Business Information Security Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the business information security job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

D Feest

Donnie

Feest

269 Sanford Lakes

Philadelphia

+1 (555) 207 7497

269 Sanford Lakes

Philadelphia

Phone

p +1 (555) 207 7497

Experience Experience

Boston, MA

Business Information Security

Boston, MA

Cummings-Hermiston

Boston, MA

Business Information Security

To work closely with System, Network and Application Teams for closure of non-compliance issues found
Ensure compliance of internal framework with APAC regulations and with standards and international framework (ISO, NIST…)
Manage the testing and sign‐off of DLP policies once they have been released in UAT
Contribute to IT Security controls framework optimization
To contribute to IT quality and process improvement
Prioritize ideas for new DLP rules with management, and schedule their implementation
Participate to Technology Risks Management

Los Angeles, CA

Information Security Business Manager

Los Angeles, CA

Yundt LLC

Los Angeles, CA

Information Security Business Manager

Promotes the culture of risk management and awareness
Facilitates control assessments over Information Security management controls
Plans and coordinates Information Security projects and initiatives within the business according to established plans and timelines
Leads regular meetings with assigned business unit management to cover pertinent security topics
Assists the coordination of vendor security diligence reviews with the business
Coaches and provides sound Information Security direction, advice and consultation to business groups
Leads and coordinates user developed application (UDA) control program within assigned business units

present

Detroit, MI

Information Security Business Integration Lead E

Detroit, MI

Stoltenberg Group

present

Detroit, MI

Information Security Business Integration Lead E

present

Surface and execute upon opportunities to improve LOB security including supporting strategic projects, solution development, architecture and strategy
Review technical and business processes, standards and procedures, making recommendations for continuous improvement
Provide oversight on the team efforts to ensure CIS and IT Services’ standards and processes and best practices are followed
Govern and seek compliance to CIS policies and standards within assigned LOB
Manage and direct team members to drive work efforts through all phases of the Information Security Technology Life Cycle, ensuring effective project definition, planning, development and delivery
Work across IT Services with other managers and staff on IT Services work efforts. Represent CIS when working with BB&T business partners to understand business problems and providing solutions to those problems
Direct all technology activities for applications within assigned areas to include small internal work efforts, medium projects and strategic projects. May include working with other IT Services groups on evergreening and infrastructure initiatives

Education Education

Bachelor’s Degree in Information Technology

Towson University

Bachelor’s Degree in Information Technology

Skills Skills

Excellent understanding of data protection challenges within a large organization
Participate to IT risks assessments (on-site review, IT outsourcing risks)
Follow-up on awareness training completion
Prepare dashboard on awareness program progress
Dashboard and reports
Collect data from various parties
Perform some data analysis
Prepare and publish dashboard/reports
Prepare steering committee presentations for Management meeting
Support the definition of action plans (ensure commitment of action owners) and follow-up on completion

Create a Resume in Minutes

11 Business Information Security resume templates

Read our complete resume writing guides

Information Security Business Planning & Analysis Associate Resume Examples & Samples

This role is part of the team that partners with the Information Security (IS) programs and the senior management teams in IT and Finance while managing the IS planning, budgeting, and IS program analytics
Business Planning & Analysis Associate will help quickly integrate and develop expertise across our businesses, financial processes and competencies. The group is responsible for the annual planning, budgeting, and forecasting activities. The position requires a client service mindset, the ability to execute both tactical & strategic activities while supporting the delivery of innovative and creative financial and strategic analysis. The group works closely with Finance and provides planning support and coordinating information to both finance and management
Supports annual planning and budgeting process while also focusing work efforts that result in a positive financial or operational impact
Liaises regularly with business partners, and finance
Assist with resource planning
Assist with vendor management
Support the IS Analyst program
External communications
Bachelor’s degree and a minimum 2 years of work experience in Business Planning & Analysis, Financial Services, Finance or IT OR in in lieu of a degree, a High School
Diploma/GED and minimum 5 years work experience preferably in Financial Services
Experience supporting the business planning and budgeting effort for an organization
Quantitative aptitude and attention to detail
Proven track record of success working in a fast paced environment with multiple priorities and tight deadlines
Fluency with financial data analytics and presentations

Information Security Business Planning & Analysis Leader Resume Examples & Samples

