Director, Information Security Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the director, information security job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

G Tremblay

Genoveva

Tremblay

211 Luettgen Brooks

San Francisco

+1 (555) 135 8604

211 Luettgen Brooks

San Francisco

Phone

p +1 (555) 135 8604

Experience Experience

Detroit, MI

Director Information Security

Detroit, MI

O'Reilly, Orn and Koch

Detroit, MI

Director Information Security

Lead the security incident response process, including the ongoing monitoring of threats and vulnerabilities, and respond to major security events
Forward thinking security solutions for the cloud and network space, mitigating risk, but enabling the business
Deploying a risk based approach to project consulting, focusing the team on solution-ing security based on risk
Provides coaching and mentoring beyond team
Maintaining a current knowledge of established and emerging security solutions that would support the GSK security strategy
Oversees training and development of partners directly and indirectly managed and makes effective staffing decisions
Provide guidance and training to information owners and designs and implements programs for user awareness, compliance monitoring, and security compliance

Detroit, MI

Director, Information Security

Detroit, MI

Brakus, Davis and Botsford

Detroit, MI

Director, Information Security

Assist with developing and establishing strategic and long-range goals and direction for the Network Security area of IT Operations
Manage and operate the global incident management program and drive continuous improvement and maturity
Direct department staff including hiring, performance management and career development to ensure alignment with defined goals
Network Routing Network Switching
Assist Infrastructure and Application Development teams to ensure proper security controls are implemented across technology initiatives
Facilitate continuous improvement of Global Security Incident Response Team, and oversight of Security Operations Center performance
Ensure all of the services and or applications supported are consistently performing as intended this includes coordinating upgrades and or improvements

present

Detroit, MI

Senior Director Information Security Management

Detroit, MI

Hermann-Emard

present

Detroit, MI

Senior Director Information Security Management

present

Provide GIS project and technology information risk assessments and assist the development and tracking of management action plans
The result of this work would be provided to various stakeholders including contract managers, category mangers, privacy / compliance office, ERM, etc
Assist with the drafting of management responses including target resolution dates
Provide feedback/ input into Information Risk Management Policy and Standards
GIRM, Enterprise Risk Management, and Global Operational Risk Management interface
Assist with the gathering of information during audit planning and fieldwork phases
Track and assist with remediation of any exceptions

Education Education

Bachelor’s Degree in Computer Science

Harvard University

Bachelor’s Degree in Computer Science

Skills Skills

Ability to influence; collaboration and strong leadership skills along with the ability to lead enterprise change
Excellent analytical skills and ability to aggregate data and subsequently communicate that data so that it is relatable to the business
Strong communication skills (including ability to probe deeply into business issues during exploratory and fact finding calls/discussions)
Comfortable working in a matrixed organization and ability to work in a collaborative environment across business and technology teams
Strong knowledge of Security Governance, Risk & Compliance and Security Audit practices
Strong knowledge of application security, network security, and systems security
Team player with proven ability to build strong cross-business relationship
Strong ability to translate complex IT and security challenges and issues into business risks
Ability to work in a highly matrixed environment
Flexibility, ability to change priorities quickly, and capacity to handle multiple tasks

Create a Resume in Minutes

15 Director, Information Security resume templates

Read our complete resume writing guides

Director, Information Security Resume Examples & Samples

Security Governance
Security Forensics
Security Analysis
Security Engineering
Security Provider Management
Security Awareness
Vendor Management
Audit Assurance
Security Communication to all levels of associates and senior management
Develop, maintain and oversee enterprise-wide Information Security program
Report on the health of the Russell environment from a Security Risk perspective to all levels of management
Raise the level of Security awareness within Russell as well as within organizations contracted to work with Russell
Design, promote and assist with the implementation of organization-wide security solutions, which align the business objectives of Russell with its information technology infrastructure, physical infrastructure and its human resources
Develop and maintain Information Security policies, standards and guidelines which support regulatory compliance and security best practices
Develop secure development standards and guidelines which can be used by development teams to successfully build software solutions free from security vulnerabilities
Orchestrate integrated contingency plans and business resumption efforts throughout Russell so that all such efforts are truly responsive to Russell's needs
Develop plans, goals, objectives, service level agreements (SLAs) and other project management aids for the coordination of all security efforts throughout the organization in a manner which is fully in support of business strategies and objectives
Act as the primary change agent who facilitates improvements in organizational culture, business relationships and product/service design to improve the security of Russell
Oversee an Information Security team, which creates policy, procedure and design to safeguard Russell's assets such as its intellectual property, computers, networks and buildings
Detect, report, contain and mitigate incidents that impair adequate data and infrastructure security
Proactively perform as primary vendor relationship manager for Security Services relationships; participate in all aspects of new and current brokered service vendor selection and management including ongoing business alignment as well as value and risk management; facilitate/assure change management, governance and SLA requirements
Manage the multiple tiers of Security Technicians who oversee the individual service delivery areas they have been assigned to enable SLA monitoring, customer satisfaction, problem and change management, escalation, notification and resolution
Actively manage, monitor, and negotiate brokered service contracts to reflect the Business Unit’s evolving expectations and requirements
Contribute to the development of annual business application system plans
Ensure a formal System Deployment Lifecycle and body of technical standards and methodologies are defined and followed which supports Russell’s interests, including security, technology and business needs
Develop project resourcing strategies, allocating budget, staff, tools, and specialized support necessary for cost-effective implementation and customer satisfaction
Provide direction to project managers and integrate activities with other IT departments to ensure successful implementation and support of project efforts
Anticipate and identify issues inhibiting the attainment of project goals; develop and implement corrective actions
Foster and maintain good relationships with customers to ensure processes are integrated to support expected customer service levels
Facilitate the creation of an effective team environment
Bachelor’s degree preferred, but will consider relevant experience in lieu of a Bachelor’s degree
10-15 years of Information Technology, Information Security and business/industry experience with at least 3 years of leadership experience in managing complex, cross-functional teams and projects
Knowledge of the Asset Management & Financial Services industry
Business continuity/disaster recovery knowledge and experience
Knowledge of current regulations/laws related to Information Security
Vendor management and negotiation skills
Superior verbal, written and presentation communication skills
Ability to influence; collaboration and strong leadership skills along with the ability to lead enterprise change
Ability to deal effectively with ambiguity and complexity
Relevant certifications such as CISSP and CISM are preferred

Director, Information Security Resume Examples & Samples

Formulate security recommendations and manage the implementation of security initiatives
Work with the Architecture and Information Security teams to design security solutions for the league office and teams
Assist Engineering and Development teams to ensure proper security controls are implemented across technology initiatives
Assist in responses to external audits, penetration tests, and vulnerability assessments
Research emerging technologies in support of security enhancements
Implement security best practices in the areas of applications, infrastructure, desktops, mobile devices and virtual environments
Support the implementation of mobile and new technologies, providing security consultation for impact to business and application portfolios
Initiate security awareness and training
Document security policies, standards, procedures, and guidelines
Investigate incidents, leading response teams and efforts
Perform hands-on support for a wide range of security technologies including, but not limited to: SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, security incident response tools
Strong technical acumen and experience in the areas of security requirements analysis, security architecture, security testing, security operations and maintenance and the security economics
Knowledge of applicable HIPAA, SAS70, CoBIT, SOX, NIST, CIS, and data privacy practices and laws
Strong leadership skills and excellent cross-functional relationship building skills. Strong interpersonal and oral communication skills, highly self motivated and directed
Ability to maintain confidentiality while dealing with sensitive information
5+ years of progressive experience performing IT and security related duties
Bachelor of Science degree in a Computer or Engineering related discipline
CISSP, CISA, CISM, MCP and MCSE certifications are a plus

Director, Information Security Resume Examples & Samples

Act as the primary advocate in region for the company relative to information security
Facilitate continuous improvement of Global Security Incident Response Team, and oversight of Security Operations Center performance
Manage and operate the global incident management program and drive continuous improvement and maturity
Plan, direct, and organize all activities related to information security thought EMEA region
Obtain input from regional business units regarding information security policies and guidelines, strategic goals, risks and risk tolerance thresholds, and facilitate communication with home office
Assume project management responsibilities as needed to implement information security initiatives (e.g. risk assessments and remediation activities, awareness and training program rollouts)
Oversee the information security compliance of the regional business units. Communicates /coordinates the findings with Information Security program leads for remediation
Assess, implement, and drive regional awareness of Information Security policies and programs
Assess risks and implements appropriate measures to protect employees, business operations, facilities, critical infrastructure, content and intellectual property
Establish close working relationships with state or government agencies, industry and professional associations, consultants and related service providers on information security and legal compliance; and
Direct and partners on internal investigations as required
30%: Provide regional leadership, governance, expertise and direction relative to the company work processes, projects, issues and initiatives regarding all areas of information security; including overseeing the measurement of compliance to information security programs from the regional business units. Communicate and coordinate the findings with Information Security program leads for remediation
30%: Facilitate continuous improvement of Global Security Incident Response Team, and oversight of Security Operations Center performance. Manage and operate the global incident management program and drive continuous improvement and maturity
30%: Assess risks and implements appropriate measures to protect employees, business operations, facilities, critical infrastructure, content and intellectual property
5%: Manage regional information security budget
5%: Direct and partners on internal investigations as required
Project management and Program management
Understands organizational dynamics and leverages key decision makers within from both corporate and regional business unit functions
Thorough understanding of ISO 27001, including practical experience implementing and auditing an information security management system
Maintains expert knowledge of risks related to the information assets and intellectual property utilized by a global media and entertainment business
Maintains perspective on integrated physical and IT risk management within a media and entertainment organization. Familiarity with ISO 27005 risk management technology
Understanding of, and experience with implementing Sarbanes-Oxley information security controls desirable
Understanding of Security and Infrastructure Architecture/Technologies: including but not limited to Routers, Firewalls, IDS, PKI, VPN, Two Factor Authentication, Identity Management, Data Leak Prevention Encryption, Application Security, Vulnerability Scanners, Penetration Testing, Windows and Unix Systems Security, Security Information Management and Event Correlation
Familiarity with key legislative compliance requirements such as EU Directive 95/96, and national Data Privacy and Protection Acts. EU Safe Harbor. Experience with European Works Councils a plus
Typically a minimum of 8 years Information Security experience, focused on risk analysis and identification, policy implementation, security operations and organizational change management
Degree in Information Security, Information Systems Security, Computer Science or a related field is desirable
Entertainment industry experience a plus
Ability to develop and conduct employee training programs. Skilled in articulating information security policies, procedures and guidelines to all levels of management and staff
Exceptional communication skills, both verbal and written. Excellent analytical and problem solving skills. Must be able to pay close attention to detail and understands written and oral instructions
Excellent interpersonal communication, project management and all levels of personnel (in person, on the telephone an through written communication)
Ability to manage multiple teams in a matrix organization
Must be able to handle multiple projects simultaneously, strong ability to prioritize multiple tasks and respond to emergencies, organize and schedule work effectively. Must be able to work efficiently under time constraints
Must be able to work flexible hours including overtime, if and when necessary and required to travel internationally on a regular basis

Director, Information Security Bus Az Resume Examples & Samples

Demonstrates proven success in a leadership role directing a cohesive team
Demonstrated ability to work in a collaborative environment and influence others to ensure adequacy of operational risk mitigation efforts
Demonstrates an understanding of comprehensive security programs, including technologies and tools, architectures and network and application design, and policies / business aspects of risk
Demonstrates expertise performing IT Risk & Security assessments and developing information security strategies
Recommends security solutions to assist businesses with the assessment and improvement of their security infrastructure
Demonstrate a strong understanding of the IT security landscape, including emerging risks and security solutions
Able to translate business needs and regulatory requirements into risk appropriate controls to successfully implement security policies, standards and guidelines
Excellent written and verbal communication skills and effectively interact with all levels of management from application developers to the CIO
Obtained or demonstrates an active pursuit of one or more of the following certifications: Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) certifications, Project Management Professional (PMP) or other related certifications
Strong analytical and time-management skills
Knowledge of Prudential Annuities business functions and/or applications a plus
10+ years experience in information security
BA or BS Management Information Systems, Computer Science, or Engineering required, or equivalent work experience
Experience in leading and developing a team

Director Information Security Business & Portfolio Management Resume Examples & Samples

Manage resources and collaborate with fellow managers and PMO head to meet department objectives
Assign work to staff, ensuring assignments are completed on time and meeting quality standards
Collaborate with management team to plan PMO resource requirements and assignments
Hire staff as needed, following IT hiring processes; support others in the hiring process
Provide feedback and mentorship to a team of analysts and project managers
Manage a team of 2-5 staff who will support the Information Security business and portfolio management, including but not limited to the following
Information Security WorkForce Plan: maintain staff inventory; report on progress to plan; work closely with Chief Information Security Officer (CISO) and Direct Reports to ensure processes are followed and hiring is according to plan
AOP planning and approval: collaborate with Program Owners and project Business Owners to plan project proposals, describing and documenting project business goals, scope, risks, etc. Produce high quality planning documentation needed for funding approvals, submitting them on time
Project Initiation: Work with business and technology subject matter experts to define program and project scope, objectives, goals, success criteria, risks, assumptions, and dependencies, all documented from the business perspective. Gather and document business requirements at the program and project level. Plan and facilitate annual multi-day, multi-division Information Security Planning Workshop. Ensure projects and funded on time
Program Management: manage Information Security programs, providing a single point of contact and escalation for Program status and financials. Conduct program and project reviews; communicate status to various levels of management. Define and document metrics to measure program achievement against objectives
PMO Support: provide project status and reporting as needed in support of various requests including CRC reporting and audits; track and report on project initiation status, project milestone status; maintain PMO SharePoint sites; maintain PMO Access database; maintain PMO templates and processes
Bachelor’s degree (preferably in project management, information security, information technology, or business), Master’s degree preferred
Minimum five years’ management experience
Creative thinker, solutions and results-oriented, customer focused, with excellent analytical discipline
Superior leadership skills
Proven track record of building relationships
Ability to manage a team with multiple assignments within tight timelines
Strong organizational skills with the ability to adapt quickly to changing priorities
Exercises independent judgment while making decisions with enterprise-wide impact and significant financial and compliance implications
Ownership mentality, entrepreneurial drive, and proven ability to influence others
Five years or more of project management experience
Experience in IT Information Security

