Information System Security Engineer Lead Resume Example Company Name

INFORMATION SYSTEM SECURITY ENGINEER LEAD

Summary

Cybersecurity Professional specializing in Cyber Risk Management who has the talent to lead and enabling team success with over 18 years of leadership experience. Seeking a position in academic to spread my knowledge and teach others who are moving into the field. Strong knowledge of cybersecurity and organizational risk management functions. Communicative and team-oriented with strong proficiency in numerous areas. Proven history of fostering solutions to meet organizational objectives.

Education

Ph.D.:Information TechnologyExpected in 2023University of the Cumberlands, City, StateEmphasis in Cybersecurity-In-Progress

Master of Arts:Organizational Leadership2018Western Kentucky University, City, USA

Graduate Certificate:Instructional Design2018Western Kentucky University, City, USA

Bachelor of Science:Information Technology2013Kaplan University (Purdue University Global), City, USA

Emphasis: Network Administration

Highlights

Policy and Procedures
Information Assurance
Program Management
Information Assurance
SIEM Tools

Plan of Actions & Milestones
NIST Security Controls
Audits FISMA, SSAE, CCRI
Security Control Standards

Awards

Bronze Award-Champions Heart

Certifications

ISACA Certified Information Security Manager (CISM)ISACA Certified Data Privacy Solutions Engineer (CDPSE)-Pending Approval
CompTIA Advanced Security Practitioner (CASP+ CE)CompTIA Cybersecurity Analyst (CYSA+)
CompTIA Security+ CE

Experience

Company NameCity, StateInformation System Security Engineer Lead10/2019 to Current

Manages a team of Security Engineers providing security oversight of division information system operations that enables customers spanning the globe to perform critical operational task
Coordinates with primary security personnel to identify new security vulnerabilities create plans and advise on necessary configuration changes to mitigate security threats
Advises senior management on security vulnerabilities and provides solutions to close gaps and enhance overall security posture of division and customer information
Conducted advanced log management using of Splunk Enterprise Security tools, directs security on log analysis techniques that allows for better vulnerability and threat identification
Determines how audit logs are captured and ingested through Splunk, creates custom queries that provides better analysis of information system activities to mitigate possible malicious threats
Reviews software development activities through group collaboration with team leads, ensuring security is baked in to Software Development Life Cycle (SDLC)
Provides coaching and mentoring to employees, reviews individual development plans and provides guidance for continued professional growth that reinforces competitive advantage
Directs reviews for 100's of cybersecurity controls, ensures controls meet or exceed protection requirements by testing controls effectiveness through a variety of testing methods
Provides oversight on creation of new procedures to meet critical process improvment benchmarks that satisfy previous failed audit controls.

Company NameCity, StateSenior Consultant02/2017 to 10/2019

Assigned as Information System Security Officer (ISSO) for two enclaves, created and maintained existing information system security documentation, including System Security Plan (SSP), Security Controls Matrix and/or Assessment, Configuration Management Plan (CMP), Information System Contingency Plans(ISCP),and Continuous Monitoring Strategy (CMP).
Used experience and in-depth knowledge of Risk Management Framework (RMF) policies and procedures to advise senior management on all cybersecurity solutions to close vulnerability and security control requirements.
Analyzed 1000's of security control events using ArcSight Enterprise Security Manager tool to capture vulabilitties and implment solutions to mitigrate risk.
Performed risk assessment evaluations in support of overall risk management functions.
Conducted research on industry best practices and market threat analysis, providing results to senior and upper management and consultant on strategies to mitigate future risk.
Managed Plan of Action and Milestones (POA&Ms) and Security Technical Implementation Guidelines (STIG) requirements. Oversaw Remedy tickets creation and completion for all critical configruation changes and security control remediation.
Collected artifacts that support testing of controls using Enterprise Mission Assurance Support Service (eMASS) application to maintain Authorization to Connect (ATO) for enterprise systems.
Managed hundreds of NIST SP 800-53 Rev 4 controls ensured that Enterprise Local Area Network (ELAN) met Client and DoD cybersecurity policies that allow for high availability of services to meet organization customer needs while supporting the war-fighter.
Established, implemented, and interpreted requirements for agencies Enterprise Local Area Network (ELAN) and Unified Communications (UNCOMM) based on policy directives that govern infrastructure cybersecurity protection.
Provided client organization SME for Risk Management Framework controls in order to meet the high demand of protection needed to combat current and future network and application security vulnerabilities.
Built log queries from ingested data using ArcSight ESM to collect artifacts to support control testing to show system compliance.
Developed cybersecurity SOP's per agency requirements based on NIST, FIPS, FISMA, and other DoD guidance.

