We provide IT Staff Augmentation Services!

Information Security Officer Resume Profile

4.00/5 (Submit Your Rating)

Summary

  • An expert information security professional with an exceptional 15 year track record in information security, technology, privacy, audit, architecture, regulatory compliance, governance and business. My passion is to work towards building security and privacy programs that bridge the gap between influencing existing employee behaviors and classical paradigms that govern information security best practices specifically as they pertain to adoption of new emerging trends in technology and workforce.
  • Career marked by IT leadership roles in large organizations: Veterans Affairs, Massey Energy US Military
  • Have managed over 30 large-scale initiatives ranging from 200K to 55M leveraging Six Sigma, PMI, Agile, ITIL and world-class best practices.
  • Oversaw creation of an IT Oversight and Compliance office that performed NIST based
  • Security Control Assessments for 143 hospitals and their Business Associates.

P R O F E S S I O N A L E X P E R I E N C E

SR RISK ANALYST IT

Confidential

  • Ensure the agency is continually meeting or exceeding all federal mandates on Health Information Privacy and Security. Lead assessments/audits to ensure all appropriate information security measures such as network security, endpoint security and physical security are in place to protect the information security assets of the Department of Veterans Affairs and its affiliated administrations. Ensure the organization is meeting all other applicable government regulations that may apply to the other types of confidential information the organization is producing, maintaining, transmitting or modifying.
  • Challenged to improve productivity and reduce costs through improved uses of technology. Utilized Six Sigma methodologies and collaborated with department managers to analyze and document process and system workflows. Authored plan to improve change management process, establish consistent hardware/software standards to eliminate unstable operating environment for an IT organization consisting of 5,000 staff and 3.4 billion in assets.

Notable Accomplishments:

  • Challenged with ensuring the compliance of 55M CRM application without delaying launch. Implemented a compliance program using NIST guidelines. Worked with project manager and contracting officer to provide 35K in unexpected funding. Led team of 15 contractors in execution of internal audit. Identified and remediated gaps launched application on time.
  • Lead teams of information security professionals to conduct assessments of hospital general support systems using NIST 800-53 guidelines to ensure the organization is compliant with regulations such as VAH 56500, HIPAA, FISMA, etc
  • Review contracts to ensure appropriate security provisions are included and enforced, visit vendor sites to perform security audits to assess effectiveness of system security safeguards and work with vendors to improve information security practices. One visit resulted in termination of contract resulting in savings of 21M.
  • Assess the security of both internal and external information systems and software applications by managing a dispersed workforce of 35 subject matter experts located in several states using video conferencing, email, conference calls, Microsoft Lync, etc.
  • Analyze Nessus vulnerability scans to ensure security patches are installed in a timely fashion and appropriate testing is conducted prior to implementation.
  • Review system documentation Risk Assessment, Contingency Plan, Incident Response Plan, System Security Plan, etc to ensure they have been developed, updated, approved by senior leadership and tested.
  • Co-Chair or member of many performance initiatives: Continuous Readiness Information Security Program CRISP , IPv6, SCA Standardization, Mobile Technologies, Wireless Security, etc.

Confidential

CHIEF INFORMATION OFFICER

  • Managed, directly and indirectly, 33 personnel Managers, Programmers, Telecom Analysts, System Analysts, Bio-Med support specialist and PACS Managers accountable for the on-going maintenance, development and implementation of technology for a multi-site medical center supporting approximately 38,000 veterans. Challenged to improve responsiveness and ROI of efforts, increase quality of work as defined by quicker response times and fewer software defects, and integrate disparate technologies arising from alignment with veteran support centers.
  • Developed and managed 7M budget. Aligned IT team with service units to develop expertise and improve quality and responsiveness in support of 400 monthly work orders. Qualified new health technology opportunities, drafted responses to executive leadership and oversaw the implementation of new hardware and software.

Notable Accomplishments:

  • Increased efficiency of customer support group by 25 through matrix organizational structure that allowed for responsive shift of experts to meet user needs.
  • Chair of the Information Management Steering Committee responsible for the development and
  • As a member of the Executive Committee of the Governing Board ECGB , I maintained a close relationship with physicians, administration and staff to continually evaluate information technology.
  • Recognized for outstanding achievements and was presented with the 'Director's Eagle Award' for executive
  • leadership.

CHIEF INFORMATION SECURITY OFFICER

  • As the first CISO for the Beckley VA Medical Center I was responsible for the design, oversight and ongoing management of the information security program, including policies, procedures, technical systems, incident response, audits and workforce training in order to maintain the confidentiality, integrity and availability of data within the hospital's information systems.
  • Significantly increased visibility and maturity of security by garnering board-level visibility of security risks and impacted security culture change through multifaceted awareness/education campaigns
  • Developed/implemented security and risk management program, multi-year roadmap, Security Services Catalog ITIL , balanced scorecard metrics, and annually assessed and benchmarked program industry standards-- NIST, HIPAA, NARA, etc
  • Corporate Subject Matter Expert SME , Thought Leader and Strategist on all aspects of cyber and information security, internal and external.
  • Ensured comprehensive risk management and regulatory compliance for the protection of patient health records, and delivery of information security services to protect the electronic medical records for over 1.0M patients.
  • Managed information security budgets and expenditures while enforcing compliance with patient information privacy goals and health care information technology standards.
  • Spearheaded strategic planning, employee information security training and awareness for 1,000 employees, contractors, students, fee-basis physicians and production tracking focused on maintaining superior organizational information security management performance.

SR SYSTEMS ENGINEER MCSE, CCNA, HP ASE

Confidential

  • Led staff of system engineers and desktop support technicians in the management of lifecycle operations that consisted of diverse technologies in remote sites located in WV, KY, VA, China and Australia.
  • Selected to coordinate and develop corporate Information Security program.
  • Primary incident handler for all information security incidents.
  • Represented Information Technology in the Emergency Preparedness Organizational Committee.

Signals Analyst Cryptographic Technician

Confidential

  • Served as an expert in intercepting and interpreting signals.
  • Collected, analyzed and reported on communications signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders.
  • Exploited signals of interest to identify, locate and report worldwide threats.
  • Provided tactical and strategic signals intelligence, technical guidance and information warfare support to
  • surface, subsurface, air and special warfare units.

We'd love your feedback!