Director, Information Security Programs Resume Examples & Samples

Develop, maintain and publish up-to-date information security policies, standards and guidelines
Provide direction, support and in-house consulting for development and implementation plans and procedures for privacy functions
Facilitate a metrics and reporting framework to measure the capability of the security framework
Create, communicate and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers
Provide content to Training department for information security awareness training programs for all employees, contractors and approved system users
Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business and IT leaders as part of a strategic enterprise risk management program
LI-JK1

Director, Information Security Resume Examples & Samples

Establishes, plans, and administers the overall policies, goals and procedures for the information security function
Develops and tests information security plans and controls in conjunction with internal and external auditors
Controls and administers the disaster recovery and business continuity plans, procedures, and tests
Performs and evaluates information risk on a regular basis, identifies areas of risk and assists with solutions for remediating exposures
Promotes information security awareness within the organization
BS/BA Degree is required
8+ years demonstrated experience in all area of the information security field, including a working knowledge of best practices and concepts
Related certifications preferred
Financial services experience required. Mortgage industry experience preferred
Proven track record of execution and delivery
Must have excellent communication and organizational skills
Must have outstanding customer service skills

Director, Information Security Services Resume Examples & Samples

Completion of a Bachelor’s degree or equivalent program in Computer Science, Management Information Systems or a similar field is required
15+ years of relevant experience, with a minimum of 8 years work experience in developing and maintaining security platforms or as an Information Security lead/management role
Experience must include implementing and maintaining multiple security tools (SIEM, DLP, IAM tools), maintaining security platforms and supporting overall security program
Experience with business process re-engineering and Microsoft Visio a plus

Director Information Security Resume Examples & Samples

Sets strategic direction and creates plans for a division or area that crosses IT disciplines and participates in driving strategy for entire organization
Leads teams of IT professionals under a division or area
Drives organizational structures and talent management plans to meet needs of organization
Three or more years leading a GRC (governance, risk and compliance) organization, with a focus on information security
Experience creating a GRC program from the ground up, gaining buy-in from within the team as well as with key partners and stakeholders
Experience creating and delivering metrics that indicate status and progress in both the GRC area as well as the broader Information Security team
Proven track record working effectively with all levels of the organization to communicate information security risk

Senior Director Information Security Resume Examples & Samples

Manage Blackboard’s information security and internal controls organization, consisting of direct and indirect reports
Liaise with key stakeholders and executives across Blackboard’s broader community, including Legal, Human Resources, Finance, Sales, Product Development, and Operations
Effectively manage a team of employees and consultants, including hiring, training, providing professional development, and performing annual performance reviews
Establish information security practices and standards
Establish internal controls, processes, and procedures
Establish a business continuity/disaster recovery plan
Establish an incident response team, processes, procedures, and collateral
Establish IT security and compliance awareness programs for employees and consultants
Create and Manage a budget including employees, software/hardware, and external service providers
Identify and remediate IT security risks, monitoring external and internal threats, understanding emerging trends, and ensure that the organization maintains a strong security posture
Ensure that programs are in compliance with laws, regulations and policies to minimize or eliminate risk and audit findings
Manage compliance activities vis-à-vis SOX
Execute/Approve/Manage internal activities as necessary in accordance with our obligations for SOX
Perform related duties and responsibilities as required
Perform other tasks as assigned from time to time
10+ years of relevant experience, including four years in a significant leadership role
Degree in relevant field and/or equivalent work experience
Related Information Security Certifications strongly preferred
Knowledge and experience implementing relevant legal and regulatory requirements, including but not limited to

Director Information Security Resume Examples & Samples

Drive information security compliance and risk management activities to meet the vulnerability management policy, standards, and requirements
Oversee and support the development of vulnerability management systems, initiatives, integration, and technical assessment
Direct and/or perform on-going vulnerability assessments, penetration tests, and application and network security scans. Direct assessment efforts in a prioritized fashion, seeking breadth and depth of coverage where appropriate
Partner with teams who implement technology and achieve methods for aligning to their processes and reduce vulnerabilities
Enhance technology and/or process to ensure accurate and up to date inventory of critical infrastructure and applications are in place
Identify roadmap, budget, and priorities relative to infrastructure and application security assessments
Bachelor’s Degree in technology or other related field from an accredited university or college; or equivalent work experience in Information Security and Business/Risk Management
Minimum (5) years Information Security of experience in the secure design and implementation of information systems; focused on risk analysis, identification, and vulnerability assessment and penetration testing
Minimum three (3) years of experience as an information security manager, lead, or equivalent
Demonstrated success in security and vulnerability management within global enterprise environments
Understanding of Security and Infrastructure Architecture/Technologies: including but not limited to Routers, Firewalls, IDS, PKI, VPN, Two Factor Authentication, Identity Management, Data Leak Prevention, Encryption, Application Security, Vulnerability Scanners, Penetration Testing, Windows and Unix Systems Security
5 or more years of experience in networking and information security related devices, routers, switches, IDS/IPS, firewalls, SIEM, and other specialized equipment
Efficient in multiple operating systems including Windows, OSX, and Linux
Ability to scrutinize complex and diverse information and transform details and facts into recommendations and action plans
One or more of the following professional certifications: CISA, CISM, CEH, CISSP, or SANS
Outstanding written, verbal, and presentation communications skills
Excellent interpersonal communication, project management and leadership skills
Results oriented cross-functional leadership success partnering with internal and external stakeholders
Attention to detail with flexibility in addressing changing requirements

Director, Information Security Resume Examples & Samples

Ensure the development, testing and implementation of appropriate security plans, products and control techniques. Help identify protection goals, objectives and metrics consistent with the corporate strategic plan
Guide CBS News leadership and managers on information security strategy, architecture design and incident response, proactively addressing the needs of the internal client community in order to consistently meet or exceed defined levels of security
Coordinate information security initiatives with IT, Legal, Operations and Privacy stakeholders
Act as the liaison between CBS Information Security Group and CBS News stakeholders, coordinating the research, evaluation, design, testing, and implementation of new or improved information security software or systems
Coordinate vulnerability assessments of deployed software applications and enterprise systems, to include penetration testing, architecture reviews and patch management
Assist in the evaluation of outsourced/third-party technologies as related to the management, transmittal, protection and storage of corporate data
Master’s degree a plus
5-8 years of relevant experience required, with proven knowledge of security architecture design, network security, mobile security, vulnerability management, and threat intelligence/analysis
Deep knowledge of security policies, regulations, and compliance issues
Strong ability to translate complex IT and Security challenges and issues into business risks
Proven expertise with performing security assessments and recommending security solutions to assist with improvement of security infrastructure
Solid understanding of the information security landscape, including emerging threats and security solutions
Comfortable working in a matrixed organization and ability to work in a collaborative environment across business and technology teams
Knowledge of common information security management frameworks, such as ISO 27001, COBIT, NIST or PCI DSS
Relevant industry-accepted security certifications ( CISSP, SANS, etc.) a plus

Director, Information Security Resume Examples & Samples

Guide CBS Network/Studios leadership and managers on information security strategy, architecture design and incident response, proactively addressing the needs of the internal client community in order to consistently meet or exceed defined levels of security
Act as the liaison between CBS Information Security Group and CBS Network/Studios stakeholders, coordinating the research, evaluation, design, testing, and implementation of new or improved information security software or systems
Bachelor’s degree in a relate field
8+ years of relevant experience required, with proven knowledge of security architecture design, network security, mobile security, vulnerability management, and threat intelligence/analysis
Strong ability to translate complex IT and security challenges and issues into business risks

Director Information Security Resume Examples & Samples

A bachelor’s degree in Information Technology or related field (preferred) or equivalent experience
Experience leading a large retail organization on PCI remediation compliance efforts
Experienced in writing and implementing security policies and standards
Experience managing a security events monitoring and incident response function
Knowledgeable in a variety of operating systems, virtualization and middleware
Strong leadership and experience working with vendors and managing consulting partners
Proven ability to work independently in a dynamic environment with multiple assigned projects and tasks
Outstanding ability to communicate, both verbally and in writing
Strong Project Management with track record of on-time, on budget and high quality implementations
You must be legally eligible to work in the United States

Director, Information Security Newsroom Resume Examples & Samples

Identify, monitor and remediate technology risks for our journalists
Lead the creation of IT security policies, standards, procedures and guidelines in the newsroom
Understand potential threats, protect communications and defend our data
Lead project teams in implementing technical security solutions
Work closely with technical teams to provide guidance on key infrastructure decisions
Provide a deep understanding of technical security concepts pertaining to network security, mobile devices, email security, remote data and third party security
Ensure successful implementation, compliance and maintenance of the defined information security standards and policies within our newsroom
Stay informed of and recommend leading, innovative solutions for Journalistic Security, as well as keeping up with industry trends and changes
5+ years of experience in IT Security and 3+ years of experience working in a matrixed media organization
Bachelor’s Degree in Information Security, Computer Science or Information Systems desired
Familiar with the current and futures states of journalistic security
Experience interfacing/presenting with senior management
Excellent analytical skills, ability to multi-task and strong project management skills
Track record of success in delivering high quality work in a fast paced and dynamic environment

Director Information Security Resume Examples & Samples

Identifies and communicates key responsibilities and practices to ensure the organization promotes a successful attitude, confidence in leadership, and teamwork to achieve business results
Supports the implementation of Company programs, procedures, methods and practices to promote Starbucks key messages and achieve a competitive advantage
Develops annual budgets and programs, including partner training and awareness; investigations; policies, standards, procedures; and security technology
Evaluates and presents level of information and data security risks
Evaluates the effectiveness of security policies, standards, technical controls, procedures and other internal controls and makes appropriate improvements
Provides consulting services, such as security risk assessments for pre- and post-systems implementation
Leading information security policy, standards and controls development and integration in a high-growth company (8 years)
Experience with collaborative work environments and ability to influence decisions across functional areas (5 years)
Leading and getting results from cross-functional work groups of managers and above (4 years)
Knowledge of information security "best practices", such as ISO/IEC 17799 and ISF The Standard of Good Practice for Information Security
Progressive experience in leading within an information security progrmam, leading information security policy, standards and controls development and integration in a high-growth company
Progressive leadership experience in a large organization
Ability to work in a fast-paced and changing environment
Effective management and supervisory skills, including planning, organizing, developing and monitoring partner performance
Negotiation and conflict management skills
Strong written and verbal communication and presentation skills, including the ability to interact with senior leadership and provide input to the decision-making process
Ability to use business knowledge, sound judgment, and resourcefulness to adapt existing policies to specific situations and selec among varied courses of action
Ability to establish cross-functional, collaborative relationships with business and technology partners
Ability to understand and incorporate technology trends into designs and plans
Advanced knowledge of system architecture and design principles, practices and enabling tools
Ability to advise and influence executive management regarding security best practices, security risk analysis and security risk mitigation

Director Information Security Resume Examples & Samples

Driving the Sabre Security architecture vision to protect and monitor threats to Sabre’s infrastructure
Partnering with business groups and IT groups to drive new products with dynamic secured solutions
Deployment and integration of an enterprise wide secured development program, along with compliance and governance efforts to the top priority applications within Sabre for overall application protection
Deploying a risk based approach to project consulting, focusing the team on solution-ing security based on risk
Forward thinking security solutions for the cloud and network space, mitigating risk, but enabling the business
Development and implementation of KPIs and key metrics for measure progress and success

Senior Director Information Security, China Resume Examples & Samples

Serve as the in-country security leader across various security disciplines including identity & access management, network security, infrastructure, incident response, vulnerability management/assessment, security operations, architecture, etc
Work closely with the other global technology teams to ensure that good security practices are effectively incorporated in their technology domains
Act as the customer facing advocate for all Information Security in-country: regulators, customers, partners, etc
Stay current with security technologies and regulations and make recommendations for use based on business value and compliance
Manage the life cycle of all security technologies; research security standards, security processes and solutions
Be accountable and oversee the entire Information Security program as it relates to China, including guidance of the teams within the overall program
Participate in the management of customer satisfaction, development of best practices and benchmarking exercises
Serve as the lead representative for audit activities in-country
Advise leadership on Information Security issues, systems, processes, products, and services
Demonstrated ability to envision and lead the integration of various security technologies and controls into a cohesive architecture that sufficiently mitigates risk to the company
Deep technical understanding of and experience with security technologies including, but not limited to, identity & access management, intrusion detection, incident response, security operations, event correlation, firewall, antivirus, anti -spam, policy enforcement, patch/configuration management, usage monitoring, audit, secure application development, etc
Strong leadership skills relative to technical acumen as well as talent management of staff
Ability to communicate clearly and effectively with the executive, technical, and business stakeholders
Ability to deal with ambiguity and make expert judgments in situations for which little to no precedent exists
Experience with applicable control frameworks and compliance mandates, including "Basic Standard", PBOC, ISO 2700x, PCI, GLBA, HIPAA, SSAE16, etc
Reputation for being a collaborative thought partner and business leader, skilled at leveraging formal and informal networks
High impact executive with a technology background and the ability to engage in high bandwidth conversations with business and technology executives. S/he must be able to think broadly about Visa's business and articulate and drive business value of technology initiatives

Executive Director, Information Security Resume Examples & Samples

Executive Leadership Debriefs senior executive or Board relevant debriefs of Cybersecurity readiness, capability effectiveness, coverage, gaps, threats, impacts, all risk management related efforts & plans to achieve desired Cybersecurity maturity
Provides thought leadership and direction for improving risk management and Information Security processes, selecting new technology, and technical problem resolution
M&A Cybersecurity Diligence pre/post-acquisition diligence to assist in elevating
Cybersecurity capabilities to appropriate standards and integration/optimization of multiple combining security functions
Security Analytics consolidating siloed security data into Big Data to establish actionable metrics, analytics to identify risky behaviors and remediate effectively across the enterprise
Security in the SDLC integrating security throughout the SDLC to identify and resolve web application security weaknesses early and reduce the risk of successful hacker attacks in production
Sensitive Data Protection identify, desensitize, protect and monitor company specific sensitive data that would have an adverse business impact if disclosed to the public
Cloud Security protecting data and services in the cloud
Managed Security Operations 24x7 managed operations of various Cybersecurity services that enable enhanced capability and output without the overhead of expensive resources and infrastructure
Facilitates communication between staff, management, vendors, and other technology resources within the organization
Reviews and presents strategic plans to deliver to the Information Systems teams
Directs the implementation of policies and procedures related to data security
Designs and implements risk assessments and remediation activities, awareness and training program rollouts as needed, to implement initiatives
Leads management responsible for receiving input from various divisions regarding
Information Security policies, guidelines, strategic goals, risks, and risk tolerance thresholds and communicates information to Information Security team
Participates in departmental performance reviews. Builds, mentors, and motivates staff for optimal work performance
Represents department views and influences decisions on potential company security issues. Partners with other corporate functions and relevant business units to ensure that security needs are monitored and addressed as needed
Reviews and presents operating and capital budgets including forecasts of operations, development, testing, and any specialized needs to senior management

