Information systems security officer resume

Information systems security officer resume DEFAULT

Information Security Officer Resume Sample

We care about your privacy

When you visit our website, we will use cookies to make sure you enjoy your stay. We respect your privacy and we’ll never share your resumes and cover letters with recruiters or job sites. On the other hand, we’re using several third party tools to help us run our website with all its functionality.

But what exactly are cookies? Cookies are small bits of information which get stored on your computer. This information usually isn’t enough to directly identify you, but it allows us to deliver a page tailored to your particular needs and preferences.

Because we really care about your right to privacy, we give you a lot of control over which cookies we use in your sessions. Click on the different category headings on the left to find out more, and change our default settings.

However, remember that blocking some types of cookies may impact your experience of our website. Finally, note that we’ll need to use a cookie to remember your cookie preferences.

Sours: https://www.kickresume.com/en/help-center/information-security-officer-resume-sample/

SUMMARY:

  • A well detailed individual as an Information Security Analyst/Security Assessor, Privacy and Data Security Management & Operations, Vulnerability Scanning, Certification and Accreditation (A&A), Project Management, NIST 800 - 53 Rev1 and rev4 and NIST SP 800-37 rev 1, 800-18, 800-53 rev3 and 800-34,FIPS, FISMA Security Content Automation Protocol, NIST Family of Security Control, FedRAMP Security Assessment Framework, POA&M, Incident and Contingency Planning. Used Splunk for monitoring logs, alerts and aggregations.

TECHNICAL SKILLS:

  • NESSUS
  • TAF
  • Xacta
  • CFACTS and CSAM
  • VMWARE. SPLUNK

WORK EXPERIENCE:

Confidential, Washington Dc

Information Systems Security Officer (ISSO)

  • Risk Management Framework (RMF) Using NIST 800-37 as a guide, assessments and Continuous Monitoring: Performed RMF assessment included initiating meetings with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment.
  • Knowledge of Several Computer Environments: Performed Update, Install, Configure, evaluation and guidance on security control implementation on multiple environments include Windows server, Windows 7, Windows XP, Red Hat 6/7 and Centos 6/7.
  • Perform FedRAMP Government-wide program that provides a standardized approach for security assessment, authorization, and continuous monitoring for cloud products
  • Security Documentation: Perform updates to System Security Plans (SSP) Using NIST 800-18 as a guide to develop SSP, Risk Assessments, and Incident Response Plans, create Change Control procedures, and draft, review, update Plans of Action and Milestones (POAMs).
  • POA&M Remediation: Performed evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation (C&A), RMF, continuous monitoring, and FISCAM audits.
  • Communicate and enforce security policies, procedures and safeguards for all systems and staff, based upon NIST and/or DIACAP.
  • Work with the client, SaaS providers and internal development team to identify security gaps and resolve them to protect client data responsible for assessing compliance to established data protection controls and standards for client data protection and reduce business risk
  • Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Performed assessments, POAM Remediation, and document creation using NIST SP 800-53 Rev.1 and NIST SP 800-53 rev.4.
  • Work directly with GSA-appointed ISSP to create documentation with the level of detail required by FedRAMP Program Management Office (PMO): SSP, CP, CMP, IRP, Policies & Procedures, PTA/PIA, FedRAMP User Guide, CIS Template, and Control Tailoring Worksheet
  • Create Project Plan for FedRAMP Documentation,
  • Developed Solution to Security weaknesses: Developed solutions to security weaknesses in the Requirement Traceable Matrix (RTM) and SAR, while working on POA&M remediation and Corrective Action Plan (CAP. Assisted ISSOs create solutions to weaknesses based on system functionality and pre-existing architecture and an Audit liaison officer with respect to respond to auditor.
  • Communications between multiple clients to perform POA&M remediation for CAP remediation. Handled internal communications within Office of Information Security and external communications with several different divisions on a daily basis. Maintain excellent working relationships with both internal and external customers using communication skills.
  • Provided services as security controls assessors (SCAs) and perform as an integral part of the Assessments and Authorizations process to include A&A scanning, documentation, reporting and analysis requirements. Analyzed current threats to information security and systems. Analyze security findings and data. Published reports and keeps metrics for client systems.
  • Worked with Security Operation Center Analyst in making sure Intrusion detection and prevention systems (IDS/IPS) such as SNORT to analyze and detect Worms, Vulnerabilities exploits attempts and IDS monitoring and management using Security Information and event management (SIEM-SECURITYCENTER BY TENABLE), to collect and Analyze large volumes of logs and network traffic and alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms. Identified trends and root causes of system failures or vulnerabilities using NESSUS Vulnerability Scanner, Nmap to scan ports, weak configuration and missing patches. Assured that the Information Systems Security department's policies, procedures, and practices as well as other systems user groups are in compliance with FISMA, NIST, and general agency standards.
  • Worked with ISSO and Security team to Access Security Controls selected, in Updating SAP, ROE where Vulnerability scanning and penetration testing procedures are included in the assessment, conduct assessment meeting kickoff and security Control meeting with ISSO and System Owner .Assessment finding result be reflexed on the (RTM) or Test case and all weakness noted be reported in our SAR report. Knowledge of SAN-20 and ISO 27001 Security controls and Mapping with NIST.
  • Reviewed documentation to include System Security Plan NIST 800-18 as a guide, Authorization to Operate (ATO),Security Assessment report(SAR) using NIST800-30 as a guide, FIPPS 199 System Categorization using NIST 800-60 Vol1/Vol2 based on confidentiality, integrity and availability (CIA), policy and procedures, e-authentication, privacy threshold analysis (PTA), privacy impact analysis (PIA), contingency plan (CP) and interconnection security agreement as per NIST 800-47, certification and accreditation (C&A) packages and system standard operating procedures.