Supports senior leadership with the annual planning and budgeting process while also focusing work efforts that result in a positive financial and/or operational impact
Supports and provides recommendations to aid in making strategic decisions
Completes activities necessary to accomplish the expected outcomes of multiple simultaneous efforts as assigned
Liaises regularly with senior management, business partners, and finance
Manages a small team of experienced BP&A professionals
Resource planning
Strategic vendor management
Manage the IS Analyst program
Bachelor’s degree and a minimum 5 years of work experience in Business Planning & Analysis, Financial Services, Finance or IT OR in in lieu of a degree, a High School Diploma/GED and minimum 9 years work experience preferably in Financial Services
MBA
Experience leading the business planning and budgeting effort for an organization
Experience leading and managing a team with full responsibility for the function
Strong analytics skills
Ability to effectively anticipate, synthesize and articulate complex business issues
Excellent communication skills - must be able to interface with executive management and collaborate across functions and businesses working closely with senior management and finance regularly
Successful experience working in a fast paced environment with multiple priorities and tight deadlines

Information Security & Continuity of Business Oversight Resume Examples & Samples

Candidate with 10+ years of relevant experience in third party management, risk management, information security, continuity of business, and/or supplier management
Minimum BS/BA degree with advance degree preferred
Demonstrates in depth business/product knowledge
Excellent communication skills, both oral and written, with the ability to articulate complex and sensitive issues to senior management
Ability to influence at all levels of an organization and influence desired outcomes
Ability to organize and prioritize multiple deliverables in a large, global corporate environment

Information Security Business Integration Lead-edc Resume Examples & Samples

Establish relationships with LOB leadership and other key stakeholders to promote a sense of shared ownership of information security objectives
Provide regular updates to Corporate Information Security management on LOB strategies, critical projects and related risks, potential policy exceptions, and other items, as applicable
Define security requirements for client delivery channels based on channel characteristics and other risk factors
Work across functions to promote requirement traceability from inception to delivery and promptly identify and respond to risks and/or potential exceptions
Engage in LOB projects and consult on matters pertaining to: Auditing, Logging and Monitoring; File and Data Transmissions; Identity and Access Management; Infrastructure and Server Security; Mobile Security; Secure Software Development; Vendor Due Diligence
Act as a liaison between LOB and subject matter experts from within Corporate Information Security
Maintain awareness of applicable regulations and/or industry guidance and align related processes and requirements accordingly
Experience with client delivery channels (e.g. digital, phone, ATM, social media) and associated risks and controls

Information Security Business Integration Lead-evm Resume Examples & Samples

Establish relationships with key stakeholders from Enterprise Spend Management, IT Risk Management, Global Delivery Services, Legal, and others to promote a sense of shared ownership of information security objectives
Engage in regular communications with process owners to offer transparency on matters pertaining to information security and how they relate to, or potentially impact, EVM processes. Attend and participate in meetings to facilitate integration efforts
Provide regular updates to Corporate Information Security management on EVM strategies, critical vendor engagements and related risks, and potential risk escalations
Define security requirements for vendors based on defined risk thresholds and engagement characteristics
Ensure information security requirements are properly represented throughout end-to-end vendor management process
Work across functions to optimize security related due diligence efforts and promote requirement traceability
Respond to vendor risk escalations and /or information security related exceptions as necessary
Maintain awareness of applicable regulations and/or industry guidance and align BB&T processes and requirements accordingly
Act as subject matter expert for related Corporate Information Security Policies and Standards
Provide input to RFI / RFP questions and evaluate the degree to which vendor responses meet BB&T security requirements
Represent Corporate Information Security interests related to inquiries by prospective clients around the posture of BB&T's information security program
Demonstrated experience in the areas of vendor management, outsourcing, and compliance
Seven years of experience in Information Security, IT Risk Management, or related field, preferably at a financial institution
Strategic thinker with ‘big picture’ perspective and a broad understanding of information security, risk management, and their direct applications to business process
Extensive knowledge of financial services industry, applicable regulatory requirements, and industry standards such as PCI
*Position can be located in Raleigh, Wilson, Charlotte, Greensboro, or Winston Salem****

Information Security Business Integration Lead Resume Examples & Samples

*Can also be located in Raleigh, Charlotte, Greensboro, Winston Salem***
Engage in regular communications with LOB management to offer transparency on matters pertaining to information security and how they relate to, or potentially impact, LOB processes. Attend and participate in meetings to facilitate integration efforts
Surface and execute upon opportunities to improve LOB security
Engage, as necessary, in LOB sponsored projects and advise on information security related matters
Act as a liaison between LOB and subject matter experts from within CIS
Participate in internal and external audit and regulatory exams for information security questions directed toward assigned LOB
Minimum of ten years of demonstrated experience in an Information Security or IT Risk Management function, preferably at a financial institution
Excellent leadership skills with the ability to leverage cross-functional teams to meet defined objectives
Excellent negotiation skills with proven ability to identify, influence, and persuade key decision makers at multiple levels of the organization
50%/50% business/technology acumen
Master’s Degree in Business Administration or related field

