SEARCH

Information Infrastructure Security Risk Manager Resume Example

Resume Score: 80%

Love this resume?Build Your Own Now
INFORMATION INFRASTRUCTURE SECURITY RISK MANAGER
Professional Summary

Information security professional with 25 years of progressive experience in Information technology industry. Demonstrated skill identifying business risks and compliance issues and designing proactive solutions. Background designing and implementing layered network security approaches.

Accomplishments
  • Supervised team of 5 manager staff members with a team of 30.
  • Collaborated with team of 25 in the development of Monarch Domain.
  • Documented and resolved issue with ERCOT inquiry about activity that would cause them to stop Shell Energy from trading electricity, which led to the development of a NERC domain to eliminate this business risk.
Skills
  • Information Security
  • Zscaler
  • Palo Alto Firewalls
  • F5 Load Balancer
  • Teamwork / Collaboration
  • MetaSploit
  • Project Management
  • CheckPoint Firewalls
  • Customer Service
  • Designing and implementing security controls
  • Project organization
  • Operational improvement
  • Information Systems
  • Linux
  • Java
  • Symantec Endpoint Protection
  • Relationship development
  • Budgets
Work History
Information Infrastructure Security Risk Manager03/2004 to 07/2020
AT&T Inc.Houston, United States
  • Performed risk analyses to identify appropriate security countermeasures
  • Worked with Royal Dutch Shell Cyber Defense team to understand needs and provide vulnerability and threat security services
  • Lead team of 6 in requirements gathering and implementation of AT&T Alien Vault USM Cloud Software as a Service for Shell Oil Cyber Defense
  • Monitored social media and online sources for industry trends
  • Reviewed violations of computer security procedures and developed mitigation plans
  • Created cyber-security best practice communications to educate customer against known threats and potential vectors of attack
  • Assist customer cyber security auditing program to detect flaws and weaknesses in customer infrastructure and cloud security systems
  • Developed and maintained incident response protocols to mitigate damage and liability during security breaches
  • Participated in creation of device hardening techniques and protocols
  • Conducted security audits to identify vulnerabilities
  • Developed team communications and information for security controls "for new projects" review meetings
  • Investigated and corrected or escalated project problems
  • Closely collaborated with project members to identify and quickly address problems
  • Built and utilized reporting database reporting system to keep customers and business management in loop with latest information
  • Recommend improvements in security systems and procedures
  • Monitor and review Palo Alto, Mcafee DDOS, and MIDS reports to determine when to update protection systems
  • Offered expertise in business continuity planning to guide, support and lead strategy development
  • Business Continuity Planning: Enacted structures to facilitate maintenance of vital business functions in face of major hurricane or facility disruptions
  • Business Continuity Planning: Organized and updated strategies for managing crisis events to modernize and enhance approaches
  • Managed team in conducting security review and sign-off in delivery of approximately 200 network and software infrastructure projects, resulting in projects meeting all security controls
  • Increased customer satisfaction by resolving lack of proper security controls adherence at project implementation stage, by conducting full security control review, and implementing COBIT methodology
  • Drove operational improvements which resulted in savings and improved profit margins
  • Resolved security compliance problems, improved operations and provided exceptional client support
Director of Information Technology02/2002 to 07/2004
Valco Instruments Company Inc.Houston, TX
  • Developed and implemented technical application support and information technology policies and procedures that advanced investment needs, outcomes and performance measurements to balance continuous innovation with responsible risk-taking.
  • Analyzed department and job-related functionality requirements to align technology priorities with business needs.
  • Prioritized framework to evaluate technology and regulate communication with business stakeholders.
  • Implemented, created and tested disaster recovery and business continuity plans and maintained appropriate back-up system.
  • Developed and maintained service level agreements for strategic applications and measured performance against objectives.
  • Developed, tracked and controlled information technology operating budgets and cost and benefit analyses for IT spending initiatives.
  • Performed regular audits and tests of infrastructure and applications to prevent data loss, proprietary data theft and monetary loss from fines.