Confidential

Hands on Linux

  • Hands on experience installing and maintaining Linux on x86 platform and applications.
  • 5 years’ Demonstrable aptitude to learn new technologies and processes.
  • I possess ability to work as a team member and independently with minimal supervision. 3 years with various Linux Distributions Installation, Configuration and Maintenance
  • Experience in building, configuring and troubleshooting in Red hat Enterprise Linux (RHEL) 5/6/7, Oracle Enterprise Linux(OEL), 5/6/ with UEK kernels Experience with Oracle and MySQL Database deployed in a Linux environment.
  • Experience in Installation, Configuration, Implementation, Maintenance & Troubleshooting Apache Web Server.
  • 5 years on Enterprise computing including Linux, Software and Hardware
  • Experienced in Package and patch management using YUM, RPM, Red Hat Satellite and Unbreakable Linux Network (ULN)
  • Experienced in implementing and supporting high availability and fail over configuration for applications.
  • Experience with VMWare ESXI environment, VSphere Client,Vcenter …
  • Experience with disk partitioning and Logical Volume Manager (LVM) and Multipath
  • Experience with Linux User and File System Management
  • Experience on installing, configuring and troubleshooting DNS, FTP, NFS, DHCP, SSH, servers
  • Worked on protocols like HTTP, TCP, UDP, LDAP, Switches.
  • Experienced in using monitoring tools like Nagios and Xymon for monitoring and analyzing issues.
  • Knowledge with memory and swap space management
  • Support with deployment management configuration automated tool like Puppet and Docker
  • Support on Windows server builds and patching
  • Remote support with Putty, MobaXterm and secureCRT 7

Confidential, Beltsville MD

System Administrator/ Information Assurance

Linux Systems Administrator

  • Performed installation using methods: kickstart, Flash Archive, Live upgrade, Executed Installation of Virtual Interfaces In VMWARE, Performed Security Administration on LINUX systems, Acquired Field Experience in Virtualization and Cloud Computing, Installed multiple sparse and whole root zones within one physical instance of Solaris 10, Performance Monitoring and capacity planning, User Security, System Security and patching, Experience in installation and configuration of RHEL 5/6 and CentOS 6, Experience installing and configuration of kickstart servers, Experience building Red Hat from the ground up, physical and virtual, Experience working in a large enterprise environment of 500+ servers, Experience installing Logical Volume Manager (LVM),Experience with network protocols such as HTTP, DHCP, DNS and FTP, NTP, RDP, Experience with RPM and Yum package installation. System hardening, patching and upgrades on standalone servers and on production servers using 10-Recommended patch package, Experience booting into recovery mode to resolve OS issues.
  • Developing a detailed project schedule, including SA&A/SCA task and milestones, task dependencies, and personnel resources
  • Conduct SA&A activities sand tasks and obtain Authorization to Operate (ATO) in line with NIST and client guidance and directives.
  • Determining the baseline IT Security requirements for IT Systems, identifying system boundaries, determining information categories, assisting with FIPS-199.
  • Ensure that IT Systems are operated, used, maintained, and disposed of in accordance with internal security policies and practices.
  • Enforce security policies and safeguards on all personnel having access to the IT System for which the ISSO has responsibility.
  • Ensure users and system support personnel have the required authorization and need-to-know; have been indoctrinated; and are familiar with internal security practices before access to the IT System.
  • Review and generate SA&A and system documentation as needed.
  • Selecting baseline controls for the IT System using RSA Archer and tailor security controls as appropriate.
  • Implement security controls based on IT System FIPS categorization.
  • Documenting security control implementation in the system’s Security Plan using the Library’s Information Assurance (IA) tool (RSA Archer).
  • Conduct SCA for IT systems, when required.
  • Document system’s risk assessment per client directives and requirements.
  • Develop and document all required artifacts for the SA&A package.
  • Conduct Contingency Plan Test (CPT) for systems.
  • Review and monitoring system security and audit logs.
  • Develop and maintain Plan of Actions and Milestones (POA&Ms) for IT systems.
  • Update SA&A documentation and artifacts on a regular basis
Hire Now
Sours: https://www.hireitpeople.com/
  1. Stars above clothing brand
  2. Merced county public records property
  3. Transparent sailor moon
  4. Synonym for master

Information System Security Officer Resume Samples

An Information System Security Officer takes charge of establishing and enforcing security policies and protect the organization’s computer infrastructure, networks, and data. As a part of the job description, these officers carry out all the duties listed on the Information System Security Officer Resume – researching and developing information security plans; protecting the information and preventing unauthorized access; explaining potential threats to users, installing software and implementing security measures; and monitoring networks.

In order to become one, the job applicants should be able to showcase on the resume such skills as – highly analytical and the ability to prioritize needs; technical skills and strong communication traits; commitment to continuous learning and system development; and knowledge of instituting measures to safeguard sensitive information within a computer network. Most officers have a degree in computer science, mathematics or a relevant field.

Information System Security Officer Resume example

Information System Security Officer Resume

Objective : Acquire an active, challenging Information System Security Officer where can use and advance technical and analytical skills and experience. Security Program that enabled organization to setup a security architecture.

Skills : Windows, Servers, Microsoft Office Suite, Active Directory, Vmware, Linux.

Description :

    1. Reviewed and analyzed proxy exception requests for DHS networks using web resources DHS policies as guidelines.
    2. Managed and tracked multiple requests and incidents using a Remedy web-based ticketing system.
    3. Acted as Remedy Change Manager for DHS HQ Information Assurance team.
    4. Managed and tracked all Remedy tickets within DHS HQ Information Assurance ticket queue via Excel workbook, which created.
    5. Reviewed and provided approval recommendations for all new Privileged Account Requests (PARs) for the DHS HQ component.
    6. Provided Federal Management with weekly and monthly PAR reports.
    7. Reviewed and updated multiple Change Requests (CRs) across various DHS networks.
    8. Created Information Security Vulnerability Management (ISVM) surveys within a SharePoint portal and track all responses via SharePoint from acknowledgment through compliance.
Years of Experience

Experience

2-5 Years

Experience Level

Level

Junior

Education

Education

B.S. In Criminal Justice



Sr. Information System Security Officer Resume

Summary : An Information Security Manager with diverse skills and experience in assessing cyber security environments, leading teams, delivering technical and strategic Security Governance, Risk, and Compliance expertise to public and private sector organizations including the FBI, DoD, NASA, Lockheed Martin, Honeywell, and Cisco WebEx.