Business Admin Information Security Resume Examples & Samples

Develop and manage site communications
Identify, manage, and create distribution populations for the site
Ownership and maintenance ofl GIDA site distribution lists
Support on-boarding new hires in the Site
Support site real estate needs
Support budget and reporting for the site
Meeting and town hall coordination
Liaise closely with GIDA S&R for all administrative deliverables from the site
1+ yrs Administrative experience
1+ yrs Financial Services experience
Significant presentation development and delivery skills
Experience in managing interaction across organizations and regions
Experience in building and managing relationships across geographies and functions
Ability to multi-task, prioritize, and manage multiple projects while meeting all deadlines
Strong ability to work independently, handle short timelines, manage conflicting priorities and execute efficiently and effectively
Displays a commitment to quality
Takes ownership of his/her work
High level of attention to details
Strong PowerPoint presentation, SharePoint and Excel

Business Consultant Information Security Resume Examples & Samples

Lead the Intellectual Property Protection/Critical Asset Protection Program
As part of the Security group, plan and drive the implementation of the technology and its capabilities. Responsible for the architecture of the technology, eg Data Loss Prevention, Data Classification Tool, etc
Extensive knowledge and experiences on devices and technologies used for securing network perimeter, including
At least 5 years of technology experience as a system engineer, analyst, architect or designer experience with implementation of security systems such as DLP, DTC, intrusion detection, cryptography, firewalls, VPNs, remote access solutions, and endpoint protection solutions
Extensive knowledge of distributed data networking technologies and systems
Good Project management skills

Business Consultant Information Security Resume Examples & Samples

Data Classification Systems (DTS)
Stateful inspection and next generation Firewalls
Web application Firewalls
Web proxies and caching appliances with content filtering
Web Services Gateway
Email gateways (Anti-virus, Anti-Spam, DLP)
Server load balancers
SSL VPN appliances
Routers and Switches
Wireless networks
Extensive knowledge of network security architectures and designs, including
B2B connectivity
DMZ/Application hosting
Internet access
Remote access, including consumer oriented devices (IT consumerization)
LAN/WAN networks
Strong record of operational success managing large and complex Enterprise networks
Expert packet and protocol analysis skills (ie Wireshark)

Director Business Information Security Resume Examples & Samples

Partnering with senior business management to convey business security risks and implement Information Security officer position for the business. Candidate will convey (sell) the BISO program to the business leaders and obtain budget /fund for headcount from the business leaders
Ensures alignment of information security program with business strategy
Summarizes the information security status to the business in business terms
Establishes relationships with business managers and is consulted as the subject matter expert in multiple areas
Ensures compliance with all business Information Security program elements, policies, standards, and guidelines
Integrates security priorities into the day-to-day business
Team provides general information security consulting services, including interpretation, and / or clarification
Team assists in the definition and implementation of Information Security standards at the business level to ensure that procedures and practices comply with Sabre policy
Educates and advises the business on safe information security practices and current, changing, and or recommended information security requirements
Provides periodic risk management reports highlighting key issues and corrective action plans
Coordinates information security activities with business plans
Articulates the value of information security controls and its bottom line impact
Leverages the Risk & Security network to pool resources, seek out best practices, and creates efficiencies
Additional area of responsibility: Security Product Management

GIS Head of Business Information Security Office Resume Examples & Samples

Lead the development of the group wide standards for Cyber and Information risk
Oversee the alignment of the team with the requirements of the Business Units and Functions in supporting them to identify the right controls and control operating models relevant to Cyber and Information risk
Act as the primary point of aggregation of threat and vulnerability information as it is being collected by the GIS Cyber Assurance and Cyber Operations centres and ensure the relevant interpretation of these threats to the Business Units and Functions
Oversee the provision of Subject Matter Expertise to the thirst party contract and assurance reviews against Cyber and Information risks
Own and develop the 1st line Information and Cyber risk assessment methodology
Own a complete view of the IRM and Cyber Controls as they are and will be deployed across the group. Lead the team to establish synergies and eliminate duplication
Lead the identification of control automation opportunities and present that to the Business Units and Functions
Lead stakeholder identification and engagement both internally to Global Information Security and across all Businesses, including the peer & hierarchical risk community to Board Level. Senior and complex stakeholder management is fundamental to this role
Lead the team to ensure CSMART objectives are identified and align to Barclays Performance Development requirements. Also ensuring that all team members have an identified development plan and meet Barclays compliance and Values requirements
Lead identification, solutioning and implementation of reporting solutions
Leading organisational change and managing ‘slow adopters&#8217
Experience of working within information and cyber security, including infrastructure security architectures and configurations, application/database security, encryption mechanisms, logical data/information storage techniques and mobile technologies
Must have experience of building and maintaining effective relationships at a senior level
Strong leadership skills, able to influence senior management when dealing with complex and competing objectives
Evidence of innovative thinking that challenges the status quo to improve control, efficiency, effectiveness and understanding
Demonstrable track record of strong team work and delivery execution, within and across departmental and stakeholder teams
Strong and successful matrix management experience
Very strong communication skills - written, verbal and visual. Able to convey complex concepts and principles in simple, clear articulation
Strong influencing, negotiating skills and personal impact
Information risk / operational / cyber risk, especially relating to Policies covering Information Security and associated genres (primarily 5 policies)
Project Management, PRINCE2,
Supporting technology related experience such as application development, testing, service management etc
Production of high-quality communication outputs through varied outputs and sophisticated level of communication skills