Director, Information Security Resume Examples & Samples

Create and execute a strategy such that NOVA achieves and maintains all applicable information security, data protection and compliance certifications
Executive presence - the ability to communicate with excellent verbal, presentation and written communication skills at all organizational levels
Work with prospective NOVA customers to help establish trust and credibility of NOVA’s information security program
Grow and lead a team of information security professionals, providing leadership, coaching, training, professional development and performance management
Provide technical direction and guidance for all development and operational information security activities
Formulate delivery plans that are aligned with business strategies, monitor progress, identify and mitigate risks for delivery, and communicate progress to the cross-functional team
Stay abreast of current trends within Information Security and adjust the Information Security program as may be required
At least 10 years of operational experience across information security governance, risk management, compliance and operations
Experience with ISO/IEC 27001, 27002, 27005
Experience with defining, implementing and maintaining an information security program and associated controls that can or has passed an AICPA SOC 2 Type II audit across the principles of Security, Confidentiality, Processing Integrity and Availability
Deep knowledge of Information Security technologies
Analytical and detail oriented with demonstrated ability to prioritize, execute and deliver projects on time and within budget

Director Information Security & Control Global Wholesale Technology Resume Examples & Samples

1) Developing strategic solutions for Information Security & Control to support the achievement of Scotiabank Group’s information security objectives of integrity, confidentiality, availability and continuity, within the contexts of the Group’s overall business and customer service objectives
2) Delivery of a continuous improvement program that leads to innovation of products and services
3) Develop strategies and processes to acquire, consolidate and analyze security intelligence information from various sources, assess the potential impact on the Bank’s IT operations and initiate/manage proactive responses
The Director is responsible to deliver a broad range of information security services (specifically Security Operation Services, Release Code Management, Access Governance and Security Advisory Services) to lines of business, technical support and operating groups in Scotiabank, including subsidiaries and affiliates, where appropriate. The incumbent is expected to leverage current standards, industry best practices and the expertise of others within Information Security & Control to deliver, wherever possible, standard solutions to common information security issues
The Director is responsible for functionally managing direct reports and/or technical teams in the areas of information security
Provide counseling and coaching
Recruit qualified resources for projects
Develop departmental capability to exploit technology and develop expertise to meet future business requirements
Ensure succession planning for all critical positions
The Director is responsible for building and maintaining strong working relationships with peers/management within the business lines. Partnering with stakeholders/teams to translate business strategies/requirements and identify appropriate solutions to deliver on objectives is expected
The Director will manage the budgeting processes and quality improvement activities for his/her department and/or projects
Interpret, apply and monitor return on parameters and performance indicators for all new initiatives supported by the area
May be required to work with Project Management, Business Analysis and Finance resources to ensure appropriate financial management of projects and operations
Interpret and implement continuous improvement process for production issues to ensure the effective and timely resolution of problems and knowledge transfer
The Director will meet scheduled milestones to ensure project/program objectives are met in a timely manner
Ensure the timely development and/or implementation of solutions
The Director must have 7-10 years of IT Security and business/industry work experience and is required to keep current with emerging trends, directions and issues in information security technology and auditing frameworks, to be aware of best practices in the financial services industry and to build up "networks" and utilize contacts in industry associations and other organizations. The incumbent must be able to assess the relevance to Scotiabank of new practices, products and events and formulate positions accordingly, leading to the development and implementation of policies, standards, technology and guidelines, as appropriate
Highly respected both internally and externally as an information security expert with strong leadership and facilitation skills and has demonstrated the ability to influence senior management at the VP level. Minimum 7 years of work experience in Information Security
The Director must be prepared to deal with non-compliance situations, conduct an analysis to determine the extent of the problem and accurately report and recommend appropriate action. The incumbent is expected to explain security risks and associated controls to Executive and Senior Management in as constructive and concise manner as possible
The Director must be experienced in people management with a minimum 5 years of work experience managing individuals or leading project teams

Director Information Security & Control Global Wholesale Technology Resume Examples & Samples

Develop
Manage
Must
CISSP,
Bachelor’s

Director, Information Security Resume Examples & Samples

10 year’s experience in an information technology role such as systems or network administrator, systems analyst, system engineer
5 year’s experience in an IT Audit or IT Security role preferably in a hi-tech organization
5 year’s experience managing an IT or security team

Director, Information Security Resume Examples & Samples

10 to 15 years IT experience with 8 to 10 years in a combination of risk management, IT Leadership information security and information technology
Minimum of 8 years’ experience in application security or implementing secure software solutions
Fluent and current in following subject areas: software development life cycle, Application security and compliance
Working knowledge of application assessment, application penetration testing, application security vulnerabilities, code review methodologies, secure coding practices, threat modeling, architectural risk assessment
Understanding of OWASP security concepts, common web/mobile application security risks, and penetration testing frameworks
Experience and knowledge of Payment Card Industry (PCI) regulations required
Excellent communication skills (internal, customer-facing, third party examiners)
Must be comfortable working in ambiguous and/or stressful situations
Must be self-motivated and know when to seek guidance
Flexibility, ability to change priorities quickly, and capacity to handle multiple tasks
Ability to drive a team (direct and matrix) to solutions
Ability to create, communicate and execute business strategy
Ability to create plans and recommendations and gain approval from management
Ability to learn new tools and technologies
Ability to work independently and in a diverse cross geography teams
Exposure to financial services systems and processes
Self-motivated individual, comfortable working without close supervision and with ability to work to deadlines
Team player with proven ability to build strong cross-business relationship
One or more of the following certifications are preferred: CISSP, CRISC, CSSLP, CEPT

Director Information Security Resume Examples & Samples

Works closely with the CIO and the security, compliance, business continuity management and privacy organizations to develop and implement effective IT risk management practices
In consultation with the crisis management team, develop and deliver desktop preparedness exercises at the executive committee level, at least annually
Develop functional requirements for roles that will be involved in the Security program, Plan, design, and implement security systems and software, including SIEM tools, intrusion detection / prevention systems, advanced behavioral analytics, advanced malware protection tools, security scanning tools
Lead the security incident response process, including the ongoing monitoring of threats and vulnerabilities, and respond to major security events
Lead advanced computer and network forensic investigative functions relating to various forms of malware analysis, computer intrusion, theft of information, denial of service and multi-national organized criminal groups; report to senior management regarding high profile / high impact incidents
Review existing security architecture, identify design gaps, and recommend security enhancements
Review alerts and data from sensors and document formal, technical incident reports
Create tools for regular reporting of the security program, activities and progress across the organization
Manage the Security Engineers and Security Architects on implementing and enforcing security policies. Able to prioritize assignments as they come from both Security and Operations teams
Act as a liaison throughout the entire organization (including enterprise IT services, lines of business, public relations, legal counsel)
Ability to travel 20%
Create and maintain documentation maintained in SharePoint and other collaborative environments
12-15 years of experience in IT Security/Risk management or a related discipline (for example, security, privacy, business continuity management or compliance) as well as leading the information security system office and applying security risk management and privacy practices
3 or more years of demonstrated experience managing a high-performing, cohesive security team
3 or more years of demonstrated leadership experience building consensus across IT domains
Practical experience designing and implementing enterprise information technology security and working with information privacy laws
Ability to establish and maintain a corporate wide, global information risk management program and organization
3 or more years of demonstrated experience in liaising with middle and senior management of a large enterprise
Proven ability to build relationships and influence individuals at all levels in a matrixed environment, as well as external vendors and service providers, to ensure that segregation and overlapping roles are identified and coordinated
Experience with Security concepts and tools
Knowledge of SIEM, IPS/IDS, Vulnerability Scanner, Penetration Testing, and incident response methodologies
Strong Cisco experience
Bachelor's degree (Master's preferred) in Computer Science, Management Information Systems, or a focus on IT Security or IT-risk-related disciplines

Senior Director Information Security Management Resume Examples & Samples

For all Global Infrastructure Services (GIS) service organizations (infrastructure vendors)
Ensure that Information Risk Management (IRM) related information within service organization repositories are maintained up-to-date
Maintain a prioritized list of service organizations to be assessed within each calendar year
Archer Group Risk Control roll-out and management for GIS
Maintain a SharePoint repository with service organization IRM information, prioritized risk profiles, IRM service provider risk assessments, reports, etc
Applying a risk based approach, select and conduct service organization assessments (on-site and remote) as required
Conduct Due Diligence service organization assessments (for example, as part of an RFP)
Provide IRM related contractual language / clauses for MSAs, SOWs, SLAs as required. Ensure relevant IRM clauses are considered
Support risk reporting by providing information on vendor information risk exposures
Global Procurement and Sourcing interface
Review service organization examination reports such as SOC1 (CSAE 3416, etc.), SOC 2, Privacy Diagnostic Reports, ISO 27001 Certification Reports, PCI Compliance Attestations, etc
Review of the applicability of scope \ coverage
Analysis of any noted exceptions within the reports, recurring issues, etc
Appropriateness of service organization remediation plans
Track and assist with remediation of any exceptions
The result of this work would be provided to various stakeholders including contract managers, category mangers, privacy / compliance office, ERM, etc
For all internal audits impacting GIS, act as an intermediary
Provide input into the annual IS audit plan to ensure it includes only high risk topics
Influence the scope of audits to ensure they are focused on high risk domains
Assist with the gathering of information during audit planning and fieldwork phases
Provide input into issue statements, recommendations, and ratings
Assist with the drafting of management responses including target resolution dates
Gather information necessary to close audit issues
IRM oversight for GIS
Provide GIS Quarterly Information Risk Report. Consolidate, analyze, monitor, track and report on the status of key information risk exposures and associated mitigation action plans for GIS (identify trends and systemic risks)
Facilitate GIS Risk Control Assessment (RCA). Lead entity and process level risk and control assessments
Provide feedback/ input into Information Risk Management Policy and Standards
Provide subject matter expertise on technology risks – current and emerging risks
GIRM, Enterprise Risk Management, and Global Operational Risk Management interface
Project Information Risk Management
Provide GIS project and technology information risk assessments and assist the development and tracking of management action plans
Support risk reporting by providing information on information risk exposures introduced by GIS projects
Provide interface for GIS with Compliance, Privacy, and the PMO
Risk Assessments / Acceptances
Prepare risk assessments on behalf of GIS (for projects / initiatives, new and existing products / services, etc.)
Active participation in Go Live Acceptance Review (GLAR) meetings
Prepare risk acceptances on behalf of GIS (for projects / initiatives, new and existing products / services, etc.)
Obtain approvals from those that “own” the risk
Develop and assist with the implementation of remediation strategies to address risks highlighted in the acceptances or ensure timely renewal of outstanding acceptances
Vetting and approval of service organization “risk letters” (e.g. IBM Risk Letters). As per Manulife risk acceptances, develop and assist with the implementation of remediation strategies to address risks associated with risk letters
Undergraduate degree in computer science or engineering
Information security (CISSP, CISM, SANS) and auditing (CISA) designations
This is an opportunity for a seasoned risk and information services professional. A minimum of 10 years of experience in progressively responsible IS risk management roles in a global financial services organization
Excellent knowledge of control frameworks, risk management practices and regulatory requirements
Excellent skills required for interacting with cross functional teams in different locations. Demonstrated ability to work effectively in diverse environments and cultures, across a number of office locations
Well-developed impact and influence skills
Track record of building strong relationships across business functions
Integrity. Ability to act with integrity and independence is at the core of information risk management
Excellent customer focus and commitment to quality
Ability to effectively communicate ideas and recommendations orally and in writing, at Division and Corporate levels, and to listen and consider ideas of others. Able to communicate in non-technical terms in a clear and concise manner
Ability to quickly understand business processes and their risk implications, analyze complex situations, reach appropriate conclusions, make value-added and practical recommendations and influence management to take appropriate actions on recommendations. Ability to understand the business impact of information risk management issues
Demonstrated ability to deal effectively with staff at all levels from managers to VPs
Ability to manage multiple tasks for multiple stakeholders which will need to be prioritized. Results oriented; ability to balance multiple priorities and projects
Ability to challenge the status quo, assess business risk and make appropriate decisions. Ability to deal with a constantly changing environment and the diverse and complex issues associated with it
Prioritization and time management in a multi-tasking environment; meeting commitments while maintaining flexibility to meet changing priorities
Demonstrate professionalism and a positive attitude in difficult situations, and ability to work effectively with any organizational politics
Collaborating with management to obtain a consensus on establishing the problem, risks exposure, and corresponding recommendation to resolve the risk exposure
Internal IS audit or compliance experience
Knowledge and understanding of the financial industry

Director, Information Security Resume Examples & Samples

8+ years of information technology leadership experience
Experience implementing, managing or governing security technologies (e.g., encryption, network security, intrusion detection, digital forensics) and/or threat and vulnerability management programs
Experience in enterprise IT security risk management frameworks and processes
Knowledge of and experience with Governance, Risk Management and Compliance (GRC) tools
Direct management of cross functional, sourced, or matrixed teams