Skills : Information System Security Standards Knowledge, Powerpoint, Excel, TEMPEST Trained, C&A Trained And Knowledge.

Description :

    1. Managed information security for the $850M Air Force Distributive Common Ground Segment (AF DCGS) information systems composed of multiple classified information systems such as JWICS, NSA, SIPR, CENTRIX, and USBICES.
    2. Revamped information security programs and procedures for Air Force Distributed Common Ground Systems (AF DCGS) as new requirements were established.
    3. Provided Information Assurance (IA) support for Certification and Accreditation (C&A) activities ensuring information systems have the ability to operate.
    4. Revitalized standardized account management processes and procedures vetting user access to AF DCGS network enterprise more efficiently.
    5. Provided security recommendations to ensure new network and system requirements meet established NSA, DIA, and Air Force Directives.
    6. Established and developed procedures for sanitization and disposition of DoD sensitive automated information system components and media-generated within secure compartmented information facilities (SCIF's).
    7. Initiated contact with internal and external sites for tracking, managing and remediating security incidents.
Years of Experience

Experience

10+ Years

Experience Level

Level

Senior

Education

Education

Information System



Jr. Information System Security Officer Resume

Summary : To obtain an Information Technology position drawing upon background, specialized training highly developed organizational skills, and outstanding customer service. Desires a position that will challenge technical, communication, and analytical skills that offer continuous professional growth and development and allow to move up within the organization.

Skills : CISSP, IT Security, NIST 800-53, PKI, Certification & Accreditation.

Description :

    1. Prepared, maintained and implemented an SOP that accurately reflects the installation and security provisions.
    2. Delegated Public Key Infrastructure (PKI) Trusted Agent for the Network Enterprise Center Regional (NEC-R).
    3. Created elevated SIPR and NIPR accounts daily.
    4. Approved and verified Virtual Private Network (VPN) accounts daily.
    5. Ensured that each organization has in place and maintains a Tenant Security Plan.
    6. Responsible for maintaining the documentation of the certification and accreditation activities and direct technical and coordination activities to prepare the system Security Plans and update the Plan of Actions and Milestones (POA&M).
    7. Ensured that unauthorized personnel is not granted use of, or access to, and Information System.
    8. Communicated and enforced security policies, procedures, and safeguards for all systems and staff.
Years of Experience

Experience

7-10 Years

Experience Level

Level

Management

Education

Education

Information Systems


Information System Security Officer III Resume

Objective : Highly motivated, detail-oriented, Information Security Analyst with over 10+ years of experience in the Certification and Authorization (C&A) process. Expertise in performing risk assessments and vulnerability assessments. Well versed in NIST 800-53 Rev 4 requirements.

Skills : Microsoft Office, Human Resources, Project Management, Leadership Development, Operations.

Description :

    1. Developed and maintained a formal Information Systems Security Program.
    2. Implemented and enforced IS security policies.
    3. Reviewed subordinate units System Security Plans and endorse those found to be acceptable.
    4. Oversaw all Information Assurance Officers (IAOs) ensure that they are following established information security policies and procedures.
    5. Arranged necessary technical and security training for 25+ IAOs to carry out duties in their respective units.
    6. Ensured the development of system certification documentation by reviewing and endorsing such documentation and recommending action by the Designated Approval Authority.
    7. Approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output.
    8. Coordinated and conducted Information Systems security inspections, tests, and reviews.
Years of Experience

Experience

2-5 Years

Experience Level

Level

Junior

Education

Education

Technology


Information System Security Officer II Resume

Summary : Information Assurance/Information Systems Security Specialist or Analysts/System Administrator. Implementing various information systems and software maintaining military supply stores.

Skills : Computer Hardware, Customer Service, Customer Relations.

Description :

    1. Conducted investigations of security violations and breaches and recommends solutions.
    2. Prepared reports on security violations and breaches as necessary and provides analysis summary to management.
    3. Provided Enterprise Security Engineering and Information Systems Security expertise and coordination throughout a DHS AIS system development lifecycle.
    4. Developed and refined Standard Operating Procedures (SOPs) that reflect the security operations of the technical environment.
    5. Exercised Information Assurance (IA) control over development changes or requests for improvements to system configuration and system security plan to align with the Department of Homeland Security Sensitive Systems Policy Directive 4300A for General Support Systems.
    6. Managed and ensured that the remediation of POA&Ms activity is being performed.
    7. Supported the configuration-change management process to ensure that changes are reflected in the SSP-RTM that requested changes either improve or do not degrade the security posture of the environment, and that proper testing has taken place to support those changes.
Years of Experience

Experience

7-10 Years

Experience Level

Level

Consultant

Education

Education

Master


Information System Security Officer I Resume

Objective : To obtain a highly rewarding career in the information technology/computer networking field, and utilize current skills to their fullest and equip with new skills to further career.

Skills : McAfee EPO, Server 2008, Server 2012, Xacta.

Description :

    1. Assigned a major application support system in accordance with published procedures.
    2. Coordinated the development of a Contingency Plan, ensuring that the plan was tested and maintained.
    3. Ensured the security requirements for an assigned major support system are met.
    4. Ensured that protective measures for physical security threats are in place.
    5. Updated documents in the Xacta system.
    6. Provided Ongoing Authorization in accordance with published procedures.
    7. Provided continuous monitoring of assigned systems in accordance with procedures.
Years of Experience

Experience

2-5 Years

Experience Level

Level

Junior

Education

Education

IT


Information System Security Officer/Analyst Resume

Summary : Dedicated 17+ years career leading the design, deployment and support of advanced technology solutions, and building and managing IT operations for high-growth organizations.

