We provide IT Staff Augmentation Services!

Vice President Information Security Consultant Resume

SUMMARY

  • Operational excellence champion. 20 - year information technology/security professional with increasingly-responsible experience. Meets security challenges calmly and effectively. Expert communicator with varied styles delivered based on audience. Adept at prioritizing cost savings in order to maximize revenue.

TECHNICAL SKILLS

  • Agile Project Lifecycle Management
  • Application Security/SSDLC
  • Corporate Learning & Development
  • Cost Management (Budget, P&L)
  • Cyber Risk Management
  • Cyber Security Expertise
  • Cyber Threat Management
  • Data Management Strategy (Access Controls, DLP)
  • Executive Communication
  • Governance, Risk, Compliance (PCI, GDPR/CCPA, SOX)
  • Information Security Consulting
  • Incident Management
  • Metrics/Reporting
  • Network Architecture/Data Flow
  • NIST Cyber Security Framework
  • OSINT
  • OWASP
  • Program/Project Management
  • Relationship Management
  • Risk Management Framework/Gap Analysis
  • Security Assessment/Remediation
  • Security Engineering
  • Security Operations
  • Vendor Management (Right To Audit/Pen Test, Cloud Security)

PROFESSIONAL EXPERIENCE

Vice President Information Security Consultant

Confidential

Responsibilities:

  • Coordinate with Project Managers and Technical teams to manage clients’ expectations and demands while maintaining good client relationships
  • Ensure existing and new applications onboard & maintain minimum required information security control, manage any exceptions associated with remediation efforts
  • Ability to operate independently to provide domain area functional and technology leadership
  • Application and hardware network architecture consulting for internally/externally hosted applications, including but not limited to on-prem, multi-tenancy and/or cloud solutions (IaaS, SaaS, PaaS).
  • Enterprise wide information security policy and procedure consultation and escalation.
  • Recommend process improvement initiatives to reduce negative impacts to external and internal partners.
  • Strong understanding of KPIs relevant to the role, suggest innovative solutions to increase metric resilience
  • Understands and uses SDLC methodology, eg Agile, DAIC, Waterfall
  • Work closely with internal/external auditors regarding the global application security review process.
  • Liaise with internal stakeholders in partnership with external vendors to determine cybersecurity posture, anticipate required solutions pursuant to regulatory requirements.
  • Create internal training program with governance routines, also focused on information security training for less experienced new joiners and stakeholders interested in receiving a virtual roadshow.
  • Maintain training documentation and videos for self-service (sustainment).

Information Security Engineer

Confidential

Responsibilities:

  • Develop roadmaps and participate in the standards process for IAM solutions
  • Serve as privileged access management (PAM) SME to identify gaps with Windows and Unix systems
  • Integrate within various workstreams to promote out-of-band (OOB) IAM privileged account management solutions for Windows and Unix based systems.
  • Drive RBAC initiatives and discussions as leadership delegate
  • Assist with metric creation to effectively measure privileged access in the global environment in partnership with senior leaders
  • Manage OOB privileged account remediation sustainment, & control standard efforts sourced from various senior infrastructure leadership members.
  • Ability to lead large groups as primary facilitator

IT Business Analyst

Confidential

Responsibilities:

  • Manage third party product Symantec ESM/CCS through evaluation of scan data, tracking findings to remediation with support from senior leadership
  • Provide support for OS/database/application related risk and compliance issues, assist with analysis and product security issues
  • Maintain availability, integrity, and confidentiality of all Confidential computing environments, web, networks, systems, and information assets encompassing 100,000+ systems.
  • Assist with application owner compliance scanning enrollment and web portal technical support.

Hire Now