Company NameCity, StateSenior Service Delivery Manager04/2013 to 12/2016

Led across-functional team of 21 personnel, that provides voice and data solutions for over 6000 users with minimal downtime
Oversees all Tier II-III help-desk functions that remedy 1000's of desktop and network issues remotely across hundreds of organizations that are geographically dispersed, resolving 75% of tickets in less than a few hours
Provides enterprise customer service solutions face-to-face to over 500 on-site users
SharePoint Administrator that supports and maintains multiple sites for a large enterprise environment while using SharePoint Designer
Assist customer with collaboration needs and provides training when needed
Monitors SharePoint usage, conducts random audits based on organization cyber-security and governance policies
Audits company owned data to ensure Personally Identifiable Information is maintain in accordance with organizational policies, identified hundreds of violations and proactively removed all sensitive data with no loss to external entities
Provides Information Assurance training to hundreds of users on annual basis in order to meet organization's Cyber-security requirements
Enforces Information Assurance policies, using vulnerability assessment tools and applications
Identifies all user/network violations that break strict network policies, compiles reports for higher management review of compliance infractions to support organizational auditing and incident response, reported all incidents in under 24 hours with no damage to IS structure
Takes executive management vision and translates into network requirements to meet customer needs
Manages hundreds of standalone devices, provides hardware and software solutions throughout each week, implements life cycle policies and procedures that save an average of over $20,000 a year
Conducts data recovery of user information during system failures or IA violations often, recovers all data within a few hours, submits all reports within a 24 hour time period which exceeds organization standards
Implements risk analysis of IT assets and provides monthly audits and reports to executive management in support of maintaining data and system integrity with no major incidents in over 3 years

Company NameCity, StateTechnology Program Manager06/2010 to 04/2013

Maintained and created all aspects of program management and monitored instructor credentials to ensure they met strict academic guidelines according to theprogram of instructions set by Academic Department
Ensured proper equipment was available for all tactical communications planning in a fast paced field environment that fostered enhanced technical skills and leadership training
As the organizations Information Assurance Security Officer, analysised all course content, ensuring it met information assurance policies, tracked all instructor training in relation to cyber-security and information assurance training.
Took over a failing program that scored 56% during academic program inspection which did not meet the minimum score of 70% to continue operating
While leading a team in less than a year improved the technology program from 56% to 89% in a follow-up inspection which resulted in full program certification
Participated in regional conferences to build, design, and schedule new courses based on future requirements and advancement of technological assets that would be critically to student learning and knowledge growth
Authored numerous policies and guidelines used to instruct multiple technology platforms used to provide skills for real work scenarios
Audited hundreds of student records for accuracy while ensuring students met minimum requirements for scheduled courses
Conducted random audits of instructors and classroom learning environments by insuring proper presentation and teaching methods were being used and course syllabus was being followed according to set standards

Resume Overview

School Attended

University of the Cumberlands
Western Kentucky University
Kaplan University (Purdue University Global)

Job Titles Held:

Information System Security Engineer Lead
Senior Consultant
Senior Service Delivery Manager
Technology Program Manager

Degrees

Ph.D. : Information Technology Expected in 2023
Master of Arts : Organizational Leadership 2018
Graduate Certificate : Instructional Design 2018
Bachelor of Science : Information Technology 2013

Information System Security Engineer Lead Resume Example

Resume Score: 80%

DISCLAIMER

Resume Overview

Create a job alert for [job role title] at [location].

Similar Resumes