Chief Information Security Officer - Information Technology Resume Sea
Chief Information Security Officer - Information Technology Resume Sea
My Spider Scam Awareness Contacting Us F. A. Q.
 
Job Seekers
Search Jobs
Browse Jobs
Post a Resume
Job Alerts
 
Employers
Search Resumes
Browse Resumes
Post a Job

Chief Information Security Officer Resume


Desired Industry: Information Technology SpiderID: 70120
Desired Job Location: McKinney, Texas Date Posted: 9/15/2013
Type of Position: Full-Time Permanent Availability Date: Immediately
Desired Wage: 190000
U.S. Work Authorization: Yes
Job Level: Management (Manager, Director) Willing to Travel:
Highest Degree Attained: Other Willing to Relocate: Yes


Objective:
Detail-oriented, highly skilled, and
multifaceted professional, offering more
than 13 years of experience and skills
in information security analysis,
information security policy design, risk
assessment, security incident response,
and security solutions. Skilled at
designing and implementing cyber
security solutions for major government
organizations and financial entities.
Adept at security policies, solutions,
and standards that constantly pass the
security, regulatory, and customer
audits. Successful in initiating three
separate security programs over the past
five and a half years which passed all
third-party audits and all established
laws and regulations. Comprehensive
background in developing and
implementing strategic technology and
security roadmaps aligned with the needs
of the business to deliver exceptional
security and privacy solutions.
Knowledgeable of penetration testing,
vulnerability assessment, and security
program development. Expert at
implementing new concepts, new security
technologies, and new security controls
as well as in developing innovative
security controls and processes.
Bilingual in English and Russian.


Experience:
PROFESSIONAL EXPERIENCE

Information Security Officer - H. D.
Vest Financial Services, Irving, TX: Sep
2011–Present
The 8th largest independent broker-
dealer network in the United States
which provides comprehensive financial
services to 3,000,000 individuals and
small businesses through 7,000 advisors.
These services include security
investments, retirement planning,
investment management, education
planning, business planning, and estate
planning that is regulated by FINRA and
SEC.
- Design comprehensive information
security program which involves both
internal and advisor/customer security
practices and solutions as well as
assessment of information security risk
in light of executive management's risk
tolerance and advisor acceptance as
member of the H. D. Vest divesture from
Wells Fargo
- Serve as the principal member of
the Information Security Steering
Committee as well as stakeholder of the
Risk Oversight Committee
- Function as the leading member
of the Computer Incident Response Team
(CIRT), in charge of investigating the
internal and external incidents as well
as rendering guidance and root cause
analysis to executive leadership
- Administer the review,
validation, redirection, and approval of
information security infrastructure at
three data centers
- Organize and facilitate risk
mitigation meetings between
infrastructure and development as well
as oversee and approve physical security
systems and strategies at all H.D. Vest
Facilities
- Handle threat and vulnerability
management (TVM) activities as well as
complete the execution of due diligence
audits and assessment of vendor
contracts for information security
concerns
- Evaluate and approve security
exceptions as well as monitor the
compliance with all the employed
policies
- Render direct oversight to the
Security Operations Center (SOC)
activities, which included penetration
testing, scanning, and monitoring of the
environment
Career Accomplishments:
- Played a pivotal role in
implementing a successful information
security program, with policies and
standards that complied with the
requirements derived from Financial
Industry Regulatory Authority (FINRA),
Payment Card Industry (PCI), Experian’s
Security Assessment (RI3PA), Federal
Financial Institutions Examination
Council (FFEIC), Health Insurance
Portability and Accountability Act
(HIPPA), and Securities and Exchange
Commission (SEC) regulations which
required resolution of concerns from the
parent company expressed during
divestiture activities
- Passed the SAS 70 type II audit
- Successfully managed and
corrected the security architecture,
which was originally developed by the
divestiture contractors, while meeting
stringent timelines
- Prospected vendors for the
supply of technical services to
implement the information security
architecture that was available for
purchase by the advisors to ensure
adherence to FINRA, FFIEC, and SEC
regulations which were available to be
installed in all 50 states
- Prepared weekly reports for the
management regarding the security state
of the environment and forensic root
cause analysis of H. D. Vest and advisor
security incidents which brought major
impact to the strategic decision-making
regarding security, compliance, and
business objectives and budgetary
allowances
- Presented five information
security presentations to 700 H. D. Vest
advisors at the H. D. Vest national
conference