Skills : Information Technology, IT Specialist, IT Analyst.

Description :

    1. Conducted investigations of security violations and breaches and recommends solutions.
    2. Prepared reports on security violations and breaches as necessary and provides analysis summary to management.
    3. Provided Enterprise Security Engineering and Information Systems Security expertise and coordination throughout an AIS system development lifecycle.
    4. Developed comprehensive policies and procedures that support a security system baseline, resulting from laws, regulations or Presidential directives and ensure that detailed technical baselines reflect the automation and implementation/enforcement of these security plans and policies.
    5. Developed and refined Standard Operating Procedures (SOPs) that reflect the security operations of the technical environment.
    6. Exercised Information Assurance (IA) control over development changes or requests for improvements to system configuration and system security plan to align with Sensitive Systems Policy for General Support Systems.
    7. Managed and ensured that remediation of POA&Ms activity is being performed.
Years of Experience

Experience

7-10 Years

Experience Level

Level

Management

Education

Education

Master


Lead Information System Security Officer Resume

Headline : Over 11 years of Information Technology (IT) customer support expertise providing Technical support activities based on Help Desk Institute (HDI) and Information Technology Infrastructure Library (ITIL) best practices. Over 11 years working with and supporting senior level management and experience preparing briefings and briefing senior executives.

Skills : Information Systems, Information Technology, System Security, A+, Security +, Security Clearance.

Description :

    1. Executed Certification & Accreditation activities program, from bringing a system from Development to Continuous Monitoring through the RMF security authorization process.
    2. Managed security authorization documentation within the Xacta IA Manager tool (IACS).
    3. Assisted in developing unified guidelines and procedures for conducting certifications and/or system-level evaluations of federal information systems and networks including the critical infrastructure of TSA.
    4. Developed and present, both verbally and in writing, highly technical information and presentations to non-technical audiences at all levels of the organization.
    5. Ensured IT systems have all security controls in place and functioning properly in accordance with NIST 800-53A publication.
    6. Reported on FISMA compliance of system.
    7. Managed and applied any necessary ISVM alerts and patches for systems and applications.
    8. Assisted with external/internal audits for designated systems.
Years of Experience

Experience

5-7 Years

Experience Level

Level

Executive

Education

Education

Administration


Information System Security Officer/Supervisor Resume

Objective : Information Security Professional with impressive successful track record, insightful, and result driven. Accrued expertise in security control assessment, develop and update authorization packages (SSP, SAR, POAM), Vulnerability management.

Skills : Information Security Specialist, IT Analyst, IT Executive.

Description :

    1. Performed the Federal Information Security Management Act (FISMA) audit reviews using NIST 800-37 rev 1.
    2. Updated IT security policies, procedures, standards, and guidelines according to the department and federal requirements.
    3. Worked with IT Operations and Network Engineers to mitigate system vulnerabilities discovered in network devices (routers, switches, VPN Concentrator), servers, and workstations.
    4. Performed information security risk assessments and assist with the internal auditing of information security processes.
    5. Assessed threats, risks, and vulnerabilities from emerging security issues.
    6. Analyzed security reports for security vulnerabilities.
    7. Assisted with the selection and implementation of controls that apply security protections to systems, processes, and information resources using the NIST family of security controls.
Years of Experience

Experience

2-5 Years

Experience Level

Level

Executive

Education

Education

Bachelors


Information System Security Officer Resume

Objective : A highly skilled Information Security Professional with 4 years of experience seeking an opportunity to use my information assurance experience in a progressive and diverse organization.

Skills : Quality Assurance, Records Management, Team Player, Team Leadership.

Description :

    1. Reviewed information system Audit records weekly for inappropriate or unusual activities.
    2. Updated Antivirus Definitions weekly on standalone virus scanning workstations to reduce the risk of a vulnerability being introduced onto the network.
    3. Reviewed and verified system maintenance logs to include DTA log records, antivirus updates and any additions maintenance performed on a system.
    4. Maintained and stored all individual user agreement forms for the system.
    5. Reviewed and updated System Security Plans (SSP) when required to reflect all system changes.
    6. Provided guidance to the user to assist with notifying the Security Health Officer (SHO) of any suspected incidents in a timely manner, and assist in the investigation of incidents, as necessary.
    7. Conducted audits of network configuration to ensure compliance in organization regulatory standards.
Years of Experience

Experience

2-5 Years

Experience Level

Level

Junior

Education

Education

Network Systems


Sours: https://www.qwikresume.com/resume-samples/information-system-security-officer/
CISO Day 2020 Resume

Chelsie Waters

787 Ross Mall,  San Francisco, CA

+1 (555) 957 6800

Work Experience


Regional Information Security Officer

06/2017 - PRESENT

Los Angeles, CA

  • Facilitates awareness and trainin
  • Manage an aggressive program to promote employees’ awareness and understanding of Information Security Policy, Standards & procedures
  • Review Vendor Security Questionnaires and/or Vendor Onsite Security Reviews. Guide the business in development of action plans while reporting and tracking to closure all information security issues resulting from Self-Assessment, Audit, Risk Assessment, Ethical Hacks, Vendor Reviews, etc
  • Identify key business contacts to ensure adequate coverage for the business’ security program
  • Experience
  • Identify and analyze root cause of mobile/web security issues and work to reduce trending in future development
  • Possess strong / experienced application development and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post production and the different risk elements associated with each step
  • Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for the line of business (LOB)

