We provide IT Staff Augmentation Services!

Director - Information Security Resume

Aldie, VA

SUMMARY:

Listener, collaborator, and executor. Experienced information security leader in information technology operations. Effective in working across cross - functional areas of an organization, promoting security initiatives, and leading across multiple stakeholder sets. Thirteen years of experience in advanced technical security operations and leading teams in the creation, rebuilding and implementation of information security programs.

AREAS OF EXPERTISE:

  • Advanced Security Operations
  • Security Metrics & Governance
  • Capability Development
  • Thought Leadership
  • Security Program Mgt.
  • Crisis Management
  • Security Evangelist
  • Budget Planning & P&L
  • Stakeholder Management
  • Security Culture Development
  • Performance Management
  • Team Leadership

PROFESSIONAL EXPERIENCE:

Confidential, Aldie, VA

Director - Information Security

Responsibilities:

  • Develop information security roadmap for internal security and delivering security services
  • Overhauled Confidential delivering managed threat monitoring, incident response, and vulnerability management services
  • Created incident playbooks, run books, procedures, best practices and standards for delivering expert-level security services

Confidential, Arlington, VA

Director - Incident Response

Responsibilities:

  • Delivered/managed dozens of engagements for commercial clients across all 20 NAICS codes
  • Concurrently managed engagements including planning, identifying resources, providing expert analysis, reporting and supporting remediation.
  • Created incident playbooks, run books, procedures, best practices and standards for delivering expert-level IR engagements
  • 100% client retention rate by earning trust through delivering outstanding service and analysis

Confidential, Herndon, VA

Senior Director - Information Security

Responsibilities:

  • Overtook Cybersecurity Practice responsible for delivering a managed services security program ( Confidential ) and consulting services to 14 Confidential customers
  • Improved Confidential service delivery, capabilities, while turning around financial performance (from -$2m annual loss)
  • Engineered and implemented a full, robust, cyber solution for the Confidential computer network defense ( Confidential ) contract to include security monitoring, incident response, and threat intelligence to secure $60m, 10 year, 45-seat contract

Director - Information Security

Confidential

Responsibilities:

  • Developed and managed annual budgets ($5m/annum) and team (15 employees) performance
  • Developed a unique M&A risk management approach and security architecture review process to evaluate the security posture of new projects
  • Worked closely with Confidential executives and groups to evangelize security initiatives and in integrate security across corporate departments, programs, and IT projects
  • Briefed Confidential executives on high-risk security issues, internal investigations, and risk assessments

Team Lead

Confidential

Responsibilities:

  • Built out various capabilities including network monitoring, incident response, forensics, vulnerability management, penetration testing, malware reverse engineering and cyber threat intelligence analysis
  • Improved consumption/exchange of APT-related threat intelligence information from the Confidential, Confidential, and other partners
  • Trained team in performing efficient investigations, analysis and effective security tests

Confidential, Arlington, VA

Senior Penetration Tester

Responsibilities:

  • Worked closely with threat intelligence and malware reversing teams to understand and simulate attacker techniques, tactics, and procedures (TTPs)
  • Developed various attack platforms, methodologies and approaches to conduct testing

Confidential, Alexandria, VA

Vulnerability Assessment Lead/Intrusion Analyst

Responsibilities:

  • Enhanced SEC's security posture by designing and implementing SEC's enterprise-wide vulnerability management program to include vulnerability assessments (OS, web, database, and wireless), vulnerability remediation and patch management
  • Performed incident response and security event monitoring and using SIEM and other network security and security event detection tools

Hire Now