Livecareer-Resume
JC
Jessica Claire
Montgomery Street, San Francisco, CA 94105 (555) 432-1000, resumesample@example.com
Career Overview
To join the Walmart Risk/Cybersecurity Team as Risk Lead Cybersecurity - IT Audit Communication is a key to my success. Throughout my career, I have communicated policies, instructions, and directives with a direct approach and simplified as possible. I have coaxed the most recalcitrant auditees to provide me information and evidence needed to complete an audit or risk assessment. LEADERSHIP *Strong leadership skills, including the ability to influence without authority and ability to collaborate effectively across multiple business and product groups. Some situations call for a take-charge attitude while others take an active listening role. My leadership skills and training allow me to deliver required Information Security Risk Management Services, while monitoring and continuously improving processes.
Qualifications
  • Guest services
  • Inventory control procedures
  • Merchandising expertise
  • Loss prevention
  • Cash register operations
  • Product promotions
Accomplishments
Work Experience
01/2015 to 11/2015 ISO INTERNAL AUDITOR AND RISK ANALYST Erm Protect | , ,
  • 11 MONTHS) Prepare and execute ISO/IEC 27001:2013 internal audits for Symantec business units Create ISO/IEC 27001 internal audit reports in accordance with ISO/IEC 27001 requirements and internal processes Monitors, analyzes, and remediates IT security risks and vulnerabilities by adhering to defined operating procedures; reviewing metrics to identify outliers, inefficiencies, and non-standard actions.
  • Prepare and conduct Security Risk & Threat Assessments for Symantec business units with occasional support to vendor assessment team with the vendor selection process; ensuring compliance to vendor contracts.
  • Create Risk Assessment Report reporting the findings; identifying improvement opportunities and providing feedback to senior team members and management; Held review meetings for any initiatives or tasks that would alter current processes.
  • Supports the implementation of security governance by leading the process of governance administration and maintenance; ensuring compliance with Symantec Information Security policies, standards, procedures and best practices; modeling various governance concepts, i.e., ITIL, COBIT, and reviewing remediation for gaps in security governance and policies through collaboration and consensus building; and comparing and contrasting Symantec practices with industry standards.
  • Built relationships and partnerships with key stakeholders; aligning business needs with processes and practices while monitoring progress and results.
  • Recognized and capitalized on improvement opportunities while adapting to competing demands, organizational changes, and new responsibilities.
02/2014 to 06/2014 SENIOR INFORMATION SECURITY CONSULTANT Erm Protect | , ,
  • Information Security Risk Management - Security Monitoring, Threat and Data Analysis, Use Case Creation & Modeling, High Value Asset (HVA) protection strategy, practices, principles and control objectives.
  • Analyzed and identified risk by understanding factors of influence to impact and likelihood; building working knowledge and relationships between risk and governance; building expertise in risk analysis and use case scenarios to support multiple layers of security to protect high value assets.
01/2014 to 07/2014 SENIOR INFORMATION SECURITY CONSULTANT Bickford Senior Living | , ,
  • Planning and Conducting ISO 27001:2013 Compliance assessments for Cloud Services.
  • Guiding and assisting Microsoft (MS) service group's process owners with cloud compliance efforts, focus on getting services ISO certified.
  • Maintain the Statement of Applicability (SoA), ISMS controls mapping to risk register, and develop continuous monitoring procedures.
  • Review and document MS service groups' related policies, procedures, processes & other required documentation in compliance with certification standard.
  • Document narratives of current processes, and work with teams to identify and analyze gaps between current processes and the certifiable state of controls.
02/2013 to 02/2014 | , ,
  • Planning and Conducting ISO 27001:2005 Compliance assessments for IaaS, PaaS and SaaS, and Cloud Security Alliance (STAR* Registry) preparation and adherence.
  • Security, Trust & Assurance Registry Guided and assisted Windows Intune Team and WSSC service groups process owners with cloud compliance efforts, focusing on getting services ISO certified, created common security framework using ISO, NIST and CSA standards and established IT SSAE 16 controls mapping.
  • Mapped PCI DSS controls to ISO 27001:2005 clauses.