Business & Information Security Resume Examples & Samples

A solid background in operational risk management and control framework
Knowledge of IT practices :project management ,security, continuity and production
Excellent analytical skills and reporting capabilities (KPIs, dashboards, metrics, assessment …)
A practical understanding of a large bank’s organisation and systems
Familiar with process analysis and improvement, drafting of workflows and procedures
At least 5 years of experience in a Risk, Control and Audit environment
At least 5 years of experience in IT environment
Required certification : CRISC
Recommended certification: CISA

Business Information Security Resume Examples & Samples

Awareness
Help to prepare awareness information on security topics (content, formatting, coordinate translation from English to other APAC Languages…)
Follow-up on awareness training completion
Prepare dashboard on awareness program progress
Dashboard and reports
Collect data from various parties
Perform some data analysis
Prepare and publish dashboard/reports
Prepare steering committee presentations for Management meeting
Support the definition of action plans (ensure commitment of action owners) and follow-up on completion
APAC IT risks assessment and follow-up
Participate to IT risks assessments (on-site review, IT outsourcing risks)
Participate to Technology Risks Management
Ensure compliance of internal framework with APAC regulations and with standards and international framework (ISO, NIST…)
Contribute to IT Security controls framework optimization
APAC IT Governance procedures implementation
Help on IT Governance deployment over APAC entities
Professional credentials in relevant cyber security disciplines, such as ITIL-SM, ITGI, CGEIT, CISM, CISA or CISSP, including CISSP-ISSMP, would be “a plus”

Business & Information Security Resume Examples & Samples

Perform threat management and protection against threats including malware, phishing, hacking and DDoS
Experience conducting computer forensic analysis, maintaining chain of custody and testifying on evidence collected
Review and Update Incident Management Procedure
Prepare investigation report and KPI indicator on security incidents
Co-ordinate and liaise with global, regional and local incident response team
Assist with routine compliance and audit functions to ensure requirements are satisfied
Provide input to the department’s management for enhancing the information security strategy
Stay current on security industry trends, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities
Comply with regulatory requirements and internal guidelines
Computer Forensic experience with sound knowledge of Encase, X-Ways and Cellebrite
Investigation skill required
At least 6 years working in a regulated environment
Holder of information Security and Forensics Certificate (i.e. GIAC, CEH, Encase) preferred

Director, Business Information Security Resume Examples & Samples

Provide Cyber Security oversight, accountability, and direction for the individual GPSG business teams aligned with the HSI Cyber Security Strategy. Ensures that GPSG business infrastructure security is in accordance with the Corporate Cyber Security priorities established to address identified risks. Responsible for articulating cyber security and risk in business language and facilitating management decisions across relevant GPSG stakeholders including business, technology, and security stakeholders. Ensure policy, procedure, and technical security solutions are in accordance with Corporate Cyber Security Standards
Collaboratively partners with all functions and levels of the organization (GPSG businesses, Corporate (i.e. OCS, IS, Internal Audit, Risk, Legal) to provide direction for Cyber Security initiatives internally and with third parties. Assists information owners in identifying and implementing controls to mitigate the threats to the organization’s information assets and computing resources. Identifies and recommends security solutions to meet the changes in technology and business operations
Adhering to Company policies, procedures, and directives regarding standards of workplace behavior in completing job duties and assignments
10 plus years of experience in an technology focused environment, specifically in Information/Cyber Security
3-5 years of related Information Security Leadership experience
7-10 years of broad security infrastructure and operations experience
Knowledge of general aspects of information security and information technology is required
Strong organizational skills and demonstrated ability to be detail-oriented
Previous experience using a structured software development methodology

