We provide IT Staff Augmentation Services!

Director - Cybersecurity Resume

Houston, TX

SUMMARY:

  • Highly experienced and accomplished Information Security, Risk and Compliance professional with expertise in Enterprise - wide IT Security and Critical Infrastructure protection strategy development.
  • Track record of elevating Information security by building Information Security programs, leading Security Governance Councils and high performing Cybersecurity teams, and deploying forward thinking solutions to satisfy compliancy objectives and meeting business requirements.
  • Proven skills in building key partnerships with global cross-functional teams to deliver customer oriented security assurance services.
  • Established and managed security programs; Risk Assessment, Incident Response, Security Awareness, Vulnerability Testing and Threat Management.
  • Broad experience with compliance mandates and Governing frameworks

CORE COMPETENCIES:

  • Security Management
  • Project Management
  • Risk Management
  • Team Building & Development
  • Budget Planning & Execution
  • Regulatory/Policy Compliance
  • Cyber Security SME
  • Public Speaking
  • Strategic Planning

TECHNOLOGY/ TOOLS:

  • FireEye NX 2400/4400
  • Bluecoat Web Security
  • PhishMe/Wombat
  • Risk Mgmt.- Modulo, Archer
  • App. Whilelisting - Bit9
  • VA - Rapid7/Nessus
  • Checkpoint/Palo Alto FW
  • Encryption - PGP
  • SIEM-Qradar/LogRhythm

PROFESSIONAL EXPERIENCE:

Confidential, Houston, TX

Director - CyberSecurity

Responsibilities:

  • Serve as a cyber leader in a global professional services firm with 45 offices in 18 countries that helps Global Fortune 500 & 100 companies with security strategies and data assurances.
  • Accountable for the development and implementation of strategic, business focused, IT security program to support organization's evolving needs in response to ever-changing cyber threats. Manage risk based cyber program development, implementation, and assessments.
  • Interface with and brief senior leaders and executives on threat landscape and organization's risk profile.
  • Participate in development of policies, standards, and programs; risk assessments, security awareness, incident response, penetration testing, and business continuity/ disaster recovery.
  • Build and chair Security Governance Council to address risks and preserve investment on compliance mandates such as PCI and HIPAA.
  • Responsible for developing and leading high performing cyber security team.
  • Serve as CISO for various organizations (Retail and Healthcare).

Confidential, Sugarland, TX

Chief Information Security Officer

Responsibilities:

  • Effectively implemented network monitoring solution saving company $250k annually
  • Successfully implemented internal Vulnerability Management and Threat Management program to achieve $200k annual savings.
  • Effectively implemented IS Management System; built processes, deployed tools, and managed IT Security budget.
  • Achieved 90% audit remediation (HIPAA +SOX+ Cyber) within 12 months
  • Achieved 85% improvement in reporting of suspect Emails using Phishing Campaign.
  • Achieved 80% reduction in Security tickets reducing reliance on MSSP services
  • Reduced malware infections by 70% by implementing application whitelisting technologies.
  • Successfully built key partnerships to promote enterprise Security capabilities such as Vulnerability Assessments, Incident Response, Encryption, and Threat Management.
  • Drastically improved response to Security incidents by developing security incident response playbooks, documenting workflows, and key member of response team.
  • Developed organization’s 1st IT Risk Management Committee comprising of key leaders.

Confidential, Houston, TX

IT Security, Risk and Compliance Manager

Responsibilities:

  • Supported the CIO in fulfilling Information Asset Protection and Assurance activities such as evaluating security impacts of proposed and emerging solutions, ensuring alignment with IT security roadmap, and defining metrics and reporting strategies to effectively communicate KPIs of Security Program.
  • Led the planning and implementation of PCI DSS controls to reduce compliance liability and improve security.
  • Identified, analyzed and reported IT risks to senior leadership on an ongoing basis.
  • Led development and implementation of Confidential based enterprise wide IT Security & GRC program.
  • Built key partnerships with senior stakeholders to develop and evangelize enterprise-wide IT security policies, standards, and procedures resulting in a 70% reduction of audit findings
  • Consolidated and automate risk assessment processes to reduce additional resource requirements resulting in $250k annual savings.
  • Effectively led development of Enterprise capabilities such as Vulnerability Assessments, Security Awareness, Threat/Risk Assessments, and Security Incident Response.
  • Effectively managed SOX processes reducing consulting costs of $200,000 annually.

Confidential, Houston, TX

Senior Security Architect

Responsibilities:

  • Trained IT groups on new processes to improve efficiency and reduce exposure.
  • Worked closely with key stakeholders and developed project plans to meet compliancy objectives.
  • Managed implementation of security solutions (Firewalls, IPS, Encryption, Logging, and File Integrity) to safeguard credit card, Private Identifiable Information (PII), & company information.
  • Created PCI DSS remediation plan and conducted regular progress reporting.
  • SME for scoping, policies, processes and tools required to comply with PCI DSS.
  • Analyzed results of penetrations tests, design reviews, source code reviews and other security tests. Assessed risk treatment options based on business risk appetite and security requirements. Determined where compensation controls were appropriate.
  • Completed and submitted Compensating Controls documentation and SAQ for Attestation

Confidential, Houston, TX

Principal Consultant

Responsibilities:

  • Led intrusion prevention, architecture development and implementation, application and ASP security assessments, forensics investigations, Vulnerability Management / CIRT implementation, and Policies development.
  • Created key processes to standup Information Security program (vulnerability management, forensics investigations, and third-party assessments).
  • Led the development of Enterprise Security Incident Response process resulting in $200k savings

Confidential, Houston, TX

Sr. Security Engineer

Responsibilities:

  • Functioned as Security Expert for world's largest death care organization with more than 2000 locations throughout the USA and Canada.
  • Led the evaluation, acquisition, and implementation of technologies / systems used to safeguard company information and computing assets.
  • Coordinated all internal and external compliance and auditing activities.
  • Effectively managed design and implementation of enterprise wide (700+) SSL VPN locations saving $1M annually
  • Successfully deployed secured business partner network to limit data exposure, and drastically reduced the number of security incidents.
  • Created strategic plans used in IT Security Roadmap for making sound investments in IT Security countermeasures.
  • Effectively implemented ongoing IT Risk Assessment process to better manage risks to assets.

Confidential, Houston, TX

Senior Security Architect

Responsibilities:

  • Provided technical pre-sales solutions and Project Management for Confidential Providers in South Texas region.
  • Recommended and implemented Next Generation Information Security solutions for customers.
  • Qualified technical feasibility of potential deals and assisted in developing competitive sales strategies.
  • Built technical relationships and credibility with customers through direct interface and technical solutions presentations.
  • Developed test plans and served as security SME for customer evaluations.
  • Harnessed strengths in forecasting, opportunity identification, goal-setting and motivation to outdistance the competition
  • Closed some of largest contracts in Houston area, including two energy giants $5,000,000+ wins.
  • Penetrated new markets, landing first-time wins in South Texas area.

Confidential, Houston, TX

Senior Consultant/Managing Consultant

Responsibilities:

  • Performed Network, Security, and IT Risk assessment consulting for clients all over North America.
  • Worked with clients from pre-sales to post sales delivery and played an integral role in developing innovative and cost effective solutions to meet their business requirements.
  • SME for IT Security and Network Management for the South Texas region.
  • Assist customers with Security strategies, roadmaps and plans.
  • Analyzed VA/Pen test results and implemented safeguards to reduce exposures.

Hire Now