Information Security Officer

05/2011 - 01/2017

San Francisco, CA

  • Serve as Great Western Bank’s Incident Manager. Enhance and organize the program and activities
  • Enhance and coordinate Great Western Bank’s information security and awareness training. This includes new hire orientation as well as ongoing training
  • Facilitates awareness and training
  • Your experience in an international, multicultural working environment is an advantage
  • Your being a great teammate is a good factor
  • Earned an appropriate certification such as CISSP, GIAC, CEH, CISM, or similar certification demonstrating security management
  • Maintain the regions’ technology risk register and the mitigation process
  • Oversee the work of the organization’s information security program including directing the implementation and administration of the company’s information security function. Conduct an annual review of program strategies to identify risks and opportunities, gaps, and reasonable controls to be implemented

Junior Information Security Officer

09/2004 - 12/2010

Boston, MA

  • Provides guidance and advocacy regarding the prioritization of LOB investments that impact information security
  • Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
  • Monitors information security trends internal and external to the bank and keeps LOB leadership informed about information security-related
  • Ensures compliance with policies and laws
  • Contributes to BMO Financial Group’s overall business results by making recommendations that significantly improve operational efficiency and effectiveness
  • Establish leadership relevance for the Global Groups functions and LATAM Sector by ensuring visibility and alignment to the global cyber security program/framework and other BISO's roles within PepsiCo and the information security industry. It's imperative that this role mirror scope and processes that complement the other BISO roles in AMENA, ESSA, and North America
  • Develop a framework that includes a support model for Regions within the Sector to ensure comprehensive security operational coverage for the LATAM business and Global Groups functions.

Education


Virginia International University

2000 - 2004

Bachelor's Degree in Computer Science

Professional Skills


  • Strong overall competencies including analytical skills, effective planning and prioritisation skills
  • Excellent problem solving skills, with proven organizational skills
  • Strong leadership skills with proven experience working in a senior information security management position
  • Above average customer service skills as well as verbal and written communication skills
  • Experience giving presentations and superb communication skills
  • Strong interpersonal skills: effective listening, patience, composure
  • Middle level experience in Excel (pivot tables, reports, basic macro skills)

Create an Information Security Officer Resume

How to write Information Security Officer Resume

Information Security Officer role is responsible for security, technical, analytical, risk, business, leadership, interpersonal, technology, development, presentation.
To write great resume for information security officer job, your resume must include:

  • Your contact information
  • Work experience
  • Education
  • Skill listing

The section contact information is important in your information security officer resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:

  • First and last name
  • Email
  • Telephone number

The section work experience is an essential part of your information security officer resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous information security officer responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular information security officer position you're applying to. The work experience section should be the detailed summary of your latest 3 or 4 positions.

Representative Information Security Officer resume experience can include:

  • Act as primary Information Security liaison to Blue Cross Blue Shield Association by participating in CISO workgroups and providing thought leadership. Oversee company’s compliance with Security and Incident Response portions of the Association’s Inter Plan Program Policies and Provisions
  • Solid technical acumen and strong consultative skills
  • Strong MS Office skills for creating metrics, presentations, and performing data analytics
  • Excellent consulting and problem-solving / analytical skills
  • Effective team/relationship building and leadership skills across divisional and departmental
  • Good communication and presentation skills articulating IT security and privacy technical issues in a clear and actionable manner to non-technical leadership

Make sure to make education a priority on your information security officer resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your information security officer experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.

Additional details to include:

  • School you graduated from
  • Major/ minor
  • Year of graduation
  • Location of school

These are the four additional pieces of information you should mention when listing your education on your resume.

When listing skills on your information security officer resume, remember always to be honest about your level of ability. Include the Skills section after experience.

Present the most important skills in your resume, there's a list of typical information security officer skills:

  • Strong interpersonal skills and team building skills
  • Excellent communication skills and ability to effectively engage from Senior Executives through individual technical staff
  • Effective leadership skills with the ability to create empowered teams including knowledge sharing, documentation, timeliness and proactive planning
  • Strong collaborative and communication skills Highly dependable team player with ongoing commitment to excellence
  • Excellent technical, organizational, planning, documentation and communications skills
  • Excellent oral and written communication skills; ability to develop polished communications for the entire bank, senior management and IT staff