Business Information Security Office Resume Examples & Samples

Support senior leadership by leading development of the group wide standards for Cyber and Information risk
Lead alignment of the team with the requirements of the Business Units and Functions in supporting them to identify the right controls and control operating models relevant to Cyber and Information risk
Lead and provide subject matter expertise to third party supplier contract and assurance reviews against Information risks
Lead and develop the 1st line Information risk assessment methodology
Lead and manage a complete view of the IRM Controls as they are, and will be deployed across the group. Lead the team to establish synergies and eliminate duplication
Lead and manage identification of control automation opportunities and present that to the Business Units and Functions
On behalf of senior leadership, lead stakeholder identification and engagement both internally to Global Information Security and across all Businesses, including the peer & hierarchical risk community to Board Level. Senior and complex stakeholder management is fundamental to this role
Lead the team to ensure CSMART objectives are identified and align to Barclays Performance Development requirements. Also ensuring that all team members have an identified development plan and meet Barclays compliance and Values
Significant experience in leading and managing large teams within a complex matrix environment across multiple geographies
Significant experience in working with and influencing very senior stakeholders and matrix organisations
Preparation and presentation of high quality material (up to Board Committee level)
Demonstrable thought leadership and strategy
Significant experience in a senior role of working within information and cyber risk field, including systems audit or internal controls, preferably within the financial sector
Thorough understanding of the relevant risk issues and Controls which need to be put in place with appropriate performance drivers
Leadership and management of Business intelligence reporting using appropriate tool-sets
Lead and manage identification, solutioning and implementation of reporting solutions
Manage organisational change and ‘slow adopters&#8217
Production of scheduled business performance reporting (fixed-date deliverables)
Experience of working within information and cyber security, including infrastructure security
Experience of COBIT, ISO27001, ISF/IRAM and other relevant frameworks
Business reporting including associated technical and statistical skills
Structured problem solving, effectiveness/efficiency skills and qualifications (e.g. Six Sigma/DFSS)
Personal Resilience in a fast-pace, complex and evolving environment
Very strong experience of business reporting tools and extensive use of MS Office suite and wider tool sets

Business Information Security Office, Manager Resume Examples & Samples

Manage and contribute to the development of the group-wide Standards for Information Risk
Manage the alignment of the team with the requirements of the Business Units and Functions in supporting them to identify the right controls and control operating models relevant to Information risk
Act as the primary point of aggregation of threat and vulnerability information as it is being collected by the GIS Information Assurance and Cyber Operations centres, and ensure the relevant interpretation of these threats to the Business Units and Functions
Provide subject matter expertise to third party supplier contract and assurance reviews against Information risks
Manage and develop the 1st line Information and Cyber risk assessment methodology
Lead and manage a complete view of the IRM Controls as they are and will be deployed across the group. Manage the team to establish synergies and eliminate duplication, including its execution
Manage the identification of control automation opportunities and present that to the Business Units and Functions
Manage stakeholder identification and engagement both internally to Global Information Security and across all Businesses, including the peer & hierarchical risk community to Board Level. Support Head of BISO for senior and complex stakeholder management which is fundamental to the role
Ensure CSMART objectives are identified and align to Barclays Performance Development requirements. Where relevant, also ensuring that all team members have an identified development plan and meet Barclays compliance and Values requirements
Significant experience in management, working within large teams which operate in a complex, matrix environment across multiple geographies
Significant experience in working with and influencing all levels of stakeholders, including senior, in matrix organisations
Preparation and presentation of high quality material (required for up to Board Committee level communications)
Strong track record of delivery, including extensive experience of execution within a high volume technology and operations environment
Demonstrable strong management skills and evidence of developing senior leadership skills
Significant experience in a senior role of working within information risk field, including systems audit or internal controls, preferably within the financial sector
Management and delivery of Business intelligence reporting using appropriate tool-sets
Evidence of leading identification, solutioning and implementation of reporting solutions
Managing organisational change and ‘slow adopters&#8217
Implementation and production of scheduled business performance reporting (fixed-date deliverables)
Experience of working within information and preferably cyber security, including infrastructure security architectures and configurations, application/database security, encryption mechanisms, logical data/information storage techniques and mobile technologies
Must have experience of building and maintaining effective relationships at all levels
Strong management and some leadership skills, able to influence senior management when dealing with complex and competing objectives
Strong statistical, analytical and structured problem solving management skills
Strong communication skills - written, verbal and visual. Able to convey complex concepts and principles in simple, clear articulation
Developing influencing, negotiating skills and personal impact
Candidates holding a current CISSP qualification are preferable. Professional qualifications also desired are CISM, CISA (or similar)
Information risk / operational / cyber risk, especially relating to Policies covering Information Risk and associated genres (primarily 5 policies)
Supporting technology related experience such as application development, testing, service management, SDLC/Agile etc
Personal resilience in a fast-pace, complex and evolving environment
Very strong experience of business reporting tools and extensive use of MS Office suite and wider tool-sets

