Security Engineer Resume Profile
2.00/5 (Submit Your Rating)
PROFESSIONAL SUMMARY
Proven track record with information security program leadership operational risk management continuous monitoring policy and procedural developments, and FedRAMP. Extensive experience establishing and gaining inter-agency and business unit agreements. Possesses experience working with the U.S. Air Force's Chief Information Officer CIO and U.S. Secret Service USSS CIO providing cyber security operations vendor management IT governance best practices IT audits compliance management contingency planning information privacy online safety and risks mitigations / remediations e.g., patch management, etc. for endpoint devices and servers.
PROFESSIONAL EXPERIENCE
Senior Information Security Engineer
- Deputy Chief Information Security Officer CISO for USSS from July 2010 to December 2011 and from March 2014 to June 2014.
- Advises the USSS CIO, corporate officers and management committees on security and regulatory compliance matters for a global enterprise.
- Well-versed in regulations and standards related to risk management and security, including, HIPAA, NIST, DoD, Intelligence Community IC , ISO 27001 2, and the Payment Card Industry Data Security Standard PCI DSS .
- Clearly communicated security and risk management concepts to non-technical audiences on a weekly basis. Wrote and implemented the continuous monitoring procedures.
- Developed a comprehensive cybersecurity program that aligned practical risk mitigation with business objectives and fosters a risk-conscious corporate culture amongst business owners.
- Conducted IT audits and analysis on the information security program's effectiveness and executed corrective actions that increased USSS metric scores 70 .
- Modified SDLC to ensure that security is built into new software and infrastructure deployments.
- Maintained over 94 IT systems' security authorizations were maintained and conducted in accordance with NIST, DHS, and IC's IT controls guidance.
- Proposed and implemented an enterprise wide secure mobile risk management and mobile device management solution.
confidential
Director, Information Security.
- Planned, developed, and managed the information security and risk management program for the Pentagon Renovation and Construction Program's PENREN business continuity planning and disaster recovery operations.
- Directed a team of 4 cybersecurity specialists, and 9 IT specialists regarding risk management, IT audits compliance 1200 controls , information security operations, for an annual capital/expense budget of 25 million.
- Developed, and retained a team of top security experts with each member maintaining industry-standard credentials CISSP, CISM, CCNE, Security .
- Gained executive approval to operate PENREN's revamped network architectures and reported metric scorecard / trends to the CIO on a periodic basis.
- Managed deployment of encryption technology on laptops, personal computers, backups and removable media, leading to estimate cost avoidance of over 1 million.
- Maintained 100 annual privilege user, user training, and IT systems security authorizations were in compliance with NIST, DoD, and IC's IT controls metric compliances.
- Saved PENREN a documented 600,000 dollars in annual certification and accreditation expenses.
confidential
Information Security Analyst Deputy Director
- Directed a 20-member subject matter expert team that performed risk and vulnerability analyses
- Recommended and briefed corrective actions to the Air Force's CIO and general officers regarding network incidents, trends, and network attack exercises.
- Wrote procedures and policies that addressed new technologies and emerging threats to Air Force network operations e.g., Congressional testimony responses, closed Inspector General audits, participated on executive-level enterprise change management / governance boards .
- Implemented a ports and protocol solution that reduced network probing, incidents, and traffic 38 across a global enterprise.
- Implemented a Public Key Infrastructure PKI technology i.e., two-factor authentication across a global enterprise.
confidential
PUBLICATIONS
- Continuous Monitoring: Extremely Valuable to Deploy within Reason chapter within Krause, M. Tipton, H., 2012, Information Security Management Handbook, 6th Ed. Vol 6 p. 63-72
- CISM Review Manual 2009 2015 contributing editor
- Understating the Ramifications of IPv6 chapter within Krause, M. Tipton, H., 2011, Information Security Management Handbook, 6th Ed, Vol 5, p. 117 -134
- Outsourcing of IT chapter within Krause, M. Tipton, H., 2010, Information Security Management Handbook, 6th Ed, p. 193-208
- Security Architecture and Models chapter within Krause, M., Tipton, H., 2003, Information Security Management Handbook, 5th Ed, p. 1531-1554
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
