We provide IT Staff Augmentation Services!

Information Security Officer Resume

Irving, TexaS

SUMMARY:

Accomplished audit and compliance leader with a strong portfolio of successes orchestrating audit department creation, security measures, and facilitating regulatory and industry compliance. Strong reputation for leading complex, multifaceted organizational structures through SOX, SSAE16 audits, IT audits, governmental and financial/mortgage regulatory compliance procedures.

AREAS OF SPECIALTIES:

  • Internal & External Audits
  • COBIT 5.0
  • Archer GRC
  • COSO 2013
  • SSAE16/SOC
  • Information Security
  • SOX/ITGC
  • Business Continuity
  • TeamMate

PROFESSIONAL EXPERIENCE:

Confidential, Irving, Texas

Information Security Officer

Responsibilities:

  • Assist the businesses in the completion of the IS Risk Assessments and other related IS - related compliance processes, ensuring that they are understood, that appropriate controls are embedded in the day-to-day operation, and remediation of non-compliance is documented and addressed.
  • Respond to security events by initiating and coordinating emergency actions to protect the Business unit and its customers from an imminent loss of information or value.
  • Ensure the business complies with the applicable requirements of the Information Security policies.
  • Continuously review and modify as applicable information security practices and procedures.
  • Determine the appropriate levels of controls to safeguard sensitive data and validate those controls are being implemented.
  • Manage the Risk Assessment process to include asset inventory, system criticality, and data classification, threat analysis and action plans.
  • Perform Vendor Security Questionnaires and/or Vendor Onsite Security Reviews.
  • Guide the business in development of action plans while reporting and tracking to closure all information security issues resulting from Self-Assessment, Audit, Risk Assessment, and Ethical Hacks & Vendor Reviews.
  • Facilitate awareness and training programs as specified by the Business and as applicable.
  • Manage an aggressive program to promote employees' awareness and understanding of Information Security Policy, Standards & procedures.
  • Maintain Archer GRC tool for information security related processes.
  • Frequently interact with, and educate the Senior Management team on current issues and overall status of the information security program.

Confidential, Carrollton, Texas

Director, Internal Audit & Information Security

Responsibilities:

  • Created and managed Internal Audit department, established annual audit plan and staff development.
  • Developed the company’s business continuity plan and implemented new incident alerting tool.
  • Implemented an information security awareness program.
  • Instituted SSAE16 reporting process to meet client and contract requirements.
  • Established annual risk assessment process and provided governance oversight.
  • Created corporate IT policies and procedures.

Confidential, Irving, Texas

Global Risk & Security Analyst

Responsibilities:

  • Initiated effort to sample a broad population of Confidential ’s Business Unit applications to determine segregation of duties issues.
  • Implemented segregation of duties controls and assistance in the identification of risky entitlements.

Confidential, McKinney, Texas

Principal Information, Governance, Security Specialist

Responsibilities:

  • Singularly responsible for the implementation of the quarterly self-assessment process and business controls environments at fifteen business locations.
  • Led the innovation and continuous improvement of the internal control framework, including the integration of multiple compliance requirements.
  • Led the transition and implementation of COBIT from version 4.1 to 5.0 across multiple internal departments.
  • Regularly interacted with senior management to convey findings identified through walkthroughs and testing, assessed the risk and impact of deficiencies, and made recommendations for remediation.
  • Chaired the Internal Controls, Risk & Compliance Council, comprised of compliance managers from all business units.

Confidential, Dallas, Texas

IT Audit Manager

Responsibilities:

  • Reduced SOX internal testing hours by 30% and external audit fees by 15%.
  • Developed formal reporting system to communicate results of audit activities to management, and assist VP, Internal Audit in preparing presentations for executive management and Audit Committee.

Confidential, Irving, Texas

IT Audit Manager

Responsibilities:

  • Identified, designed, and executed the appropriate risk management processes and practices for various business units, which included credit cards, mortgage and auto financing lines of business.
  • Established IT involvement in the Sarbanes-Oxley attestation activities by reviewing the IT control environment as it related to the sustainability of the internal control over disclosure and financial reporting.

Hire Now