Director, Information Security Resume Examples & Samples

Works independently applying in-depth knowledge of multiple Information Security technologies (IPS/Firewalls/Anomaly Detection etc.), as appropriate
Accomplishes staff results by communicating job expectations; planning, monitoring, and appraising job results; coaching, counseling, and disciplining employees; developing, coordinating, and enforcing systems, policies, procedures, and productivity standards
Effectively uses the Viacom Information Security Application and Services Portfolio to reduce risk to Viacom Information and Information Systems
Proactively looks for innovative approaches to maintaining and improving the Viacom Information Security Framework
Participates in Incident Response training initiatives and when required ensures active participation in the incident response lifecycle governed by the Technical CERT Policy
Ensure all of the services and or applications supported are consistently performing as intended this includes coordinating upgrades and or improvements
Frequently reviews any tickets in any service ticketing queues related to the group managed to ensure proper ticket closure
Perform vulnerability scans which include analysis and coordinating remediation
Conduct anomaly detection analysis and coordinate remediation
Conduct intrusion detection analysis and coordinate remediation
Participate in litigation support associated with Electronic Stored Information
Participate as appropriate in the planning and implementation of any Viacom Information Security projects
Participate as appropriate in any Information Technology or Business unit project noting any information security gaps or implications
Perform security risk evaluations and penetration assessments
Supports the company’s risk management program in a manner that fulfills the mission and strategic goals of the organization while complying with local, state and federal laws and accreditation standards
Proactively identifies creative risk solutions to decrease loss of data, increase the data protection mechanisms and controls throughout the enterprise
Develop polices, procedures and related guidelines
Typical candidates will possess 7+ years in IT related field and 5+ years of full time Information Security Technical management experience
Makes a commitment to helping create a “transparent culture of service” which fosters an open, honest, candid workplace within the teams managed
Proven management skills, with ability to manage, mentor and motivate employees
Acts responsibly with sensitive and confidential information
Is creative and resourceful as a problem solver
Consistently demonstrates the drive to deliver projects successfully even under difficult timelines
Strong logical, analytical, methodical, investigative and auditing skills
Travel domestically and internationally if required and with short notice

Director, Information Security Resume Examples & Samples

Has performed Self Assessment Questionnaires (Type D) and/or Attestations of Compliance as a QSA or has had operational responsibility for assuring PCI compliance at a Level 1 or 2 Merchant as an ISA
Has developed and maintained PCI compliance (e.g. documentary archives to support on-going compliance activity.) and operational support (e.g. FAQs, installation instructions, and training materials for system users, help desk, desktop support, infrastructure and application teams.) documentation
Has worked closely with internal and external audit functions in PCI assessment engagements with a demonstrated ability to manage large engagements
Has extensive experience and knowledge with Cardholder Data Environment (CDE) infrastructure and technical evaluations
Has supported technical design, implementation and operational support of cardholder data environments to ensure ongoing compliance
Has conducted formal end-to end system reviews for newand proposed cardholder data applicationsto ensure compliance with the PCI standards
Demonstrated ability to collaborate with various departments and levels of management (including IT Audit, Infrastructure, Network, Server and Application Groups as well as external QSA consultants) regarding the development, deployment and operation of a PCI compliance program
Demonstrated ability to manage multiple projects and set priorities
Ability to analyze and make recommendations to improve the design and effectiveness of PCI related security controls
Bachelor’s Degree or 5 years equivalent experience
Current or recent QSA or ISA certification
Minimum of seven (7) years related PCI experience with Level 1 or 2 Merchants, with emphasis on assessment
Current knowledge of PCI compliance standards, trends and issues
Thorough understanding of credit card processing applications, devices, and technologies

Director, Information Security Services Resume Examples & Samples

Experience partnering with Human Resources, Legal, Risk Management, and other business functions on processes and issues that relate to protection of critical information assets
Experience with assisting in the development and management of information security programs and related standards
Experience with the development and management of information risk assessment processes, including vulnerability testing and monitoring
Experience with intrusion detection and incident response procedures and solutions
Experience with formulating communication of information security, compliance, and risk standards and methodology to staff working on varied analytical, engineering, or systems integration projects
Experience working with outside consultants, auditors, and regulators on independent security reviews as required
Experience promoting information security awareness throughout the institution via training activities in coordination with other training units
Experience with best practices pertaining to data classification, data access controls, data stewardship, and privileged access management and monitoring

Senior Director, Information Security Resume Examples & Samples

Experienced in the development and execution of IT SOX compliance plans and programs
Ability to design and implement compliance testing, controls assessment and documentation across all IT SOX domains and other control compliance requirements as needed
Previous experience coordinating with external SOX auditors, and addressing concerns they might raise
Experience in one or more of the following areas is preferred: SOC 2, HIPAA, NIST, CJIS, ISO 27K
Able to communicate control weaknesses to process owners, prioritize based on risk and drive remediation
Provide guidance and best practices on IT compliance requirements to process owners
Minimum of 10+ years industry experience
BS/BA or MBA and prior experience at a Big 4 accounting or similar professional services firm strongly preferred
Experience with cross-functional project management. PMP preferred
Excellent written and verbal communication skills in a very hands-on environment
Strong analytical skills, including quantitative analysis
One or more of the following certifications is a plus: CISSP, CISM, CISA, CGEIT, CRISC, CHP, CIPP

Director, Information Security Policy Resume Examples & Samples

Developing, implementing, and maintaining policies and standards. This includes: ensuring all policies and standards are kept relevant to organizational goals, socialized and adopted and maintained in good standing; supporting the alignment of policies and standards to both regulations and controls; defining and providing policy implementation guidance and advisory services; and working with process owners, as required, to ensure control processes (procedures) are established and documented
Establishing and maintaining a governance framework to provide assurance that strategies are aligned with and support business objectives and are consistent with applicable laws and regulations through adherence to policies. This includes: executing and maturing the governance framework in line with policy and regulation; coordinating with stakeholders (for metrics and reporting processes) to create and deliver relevant reports and presentations for senior management consumption; work with corporate functions to align to and support necessary regulatory reporting requirements; conduct gap analysis on new and emerging guidance across regions and legal entities and lead the organization in evaluation and adoption; and conduct research on industry leading practices for governance matters pertaining to financial services
Collaborates with other stakeholders and subject matter experts across the organization in any associated policy and governance determination, evaluation and syndication
Stakeholder management and working across various parts of the organization
Communicates information security matters to senior management
Education: Bachelor's Degree required
Certifications: 1 or more of CISSP, CISM, CISA, CRISC, preferred, but not required
Experience: 10 + years related experience

Director, Information Security Resume Examples & Samples

Commitment and resource allocation to ensure the success of others; teams and individuals
Demonstrable track record of acting as effective change agents
Transformative IAM processes and services
To deliver shared services which include financial management, program communications, brand management, user experience and education
To provide risk management consultation across IAM teams to enable IAM risk and control maturation, and act as liaison with audit
Leads the development of the IAM strategy and tactical program plan to realize the vision articulated in the strategy
Leads investment, run the business, AIU and SQP funding processes for IAM
Leads the financial management and support for the IAM budget, ensuring IAM operates w/in +/-2% of approved budget
Monitors and tracks program initiatives against delivery, cost, budget, forecast, schedules and quality targets
Manages IAM human resourcing function and supports the delivery of the IAM strategy and plan
Acts as lead contributor in authoring/editing AXP IS Policy and IS and IT Standards and related content
Acts as IAM thought leader responsible for reviewing Exceptions (deviations) from IAM Policy and Standards, working w/ the business to develop acceptable compliance plans
Leads IAM regulatory and audit responses
Leads IAM PRSA refresh, control documentation and control reengineering
Acts as counsel / advisor to Vice President of IAM regarding security discipline trends and innovations
Directs program communications, user experience, metrics and reporting
Leads special projects and assigns and manages staff to function as program managers facilitating and enabling the business by embedding IAM security solutions into process and technology, working with all levels across the Business and Technology organizations
Provides consultation to internal business partners, customers and vendors in assessing IAM security risks and implementing mitigating controls to protect AXP
10 years of IT or IS experience including 5-7 years of IAM experience
Demonstrated relationship management experience at all levels across both Business and Technology organizations
Experience in interfacing with auditors and regulators to accurately respond to requests and represent the Identity and Access Management security discipline
Financial expertise, managing budgets in excess of $25M
Strong thought leadership with the ability to work at a detailed level to anticipate and identify issues, develop solutions and follow project through to completion
Experience in managing large program office initiatives over multiple years
Prior successful leadership of a large program team and proven people management skills
Experience leading Identity and Access Management technology and process solution delivery
Experience leading Risk Management

Director, Information Security Resume Examples & Samples

Direct department staff including hiring, performance management and career development to ensure alignment with defined goals
Plan and integrate the daily activities of multiple teams, allocating resources within defined budgets
Coordinate the plans and activities of the organization with senior leaders inside and outside IT
Apply technical and process expertise to address challenging technical and business issues
Bachelor's degree in Computer Science, MIS, related field or equivalent experience
8+ years of diverse IT experience
Experience in Information Security Framework is required
FISMA experience is required
Previous management experience including responsibilities for hiring, training, assigning work and managing performance of staff

Director, Information Security Management Resume Examples & Samples

Executing program management activities for the Global Cyber Security Program. This includes managing ongoing network security-related tasks and projects (being responsible for their health and progress), gathering and reporting metrics across all Manulife divisions, and serving as a POC for network and infrastructure security-related guidance across Manulife globally
Support the global Patch and Vulnerability Management program, including hands-on risk assessments and technical advice to divisions and business units seeking to implement remediation
Design, create, document, review and update artifacts from the Manulife security framework, such as policies, procedures, technical and hardening standards, and guidance documents with technical content for various platforms
Be part of an active management team who manage budget and finances, develop strategy, set goals and targets, report to senior management and strive to inspire and foster the information risk professionals on your team
Collaborate with other IRM teams and professionals including the senior leadership, the Divisional Information Risk Officers and Audit Services
Contribute and shape divisional and global IRM projects and initiatives. Ensure division-specific requirements and needs are accommodated whenever possible and practical in initiatives, projects and services
Play a role during incident response and work closely with Manulife staff for any incidents involving Manulife systems. This includes root-cause analysis, log reviews, and vulnerability identification and remediation
University Degree (Computer Science or Engineering preferred)
Seven years or more of progressive experience in one or more of the following disciplines: Network Security, Security Architecture, Information Security Management, Information Technology/Systems, Information Risk Management, Security Frameworks, Security Policies and Standards, Project Management, Audits, ideally with time spent in large, complex organizations
Professional certifications or designations in network and infrastructure security and/or architectural frameworks, IT security, IT auditing, or risk analysis
Excellent communication skills (oral and written) including presentation skills and demonstrated ability to present at all organizational levels
Proven ability to build relationships, engage and influence others, work with a diverse internal and international user community, as well as vendors
Strong interpersonal skills, including demonstrated ability to be sensitive and professional when communicating across geographical and cultural boundaries
Effective influencing and negotiation skills with the aptitude to achieve consensus in a federated environment
Proven ability to lead and manage teams to achieve business and/or risk management objectives

Director Information Security Operations Resume Examples & Samples

5-10 years of experience in an information security role
Prior experience leading teams and mentoring junior staff
Significant experience with Linux and Windows operating systems, knowledge of virtual environments, malware analysis and APT Methodologies
Experience with advanced threat detection technologies
Experience in creating advanced security alerts and malware signatures
Team player, able to work with other members of the Information Security Group in resolving issues
Professional and cooperative attitude

Director, Information Security Resume Examples & Samples

Manages a team of Senior Cyber security professionals
Lead or facilitate major portions of large or medium projects/tasks, or provide sole support for small projects/tasks
Gathers facts through research, interviewing, surveys, etc. to analyze the client's business, draw conclusions, prepare final reports and give presentations
Provides technical knowledge and analysis of information assurance, to include system engineering, risk management systems authorization, critical infrastructure continuity and contingency planning; security awareness and training
Familiar with statutes, regulations and current OMB, NIST and NSA guidance with respect to establishing and maintaining a Cybersecurity program
Effectively adapts to new requirements; comfortable with complexity, ambiguity and change
Ability to take large volumes of complex information and present it in a clear and concise manner to senior management
10 years directly related experience is required

Senior Director, Information Security Resume Examples & Samples

Architect 2U’s overall strategy for how we approach information security, risk assessment, and compliance requirements
Run security team for 2U, working with our university partners. Manage budgets, staff and goals for the team
Lead the ongoing development of security policies, documentation, and implementation
Act as security evangelist to development teams and lead security awareness efforts
Provide strategic direction on Information Security trends, threats, and solutions to Technology leadership including CTO, SVP, Tech, and VP, Devops and IT Security
Monitor the operation of all technology systems for appropriate use and facilitate reporting to relevant stakeholders on a regular basis, maintaining compliance with relevant security standards
Coordinate audits of software and network system usage to ensure compliance with security policies, mitigate threats to security
Research and recommend purchase of security technologies, hardware, and software systems for 2U needs
Bachelor’s degree in a relevant field, Master’s degree a bonus
Work experience should reflect mastery of security tasks and readiness for management
Ability to manage a highly skilled engineering team to produce excellent work
Strong sense of ownership of tasks and quality of both personal and team efforts
Ability to work in a dynamic and flexible environment
Experience interfacing with Universities strongly preferred
Ability to work occasional late nights and weekends, travel occasionally, up to 10%

Director, Information Security Resume Examples & Samples

Minimum of 8 to 10 years of experience in a combination of risk management, information security and IT jobs — at least four must be in a senior leadership role
Financial and/or Mortgage industry expertise preferred
Strong communication skills (including ability to probe deeply into business issues during exploratory and fact finding calls/discussions)
Develops, implements and monitors a strategic, comprehensive enterprise information security and IT risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization
Develops and manages information security budgets, and monitor them for variances
Develops and enhances an information security management framework based on National Institute of Standards and Technology (NIST)
Provides strategic security guidance for IT projects, including the evaluation and recommendation of technical controls
Liaison among the Information Security team and corporate compliance, Oversight, audit, legal and HR management teams as required
Manages security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation
Facilitates a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security
Manages the enterprise's security organization, consisting of direct reports and indirect reports

Director Information Security Risk Resume Examples & Samples

5-10 years of experience in an information security or risk management role
Experience managing and mentoring direct reports and staff
Experience reviewing contracts for information security requirements and concerns
Thorough understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business is required
Payment Card Industry Data Security Standard and the associated compliance requirements for a Level 1 merchant