List of Typical Experience For an Information Security Officer Resume

  • Excellent interpersonal skills to negotiate and communicate with others, especially in complex situations; and
  • Define secure application configurations leveraging technical knowledge and problem solving skills in accordance with Citi’s secure SDLC process
  • People Management skills (influencing/convincing)
  • Five+ years of proven project experience leading to successful capability and risk reduction
  • Leadership skills at a supervisory level
  • Proven hands-on, experience in multiple information security disciplines
  • Prior experience in a project management and/or risk and control role would be an advantage (e.g. in BISO, ORM, Audit, Data Privacy)
  • General working knowledge of managing a COMSEC account; experience ordering and applying keying material for communication devices (e.g., Taclanes)
  • Responsible for developing, maintaining and validating Disaster Prevention / Disaster
  • Good understanding of OSI model, with sound knowledge with security issues on operating systems (Windows, Linux), web applications, and databases (desirable)
  • Good knowledge on Linux system configuration and management. Working knowledge of Linux scripting (desirable)
  • Experience in leading projects leveraging global teams with matrix resources
  • Demonstrate continuous improvement throughout the IS program by promptly evaluating and reporting the Corrective Action Plan
  • CISSP, CRISC, CISA, and/or CISM (or combination of in good standing) with SANS, other relevant technical/information security certifications (desirable)
  • Report on the effectiveness of the organizations security program to the leadership team including the progress of remedial actions
  • Work with teams to dentify security gaps prior to PEN testing &
  • Relevant working experience in a similar role
  • Multi-tasking – can manage several concurrent projects and prioritise demands
  • Experience communicating to senior management
  • Experience in executing information security risk assessments
  • Hands-on experience in Information Security with demonstrable, game-changing accomplishments in the Information Security area
  • Experience using the Proactive Risk Identification & Mitigation Engine (PRIME)
  • Experience with PCI controls and compensating controls
  • Experience managing people
  • Demonstrable understanding and experience of Civil Nuclear Security regulations and standards
  • An understanding and some experience of wider security requirements within personnel and physical security is beneficial
  • Experience implementing a common Risk Management Framework
  • Strong knowledge of key issues regarding IT Security and Information Risk Management (Data Security, Endpoint Security, Record Retention, Data Privacy etc)
  • Good understanding of IS policies, standards and procedures
  • Good knowledge of AAA (TACACS, RADIUS etc.) and identity and access management (desirable)
  • Familiarity Unstructured Data inspection technology. Experience and hands on knowledge with Data Loss Prevention security controls
  • Conduct acceptable use audits and security policy and good practice trainings
  • Collect and analyze internal/external customer feedback on experience of Security for opportunity for enhancement
  • To ensure effective IT policies are in place and embedded aligned to the business strategy
  • Manage multi-tasks assignments and efficiently prioritize workload with limited supervision and resilient under pressure
  • Demonstrated IT/ Security project management
  • Demonstrated conflict resolution abilities
  • Demonstrated motivational leadership traits
  • Assess effectiveness of endpoint security controls and solutions
  • Demonstrable experience with NIST cybersecurity framework , ISO2700X and PCI DSS and other relevant security standards and technologies
  • Scheduling, preparing and documenting security governance meetings
  • Working technical knowledge of TCP/IP networking concepts and protocols, and working technical knowledge of common network protocols (DNS, HTTP/HTTPS)
  • Reporting security risks to management and handling data breaches
  • Working knowledge of common internet services/protocols such as DNS, SMTP, SFTP etc (desirable)
  • Ongoing management of the Information Security Management System
  • Looking for all possible (and impossible) risks, threats in a persistent way
  • Interpreting results of ethical hacks for mobile applications
  • Ensuring Group Policies are understood & implemented across the Business Units
  • Improving security awareness across staff
  • Keeping abreast of all current InfoSec risks and threats
  • Contributing to the information risk assessment
  • Supporting the security incident process
  • Maintaining ISMS action logs, e.g. the risk log, security incident log and CAPA log etc
  • Understanding of promotion of security policies
  • Ensuring business continuity
  • Performing information security reviews and control compliance assessments
  • Reviewing business processes and products for policy violation/non-compliance areas
  • Performing acquisition due diligence for Information Security risks and control deployment
  • Developing and implementing the organization's information security policies, process and plans
  • Developing and maintaining the information security team to include internal processes and practices
  • Reviewing legislation within an information security nexus and providing subject matter expert feedback
  • Leading and managing information security staff and resources
  • Identifying and implementing solutions to organizational information security threats and vulnerabilities
  • Backfilling the role of Chief Information Risk Officer in his/her absence
  • Leading projects related to information security
  • Remaining current on information security trends, threats and vulnerabilities
  • Collaborating with the Enterprise Security Office to ensure that the ISPO's alignment with their processes, policies and plans
  • Develop and implement procedures for detecting, reporting and responding to security incidents
  • Ensure security of LPUS business applications, appropriate access control, incident management handling, and logging and monitoring of system activity
  • Responsible for providing consistent information security technical assessments, supporting all Global Consumer Banking lines of business and CIOs
  • Assist business in managing and preventing future incidents and providing incident coordinator services as needed
  • Ensure that organizational personnel including contractors, receive appropriate information security awareness training