Principal Cyber Security Engineer -
Aeronautical Radio, Inc. (ARINC),
Carrolton, TX: Sep 2010– Sep 2011
A provider of security solutions for the
Department of Energy (DoE), Department
of Defense (DoD), National Security
Administration (NSA), Department of
Homeland Security (DHS), airports, rail
and transit companies, and other
government entities.
- Oversaw the design, testing, and
implementation of the cyber security
solutions of the AIM physical security
systems for 64 nuclear power plants
across the Unites States as well as
Strategic Reserve, Department of
Defense, and Department of Energy sites
- Spearheaded the preliminary and
ongoing sales meetings on how product
provides appropriate levels of cyber
security and comply with current
regulations
- Carried out systematic cyber
security assessments and audits as well
as completed fuzzing, internal
vulnerability scans, penetration
testing, and interpretation of results
for the facilitation and auditing of
remediation efforts as well as removal
of vulnerabilities
- Responsible for driving ARINC
initiatives in Information/Operations
Warfare, Electronic Warfare, Knowledge
management/discovery, Cyber Security
Systems Engineering & Integration, and
Information Assurance
- Took charge of the design,
testing, and implementation of the
secure network architecture for ARINC
physical security systems
- Generated comprehensive and
accurate documentation of all cyber
security implementations
- Worked as the founding member of
the Cyber Security Stakeholders
Committee, responsible for coordinating
with the senior management regarding
cyber security initiatives along with
providing insights about the emerging
information security business sectors
- Acted as the primary point of
contact for forensic investigations and
incident response for ARINC cyber
security customers, which included
provision of due diligence guidance
relating to the incidents
- Served as an effective ARINC
representative, responsible for meeting
with a panel at Johns Hopkins in January
2011 to a group of more than 200
students and small business owners
regarding information security
Career Accomplishments:
- Displayed expertise in
formulating cyber security program
compliant with the Nuclear Regulatory
Commission (NRC) and Nuclear Energy
Institute (NEI), which included controls
for the mitigation of risk and reduction
of the system’s attack surface and
processes for employing controls and
maintaining separation of duties
- Provided effective solutions to
client’s cyber security concerns for
four $20M systems that caused delivery
delays for several years, which helped
enhance the ARINC image as a cyber-
security service provider which led to
further business developments
- Successfully secured $300M in
new National Security Agency (NSA) cyber
security business

Operations Security Officer - Digital
Matrix Systems (DMS), Addison, TX: Feb
2008–Sep 2010
A small, privately held company,
providing credit analytics, credit
reporting software, and custom credit
score solutions to credit card, consumer
loans, mortgage loans, collections, and
insurance industries.
- Directed the physical and
information security operation for an
environment that process 750,000 credit
report requests daily
- Assured accuracy in creating the
ISO 17799/27002 information security
policy along and assessed and remediated
the software development lifecycle for
secure practices
- Gave a weekly update to the
management regarding security
vulnerabilities and emerging threats as
well as rendered recommendation on
security control solutions
- Assured compliance with the
business and security certification,
auditing requirements, and current state
of security infrastructure in creating,
implementing, and managing information
security policy
- Established and led the Computer
Incident Response Team (CIRT) in
containing and resolving security
incidents along with overseeing forensic
investigations and providing root cause
analysis conclusion reports to the
management
- Led the validation and testing
of business continuity and disaster
recovery plans
Career Accomplishments:
- Displayed expertise in
developing a successful information
security program within one year where
none had previously existed as well as
enabled the successful passing of the
company on 63 audits and SAS70 type II
within two and a half years, including
the achievement of PCI and RI3PA/EI3PA
compliance within six months of the
project initiation
- Played an integral role in
developing, testing and deploying
security controls without delaying the
contractual-based service level
agreement (SLA) of returning the credit
report request to end user in three
seconds or less
- Brought improvement to the
employee security awareness through
instigation of training programs and
materials


Education:

EDUCATION

Coursework toward Pre-Medicine Program -
Texas Tech, Lubbock, TX
Coursework toward Pre-Medicine Program -
University of Texas at Arlington,
Arlington, TX
Coursework toward Pre-Medicine Program -
University of Texas at Dallas,
Richardson, TX


Affiliations:
PROFESSIONAL AFFILIATIONS

The International Information Systems
Security Certification Consortium (ISC)
Information Systems Audit and Control
Association (ISACA)
Financial Industry Regulatory Authority,
Inc. (FINRA) Karen


Skills:
Strategic Planning and Implementation |
Regulatory Compliance | Project
Management | Risk Management
IT Infrastructure | Design Process
Improvement | Change Management |
Software Development Life Cycle
Management
Deployments and Migrations | Business
Continuity and Disaster Recovery |
Security Awareness | Incident Management


Additional Information:
TECHNICAL ACUMEN

Protocols: TCP/IP | UDP | HTTP | HTTPS |
SSL | FTP | TFTP | Telnet | SNMP | ICMP
| SSH | DNS | DHCP | LDAP | WINS NAT |
VPN | SMTP | POP | IPSEC | IMAP

Security Software: Backtrack |
Metasploit | Nessus | Nexpose | Saint |
Prism EventTracker | TriGeo | NitroSIEM
| Encase

Others: Cisco IDS/IPS | IBM ISS | RSA
Envision | McAfee | Sourcefire IPS |
Firewall Alerts/Vulnerabilities
Microsoft Windows | UNIX and Linux |
Microsoft Office | Internet Explorer |
Mozilla Firefox |Google Chrome
SQL | Oracle | IIS | Apache



CREDENTIALS

Licenses:
- Top Secret/SSBI Clearance -
Department of Defense (DoD): Nov 2007

Certifications:
- Certified Information Systems
Security Professional (CISSP) - (ISC)²
(Scheduled to take the ISSMP
certification in September 2013)
- Certified Information Systems
Auditor (CISA) - ISACA
- FINRA Series 99 Operations
Professional - Financial Industry
Regulatory Authority (FINRA)
- Fair Credit Reporting Act (FCRA)
Certification - Consumer Data Industry
Association

PUBLICATIONS

Childers, B. (2010). How one company
prepared for PCI DSS compliance.
Computer Security and Fraud, (2010)8. 3.

Childers, B. (2010). Turning cyber
threats into business opportunity. ARINC
Newsletter, (2010)125.


Reference:
Available upon request.


Candidate Contact Information:
JobSpider.com has chosen not to make contact information available on this page.
Click "Contact Candidate" to send this candidate a response.


    





© 2019 Job Spider
Privacy Policy | CC Marketing Sites | Site Map | Links