Information Security Business Integration Lead k Resume Examples & Samples

Maintain responsibility and ownership for selected functional units of Information Security department
Provide necessary subject matter expertise and ensure implementation of information security architecture, risk management standards, best practices and systems/processes to ensure information privacy/protection
Maintain responsibility and ownership for implementation and maintenance of components of information protection program. Ensure adherence to developed policies, standards and procedures or complete appropriate exception documentation
Interact with management to determine acceptable levels of risk as business model and risk profile changes and align security program accordingly. Provide necessary subject matter expertise and coordinate efforts on a corporate level to identify key security risks, needs and initiatives
Monitor security procedures and practices. Review on a timely basis various reports and logs available. Investigate, report on and make recommendations for noted irregularities
Be aware of and review security features of new information security practices, systems and business services to ensure each meets security requirements of existing policies. Review and propose changes to existing policy as external emerging issues and conditions warrant
Ensure adequate security for new business services and systems. Assist in development of scenarios of usage, test for abnormalities or exposures. Prepare documentation to augment vendor materials that include local enhancements and implementations
Stay abreast of all information security-related laws and regulations to ensure compliance. Ensure compliance to corporate policies
Make recommendations for assigned associates regarding employment, career development, performance evaluations, salary changes, promotions, transfers and terminations within established policies and guidelines
Plan and develop functional unit budget in accordance with established guidelines; administer compliance to meet budgetary goals and negotiate changes as required
Maintain awareness of changes in industry. Attend classes and seminars as required to maintain a high level of proficiency in fields of information security and business resumption. Network with other information security professionals. Read about and be aware of the trends regarding business recovery planning and security in industry
Work with outside consultants as needed, on independent security reviews, technology selection/deployment, and policies/standards/procedures development
Bachelor’s degree in Computer Science, Business or related discipline, or equivalent education and related training
Certification in information security fundamentals (e.g. Generalist in Information Security Foundations (GISF) or higher)
Six years experience in IS/IT; three years in information security field in leadership/supervisory position
Demonstrated SME-level knowledge in one of the following areas: firewall administration, intrusion detection, communications, incident response, resource access control facility (RACF), encryption, access control, threat/intelligence management, cyber forensics, or any other security-related field
Familiarity with multi-platform environments and operational/security risk considerations
Strong verbal and written communications skills; strong presentation and marketing skills
Highly adaptable to a constantly changing business and technology environment
Proficient written communication skills to create and maintain internal standards and contract security requirements that can be understood by both technical and non-technical audiences
Certification desired in information security management (e.g. Certified Information Security Systems Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC))

Information Security Business Continuity Control Resume Examples & Samples

Technical skills include the domains of information security and business continuity including Information Security Controls (Infrastructure Security, Access Management, Physical Security, Application Security, etc.), IT Compliance, SOX Compliance, Change Management, Enterprise Risk Management and an understanding of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards
A broad knowledge of information security principles
Must have strong leadership skills and qualities which enables working with peers and various levels of management

Information Security Business Controls Monitoring Resume Examples & Samples

1) Lead / participate in risk / debate meetings
2) Lead participation and materials creation in preparation for External Exams
3) Liaison / provide support to the GIS SMEs and key players managing Exams
4) Identify, measure, monitor and control risk through sound risk management
5) Champion a strong risk culture throughout the organization to promote sound risk taking within our risk appetite
6) Establish effective risk reporting to provide a clear understanding of our risk profile
Strong analysis and fact-based decision making
Prior operational risk, audit, compliance or information security experience