List of Typical Skills For an Information Security Officer Resume

  • Excellent interpersonal skills; a credible communicator and negotiator with stakeholder influencing skills
  • Strong analytical thinking and strong decision-making skills
  • Risk management experience with proven ability to effectively apply risk principles to challenging business situations
  • Prior experience developing and disseminating effective security-related information, training and education
  • Demonstrated excellence in writing, speaking, and presentation skills
  • Demonstrable skills in delivering projects, work prioritisation and planning
  • Strong relationship, team building and facilitation skills
  • Good experience validating compliance of security controls
  • Excellent communication skills – both written and verbal, including the capacity to communicate complex and technical issues in simple terms
  • Strong risk analytics and problem solving skills
  • Excellent interpersonal skills to interact with leaders at multiple levels and interactive with teammates
  • Strong inter-personal skills with ability to nurture relationships with colleagues across multiple disciplines
  • Developing an understanding of the business direction and priorities, opportunities and challenges in order to prioritise security focus
  • Experience working with diverse groups with varying priorities and goals and moving these groups toward consensus
  • Strong experience in application security, vulnerability testing and development of risk appetite supporting the mobile application ecosystem
  • Demonstrated experience and familiarity with engineering and troubleshooting security controls in a large-scale infrastructure
  • Manages risk by analyzing the root cause of issues, impact to business, and required corrective actions by leveraging analytical skills
  • Prior experience in quantifying and/or qualifying risks as they relate to the enterprise systems
  • Proven experience in developing policy position statements and articulating deviations
  • Demonstrated experience managing and developing IT Security staff
  • Proven high performance in problem solving, collaboration and priority setting
  • Demonstrated experience in implementing security controls, conducting Threat and Risk Assessment, gap analysis, and requirements traceability matrix
  • Experience validating that our mobile offerings are designed and implemented to the highest security standards
  • Working experience, of which at least 5 years’ experience in IS
  • Change management and business process experience is ideal together with a proven track record of driving large-scale change programmes
  • Solid experience in translating Information Security requirements into IT Security controls and measures
  • Demonstrated experience managing multiple projects and teams within an IT environment
  • Strong work ethic, high drive and ability to focus. Strong stamina. Shows optimism and determination when facing challenges
  • Prior experience providing support in a higher education environment
  • Possess over the top problem solving and negotiation skills
  • Effectively coach employees and lead and direct the work of others
  • Strong LOB knowledge/experience for the type of business they are aligned to (e.g. CSBB/GBM)
  • Demonstrated experience with Enterprise Network devices
  • Implementing an effective process for the reporting of security incidents
  • Understanding of Regional Business Requirements and EGSO initiatives and effective communication with relevant BU’s
  • Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (cloud, mobile security)
  • Partner with NIRT to focus efforts on CAP Threat Modeling, Threat Monitoring and focused Pen Tests and Red Teaming efforts prioritized by critical assets
  • Experience in understanding and deploying and operating risk management frameworks
  • Experience with risk assessments including heat maps, control gaps, compliance monitoring, testing, risk remediation, and mitigation
  • Experience in designing, evaluating and documenting processes
  • Experience in building, implementing, and managing enterprise-level information security programs
  • Knowledge and experience in managing and supporting security requirements for variety of different systems and applications
  • Experience in reporting and/or data parsing systems
  • Ten or more years’ experience in developing and implementing QA processes
  • Experience managing or leading cyber security teams
  • Experience of working and managing outsourced service partners
  • Demonstrate knowledge of the latest IT thinking and threat modelling methods together with a creative drive
  • Knowledge and skill with business continuity planning, auditing, and risk management
  • Experience with data classification, labeling, and protection technologies including the Traffic Light Protocol
  • Experience troubleshooting and configuring web servers, databases and information security specific software
  • Experience developing and delivering information security programs in compliance with common industry frameworks (ISO, NIST, COBIT, ITIL, etc.)
  • Skilled in performing risk assessments & classifying information assets
  • Experience in understanding business requirements and aligning them with Information Security Policies
  • Experience analyzing and evaluating security solutions for business requirements
  • Experience working in Financial Services or a Technology Company supporting Financial Services industry
  • Solid understanding of vulnerability assessment, threat analysis and reporting
  • Good understanding of endpoint security solutions like anti-phishing and anti-malware, multifactor authentication, DLP, etc
  • A good understanding of application security, development processes, and testing
  • System administration experience, including troubleshooting, support,
  • Experience leading teams in accomplishing process review and improvement
  • Client-focused and service orientated. Proactively engages with stakeholders and maintains effective working relationships
  • Strong understanding of cyber security trends and events
  • Development experience in one or more of the following: C#, C++, Java, JavaScript, ASP.NET, or PHP
  • Good understanding of defensive, corrective and detective controls and requirements
  • Previous Analytic and troubleshooting experience is required
  • Project Management experience and/or related training or education
  • Experience of managing offshore-provided IT service, operations and support
  • An understanding and some experience of wider security requirements within personnel and physical security
  • Experience working within information security
  • A robust knowledge of PCI DSS and ISO27001, with previous experience of PCI Level assessment processes being an advantage
  • Strong background in delivering security awareness programmes is crucial
  • Experience of working with outsourced service partners
  • Strong understanding of cyber security and familiarity with current trends/ developments
  • 6 months' experience, 12 semester hours, or a combination of both in one or in any combination of the below areas involving
  • Proven ability to write policies and procedures relating to information technology
  • Proven ability to exercise independent thinking and judgment