Director, Information Security Resume Examples & Samples

Proven communication skills, with documented examples of high-quality written communication
Proven leadership ability in a multi-team setting
High level of expertise in security architecture for networks, servers, and workstations
Knowledge of Quantitative Risk Analysis
Ability to function at a high level in a fast paced, dynamic environment with competing priorities and multiple demands under tight deadlines
Previous management experience required
Experience writing and maintaining IT Security policies
Experience leading and participating in an enterprise change advisory board and change management process
A proven history of delivering projects on time and under budget
Previous experience securing health care data
Previous Networking, Linux and /or Unix administrative skills a plus

Director Information Security Resume Examples & Samples

Develop and maintain a risk strategy that formalizes risk into a comprehensive program for management to assess areas of concern
Maintain a governance program that ensures all Information Security controls are adequately maintained and reported on through a GRC process
Develop, publish, and maintain a comprehensive organization-wide information privacy and security strategy, plans, policies, procedures, and guidelines
Manage the development, implementation, and maintenance of security policies, standards, and guidelines
Direct the development and enforcement of information security and privacy policies in compliance with internal and external standards
Identify current security infrastructure and defines what kind of security must be designed and implemented in order to meet organization requirements
Coordinate contract efforts when addressing cross-border data transfers
Research and maintain proficiency in tools, techniques, countermeasures, and basic trends in computer and network threats and exploits
Maintain a vulnerability management program where risk prioritizes work effort
Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted information and reasonably protects against anticipated threats and vulnerabilities
Create status reports and briefings on security matters for senior management
Conduct risk analyses and assessments to ensure there are solutions in place to mitigate those risks
Provide management with up to date information on the different threats and security vulnerabilities that the organization may face
Ensure compliance through adequate training programs and oversight of periodic internal security audits
Provide guidance and training to information owners and designs and implements programs for user awareness, compliance monitoring, and security compliance
Assess audit results and partners with IT staff to create pragmatic action plans and monitors the execution and completion of action plans
Coordinate audit and assessment processes to verify compliance with established controls
Work with legal to ensure data protection practices are consistent with international regulatory requirements
Partners with IT management to develop and maintain best practices and policies for security of all internal systems
Partner with Legal and HR organizations to conduct IT Security & Technology forensics analysis against any suspicious activities with primary emphasis on networks, desktops / laptops, servers and critical applications
Manage 3rd party forensics partner during significant incidents
Lead a team in the design, development, deployment and support of an enterprise identity and access management system
Must be an articulate, consensus building, and persuasive leader who can serve as an effective member of the senior management team and communicate information security-related concepts to a broad range of technical and non-technical staff
Must demonstrate the ability to maintain strict confidentiality of the agency's internal and personnel affairs
Excellent verbal communication and writing skills
Presentation Skills – Prepare and deliver formal and informal presentations to illustrate ideas, solutions and issues to upper management
Intermediate project management experience
Must have strong documentation technical writing skills
Must demonstrate professionalism and maturity when working with internal clients, peers, senior management, and vendors

Director, Information Security Resume Examples & Samples

Guide CBS Radio leadership and managers on information security strategy, architecture design and incident response, proactively addressing the needs of the internal client community in order to consistently meet or exceed defined levels of security
Coordinate information security initiatives with IT, Legal and Privacy stakeholders
Act as the liaison between CBS Radio Information Technology and CBS Radio stakeholders, coordinating the research, evaluation, design, testing, and implementation of new or improved information security software or systems
Coordinate vulnerability assessements of deployed software applications and enterprise systems, to include penetration testing, architecture reviews and patch management
Confident communication skills and ability to provide regular management program/project breifings

Senior Director Information Security & DCS Resume Examples & Samples

Leading the development and publishing of up-to-date security policies, standards and guidelines, and overseeing training and dissemination of security policies and practices
Managing the enterprise's security organization, including hiring, training, talent development and performance management
Ensuring that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings
Setting consistent standards for IT security operations and support (i.e. intrusion detection systems, cyber security, firewalls, vulnerability assessment systems, penetration testing, secure email system, access control & identity management systems, network security, etc.)
Managing the research and development activities designed to assess need, analyze costs and benefits, and develops strategies for deploying and integrating progressive security techniques and technologies
Coordinating the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources
Creating, communicating and implementing a risk-based process for vendor risk management, including assessment and treatment for risks that may result from partners, consultants and other service providers
Understanding and interacting with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services, including, but not limited to, privacy, risk management, compliance and business continuity management
12+ years’ experience in managing IS Security, developing policies, procedures and guidelines in a complex environment
7+ years’ experience in a management role
Extensive hands on experience in configuring, utilizing and interpreting industry leading network, application, web, database and host vulnerability technologies and serving as the technical security subject matter expert for remediation
Excellent understanding of security and risk management principles
Experience in the development, implementation and operation of IT Security Strategy within a complex multi supplier, multi-platform environment
Strong enterprise multi-platform IT experience Security best practice (including BS7799/ISO27001) and relevant legislation
IT Security, including identity and credential management, access policy and its management, authentication and SSO, authorization, audit, secure communications and cryptographic services, network protection, data protection and privacy, security administration, security information base
Good understanding of security implications arising from COTs implementations
Ability to adjust schedule to meet business needs
Ability to handle multiple competing priorities concurrently
Strong influencing skills to include negotiation, problem solving and conflict resolution
Experience in the Energy and Refining industry preferred
Fluent in English, oral and written

Director, Information Security Oversight Resume Examples & Samples

Conducting independent reviews on key components of the information security program and providing effective challenge to the design and execution of information security controls
Actively testing and monitoring information security controls
Conducting ongoing risk assessments
Conducting quantitative analysis on information security data to drive insights and recommendations for first line teams
Developing information security metrics (e.g. KRIs and KPIs) to continuously monitor and oversee program level risks
Establishing escalation thresholds for key information security metrics and escalating issues and emerging risks in accordance with the risk appetite program
5+ years of experience in an information security role
Knowledge of relevant information security standards and frameworks, including NIST
Knowledge of US federal financial guidelines, examples include: FFIEC, OCC, & FDIC
Risk management experience is preferred
Experience with information security risk process improvement preferred
Deep knowledge of AXP information security systems/platforms, data and processes is preferred
Experience in leading information security teams is preferred
Thought leadership and ability to influence business partners
Attention to details with strong strategic view
Strong verbal and written communication skills and excellent relationship building skills
Superior problem-solving, strong analytical skill, strong learning agility and willingness to embrace new challenges
Professional certification is preferred (e.g. CISA, CISSP, CISM, CPCB, etc.)
Bachelor's degree in Computer Science, Information Systems, Business Administration or other related field or equivalent work experience; advanced degree preferred

Associate Director, Information Security Resume Examples & Samples

Designs, implements and maintains technical security solutions to detect, prevent, filter and monitor threats to the environment in order to provide a defense-in-depth architecture
Provides sound fiscal management including budgetary role for proper staffing and expenditures
Develops process to assess security risk, risk mitigation's, and escalation of risks in the environment
Develops information security processes and standards that are aligned to industry frameworks and recommend changes and process improvements including those based upon identified risks and changes in legal and regulatory requirements
Works with relevant information asset owners and data custodians on determining appropriate controls to mitigate identified risks, and perform stakeholder role in controls implementation initiatives
Contributes to the vulnerability management program including analysis of identified vulnerabilities
Contributes to the design, development and on-going maintenance of a global Information Security Awareness Program
Hires, develops and manages staff
LI-NA1
Previous experience that provides the knowledge, skills, and abilities to perform the job (comparable to 10+ years, including 10 years' experience with IT Operations, 5 years' project management or similar leadership experience, and 3 years' experience in an IT business liaison role, working with senior business managers) or equivalent and relevant combination of education, training, & experience
5+ years of management responsibility
Working knowledge with systems in use at PPD considered a plus
Expert knowledge of Information Security frameworks/controls (ISO 27000, SANS CSC, NIST) and diverse IT architectures
Good knowledge of configuration management, change control, risk assessments, exception management and security baselines
Advanced technical skills assessing threats to multiple types of environments
Demonstrated ability to lead initiatives on both strategic and tactical levels
Demonstrated executive presence with strong consultation and presentation skills
Ability to work with ambiguity and complexity
Directs through lower management levels and / or highly skilled specialist employees who exercise significant latitude and independent judgment. Often heads one or more departments or a large centralized staff function. In some instances may be responsible for a functional area (as determined by executive management) and not have subordinate supervisors or employees. May manage employees across multiple regions

Director Information Security Architecture Resume Examples & Samples

A minimum 12 years information technology experience
A minimum 7 years of information security experience
A minimum 5 years of technical leadership experience
A minimum 5 years of deep technical, architectural understanding of all facets of information security
Excellent communication skills, with demonstrated experience making articulate and effective verbal and written presentations to different audiences
Excellent organizational and leadership skills with the ability to lead, build, and develop a team of senior IT professionals through formal and informal reporting relationships
A working knowledge of one or more security and IT Architecture standards, including COBIT, TOGAF, Open Security Architecture, or Service Oriented Modeling Framework

Director Information Security Resume Examples & Samples

Defines strategic targets and direction for Global IT Security in close alignment with senior business partner and GIT Senior Management
Capture, prioritize and structure the business demands and requirements to create and own a multi-year strategy and roadmap
Leads and manages teams that are involved in delivering key deliverables (projects, security consulting and design - supporting solution partners, audit remediation support, etc.) in the area of IT Security
Oversees and acts as last point of escalation for all IT Security related governance controls (Firewall, IPS, DLP, Content Filtering change management, Remote Access into our organization by 3rd Parties, etc.). Also work with key stakeholders on improving existing process in order to support business by increasing efficiency while maintaining quality and acceptable risk levels
Act as the primary point of contact for any internal or external organizations on authorization related topics or requests. Participate in critical interviews and meetings
Define and maintain the policies, standards, procedures and guidelines required to appropriately document rules and usage of related IT Security controls
Financials and Controlling
Experience in conducting interviews and deliver information security assessments of the current infrastructure, projects, new technologies, external service providers and Information Security related changes
Previously worked as a consultant in a delivery role and have a good functional knowledge of end-to-end Information and IT Security
Understanding of the security requirements for software applications and when and how they should be implemented within business systems and processes
Technically aware of current threats and also on future security vendor products
Ability to provide a clear framework for performance to direct reports or project team
Ability to coach, guide and manage a (project)team
Ability to be self-directed while working under tight deadlines
Ability to work in a fast-paced environment with different international cultures
Business- and solution-oriented, global mindset
Expert knowledge of respective business processes and IT systems
Strong strategic thinking and planning skills
Strong experience in working on several projects simultaneously
Strong communication (both written and verbal) and facilitation skills (small and large groups) especially when interacting with different levels of business
Ability to travel, domestic or international, as required
Fluent English (verbal and written),
Strong MS-Office skills (Word, Excel, PowerPoint)
Bachelor’s degree in an appropriate field, such as information technology or management, or equivalent combination of education and experience
Minimum of 8+ years of progressive work experience in large-scale (IT) projects or program management or large-scale application service responsibility
3-5 years of experience in managing a team
Strong understanding of enterprise-level networks, networking protocols, devices, and architecture
Experience in NIDS/HIDS, SEIM, Log Management, Patch Management, Vulnerability Management, eDiscovery, Virtual Machine Security
Experience in Security Architecture, Policies & Standards, Risk Management, Incident Handling and Response, Information Classification
At least knowledge of one programming language
Strategic orientation with ability to act tactically as required
Strong stakeholder management as well as the ability to negotiate and influence at all levels
Sound understanding of emerging technologies and how these can create new business models
Ability to deliver projects on-time, on-budget
Must be able to perform well under pressure

Director, Information Security Architecture Resume Examples & Samples

Lead the analysis, requirement development, design, and implementation of authentication and authorization policy governance for new and existing applications
Develop guidelines and processes to govern a centralized application security model
Lead the analysis, requirement development, design, documentation, implementation, and maintenance of complex IT solutions
Provide technical and/or project leadership function for assigned security projects including; the protection of information systems assets, corporate information, and intellectual property
Leverage existing solutions and global design to drive standardization and simplification to reduce implementation timelines and costs
Communicate security standards and policies
Identify critical path decisions, make recommendations, and influence program leaders / business process owners
Interface with internal and external contributing organizations
Maintain a superior knowledge of the cyber security capabilities of operating systems, networking devices, control systems, and vendor offerings
Maintain a working knowledge of applicable cyber security standards involving critical infrastructure, including those relating to process networks
Understand technical issues and the implications to the business, and be able to communicate them to management and other business leaders
Roll up your sleeves attitude focused on performance and risk reduction
Ability to effectively work in a matrix management environment
Ability to lead and shape stakeholder expectations
Readiness to travel up to 30% if needed
Familiarity with Identity Federation technologies including experience integrating large scale identity solutions
Proven analytical and problem resolution skills including
Ability to influence and build consensus with other IT teams and leadership
7-10+ years recent experience in large enterprise environment
Ability to train, manage and assist co-workers on all aspects of security awareness, controls and compliance

Director, Information Security Resume Examples & Samples

Designs and maintains the Mobile Hosting information security controls framework
Designs and maintains the Mobile Hosting information security compliance framework
Designs and maintains the Mobile Hosting information security risk framework
Assists Corporate GRC Director in maintaining Mobile Hosting Security Controls Frameworks
Assist and advise Mobile Hosting team in configuring security parameters of IT systems
Operates security technologies as required
Responds to security incidents as required
Drives initiatives to attain and maintain certifications
Performs Mobile Hosting compliance related activities
Acts as a key member of the Mobile Hosting staff and assists with other duties as required
Well versed in security Policies
Well versed in ISO 27001, SSAE 16, SANS CSC controls and similar
Expert level understanding of common security technologies
Expert level understanding of the information security vendor landscape
Strong knowledge of Security Governance, Risk & Compliance and Security Audit practices
Significant experience in developing reference architecture
Ability to “roll up sleeves” to implement and operate technology as required
Deep understanding of advanced security threats and their TTP
Strong knowledge of application security, network security, and systems security
Expert facilitator and communicator
Ability to communicate with executives
Ability to work in a highly matrixed environment
Project/Program management experience
Knowledge of one or more GRC platforms
History of delivering consulting engagements

Director, Information Security Resume Examples & Samples

Monitors network for information security events and troubleshoots problem areas as needed and provides guidance and leadership for information security incidents. Determines causes of security violations and implements corrective actions. Provides information security support and expertise to acquisition, chain of custody and preservation activities as appropriate
Participates in system selection, managing and operations of information security solutions
Acts on behalf of the company as an Information Security expert, which includes but is not limited to client and prospective client presentations, industry involvement, etc. Maintains communications with managers and executives in order to identify key security points and issues. This includes collaboration with the Chief Compliance Officer, IT management team, IT staff and business leaders to identify key areas of risks and protect critical assets with policy, process and technological controls
Documents, maintains, reviews, and oversees an actionable and relevant, IT-based, enterprise-wide security risk register, control environment, and related artifact strategy to achieve and maintain compliance with regulations while supporting the organization’s operational goals
Helps design and implement processes and technology solutions to assess, monitor, audit and enforce compliance with internal and regulatory requirements, such as PCI, HIPAA, SOX, and others
Manage, monitor, and oversee coordination of internal and 3rd party audits, review including allocating assignments and work load to best utilize resources, meet service objectives, and deliver quality customer service.. Oversee the maintenance and effectiveness of IT controls to ensure that compliance is maintained and necessary remediation is achieved in a timely and professional manner
Mentors and serves as the point person for team members to lend expertise and provide support for day to day activities as well as assigned projects
Maintains a level of technical proficiency and currency within the information security field by participating with and maintaining memberships with professional work groups, attending trainings, seminars, or other technical-related conferences or seminars; interfacing with peers; or reading trade periodicals or journals

Director, Information Security Resume Examples & Samples

Lead multiple larger and more complex projects and/or technology initiatives and apply innovative solutions to the administration of the Security team
Technically mentor associates within the department. Provide training and guidance to team members as required
Maintain and foster internal client relationships. Take ownership of the relationship and ensure that clients’ objectives are met. Gain understanding when the objectives are not feasible
Plan and manage resources ensuring all projects meet obligations and budget expectations
Assist with developing and establishing strategic and long-range goals and direction for the Network Security area of IT Operations
Analyze customer and business requirements, and develop technical solutions
Maintain regular and predictable attendance

Director, Information Security Resume Examples & Samples

Directs the success of the appropriate security plan/program relevant to their responsible area as appointed by their AVP or Chief Information Security Officer
Sets high level goals and strategy for team and communicates to Sr. Management to ensure coordination and collaboration with other teams and groups
Directs the success of the Enterprise IT Security for new/emerging technologies
Provides support to key business entities i.e. Human Resources, Legal, Internal Audit, HIPAA, Program Management Office, Finance
7-9 years

Director Information Security Resume Examples & Samples

Ability to work in a highly matrixed technical environment
Proven ability working in large Scale Enterprise programs 8+ years of program management including cost, scope and schedule in a complex environment
Demonstrated integration of cross-platform solutions in an Agile product environment Domain Knowledge in Information Security and Data Encryption knowledge of front end, middleware and backend technologies such as HTML, JavaScript, IOS, Web Services, Java Able to communicate at all levels of leadership and have an understanding of technology and engineering
Demonstrated ability to influence subject matter expertise with other architects and engineers to gain cooperation for projects and initiatives within own function or domain
Understanding of core information security issues, standards, threats, and preventive technologies and methodologies Agile Practices Software Configuration Programming/Software Development Solution Architecture

Director, Information Security Resume Examples & Samples

Build an organization of people, processes and tools that can be used to detect and neutralize threats
Formulate security recommendations based upon industry standards and emerging technologies and manage the implementation of security initiatives
Assist Infrastructure and Application Development teams to ensure proper security controls are implemented across technology initiatives
IT liaison for addressing risk based issues with internal audit, loss prevention, and risk management
Establishes and maintains written and in-person communications with the organization's executives, department heads, and end users regarding pertinent information security activities and metrics
Provide oversight of the creation, approval and implementation of business continuity/disaster recovery plans while establishing and maintaining vendor relationships
College degree in a Computer or Engineering related discipline is preferred
Minimum of 7-10 years' experience performing IT and security related duties
Expertise in security threats, vulnerabilities, defenses, principles and policies
Technical acumen and experience in the areas of security requirements analysis, security architecture, security testing, security operations and maintenance and the security economics
Knowledge of applicable data privacy practices and regulatory requirements (PCI DSS, HIPAA, SOX)
Strong leadership skills, excellent cross-functional relationship building skills
Project management skills, financial/budget management, and resource management
Security certifications are a plus (CISSP, CISM, etc.)

Director, Information Security Resume Examples & Samples

Understand corporate strategic plans and fundamental business activities at BCBST and subsidiaries. Maintain current knowledge of applicable regulatory and compliance issues related to Information Security. Based on this knowledge, plan, develop, document, maintain and monitor progress of Information Security Program components consistent with applicable regulatory and compliance requirements
Develop, maintain and communicate policies to direct security functions relative to information technology systems (including systems under development), networks, applications, and voice and data communications that are consistent with applicable regulatory and compliance requirements
Depending on departmental function direct responsibilities may include one or more of the following
Must possess a solid understanding of Information Technology, Information Security, and Risk Management
Minimum 8 years progressive information security management and/or risk management experience in the healthcare or financial sector is required
Information Security certifications such as the Certified Information Systems Security Professional Certification (CISSP) or Certified Information Security Manager Certification (CISM) is required. Appropriate certification in risk management and/or healthcare compliance is desirable
Knowledge of security and control frameworks, such as ISO 17799, COBIT, and NIST CyberSecurity Framework
Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. This is a highly responsible position that requires both quantitative and interpersonal skills
Demonstrated project management, organization and facilitation skills
Excellent communication and presentation skills. Demonstrated ability to serve as an effective member of senior management team and ability to communicate security-related concepts to a broad range of technical and non-technical management and staff

Executive Director, Information Security Resume Examples & Samples

Responsible for leading efforts to protect confidentiality, integrity, and availability of information while supporting systems across Bridgestone Americas; this includes defining, developing, and managing the enterprise IT Security strategy and security technologies to support the strategy
Responsible for the policy direction and oversight of matters governing appropriate access, security, privacy, and confidentiality of teammate and other sensitive personal, business information, and trade secrets
Responsible for managing overall budget for all aspects of IT Security function including operations, new projects, third party vendors and other related costs
Responsible for managing and improving the enterprise-wide Business Continuity function as well as the IT Disaster Recovery function
Define, measure and drive compliance including but not limited to defined regulatory requirements PCI, JSOX, GLBA, and other appropriate compliance initiatives
Implement new programs and innovation to meet or exceed operational expectations to deliver quality, reliability and flexibility of approach
Establish strong relationships with executive, business, & functional leaders globally while contributing to the general management & direction of BSA IT
Lead and manage an effective and collaborative team that delivers a balanced approach between structure, discipline and flexibility in their procedures that assist in the guidance of the overall IT organization
Lead and develop a high performing Information Security & Compliance organization at all levels that is service oriented, shows a bias for responsiveness and performance and is results focused whether sourced from within Bridgestone Americas or externally
Provide effective change leadership in driving continuous improvements and innovation in the organization to drive higher return on investment of security solutions deployed and lower total cost of ownership and to realize measurable productivity results from identified improvement initiatives
Master’s level degree in a relevant area and/or MBA preferred from an accredited college or university
A minimum of ten (10) years of relevant IT management and leadership experience
Prior experience in a large ($5B+ in revenues), complex manufacturing, distribution, or retail / consumer goods organization with an integrated supply chain function preferred
Proficiency with Microsoft Office Suite: Excel, PowerPoint, etc
Global experience a plus
Financially astute, with a keen understanding of cost drivers
Able to develop appropriate methodologies, but willing to roll up sleeves and drive execution and implementation
Team orientated and will promote execution and change through influence
Highly knowledgeable of best practices in the area of information technology and capable of transferring that knowledge to the organization
Experience with change management and organization development initiatives
Comfortable with ambiguity and complexity
A highly energetic, charismatic, results oriented leader that has the presence to positively influence the business
Exhibit strong leadership skills and have the ability to develop, enhance and grow relationships internally and externally
Able to work where personal and professional ethics are paramount in importance and possess exceptional interpersonal skills

Senior Director Information Security Resume Examples & Samples

Develop, direct, and execute enterprise and divisional information security and governance, risk, and compliance (GRC) strategies and programs, ensuring compliance with established corporate and departmental policies and procedures, as well as complying with individual country laws and regulations
Lead the development, implementation, and revision of enterprise-wide risk, governance, and compliance processes, procedures, and best practices ensuring they are communicated to staff
Facilitate, plan, and oversee risk assessments, security reviews, and internal assessments of key platforms to ensure compliance with policies, controls, and contractual obligations, making recommendations to enterprise information security leaders and technology teams as applicable
Oversee team member's work with appropriate management in ensuring all appropriate vendor information security documentation is stored and easily available for vendor reviews and audits as applicable
Responsible for the strategic development, communication, and implementation of various information security and governance, risk, and compliance processes and procedures over a variety of company disciplines
Direct the review and execution of an enterprise-wide risk management life cycle processes and continuously shape best practices for the Company
Oversee the development and administration of all related policies, procedures, and processes for assigned area which could include continuously reviewing effectiveness of established methods and identification of additional improvement opportunities
Minimum 8 years of information technology (IT) auditing or information risk management experience required
Minimum 4 years supervisory experience required
Minimum 3 years' experience in an IT operational role directly interfacing with clients/customers preferred

Director Information Security, Ciso Resume Examples & Samples

Provide technical direction in maintaining and enhancing a computer incident response program
Participate in cross-disciplined functional groups and represent Information Security, as appropriate
Represent Norfolk Southern as the cybersecurity subject matter expert in railroad industry meetings with rail industry peers and government agencies
Keep abreast of technology and cybersecurity trends and compliance requirements and adjust the direction of the cybersecurity program as trends and requirements change
Maintain and develop a team of cybersecurity professionals
Create and manage yearly capital and expense budgets for the Information Security organization
Experience with enterprise security solutions including application security, network security, endpoint security, user authentication and authorization controls, and data loss prevention technologies
Knowledge of infrastructure technologies including networking, servers, databases, SANs, mainframes, and end user devices
Knowledge of common software development languages and application development Methodologies
Oversee development and maintenance of solution architectures to mitigate identified threats based on a supporting prioritization process
Research best practices, conduct trend analysis, and identify gaps in developing future-state security architecture
Oversee development and maintenance threat models while working with business units, and technical subject matter specialists
Oversee security architecture and consulting services with business units and IT organizations
Have an ability to present cybersecurity topics in a clear and concise manner at all levels of the corporation. This includes taking a very technical topic and simplifying it for all levels of the corporation to understand while not diminishing the importance of the topic
Have the ability to build consensus across the corporation while applying an appropriate level of risk

Director Information Security & Risk Management Resume Examples & Samples

Manage Computer Security Incident Response Team
Manage Security Operations Center activities
Manage a team of information security engineers to implement security controls globally
Collaborate with GIS architects to implement security by design
Evaluate security solutions & vendors and recommend security solutions
Help facilitate software security assessment
Implement and manage vulnerability management process
Manage the team to conduct proactive security and architecture reviews
Collaborate with industry peers to share threat intelligence
Build a team and implement Red Team and Penetration exercises
Perform analyses to identify threats, vulnerabilities, and assess risk to corporate resources
Work with stakeholders to create security roadmap and strategy
Coach a team of engineers to acquire skills in Red Team, hacker methodology, vulnerability identification, and architecture reviews
Contribute individually as a security expert and provide direction & mentoring services to team members
Over 20 years of IT and information security experience
Experience in working with global teams
Ability to communicate to stakeholders at various levels
Experience in security principles, policies, and procedures
Knowledge of security and architecture review process
Ability to create, document, and communicate new processes
Experience in working with people in different time zone
Bachelor’s degree in Computer Science or Information Security
Understanding of security functions such as IDS, and vulnerability detection
Working knowledge of Security Management Practices
Working knowledge of Open Source tools

Director, Information Security Resume Examples & Samples

Demonstrated success and effectiveness as either an Information Security leader of an enterprise organization, as a direct report to an Information Security leader of an enterprise organization or has worked as an Enterprise Information Security Consultant at a respected consultancy
Demonstrated experience in either leading or supporting the successful development, evolution, and/or transformation of an information security program. This will include building consensus with functional leaders by demonstrating value and measurable results and creating a culture of information security awareness amongst the company’s core ecosystem – employees, customers, and partners – while enabling efficiency
Experience in designing, developing, and implementing a successful security strategy and architecture that aligns with relevant industry standards, frameworks, and applicable regulations to the organizations that they are securing
Experience in the evaluation and implementation of industry standard enterprise wide information security technologies and concepts. These can include but are not limited to: Data Loss Prevention, Security Event Management, GRC Tools, Threat and Vulnerability Management, End-Point Security and Incident Response
Firsthand experience or a proven understanding of what is necessary to lead an organization through an information security incident or data breach
Either led or played an active role in the attraction, recruitment, retention, and professional development of information security professionals
Illustrate a consistent and logical pattern of strategic career investments and professional development that have helped develop the skills and experience required to be an effective Information Security leader. This can include advanced education, industry certifications, professional development, industry thought leadership and other external interests and pursuits (i.e. community involvement, philanthropy, etc.)
Can speak to information security concerns that are looming on the horizon and demonstrate logical thought patterns that are applicable to the organizations that they are attempting to secure
Unimpeachable integrity and moral character

Director, Information Security Resume Examples & Samples

Builds and optimizes effective security and privacy governance to ensure complete security of organizational data
Develops and implements an end-to-end information security management system that aligns with the risk profile, and existing compliance initiatives and efforts
Designs and implements 3rd party secure connectivity models and standards
Responsible for application, infrastructure risk assessments
Accountable for end-point, network, hardware, software, data and procedures and support secure system operations and maintenance
Effectively perform and manage secure engineering analysis, risk and vulnerability assessment, penetration testing (white box and black box)
Lead strategic technology planning to achieve business goals, including the ability to articulate ideas to both technical and non-technical groups, and business case justifications for technology and security spending initiatives
Analyze and improve upon existing security standards across the organization to maintain a competitive edge within the market and remain current to the changing threat landscape
Author or coordinate the development and maintenance of System Security Plan, Incident Response plans
In conjunction with other IT leaders, develop, implement and maintain department policies and standards designed to maximize effectiveness and minimize costs related to the acquisition, implementation and operation of enterprise applications and infrastructure systems in a secure manner
Partner with internal/external clients to ensure a high degree of system security
Educate employees on security policies, changes to regulations and their responsibilities
Provide the overall direction to the organization as well as manage the day-to-day information security operations, policies, architecture, and governance
Execute key tasks and projects ensuring that they stay on track with goals and timelines
Interact internally and externally with senior level management, including the negotiation of critical matters
Retain ownership of the development, compliance and exceptions to policies, standards, and procedures
Maintain a strategic framework for guiding year-over-year security investment decisions, defined with sustainable metrics for measuring performance and outcome
Run multiple projects under strict timelines in a demanding, dynamic environment and meet overall objectives
Perform risk analysis for corporate functional and technical areas relevant to information security
Make recommendations for improvements to existing and new security hardware, software or related tools. Assist in evaluating, planning, configuring, and implementing new/existing security applications/tools
Identify and recommend potential areas where existing policies and procedures require change or where a supplement is required to mitigate key security risks. Partner with various business areas to improve security policies/procedures
Facilitate internal and external penetration testing and audit participation, where applicable
Lead the identification, response, investigation, and remediation of potential breaches of and issues surrounding information security
Responsible for executing programs for user awareness, compliance monitoring, and security compliance; maintaining information security devices and software; monitoring compliance procedures; and resolving security policy issues
Bachelor’s degree in Information Security, Computer Science, Engineering or similar desired, with 8 years security industry experience
Demonstrated ability to manage complex security environments
Experience developing and leading large information security programs, and proven ability to contribute at both strategic and operational levels
Strong strategic planning, deployment and operational oversight of the privacy program for global companies in banking, finance, health care or for governmental agencies is preferred
Strong leadership skills and demonstrated ability to coach and mentor a team
Ability to manage multiple priorities with strong organizational, management and decision- making skills
Excellent communication skills, including the ability communicate effectively both verbally and in writing through presentations and individual discussions with all levels of the organization
Ability to think strategically while maintaining focus results and execution excellence

Director Information Security Resume Examples & Samples

Create a strong Dev Ops culture and develop processes and tools to facilitate fast times to market, technology resilience, and high performance
Work closely with architecture teams to deliver stable, performant, and effective technologies to both the business and developer communities
Define and enforce Service Level Agreements for new and existing technologies integrated into the InfoSec Analytics Platform
Maintain strong relationships with business partners to ensure that the platform continually matches business needs
Should be able to support evaluation and proof-of-concept activities to drive selection of new technologies
Should be able to develop standard offerings in the reporting and business intelligence domain to enable self-service data delivery mechanisms for our customers
5+ years working knowledge of any major area of Information Security as well as a focus on the following technologies/disciplines

Director, Information Security Requirements Resume Examples & Samples

Provide direct support to the development and implementation of an Information Security Management System (ISMS) based on US and International standards and guidelines
Interface with internal and external cybersecurity/aviation regulatory and audit entities to support the achievement of ISO 27001 certification for Inmarsat’s ISMS with minimal operational impact
Support the System Development Lifecycle for all new and existing ABU capabilities
Develop Aviation Business Unit specific processes and procedures to capture metrics and support risk assessments of all ABU assets
Develop and execute risk treatment plans for information and systems across the ABU
Ensure that systems and data governance within the Aviation Business Unit are in compliance with ISO 27001/NIST security control frameworks, and ensure that aviation specific requirements are incorporated into the overall risk management process
Develop and sustain a strong system of collaboration with Inmarsat Group Security (Security Engineering, Operations and Governance), Chief Technology Office and Training departments to facilitate coordination and implementation of safety and security programs
Develop and maintain statistical data and dashboards to facilitate strategic and operational decision-making
Collaborate with marketing and legal in the development of cybersecurity language for contracts and agreements
Ten or more years’ experience working either for an airline, an avionics vendor, or an airline service provider (ATC)
In-depth technical knowledge of aircraft safety and operational communications requirements, including Air Traffic Services or Airlines Operations
Five or more years’ experience managing, establishing and implementing Information Security Management Systems
Thorough analytical skills and business/financial knowledge
Ability to work in, and navigate, a matrix organization
Proven project management skills in complex environments
Effective and dynamic communicator – accustomed to both small and large audiences
Tenacious – determined to find creative solutions to complex technical, regulatory and organization issues
Available and willing to travel extensively
Experience that shows effective collaboration with regulatory and technical organizations is highly desirable; as well as commercial experience presenting ideas and working at company executive level
Specific aviation experience working regulatory issues through with an airline or within an aviation regulatory agency
Knowledge of SATCOM and VHF communications
Management of Information Security Systems for an airline, avionics organization or air navigation service provider

Director, Information Security Resume Examples & Samples

Excellent knowledge and a strong understanding of data security practices, procedures and standards. Respective to information security, knowledge of database administration, programming and systems analysis procedures, database software and operating systems is essential. Specific knowledge of enterprise portals technologies; web and legacy based application architecture and security controls; Role Based Security and Single Sign On; authentication, access control, authorization and audit frameworks; and content filtering technologies and algorithms is required
Incumbents must have extensive working knowledge of systems analysis methodologies, procedures, design and implementation. Experience in research and analysis and implementation are essential
An understanding of information security standards, frameworks, and best practices and other industry regulatory and compliance requirements (PCI, HIPAA, HITECH, NIST, FISMA, SOX, and CIS) is also required
Ability to define problems, collect data, establish facts, and draw valid conclusions to perform and direct the activities as described above is required. Incumbents must have the ability to perform risk assessments, vulnerability assessments and gap analysis
Proven ability to lead and manage multiple projects simultaneously with minimal supervision – while meeting associated deadlines - is required. Good project management skills as well as written and verbal communication skills are essential to effectively act in a technical lead role and serve as a reference and central point for technical issues across groups and business systems as described

Director Information Security Resume Examples & Samples

Bachelor's degree in Information Technology, Information Security, Information Assurance, Information Management or equivalent experience
Certification in one or more IT Security disciplines is required
Experience with firewalls, IDS, log management and troubleshoot network devices
Strong analytical skills at an architectural level – will be intuitive and thinking and perceptive in their ability to recognize patterns and apply concepts
Excellent verbal communication skills
Ability to meet time sensitive deadlines required
Ability to work collaboratively and build consensus is essential
Ability to make sound decisions and exercise good judgment pertaining to operating procedures and projects
Ability to manage business and technical relationships with internal and external clients
Possesses knowledge in various information security areas, such as: Identity and Access Management, Threat and Vulnerability Management, Information Risk and Governance, IT architecture, Monitoring, Incident Response and Security Strategy
Certifications or strong knowledge of at least one architectural methodology – e,g, SABSA, TOGAF, MODAF/DODAF
Application Authentication & Authorization Systems: CA SiteMinder, RSA ClearTrust, Entrust GetAccess, IBM WebSeal, or others
Built-in security functions and services of application infrastructure components: Oracle, DB2/UDB, MS IIS, MS BizTalk Server, MS Integration Server, IBM WebSphere, iPlanet Directory, MS Active Directory, SAP R/3, Vitria BusinessWare, IBM MQSeries, MSMQ, MS Exchange, BEA WebLogic, or others
Embedded Operating Systems security controls for platforms including Windows 7, Windows 2003, AIX, Solaris, Z/OS, AS/400, Linux, and others
Stellar technical writing, documentation development, process mapping, and visual communication skills
CISSP or CISM is preferred
Certification in one or more networking technologies is preferred. (CCSP, Checkpoint, etc.)
Experience with the pharmaceutical industry and regulations is preferred
Develop comprehensive security target architecture to ensure alignment with Information Security Strategy
Assist the Director of Information Security Strategy, Governance and Architecture in creating, reviewing and updating the Information Security strategy on a periodic basis
Recommend and implement changes in security policies and practices in accordance with changes in privacy law or financial sector security practices
Provides function/business requirements for security solutions/initiatives and identifies areas to improve GSK’s security posture
Provides input to engineers for additional configuration via IT project management and change management
Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards
Work with the security designers, vendors and service line leaders to develop and maintain the overall Information Security architecture strategy and ensure alignment with the other security roles (Threat & Vulnerability, Risk, Governance, Compliance)
Review and influence content of GSK business and risk management strategies, policies, management practices to ensure consistency with the information security strategy
To align and integrate the Information Security strategy with business goals. Provide a proportionate security response so that business operations and security operations are aligned
Bring the cyber security strategy to life through the design and implementation of security architecture models that are aligned with the business goals
Develop a library of reusable security patterns (reference architectures) in order to provide project teams with the secure control mechanisms required to protect information assets
Review and Identify industry standards of most value to GSK for broader adoption
Conduct security assurance reviews of strategic projects to identify potential security risks and recommend security components to mitigate those risks and achieve compliance
Maintaining a current knowledge of established and emerging security solutions that would support the GSK security strategy

Director, Information Security Resume Examples & Samples

Leads the technical expertise and direction of the Information Security Program and Department
Leads the annual IT Risk assessment, penetration test, vulnerability scans, and social engineering tests in which this position synthesizes results and implements action plans for resolution to an issue
Responsible for conducting monthly vulnerability scans and communicating the critical results to executive management
Educates executive management on cyber risk through reporting and presentations
Monitors Information Security industry trends and educates the organization of critical information
Develops, plans, and manages the Information Security Program to include policies, procedures, and standards
Leads the annual security awareness training, new hire training, and monthly sales training to ensure all levels of staff and management are well-educated regarding information security practices
Leads the project initiatives to research, validate, and manage Information Security vendors and products to ensure robust detection, prevention, and monitoring tools are in place
Defines the Information Security plan to resolve gaps identified from audits, risk assessments or vulnerability scans
Leads the day to day operations of the Information Security Program and department for the enterprise
Leads cyber security investigations providing summaries and recommendations to resolve the matter. Works closely with IT and project teams to ensure that new projects meet or exceed information security requirements
Achieves Information Security and operational objectives by developing and executing strategic plans which reduce risk to information assets
Protects information assets by developing security strategies, directing system access control, monitoring, and response
Implements regulatory requirements, industry standards, and best practices such as NCUA, FFIEC, GLBA, PCI DSS, NIST 800-53, and ISO 27001 ensuring the Information Security Program is held to the highest standard
Leads Information Security projects to align with organizational strategic objectives, goals, and risk tolerance
Advises executive management team on critical security issues and recommends risk reduction solutions
Requires working knowledge of financial service institutions and its operations and procedures
Excellent management skills and the ability to prioritize multiple initiatives and projects
Ability to establish strategic direction for the department and provide the roadmap of initiatives and priorities in support of that vision
Excellent analytical skills and ability to aggregate data and subsequently communicate that data so that it is relatable to the business
Requires the ability to synthesize information across multiple data points and communicate effectively to the executive management team
Ability to operate at all levels of the organization, and to both motivate and influence others that are often in a more senior position
Excellent interpersonal skills including oral and written communications
Ability to manage change within the organization
Ability to operate, communicate and educate effectively at all levels of the organization
Technically proficient in IT and Information Security controls and concepts
Demonstrate flexibility and the ability to work in a team environment
Strong organizational and planning skills, resourcefulness, and creative problem solving skills
Demonstrated business and technical acumen, including the ability to read, analyze and interpret reports and documentation
Bachelor degree in Computer Science, Information Technology or related field
CISSP, CISA, CRISC, or CISM professional certification or similar
At least 8 years of Information Security professional experience
Experience with standards and best practices such as NCUA, FFIEC, GLBA, ISO 27001, PCI DSS, SOC 2 compliance, NIST 800-53, HIPAA, and FedRAMP requirements
Required demonstrated knowledge of information technology security trends and leading best practices
Minimum of 5 years’ experience directly leading technical service or security focused staff in a team environment
Experience and expertise in managing and administering infrastructure and data systems
Minimum of 5 years’ experience in at least five of the following: access control systems and methodology; business continuity and disaster recovery planning; risk, response, and recovery; network security architecture; security management practices; audit and monitoring; enterprise and IT risk assessments; incident response management

Associate Director, Information Security Resume Examples & Samples

Successful completion of a full 4-year course of study in an accredited college or university leading to a bachelor's or higher degree in information security, computer science, or related field or equivalent combination of education and experience; OR appropriate combination of education and experience
Ten years of experience in developing and implementing information security practices in a university, or a highly-decentralized corporate environment
Five years of experience in managing information security with a demonstrated ability to manage a system-level program, oversee regular auditing and monitoring activities, and develop training programs for all levels of students, faculty, and staff
Certified Information Systems Security Professional (CISSP) Certification required
Seven years of experience in regulatory compliance, and security compliance program management
Extensive experience overseeing analysis of threat intelligence for potential response
Proven experience overseeing incident response
Demonstrated professional experience in a leadership role with emphasis on developing, evolving and measuring information security strategy
Three years of experience working as an Information Security Manager
In-depth working knowledge of and experience implementing/operating an information security program based on established frameworks and other pertinent and applicable state and federal laws and regulations related to the protection of personal information
General knowledge of management of an effective security and compliance program, including training, monitoring, conducting and documenting investigations, addressing violations, and monitoring corrective actions
Seasoned security skills, including the ability to skillfully obtain complete and detailed information necessary to make accurate and well-founded determinations about security threats
Demonstrated ability to initiate, plan, and direct activities to meet requirements and timelines of enterprise initiatives or projects that are frequently driven by new or changing regulations
Demonstrated ability to understand and lead by communicating vision, exhibiting decisiveness, sponsoring change, and collaborating in support of organizational success
Ten years’ experience in developing and implementing information security practices in a university, or a highly-decentralized corporate environment
The following certifications are preferred: Certified Information System Auditor (CISA); Certified Information Security Manager (CISM); Certified Ethical Hacker (CEH); Global Information Assurance Certification (GIAC)
Experience in managing information security with a demonstrated ability to manage a system-level program, oversee regular auditing and monitoring activities, and develop training programs for all levels of students, faculty, and staff
Demonstrated ability to supervise and manage personnel, prepare budgets, and operate within a complex environment
Advanced degree in information technology
An understanding of university business and academic technology approaches and requirements
Working knowledge of other disciplines outside own area of expertise, including business planning, academic and clinical disciplines, human resources, finance, and information technology
Demonstrated ability to translate vision into a tangible plan and develop clear goals and objectives
Demonstrated ability to exhibit a credible leadership presence and to respond to questions with logic, clarity, calmness, and authority
Demonstrated ability to collaborate effectively in a dynamic and challenging environment and to affect change