Business Information Security Resume Examples & Samples

Understand data privacy requirements from business and regulatory perspectives
Identify, inventory and classify sensitive data assets, their storage and exchanges between applications or platforms, their manual or automatic transmission outside BNPP, and their destruction
Lead the gathering and drafting of risk assessments, document flows and data protection scenarios together with Business Units and Compliance
Collect all relevant data sources ﴾documents, keywords, databases) to be used in setting up DLP rules
Derive potential control use cases through the systematic analysis or large volumes of data exchanges
Agree with business process owners on use cases where the DLP tool can be effective in the protection of their data assets
Promote the use of DLP controls to mitigate weaknesses identified during application risk assessments
Prioritize ideas for new DLP rules with management, and schedule their implementation
Manage the testing and sign‐off of DLP policies once they have been released in UAT
Contribute to the processing of day‐to‐day DLP events, leading or supporting security investigations and escalation to relevant stakeholders ﴾Business lines, Compliance, Legal, HR, IT…﴿
Contribute to the analysis of findings, the documentation and recording of data breach events, including the identification of root cause and the proposal of long‐term remediation
Contribute to the production of DLP KPI and KRI dashboards
Suggest new use cases based on investigation results and user behaviour analysis
Contribute to the preparation of steering committees and risk assessment updates
Actively contribute to BNP Paribas Operational Permanent Control
Excellent understanding of data protection challenges within a large organization
Prior exposure to IT Security
At ease with engaging very senior stakeholders for the purpose of performing risk assessments and gathering data protection requirements
Proven experience in documenting business requirements with accuracy and clarity
Capacity to conceptualize and model data controls in non-technical terms
Familiar with regulatory requirements on data privacy and data protection in main APAC countries
Experience in an audit or a compliance role is a plus
Prior exposure to

Information Security Business Integration Lead E Resume Examples & Samples

Represent CIS across all aspects of an assigned LOB or business support function
Provide leadership and direction to ensure program elements including risk assessments, application development, project management, and ongoing operations reflect CIS requirements
Act as a thought leader and trusted partner enabling the LOB to more aggressively leverage its capabilities to drive business value and strengthen its role in upholding BB&T's competitive advantage
Establish relationships with LOB leadership and other key stakeholders to promote a sense of shared ownership of information security objectives and to achieve an effective blend of business and security strategies
Surface and execute upon opportunities to improve LOB security including supporting strategic projects, solution development, architecture and strategy
Govern and seek compliance to CIS policies and standards within assigned LOB
Manage and direct team members to drive work efforts through all phases of the Information Security Technology Life Cycle, ensuring effective project definition, planning, development and delivery
Work across IT Services with other managers and staff on IT Services work efforts. Represent CIS when working with BB&T business partners to understand business problems and providing solutions to those problems
Effectively support the production applications within the assigned area, with a focus on quality implementations and production stability. This includes managing audit/risk profile and issues and data custodian responsibilities
Direct all technology activities for applications within assigned areas to include small internal work efforts, medium projects and strategic projects. May include working with other IT Services groups on evergreening and infrastructure initiatives
Assist in the planning and development of departmental budgets in accordance with established guidelines; administer compliance to meet budgetary goals and negotiate changes, as required. Plan and manage the workload planning process for area of responsibility
Provide reporting to staff, colleagues, senior management and clients on a regular basis to ensure all relative and critical information is clearly and expeditiously shared
Review technical and business processes, standards and procedures, making recommendations for continuous improvement
Provide oversight on the team efforts to ensure CIS and IT Services’ standards and processes and best practices are followed
Bachelor’s degree in information technology, business, or related discipline, or equivalent experience
Experience with IT Solution Architecture concepts and frameworks
Experience with Security Requirements identification and documentation
Experience with internal audit processes and/or external regulatory examinations
Technical skills will include one or more of the following: in-depth understanding of network security issues, firewalls, intrusion detection, authentication, hacker tools and methodology, vulnerability management, or incident response
Ability to travel as-needed
PCI DSS Certification (Internal Security Assessor / Qualified Security Assessor)
Familiarity with audit processes as they relate to SOX, PCI-DSS, and GLBA information protection requirements