List of Typical Responsibilities For an Information Security Officer Resume

  • Drive adoption of global security program standards throughout their region Experience, Skills and Qualifications
  • Prior experience with Deutsche Bank’s applications e.g. in a Developer or ITAO role or defining business requirements would be beneficial
  • Experience with multi-tasking and prioritization
  • Build and maintain strong and effective relationships with business users and teams to ensure that service delivery meets their expectations
  • Successful experience in retrieving, analyzing, reporting, addressing and/or tracking security intrusions and vulnerabilities
  • Experience managing high-performing teams in stressful environments
  • Good understanding of technical security controls and secure coding standards
  • Based on the self-assessment support the business in analyzing the risk and prioritizing tasks
  • Demonstrated knowledge in systems design, development, documentation, testing, implementation and/or maintenance
  • A solid understanding of security best practices and international standards such as ISO2700 and PCI DSS
  • Security Training and Awareness, Security Governance, and Security Incident Management knowledge & experience
  • Demonstrable experience of driving operational implementation of policies and processes across business units
  • Experience in handling end to end delivery with full delivery ownership
  • Ensure that good consumer outcomes are at the centre of decision making
  • Ensure effective communication to all key stakeholders in order to sustain relationships between business and IS
  • Determine own work priorities in line with agreed plans to ensure the achievement of the function’s objectives
  • Assessing strengths and development needs of team members; providing timely & specific feedback and coaching; promoting career development of staff
  • Managing the Virginia Tax staff and other resources that support the agency’s IT security environment. Developing and testing IT security programs
  • Working knowledge of developing and testing IT security programs
  • Assisting business and support functions in evaluating tools and technology that support the enterprise's security and risk management approach
  • Maintaining contacts with product providers and service companies as needed for product updates or troubleshooting
  • Updating and maintaining the system security plans for each accredited computer system at specified sites
  • Working knowledge of Microsoft OS, Unix, Linux, Oracle and application patching policies, processes, and procedures
  • Getting familiar with the latest industry standards and innovative IS technologies
  • Developing information system security plans (SSP), best practices and guidelines
  • Executing self-assessments based on ISO27000 to measure the security status
  • Working knowledge of Internet and intranet security requirements and vulnerabilities
  • Assistance in specifying/running penetration tests and/or helping others to interpret/understand the results of penetration testing
  • Provide consulting services on current and upcoming projects covering all levels of network and IT security architecture
  • Direct team activities during production problems including those existing with vendors and third party partners
  • Assist in implementing endpoint security solutions and controls e.g. Security configuration management solutions, application whitelisting, endpoint monitoring
  • Maintain relevant metrics to facilitate reporting and decision making
  • Provides general IS consulting services, including interpretation and/or clarification
  • Read about and be aware of trends regarding business recovery planning and security in industry
  • Complete security-related risk assessments against corporate policies, including cloud computing assessments
  • Responsible for developing and maintaining Security and Confidentiality Plan for the Project
  • Compile monthly Infosec reports covering areas such as breaches, patching compliance, policy compliance, etc
  • Ensure compliance with existing laws and regulations and ensure a secure IT environment
  • Partner with the business Operational Risk functions to establish an understanding of the business’ appetite and tolerance for risk
  • Opportunity to be an active member of a diverse, fast-growing multinational company, that is socially responsible
  • Monitor ‘Run The Bank’ processes are working
  • Help Citi’s business units implement and comply with new and existing security policies, standards, and controls
  • Increases awareness of all employees about Information Security within the Region and identify specific Country or Business training needs
  • Exposure to regional/sector risk management teams and an understanding of the sensitivity of the dynamic relationships cross-sectors and regions
  • Ensures compliance with GIS IS training requirements and provides appropriate materials and opportunities
  • Perform risk assessments of business processes, utilizing the RCSA framework
  • Provide 2nd line support to controls and compliance testing
  • Improve the overall IT control environment, whilst minimizing the Bank’s exposure to risk
  • Provide regular, timely reporting on the information security status across the supported business division
  • An understanding of enterprise, network, and cloud based technologies
  • An understanding of IT Risk & Control frameworks
  • Provides periodic IS risk management reports highlighting key issues and corrective action plans
  • Provide advice and guidance for IT security related activities; ensuring users are aware of key issues and able to implement correct procedures and protocols
  • Possess a firm understanding of the offerings within both Amazon Web Services (AWS) and the Microsoft Azure platforms
  • Complete regular security and compliance reporting to both LPUS and LP Corp
  • Responsible for overseeing the Annual Risk Assessment and Analysis for the Project
  • Prepare and coordinate implementation of university-wide information security training
  • Advise on secure application development projects to assist teams ensuring they understand the required approach to security
  • Security testing of web and thick client applications
  • Provide/facilitate instruction and training for One staff on Infosec topics
  • Ownership of application penetration tools (licencing, strategy, etc)
  • Present Information Security updates in IT Steering Committee and Business Risk, Compliance & Control Committee (BRCC)
  • Oversight of coordination and integration of identity management and security monitoring functions
  • Coordinate and develop business continuity and disaster recovery plans and lead testing of plans and other scenario based exercises
  • Lead regular testing of high-risk applications and processes
  • Lead scenario analysis and testing specific to LOB, Create and manage inventory and control of all repositories that house high risk data (PCI, PII, HIPAA)
  • Drive data protection strategy and initiatives through assigned LOB areas Ensure 100% completion of all required security training for assigned LOB
  • Lead security-based training that is specific to LOB
  • Act as point of contact for providing responses to RFP received by LOB from potential customer
  • Ensure compliance with policy and standards for LOB Marketing areas (communications, websites)
  • Manage security exceptions to contract language during negotiation
  • Advise on deviation control alternatives, such as compensating controls, and assist with standard exception process

Related to Information Security Officer Resume Samples

Chief Information Security Officer Resume Sample

Work Experience


  •  Ensure ongoing analysis of information security threats, vulnerabilities, and market trends. Determine potential impact on the organization’s risk posture   •  Engage with the IT leadership across the Firm; challenge and support as required to drive an appropriate level of security across the entire I...

Professional Skills


  •  Lead the development and implementation of...

  •  Lead efforts to internally assess, evaluat...

  •  Strategic Planning experience: (developing...

Facility Security Officer Resume Sample

Work Experience


  •  Facilitate the submission and processing of personnel security clearances and periodic reinvestigations (SF86s) through Joint Personnel Adjudication System (JPAS) and Electronic Questionnaires for Investigations Processing (e-QIP)   •  Develop and conduct initial security awareness, foreign travel, an...

Professional Skills


  •  Demonstrated management experience requiri...

  •  BA/BS or equivalent experience and 8 years...

  •  Excellent written and verbal communication...

Transportation Security Officer Resume Sample

Work Experience


  •  Conducting and supervising subordinate employees in conducting pre-board security screening of persons, their carry-on and checked baggage/cargo   •  Overseeing screening checkpoint(s) and/or baggage screening operations on a day-to-day basis to include equipment, personnel, and the scheduling and rot...

Professional Skills


  •  Skill sufficient to operate all advanced t...

  •  Able to work irregular hours and/or shifts...

  •  Able to successfully complete required cla...

Fiscal Analyst Resume Sample

Work Experience


  •  Oversee, maintain, monitor and ensure the integrity of OMH billing system monthly bill runs. Resolve pended, denied and audited claims. Analyze services and recording statistics to identify unbilled visits and under-utilization of services. Audit and analyze data to ensure data accuracy and compliance with federal and st...

Professional Skills


  •  Excellent analytical, quantitative, writin...

  •  Demonstrated skills to compile and summari...

  •  Strong research, problem solving, and time...

Risk Governance Resume Sample

Work Experience


  •  Manage sensitive cross LOB client controls processes, including the Client Screening List (CSL)   •  Work with firmwide LOBs and functions, including Global Financial Crimes Compliance (GFCC) to evolve current CSL process to clearly identify all necessary resources for “hits” communications to include...

Professional Skills


  •  Advanced sharepoint skills and advanced Mi...

  •  Outstanding written and oral communication...

  •  Proficiency in English, excellent analytic...

House Officer Resume Sample

Work Experience


  •  Graduate of an accredited APN program   •  Excellent interpersonal skills including written and spoken English   •  Proven security experience in a ‘soft’ customer service driven environment, where they have worked with minimal supervision utilising excellent judgement and decision...

View All Resume Samples & Examples

Sours: https://www.mintresume.com/resumes/information-security-officer

Officer resume systems security information

.

CISO Day 2020 Resume

.

Now discussing:

.



476 477 478 479 480