Executive Security Consultant Resume Example Company Name

EXECUTIVE SECURITY CONSULTANT

Professional Summary

SUCCESSFUL CHIEF INFORMATION SECURITY OFFICER CISO VP, forward-thinking Vice President with proven record of accomplishment in Financial, Healthcare, Automotive, Government industries during 25plus-year career. Driven and ambitious change manager dedicated to continuous business improvement focused on enhancing revenue and streamlining business operations. Diligent in driving profit maximization through multifaced business approaches. I have had the fortune of working for some very talented leaders over the course of my career at companies both big and small. Accountable for the overall Information Security engineering programs which includes all engineering duties, operations, and “day to day” run duties for nearly every function within an Information Technology and Security organization over the past 25+ years, I eventually found the area I am most passionate; Cyber Security. Having spent most of my initial years in the workforce at international companies building world class engineering excellence programs focused on autonomy, automation, and security by design concepts.

Skills

Implementing security programs, developing security plans, and designing security controls
ISO 27001, HIPAA, HITRUST, NIST 800-53, OWASP, PCI-DSS, CMS/MARS-E, GLBA, SOX, SOC 1/2, CCPA, GDPR, FEDRAMP, FISMA
Analytical skills
Azure, AWS, and Google Cloud - GCP
Information Security & Assurance
Risk Assessments, Crisis Management, & Business Continuity
Data Analysis
Security Solutions
Business Process

Cloud Security
Evaluation
Strong Communication skills (written and verbal)
IT Strategy
Executive Leadership
Threat Detection
Strategic Thinking Skills
Critical Thinking Abilities

Work History

Executive Security Consultant, 03/2021 to Current
Company Name – City, State

Well respected Information and Executive Cyber Security leader in operational and security services domains.
International experience, promoting risk and governance regulatory compliance providing organizations from Fortune 100 to small-to-medium sized companies with services and solutions they need to transform the way they build, integrate, and manage their security.
Developed improved training methods with focus on public safety and officer awareness.
Analyzed and investigated all incidents alongside functional management and security supervisors.
Inspected security design features, installations and programs to verify compliance with applicable standards and regulations.
CJIS, GDPR, SOC2, FISMA, HIPAA, PCI governance consulting for clients working directly with business units and IT based on strategic enterprise security requirements and security programs.
Partners with business and IT in training security awareness on risks and threats to the client environment.
Assist with development and implementation in IT and Business processes in technical security standards to address regulatory governance, and threat and risks posed to the customer.
Exceeded goals through effective task prioritization and great work ethic
Developed and implemented performance improvement strategies and plans to promote continuous improvement
Eliminated downtime and maximized revenue by providing top project quality control
Used Microsoft Word and other software tools to create documents and other communications
Prepared a variety of different written communications, reports and documents to ensure smooth operations
Performed duties in accordance with applicable standards, policies and regulatory guidelines to promote safe working environment

Chief Information Security Officer, 07/2018 to 07/2020
Company Name – City, State

Governed all AZ DES security policies, procedures, designs, networks, application deployments, and implementation of all facilities.
Secured 7 divisions, with over 150 locations across Arizona, by developing and implementing business-aligned security program policies and standards to the IT Strategy and Agency roadmap, protecting $4B+ of Federal Funds.
Developed and executed multi-year security technology strategy improving audit and risk compliance lowering risk 80% in the first year by creating 5 new information security processes: Security Governance, Risk Management, Security Incident Response, Vulnerability Management Strategy, and Enterprise System Security Program.
Working with multiple executives, business, and IT (systems and developers) units, delivered 38% decrease in response time by automating cyber security incident response and improving risk mitigation.
Introduced 450+ controls during roll out of an Information Security Program centered on compliance against regulatory requirements.
Achieved 50% reduction in phishing attacks - from 70% to 20% in the first 90 days by creating and deploying the Security Awareness Program.
Decreased threats 55% in 1 year by proactively monitoring and managing risk, performing risk analyses, identifying appropriate counter security measures, then driving functional change within IT and business to minimize risk and vulnerabilities.
Collaborated with Data Privacy and Legal teams regarding data privacy issues and initiatives centered around creating solutions with AI and Machine Learning.
Improved the safeguarding of Arizona citizen's data by building a Computer Incident Response Team and working with IT Operations on Disaster Recovery/Business Continuity Plans.
Developed and grew staff competencies through team development, implementation and support of specific training for various responsibilities.
Established measures, metrics, thresholds and targets to drive performance in alignment with security and other business strategies.
Researched, reviewed and recommended equipment, materials and supplies to prepare and maintain security expenses within approved budget.
Represented Security at industry led security panels, collaborated on ACTIC and Infragard conferences.
Collaborated with enterprise architects to research and recommend technology and business process solutions to secure the business and give the company a competitive advantage in alignment with strategic direction.
Assisted architecture on defining security best practices, guidelines, patterns and working to embed these requirements within capabilities to drive automation.
Partnered closely with CTO and CIO organizations to define the vision, strategy, and roadmap for the core Information Security programs by implementing Information Security Architecture, Cyber Operations, along with Risk and Compliance.
By working with SME/Managers and executives on compliance projects and initiatives reducing critical audit findings from 1550+ to less than 300 in 1 year and to less than 20 in the second year by building relationships with business and IT stakeholders saving more than $4 Billion in federal funding.
Collaborated with key stakeholders (e.g. Application Engineering, Business Integration Teams, and Operations) to engineer security solutions focused on protecting the organizations' 150+ in-house applications.
Developed and grew staff competencies through team development, implementation and support of specific training for various responsibilities.