  • Cultivated highly-regarded technology services organization that sustained culture of respect, collective pride and individual and group professional development to achieve transformation of ERP platform from Syteline to SAP for business process improvement initiative.
  • Fostered positive working environment that encouraged innovation, collaboration and accountability and managed end-user needs with functional and security responsibilities.
  • Identified opportunities for application optimization, redesign and development and troubleshot and resolved user and application issues.
  • Stayed abreast of technology advancements, emerging standards and regulations to meet strategic technology goals.
  • Deployed, monitored and maintained system installation, upgrades and network integration to achieve world class datacenter and hot standby remote virtual hosted services of critical business software.
  • Developed Security Red Team, to provide ongoing social, application and network infrastructure penetration testing and provided results at weekly leadership team meetings.
  • Identified computer hardware and network system issues, performing troubleshooting techniques for remediation.
  • Analyzed security architecture design, scoping, implementation, testing and deployment needs to define project requirements.
  • Coordinated with management teams to plan, develop, align and execute strategies that would meet company vision, mission and purpose.
  • Assessed existing systems including billing automation, accounting and real-time reporting and analytics capabilities, delivering updates for security purposes.
  • Liaised effectively with others to promote on-going network design, reevaluation and optimization that scaled with company growth.
  • Implemented and managed wireless devices, multi-site network infrastructure, business intelligence development and implementation.
  • Interviewed, hired, trained and mentored 5 management staff and 30 staff members by coaching daily, leading performance reviews and offering constructive feedback.
  • Implemented security standards and governance based on ISO 27001 using NIST guidelines.
Sr. Security Network Analyst/Engineer05/1998 to 03/2002
Shell Oil CompanyHouston, TX
  • Developed plans to safeguard computer files against modification, destruction or disclosure
  • Conducted security audits to identify vulnerabilities yielding a 20 percent improvement in security posture
  • Researched and developed new computer forensic tools
  • Reviewed violations of computer security procedures and developed mitigation plans
  • Performed risk analyses to identify appropriate security countermeasures
  • Implemented Shell Trading IM messaging security filtering and recording solution using IMLOGIC to meet SEC regulation
  • Managed Cisco Enterprise routing infrastructure
  • Managed DNS configuration
  • Design and Implement IBGP and BGP for trading office routing redundancy
  • Managed OSPF for internal area routing
  • Managed Access-list policy on routing devices
  • Manage Cisco enterprise switch configuration.
Senior Network Security Engineer02/1996 to 06/1998
SchlumbergerHouston, TX
  • Applied Center for Internet Security (CIS) benchmarks to verify performance of ongoing security measures
  • Coordinated security initiatives with personnel at Geoquest and customers sites across Houston providing security for Oil and Gas siesmic intelligence data
  • Implemented and managed Cisco security access-list, Checkpoint and Cisco firewalls
  • Designed security network infrastructure for Geoquest business unit facing client on gig fiber connections
Education
MBA: Management Information Systems2011University of Phoenix- Tempe, AZ
Bachelor of Science: Computer and Information Sciences2009University of Phoenix- Tempe, AZ
Certifications

Sun Oracle Java certified programmer

Sun Oracle C++ Certified programmer

Sun Solaris Unix Certified administrator

Sun Solaris web development

Six Sigma Greenbelt certified

Citrix Metaframe Administration

Bronze Cloud infrastructure Certified

Cloud Architecture: Core Concepts

Professional Training

CCNP Training

CCIE Training

CISSP Training

CCSP Cloud Security Training

Cloud Architect Training

Build Your Own Now

DISCLAIMER

Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

Resume Overview

Companies Worked For:

  • AT&T Inc.
  • Valco Instruments Company Inc.
  • Shell Oil Company
  • Schlumberger

School Attended

  • University of Phoenix

Job Titles Held:

  • Information Infrastructure Security Risk Manager
  • Director of Information Technology
  • Sr. Security Network Analyst/Engineer
  • Senior Network Security Engineer

Degrees

  • MBA : Management Information Systems 2011
    Bachelor of Science : Computer and Information Sciences 2009

Similar Resumes

View All
Information-Infrastructure-Security-Risk-Manager-resume-sample

Information Infrastructure Security Risk Manager

Houston, Texas