We provide IT Staff Augmentation Services!

Information Security Director Resume

Anchorage, AK

SUMMARY:

  • Cybersecurity executive with extensive experience managing enterprise portfolios with a focus on security operations, cloud technologies, business continuity, and audit
  • Experience managing Federal and commercial contracts with responsibility for staff, sub - contractors, and contract performance in a matrixed environment of direct reports, clients, and client’s customers
  • Proven design and leadership skills with the ground-up construction and management of an Confidential Security Operations Center (SOC) as well as data centers for Confidential Group and Confidential
  • Regulated environment experience within Federal financial programs, Confidential, HIPPAA, PCI, Confidential, Confidential
  • Demonstrated financial experience creating budgets and forecasts with a deep technical viewpoint
  • Solid experience managing operational and capital budgets
  • SANS/GIAC Advisory Board Member and SANS Mentor

PROFESSIONAL E XPERIENCE:

Confidential, Anchorage, AK

Information Security Director

Responsibilities:

  • Refresh of Company wide Information Security controls and policies.
  • Directed the implementation of Confidential Cybersecurity Framework.
  • Led improvements to network architecture and access control based on review of the enterprise.
  • Aligned policy and architecture with Federal/DoD contracting rules ( Confidential, Confidential, Confidential, DFARs)
  • Achieved compliance with Confidential SP800-171 for Federal contractors.
  • Established incident response capability and process around updated SIEM and IDS/IPS architecture.
  • Created cybersecurity privacy and awareness training courses.
  • Directed the Company’s first external penetration testing engagement.

Confidential, Columbus, Indiana

Global Information Security Operations Manager

Responsibilities:

  • Mentored and grew a team of on-shore and off-shore security analysts supporting a Confidential 200 corporation with locations in 190 countries.
  • Worked on the vendor assessment team for the Confidential LiveWell Medical Center.
  • Provided information security consultancy for corporate initiatives, audit, and compliance (HIPAA, PCI, SOX, and the Confidential Cybersecurity framework)
  • Realigned and enhanced Information Security Operations.
  • Created an enterprise vulnerability management program.
  • Directed the move to a managed SIEM while enhancing security posture through next generation detection and correlation technologies.

Confidential, Fairfax, Virginia

Cybersecurity Architect

Responsibilities:

  • Lead for a team supporting ten Federal agencies’ financial applications hosted in Confidential ’s Confidential cloud.
  • Managed security for a joint Confidential Bank AWS cloud Proof of Concept (POC) program.
  • Lead for team performing security audits for Federal clients ( Confidential, Confidential ).
  • Created cost models for security audits and accreditation efforts.
  • Advisor for federating identities across client agencies, Confidential cloud, and contractor environments.
  • Developed security as a structured business practice offering for Confidential ’s cloud based clients as well as within other public and private cloud environments which resulted in new business.
  • Created a repeatable framework for security as a service (SECaaS) with a detailed cost model for bids and proposals.

Confidential, Herndon, Virginia

IT Program Manager

Responsibilities:

  • Led projects for the standup of a secondary data center, network security evaluations and subsequent changes to policy, infrastructure, and network links.
  • Global network consolidation and cloud computing work with US government Confidential compliance.
  • Led financial forecasting toolset implementation (IBM Cognos TM1 tied into Deltek financials)
  • Led project review and creation of an emerging technology lab used to evaluate BYOD solutions.
  • Developed IT operating and capital expense budget projections for DOD and commercial contract proposals including a 21 year IT lifecycle budget for the successful AAS-72X US Army helicopter bid.

Confidential

Project Manager, Leesburg, Virginia

Responsibilities:

  • Managed the Confidential contract for the deployment and SIEM integration of Confidential NTR malware protection.
  • Reconciled contract budget, deliverables, and personnel management including subcontractors.
  • Created additional value for the client by designing two-way integrations with other tools such as web based threat analysis engines and FireEye appliances to enhance Confidential capabilities.
  • Developed training for Engineering staff and Security Analyst.
  • Certification and Accreditation of Confidential NTR appliance (Red Hat Linux/Ruby based).
  • Created the first integration of Confidential NTR to ArcSight SEIM (no existing connector prior to this).
  • Secured the follow-on contract option year with additional sensor purchases based on performance.

Site Manager - Infrastructure Team Lead, Martinsburg Pennsylvania

Confidential

Responsibilities:

  • Hired by Confidential to build, staff, and manage a Disaster Recovery Security Operations Center (SOC) from the ground up for the Confidential ’s Confidential contract.
  • Developed federated identity management between agencies and contractors with PIV card multifactor authentication under Confidential and Confidential 800-53 controls.
  • Oversaw the contract budget, deliverables, and personnel management across functional teams.
  • Participated in the recruiting, hiring, and managing of facility staff.
  • Manager for 10 Information Security Analysts and one Infrastructure Engineer.

Selected Accomplishment: Received the Confidential 's Service Award of Excellence for the support and expansion of operations at the Cyber Security Management Center.

Confidential, Somerset, Pennsylvania

Network/IT Manager

Responsibilities:

  • Led the design through build of the new company datacenter, including power, environmental controls, and access security.
  • Integrated data collection and SCADA machinery controls to MRP and CAD/CAM software.
  • Developed security enhancement and remediation plans in support of business risk management and SOX/HIPAA compliance.

Hire Now