Director, Information Security Operations Resume Examples & Samples

Cross-department collaboration and communication to ensure appropriate processes, procedures and tools are installed, monitored, and effectively operating and alerting
Strategy, planning, and operational excellence through continuous improvement and automation
Manages service levels, control effectiveness, control failure remediation, operational automation and oversight of information security delivery teams globally
Directs managers and senior level technical professionals in planning, design, implementation and support of security systems of high complexity to meet global business needs
Provides guidance and awareness of secure solutions and requirements
Initiates and fosters partnerships with vendors, senior leadership, and across business and IT teams to drive security plans and capabilities across global operations. Aligns, anticipates and enables business strategies and priorities. Balances individual customer and/or Market needs with enterprise priorities, assuring alignment with enterprise strategies and objectives
Establishes financial plans and manages to plan. Ensures project financial plans are met by managers for all services supported including hardware, software and service contracts
Negotiates product purchases and annual maintenance agreements. Ensures asset inventory is accurately maintained and correctly reflected on vendor invoices
Hires and manages lower level managers and may hire and manage individual contributors; coaches and counsels team members, especially managers regarding management techniques. Determines and manages staffing strategy and plan (# of FTEs, skills needed, depth of experience, internal and external staffing mix) consistent with the needs of the department
Oversees the development, implementation and execution of multiple projects ensuring scope and schedule are established for projects. Acts based on changed priorities
Formulates and executes process and organizational improvement direction and programs which enhance overall effectiveness; proactively seeks ways to improve human resource and other management processes. Understands business process, issues/problems and applies appropriate IT standards and solutions
Bachelor’s or Master’s Degree in technical or business discipline or related experience; Master`s Degree preferred
Highly developed oral and written communication skills; strong presentation skills
In-depth knowledge of systems, network and data security, telecommunications, security operations, and associated hardware, software and protocols
In-depth knowledge of business operations, objectives and strategies
In-depth knowledge of project planning methodologies and tools and IT standards and guidelines. Advanced knowledge of management concepts, practices and techniques
Ability to promote a team environment consisting of several teams
Highly developed negotiation, facilitation and consensus building skills
Experience with automating manual processes related to audit and compliance
Industry-recognized information security certification(s) (e.g., CISSP)

Director Information Security Resume Examples & Samples

Develops, maintains and publishes up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices
Develops and oversees effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinates the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event, and provide direction, support and in-house consulting in these areas
Responsible for IT SOX requirements within the company
Responsible to lead all information security audits for REV Group with external auditors
Prior experience in Information Security required
BS Information Technology / Information Security or related field
Experience with ERP information security a must, SAP experience a plus
Prior experience in public company SOX environment required
Prior leadership in leading journey to SOX certification from IT perspective a plus
Experience in manufacturing industry a plus
Must demonstrate the ability to maintain strict confidentiality of the company’s internal and personnel affairs
In depth knowledge of IT SOX requirements required
Ability to travel to all REV Group locations (up to 50%)

Director, Information Security Resume Examples & Samples

Minimum 5 years of experience in security management
Proven working knowledge in security, data management, and governance
Experience leading IT programs and projects
Possesses information security program, audit, compliance, policy and governance skills
Certification (CISSP, CISM, CRISC) or training in information security standards and best practices (ISO 27001/2, COBIT)
Possess strong collaboration skills
Experience in effective problem solving, negotiation and decision making skills to address critical issues affecting the business
Possess solid communication skills including written and interpersonal
Demonstrated experience with customer service

Director, Information Security Resume Examples & Samples

Routine line management and leadership of staff within the Information Security Management function
Leads the design, implementation, operation and maintenance of the Information Security Management System based on the HIPAA, HITRUST, and/or SSAE16 standards
Forms a “center of excellence” for information security management, for example offering internal management consultancy advice and practical assistance on information security risk and control matters throughout the organization and promoting the commercial advantages of managing information security risks more efficiently and effectively
At least 10 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management)
Information security management qualifications such as CISSP or CISM
Background in technical IT roles such as IT architecture, development or operations, with a clear and abiding interest in information security
Absolutely trustworthy with high standards of personal integrity and willing to undergo vetting and/or personality assessments
Knowledge of the following security applications: End Point Protection, Web content filtering, Firewalls, DLP, Virus Scan/Prevention, Log Collection/Filtering, MDM

Director, Information Security Architecture Resume Examples & Samples

Minimum 15 years in technology organizations
10+ years of success leading a security discipline within large organizations
Proven technical knowledge to enable efficient team management
Proven record of delivering business critical projects within challenging time frames, multiple stakeholders groups and competing priorities
Demonstrated experience in information security, privacy or a data protection-related function
Proven understanding of information security risk assessment and risk management procedures and methodologies
Ability to correlate enterprise risk with appropriate administrative, physical and technical security controls
Strong knowledge of information security principles, standards, practices and technologies
Strong knowledge of industry and regulatory requirements (i.e., PCI, SOX, Safe Harbor)
Proven strong background in IT Security and Operational processes
Require one of the following certification: CISSP, CISM, CCSP, CISA, GSEC
BA/BS in business or computer science or bachelors and appropriate work experience

Executive Director, Information Security Resume Examples & Samples

Provide leadership to directors and Sr. directors overseeing various GRC functions, research, industry affairs, policy and business engagements
Facilitates communication between staff, management, vendors, Managed Service Providers, and other technology resources within the organization
Leads management responsible for receiving input from various divisions regarding. Information Security policies, guidelines, strategic goals, risks, and risk tolerance thresholds and communicates information to Information Security team

Director, Information Security Resume Examples & Samples

Develops and implements business and/or IT vision, notably a secure public cloud migration; critical success factors and operating plans; develops and communicates department/enterprise vision, strategies; develops high level migration plans. Anticipates and manages technology evolution and relates it to business solutions. Sets direction based on alignment to business and overall technology standards. Leverage Agile principles to achieve business and IT vision
Leverage public cloud provider services and automation afforded by public cloud migration to transform and build upon existing security practices and approaches
Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate course of action
Provide risk guidance to Commercial Insurance business segments relative to security design and architecture for systems that process, transmit, or store sensitive information; identify design gaps and recommends security enhancements
Analyze privacy, regulatory, technology and market security industry trends; provide security program direction as it pertains to governance and compliance
Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation
Develop and maintain a network of industry contacts; performs or directs research on industry trends, competitors, business and IT products - makes strategic and tactical recommendations
Set direction and build alignment and momentum across central and market delivery teams
Bachelor's or Master's Degree in technical or business discipline or related experience; Master's Degree preferred
Generally more than 10 years related experience with 5 years in leadership role
Demonstrated real world, hands-on technical design and implementation experience
Strong familiarity with Information Security precepts, practices, and solutions
Extensive knowledge across a broad range of identity and access management technologies
In-depth knowledge of IT concepts, strategies and methodologies and their application to business opportunities
In-depth knowledge of Agile project delivery, business operations, objectives and strategies
Advanced knowledge of management concepts, practices and techniques
Strong interpersonal skills with the ability to effectively influence others
Ability to build collaborative working relationships with a broad range of enterprise stakeholders
Strong decision making capabilities, with proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one

Director Information Security Resume Examples & Samples

Relevant Experience or Degree in: related field of study from an accredited university is required; however, relevant experience in lieu of a degree may be considered
Typically a minimum of 10 years
Related professional experience including a minimum of 5-6 years experience in a managerial position
Related field of study from an accredited university
Prior payment, financial services or technology industry experience is preferred

Director Information Security Engineering Resume Examples & Samples

Develop and communicate risk and threat-based plans to drive project priorities using industry accepted risk assessment and threat analysis methodologies
Identify opportunities to leverage HDS’ capabilities to further support the different Business units and engineering groups
Develop support proposal and shared security service
Engage at all point of IT project to ensure Security controls and proper risk management practices are implemented including secure coding, code review, code application scanning as part of the quality process
Lead root cause analysis processes based on information about the IT or engineering groups processes, technology, and maturity
Develop and present on remediation and mitigation plans to address systemic issues and root causes identified during and between projects
Mentor and guide project personnel as needed
Manage Information security project timelines, budgets and interdependencies related to integration planning, improvement initiatives, system development/launches, operational systems improvements, and other projects as established by corporate operating plan
Ability to plan, execute and deliver high quality Security, Compliance and Risk management projects that solve real business needs
Interfaces integrated entities (M&A) management and business units to understand business issues/needs and ensure that client expectations are in line with delivery plans
Ability to coalesce a virtual team around a common goal and vision, encouraging others to be their best
Lead cross functional project calls and planning sessions
Communicate across functional areas and update project statuses to keep project teams informed of progress and/or significant changes
Establish criteria and communication procedures within IT with stakeholder organizations to determine how projects should be timed, resourced, and prioritized
Demonstrate ability to successfully distill complex technical information into clear, concise yet comprehensive communication material
Understand the fundamental company security and risk management strategy and be able to apply that as fundamental pillar of the transformation strategy
Knowledgeable with the European privacy laws and GDPR legislation. Able to translate legal requirements from privacy laws into security controls
Ability to conduct security and risk assessments and documents findings in a practical and actionable way. Establish clear remediation completion criteria to be used for validation
Contribute in the Security organization go forward design and talent selection: Interviewing, hiring; Establishing priorities, goals and objectives for new functions; Defining performance criteria; Allocating workload and setting deadlines
Minimum 12+ years of project management experience, 7+ + with IT disciplines preferred
Minimum 10+ years of security organization experience including a fair degree of security and compliance technical knowledge
Professional software development experience
Strong understanding of risk management and information security theory and practical application
Able to manage internal and external expectations
Able to communicate, guide, and influence a diverse set of stakeholders
Able to multi-task and deliver consistently on deadlines
Experience identifying and solving root causes
Demonstrated ability to solve complex problems with expertise and ingenuity
Able to communicate risks and recommendations to Senior Leadership and management
Experience working in a team-oriented, global, collaborative environment
Demonstrate the ability to effectively manage technical team members in a matrix organization with a strong focus on career development
Outstanding analytical, problem solving, negotiation and organization skills
Must be able to work under pressure and meet deadlines, while maintaining a positive attitude and providing exemplary customer service
Ability to work independently and to carry out assignments to completion within parameters of instructions given, prescribed routines, and standard accepted practices
Excellent verbal and written communication skills, including ability to effectively communicate with internal and external customers
Demonstrate leadership, including the ability to influence all levels of management towards a common goal
Ability to create and manage project schedules of various levels of complexity
Ability to facilitate meetings with strong presentation skills and ability to quickly discern differing points of view versus derailing points of view
Experience with the delivery of security, risk, maturity assessments programs
Conversant in financial management and able to administer budgets across multiple projects and ensure programs meet their requirements for return on investment

Director Information Security Resume Examples & Samples

Four or more years of experience in IT Security administration for a Healthcare organization
Experience with regulatory compliance requirements such as HIPAA, SOX, PCI DSS, etc
CISSP certification preferred; or CISSP certification required within 12 months from date of hire

Download Director, Information Security Resume Sample as Image file

Related Job Titles

Information Security Engineer Resume Sample

Director, Security Resume Sample

Information Security Principal Resume Sample

Analyst, Information Security Resume Sample

Professional Information Security Resume Sample

Director, Cyber Security Resume Sample

Information Security Lead Resume Sample

Business Information Security Resume Sample

VP Information Security Resume Sample

Information Security Risk Resume Sample

Engineer, Information Security Resume Sample

Cyber Information Sys Security Resume Sample

Browse More

Director, Information Security Resume Samples

The Guide To Resume Tailoring

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Resume Builder

15 Director, Information Security resume templates

Read our complete resume writing guides

How to Tailor Your Resume

How to Make a Resume

How to Mention Achievements

Work Experience in Resume

50+ Skills to Put on a Resume

How and Why Put Hobbies

Top 22 Fonts for Your Resume

50 Best Resume Tips

200+ Action Words to Use

Internship Resume

Killer Resume Summary

Write a Resume Objective

What to Put on a Resume

How Long Should a Resume Be

The Best Resume Format

How to List Education

CV vs. Resume: The Difference

Include Contact Information

Resume Format PDF vs Word

How to Write a Student Resume

Director, Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Bus Az Resume Examples & Samples

Director Information Security Business & Portfolio Management Resume Examples & Samples

Director, Information Security Programs Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Services Resume Examples & Samples

Director Information Security Resume Examples & Samples

Senior Director Information Security Resume Examples & Samples

Director Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director Information Security Resume Examples & Samples

Director, Information Security Newsroom Resume Examples & Samples

Director Information Security Resume Examples & Samples

Director Information Security Resume Examples & Samples

Senior Director Information Security, China Resume Examples & Samples

Executive Director, Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director Information Security & Control Global Wholesale Technology Resume Examples & Samples

Director Information Security & Control Global Wholesale Technology Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director Information Security Resume Examples & Samples

Senior Director Information Security Management Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Services Resume Examples & Samples

Senior Director, Information Security Resume Examples & Samples

Director, Information Security Policy Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Management Resume Examples & Samples

Director Information Security Operations Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Senior Director, Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director Information Security Risk Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Senior Director Information Security & DCS Resume Examples & Samples

Director, Information Security Oversight Resume Examples & Samples

Associate Director, Information Security Resume Examples & Samples

Director Information Security Architecture Resume Examples & Samples

Director Information Security Resume Examples & Samples

Director, Information Security Architecture Resume Examples & Samples

Director, Information Security Resume Examples & Samples

Director, Information Security Resume Examples & Samples

How to Make
a Resume

50 Best
Resume Tips

200+ Action
Words to Use

Internship
Resume