Information Security Business Manager Resume Examples & Samples

Coaches and provides sound Information Security direction, advice and consultation to business groups
Facilitates control assessments over Information Security management controls
Facilitates implementation of appropriate access using knowledge of business roles and assists management with performing regular access certifications
Leads and coordinates user developed application (UDA) control program within assigned business units
Serves as primary point of contact for businesses, functions, or affiliates for Information Security
Proactively engages the businesses to identify, document and drive remediation of risks by working with the business to design, implement or otherwise improve control activities to achieve Information Security objectives
Leads Data protection program within each of the business units assigned, including unstructured data classification activities
Helps ensure significant risk and associated control deficiencies are escalated to ISO and Business Leadership for information or action
Participates in the identification of Information Security Training and Awareness needs assessment on a regular basis and supports implementation of Information Security Training and Awareness plan and associated activities
Works with the business to ensure appropriate communicate channels are in place, and provides Information Security related updates to business, function, or affiliates as appropriate
Ensures stakeholders understand the state of the controls they are accountable for and understand their responsibilities as to risk mitigation and remediation
Assists the business by providing direction on process improvements, remediating control gaps, and enhancing current tools for reducing the overall information security risk profile
Advises the business on security policies and standards to achieve security objectives and reduce the likelihood and impact of security risks
Liaises and helps facility internal audit, external audit and compliance review of security activities employed by the business
Plans and coordinates Information Security projects and initiatives within the business according to established plans and timelines
Advocates for the business to the ISO by providing visibility to potential business impacts and appropriate resolution of issues to minimize impact to the business
Works with ISO and NABU Compliance to ensure monitoring and tracking of state and federal regulations pertinent to information security and privacy within the assigned business area(s)
Assists the coordination of vendor security diligence reviews with the business
Supports and coordinates investigation and response, as appropriate of information security incidents for area of focus
Represents the business function, or affiliate during development and update of Information Security policies and standards. Identifies, develops, and maintains supplemental standards and procedures unique to the area of focus
Educates management of potential risk associated with a business decision and communicates the likelihood and impact of those decisions, so management can fully quantify those risks and determine tolerance levels
Coordinates the understanding and reporting on the overall information security risk posture of the business unit, providing a holistic view of vulnerabilities and associated risks to the business and Information Security
Leads regular meetings with assigned business unit management to cover pertinent security topics
Works in a collaborative environment with the security organization, participating in other security initiatives as needed
Focuses on delivering business value from the information security program
Collaborates with IT teams to ensure business driven prioritization and implementation of designed security controls
Working knowledge of multiple Information Security disciplines, practices and standards
Comprehensive knowledge and understanding of business unit functions, strategic objectives, and goals from an Information Security viewpoint and perspective is a plus
Excellent consulting and critical thinking skills
Excellent client management and business literacy skills
Strong interpersonal, negotiation and leadership skills
Excellent verbal and written communication skills
Ability to develop strong trusting relationships in order to gain support and achieve results
Strong organizational skills and ability to support multiple business units in multiple locations, with travel as required
Take initiative to identify and anticipate client needs, business impact and make recommendations for implementation
Ability to influence others and shape/obtain desired outcome in areas outside of direct control
Results oriented, able to achieve desired outcomes independently and at appropriate priority levels
Business acumen to engage business process owners within assigned areas
Knowledge of risk assessment procedures
Familiarity with audit testing and control methodologies
5+ years of Information Security experience resolving Information Security related issues required
Training or coursework in Information Security, Information Systems Management, or related topics preferred
CISM, CISA, ITIL, CRISC preferred
Use of GRC platforms, particularly RSAM, recognized standards such as NIST SP800-53, CSF, ISO 27001, COBIT
Experience working with vendors and third party service providers

Business Information Security Official Resume Examples & Samples

Serve as the business-facing lead for the Information Security organization to enable strong understanding and alignment of business needs, control objectives, and risk appetite
Implement Information Security’s strategy, standards, policies and procedures across the business functions and oversee compliance of information security program objectives within business functions
Advise the business on Information Security’s services, processes, and available resources and ensure proper alignment with business objectives
Facilitate general information security consulting services and communicate security threats, vulnerabilities, control objectives, and risks; ensure security by design across all business function’s emerging systems, network enclaves, and applications
Coordinate and manage Information Security’s resources for all business function initiatives to include efficient and proper usage of Amgen’s Decision, Advice, Informed Stakeholder model
Serve as the first point of contact and escalation for all business information security matters; serve as the business security incident response coordinator and advisor on emergency actions to protect the business
Develop insightful strategies for engaging the Amgen business functions on information security matters and gain buy-in from Amgen’s functional business leaders to define what the business requires from information security
Collaborate with Corporate Communications, IS training, GSS and other functions to lead and coordinate the information security change management effort around branding, communications, staff awareness and training
Work cross-functionally to identify and remove stakeholder resistance and other barriers to progress tighter cohesion of information security with the business
5+ years of experience in leading cross-functional strategic business initiatives and / or process improvement and / or strategic executive level decision-making
5+ years of IT/Business experience
3+ years of IT Security experience
Proven working knowledge of Risk Management, Information Security, Controls, and IT Audit practices or some combination thereof
Comprehensive working knowledge of industry standards (ISO, COBIT, COSO, ITIL, NIST)
Master’s degree in business or information systems or equivalent experience
3+ years of experience within biotechnology / pharmaceutical industry
Exceptional teaming skills encompassing cross-functional teams, peer relationships, informing, understanding and appreciating differences
Strong ability to convey and influence complex information risk and security issues in a manner that is easily understood and actionable
Effective communication with senior leadership and medium to large audience discussions / presentations
Demonstrated ability to effectively facilitate and drive organizational change
Developing / delivering presentations to large audiences and at all levels within the organization
Experience applying change management methodologies
Proven experience as a member and leader of a high performing team