Montgomery Street, San Francisco, CA94105609 Johnson Ave., 49204, Tulsa, OK
H: (555) 432-1000
C:
resumesample@example.com
Date of Birth:
India:
:
single:
Professional Summary
Chief Information Security Officer Seasoned security executive with over 15 years of information security experience and proven success in cybersecurity, security architecture design, enterprise risk management, and compliance. Strong ability to build and lead a security organization to meet and exceed designated goals and expectations. Extensive background in developing, architecting, and implementing solutions that enhance business objectives and mission. Demonstrated skills in managing major security programs from concept to completion ensuring on-time, on-budget, and on-target delivery. Well-versed in cloud security and architecture with AWS, Azure & Google GCP. Experienced with various security, regulatory, and enterprise architecture frameworks.
Skills
Professional Certifications
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
Information Systems Security Architecture Professional (ISSAP)
Certified Information Security Manager (CISM)
Certified in Risk and Information Systems Control (CRISC)
Cloud Security Alliance (CCSK)
Azure and AWS Cloud Certified
ISO Certified Lead Implementer
Backup
Leadership
Access
Enterprise
Problem-resolution
Project development
Risk Management
Strategy
Culture Transformation
BSI
CCSP
Customer satisfaction
Database
Driving
IDS
Information Security
Information Systems
Innovation
ISO
Mentoring
Migration
Network
Processes
Risk assessment
SD
WAN
Collaborative Leadership
Work History
SR. DIRECTOR OF INFORMATION SECURITY, 04/2019 - 07/2020 Massage Envy – Oceanside, NY,
Accountable for leading the security and cloud strategy for Tenet, an $18B healthcare organization, to enhance the security program and transform the organization.
Empowered to transform the security program by building out the security architecture practice.
Developed the architecture templates for the design and engineering of enterprise security technologies while achieving defined KPIs and positive ROI.
Created a cloud migration roadmap ensuring collaboration and addressing short term business goals and long-term TCO, while driving innovation at all levels of the organization by delivering cloud native and cloud enabled technologies.
Architected the transformation from legacy on premise security instrumentation to a cloud-based security services model – SASE and SD-WAN over traditional MPLS.
Established the Enterprise Security Architecture (ESA) practice and institutionalized the core committees: Technology Review Board (TRB) and Architecture Review Board (ARB).
Drafted the methodologies to perform risk assessment, business impact analysis, and security assurance to improve systems and operational security.
SR. DIRECTOR OF INFORMATION SECURITY, 09/2013 - 04/2019 Massage Envy – Olathe, KS,
Managed and led global risk management, information security, security architecture, and compliance practices to guarantee proper protection and compliance requirements were met for the company’s global IT systems and information assets.
Hired, supervised, and mentored cyber security managers and security engineers.
Established and managed procedures designed to uncover, analyze, and communicate information security risks to business executives leveraging Risk Management Framework (RMF).
Collaborated with global internal and external customers, business units, internal teams, and primary stakeholders to create and execute strategies following company- determined information risk management processes and standards.
Implemented security processes to ensure proper technology roadmaps were in place as well as secured integration practices.
Developed an enterprise information security framework, including polices, procedures and standards.
Ensuring data integrity, confidentiality and availability of information as well as creating controls on how data is processed by the organization.
Attained ISO 27001, BSI BIM certifications and DOD DFARS compliance for Parsons Corporation under my leadership.
Led and owned the implementation of a multi-million-dollar, multi-year security program
•Achieved significant ROI transforming the security program and technologies.
Oversaw cyber initiatives to improve monitoring, incident response, analytics, and security engineering practices.
Conducted IR tabletops to review and update the IR plan and procedures.
MANAGER, 06/2009 - 09/2013 Verizon Terremark – City, STATE,
Directed daily operations and workload of 55 members of the security engineering, virtualization, storage, database, and backup implementation teams.
Led global implementation engineering teams including development and launch of standardized and customized solutions.
Oversaw security implementation engineering services including IDS, IPS, log aggregation/analysis, and SIEM.
MANAGER, 01/1999 - 06/2009 Nokia, Inc, OF INFRASTRUCTURE AND DATACENTER – City, STATE,
Developed effective problem-resolution team by mentoring and motivating staff in project development efforts Educated staff on customer satisfaction, productivity, and cohesion.
Assessed risks, oversaw patch management, and directed building security and access control to avoid network vulnerability and intrusion.
Education
MASTER OF SCIENCE: INFORMATION SECURITY AND ASSURANCE, Expected in - Western Governors University - , GPA:
Accomplishments
Security Processes, Tools, and Technologies Security program development, vulnerability management, intrusion detection systems (IDS), security information and event management systems (SIEM), end-point protection (EPP), security strategy development, security operations center (SOC) management, cloud access security broker (CASB), security internet gateways, security and awareness training, cyber risk management, compliance, HITRUST, GDPR, ISO, NIST, SABSA, TOGAF, PCI-DSS, FIPS, HIPAA, cloud security, security architecture, cloud technologies, networking security, insider threat, threat intelligence, deception technologies, third party risk management, SDLC, network access control (NAC), firewalls, and security engineering best practices.
Certifications
Certified Information Systems Security Professional (CISSP)
•Certified Cloud Security Professional (CCSP)
•Information Systems Security Architecture Professional (ISSAP)
•Certified Information Security Manager (CISM)
•Certified in Risk and Information Systems Control (CRISC)
•Cloud Security Alliance (CCSK)
•Azure and AWS Cloud Certified
•ISO Certified Lead Implementer
Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.