Head of IT Security, 01/2010 to 11/2017
Company Name – City, State

Consulting & Continuity Oversaw security operations, governance, compliance, business continuity, internal/external risks as part of a global MSSP in the financial, energy and healthcare sectors.
Acted as the SME for Cloud Security experience in the design, implementation, and support of cloud IaaS and PaaS solutions.
Transformed 13.8% department profit loss to a 6.2% profit in the first 2 years and a 16% profit the next year while increasing headcount.
Secured 2 multi-year, multimillion-dollar deals and other new sales by alleviating customer concerns regarding cloud security and risk.
Eliminated all audit findings regarding in less than 1 year, by establishing company automation methodology, frameworks, and tools.
Developed and grew staff competencies through team development, implementation and support of specific training for various responsibilities.
Established measures, metrics, thresholds and targets to drive performance in alignment with security and other business strategies.
Drafted security operating procedures and training materials for human resources department.
Achieved immediate 42% decrease in internal and external customer risk by holding workshops for up to 100 company employees.
Consulted with customer senior and executive management, ensuring risk and compliance items were addressed.
Delivered 80% decrease in incidents by implementing new security measures, saving hundreds of thousands of dollars per year in customer downtime.
Developed and evolved the information / cyber security strategy and roadmap.
Established security risk matrix and framework and selected security solutions to address security controls for enterprise landscape Partnered with business and IT leaders to develop security policies, standards, guidelines, and procedures to ensure the confidentiality, integrity, and availability of internal systems and data Completed both progressive and regressive testing scenarios by applying testing frameworks.
Oversaw assignment of engineering tasks by creating frameworks free of wasteful redundancy and unnecessary dependencies saving tens of thousands of dollars a year in costs.
Increased customer satisfaction by resolving security and privacy issues, improving a negative satisfaction rating to a positive (by 6%) the first year, and ever increasing each continuous year.
Monitored and evaluated unit performance on key security issues, recommending corrective action programs where appropriate.
Delivered exceptional level of service to each customer by listening to concerns and answering questions
Resolved problems, improved operations and provided exceptional service
Proved successful working within tight deadlines and fast-paced atmosphere

Information Security Manager, 09/2004 to 12/2009
Company Name – City, State

Managed the US Cyber Security Program and led risk management and security governance processes for a region encompassing most of the continents of North and South America.
Saved over $100K in monthly PCI penalties and fees by implementing security policies and risk solutions.
Eliminated virus/malware attacks within 90 days of developing and implementing a vulnerability and patch management program that prevented all attacks for 5 years.
Secured PCI compliance 4 years in a row as the PCI-DSS Security Officer.
Collaborated with development teams on secure procedures for DevOps and code release.
Achieved 27% decrease in tickets by creating proactive security checks for internal software development team and working with them to add additional measures in coding and SDLC.
Grew IT process efficiency 31% by initiating several initiatives to improve communication.
Integrated IT systems development for the Americas region and led training for colleagues.
Developed and maintained internal control processes, document procedures, identification of areas to improve internal controls and implementation of policy change.
Guided implementation of company-wide enterprise security strategy for network and hardware, disaster recovery, data protection and endpoint protection.

Education

Certified Information Security Manager Training in progress: 08/2021
ISACA - City

Bachelor of Science: Computer Information Systems, 06/2001
DeVry University - City

Affiliations

Arizona Counter Terrorism and Information Center(ACTIC)

InfraGard

ISACA

Resume Overview

School Attended

ISACA
DeVry University

Job Titles Held:

Executive Security Consultant
Chief Information Security Officer
Head of IT Security
Information Security Manager

Degrees

Certified Information Security Manager Training in progress : 08/2021
Bachelor of Science : Computer Information Systems , 06/2001

Executive Security Consultant Resume Example

DISCLAIMER

How this resume score could be improved?

Resume Overview

Create a job alert for [job role title] at [location].

Similar Resumes