  • Coordinated with Windows Intune Teams and WSSC service groups to identify requirements; performed risks assessment and compliance gap analysis.
  • Reviewed and documented Windows Intune Teams and WSSC service group's related policies, procedures, processes & other required documentation in compliance with certification standard.
  • Documented narratives of current processes, and worked with teams to identify and analyze gaps between current processes and the certifiable state of controls.
07/2012 to 02/2014 SR. INFOSEC & TECHNOLOGY COMPLIANCE SPECIALIST Bickford Senior Living | , ,
07/2012 to 01/2013 | , ,
06/2011 to 07/2012 SR. INFOSEC & TECHNOLOGY ANALYST Bickford Senior Living | , ,
  • 1 YEAR 1 MONTH).
  • PCI DSS 2.0 Attestations using Symantec Control Compliance Suite Response assessment module, PCI asset management, Conducting Technical Compliance Audits.
  • Additional duties: Sarbanes-Oxley (SOX) control audits and Customer Proprietary Network Information (CPNI) control audits, comprehensive user IAM reviews and business IAM approval reviews.
03/2010 to 06/2011 Bickford Senior Living | , ,
  • Recovering deleted data for litigation and IT Services.
02/2007 to 03/2010 Bickford Senior Living | , ,
  • Developed SOX Control Testing Plans, Conducted SOX control testing for financial system governance.
  • Team Lead for SOX Compliance and governance for this Global Defense Contractor.
04/2006 to 02/2007 Hyatt Hotels Corp. | , ,
  • 11 MONTHS).
  • Developed SOX Control Testing Plans, Conducted SOX control testing for financial system governance.
  • Team Lead for SOX Compliance and governance at The Boeing Company.
08/2004 to 05/2006 MANAGER INFORMATION TECHNOLOGY AUDITOR | THE BOEING COMPANY | , ,
  • 1 YEAR 10 MONTHS).
  • Developed SOX Control Testing Plans, Information Security Polices and Conducted SOX control testing for financial system compliance.
  • Top Clients: Pemco Aviation, Dycom Industries, Helen of Troy, LifeCell, Artesyn Embedded Technologies.
05/1996 to 02/2004 INDEPENDENT CONSULTANT TECHNOLOGY RISK MANAGEMENT PROFESSIONAL | JEFFERSON WELLS, INTL | , ,
  • Anderson Cancer Centers, Shell Oil via Computer Sciences Corporation, British Petroleum Refineries, Cockrell Oil and Nippon Oil.
Education and Training
Expected in JAN 2014 TLG LEARNING, BELLEVUE *ITILv3 Foundation (IT Service Management Best Practices) License Registration Number: 265169915 * Validation Number: 1904427647 *SharePoint | CERTIFICATE OF COMPLETION AND CERTIFICATION, , GPA:
Expected in 2013 Foundation (Site Owner) DIPLOMA OF NETWORKING TECHNOLOGIES | | , , GPA:
Expected in FEB 2000 | SOUTHERN METHODIST UNIVERSITY *Triple Certification Program - Microsoft Certified System Engineer (MCSE), Certified Novell Administrator, and CompTIA A+ | , , GPA:
Expected in AUG 1984 Bachelor of Science | Studio Art LAMAR UNIVERSITY, , GPA:
Studio Art and Military Science
Additional Information
  • PRIOR MILITARY SERVICE | CHIEF, INFORMATION MANAGEMENT | 75TH MANEUVER AREA COMMAND, HOUSTON, TEXAS Final Rank: Captain Link to unit: http://www.globalsecurity.org/military/agency/army/75d.htm Page | 1 https://www.linkedin.com/in/thesoxitauditor
Skills
A+, asset management, Cancer, Compliance Audits, contracts, Clients, Data Analysis, documentation, Engineer, financial, focus, Information Security, internal audits, internal audit, ISO, ITIL, Team Lead, litigation, meetings, Microsoft Certified, MCSE, SharePoint, Windows, Modeling, Monitors, NETWORKING, Network, Certified Novell Administrator, Oil, organizational, PCI, policies, processes, progress, reporting, risk analysis, Risk Assessment, Risk Management, SOX Compliance, Sarbanes-Oxley, Shell, strategy, Symantec, Validation

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Disclaimer

Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

How this resume score
could be improved?

Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:

58Fair

resume Strength

  • Personalization
  • Target Job

Resume Overview

School Attended

  • CERTIFICATE OF COMPLETION AND CERTIFICATION
  • LAMAR UNIVERSITY

Job Titles Held:

  • ISO INTERNAL AUDITOR AND RISK ANALYST
  • SENIOR INFORMATION SECURITY CONSULTANT
  • SENIOR INFORMATION SECURITY CONSULTANT
  • SR. INFOSEC & TECHNOLOGY COMPLIANCE SPECIALIST
  • SR. INFOSEC & TECHNOLOGY ANALYST
  • MANAGER
  • INDEPENDENT CONSULTANT

Degrees

  • TLG LEARNING, BELLEVUE *ITILv3 Foundation (IT Service Management Best Practices) License Registration Number: 265169915 * Validation Number: 1904427647 *SharePoint
  • Foundation (Site Owner) DIPLOMA OF NETWORKING TECHNOLOGIES |
  • | SOUTHERN METHODIST UNIVERSITY *Triple Certification Program - Microsoft Certified System Engineer (MCSE), Certified Novell Administrator, and CompTIA A+
  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in: