process for managing the system and responding to security events.

• Managed a global Six Sigma project to improve the process for managing security vulnerabilities. Increased the effectiveness of this activity and provided global management reports and metrics, improving accountability and reducing the time to remediate vulnerabilities. • Designed, developed and implemented a MS SQL database and web application, providing a single global database, application and process for managing and reporting on assets and vulnerabilities.

• Managed a global project to create a process and tool for reviewing existing system and application access that implemented a Sarbanes-Oxley (SOX) control and increased management accountability. • Designed, developed and implemented a DB2 database containing access information. Designed and implemented a web application that established a process for management to review their subordinates’ existing system and application access following job changes.

• Led a global team that provided security governance for servers. • Created, reviewed and implemented security policies, standards and procedures, providing a framework for addressing security on Windows and UNIX servers. Ensured compliance to standards through an established policy exception process. • Managed the process of rating and applying security patches on servers, reducing the corporation’s exposure to exploits.

• Established procedures for the identification, collection and presentation of vulnerability management metrics that improved management’s ability to more effectively govern the corporation’s security program.

Lead Analyst, IT Security 1997-2000 • Designed, developed and implemented a Lotus Notes based global system access request, routing and approval system that replaced paper and e-mail with a single automated process, improving accountability and reducing the time required to approve requests and grant access by 60%.

• Implemented a vulnerability scanning tool and process to identify and remediate vulnerabilities on servers and network devices.

• Implemented an intrusion detection system (IDS) that alerted analysts to malicious traffic on the internal network.

Senior Analyst, IT International 1993-1997 Senior Analyst, IT Executive Information Service 1989-1993 Advanced Analyst, IT Product Support 1986-1989 Analyst, IT Product Support 1984-1986

EDUCATION

Master of Business Administration, Concentration in Marketing University of Iowa, Iowa City, Iowa

Bachelor of Arts, Computer Science University of Iowa, Iowa City, Iowa

PROFESSIONAL AFFILIATIONS

Information Systems Security Association (ISSA)