Information Security Manager Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the information security manager job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

D West

Dalton

West

346 Wunsch River

San Francisco

+1 (555) 114 4044

346 Wunsch River

San Francisco

Phone

p +1 (555) 114 4044

Experience Experience

Houston, TX

Information Security Manager

Houston, TX

Keebler-Kris

Houston, TX

Information Security Manager

Provides a security strategy which provides the framework to produce metrics which can be used to assist current and future management decisions
Develop and maintain a high performing team through effective hiring, vendor partner management, coaching and performance management
Develop and manage a well-defined delivery process and champion ongoing improvement initiatives to implement best practices for agile delivery
Establishes goals and objectives for team performance and manages attainment of those goals
Selects, trains and motivates staff; provides staff professional development; and works with staff to correct deficiencies
Establish a strategy and framework for performing validation of scanning results
Work closely with IT department on corporate technology development to fully secure information, computer, network, and processing systems

Dallas, TX

Business Information Security Manager

Dallas, TX

Moore Group

Dallas, TX

Business Information Security Manager

Reporting security performance against established security metrics
Knowledge of national and international regulatory compliances and frameworks such as NIST,PCI, ISO, etc
Develop Information Security Policies, Standards and Guidelines
Collaborate with Business Information Security Managers to deliver end to end deep-dive risk assessments for business initiatives. The assessment should focus on critical layers of the product/solution and define the associated risks, business and technical impacts, remediation and residual risk
Provide technical direction to analysts, associates and contractors
Assist in the investigations of high level, complex violations of Information Security Policies
Identify project risks and work effectively to mitigate them

present

Detroit, MI

Senior Information Security Manager

Detroit, MI

Aufderhar and Sons

present

Detroit, MI

Senior Information Security Manager

present

Contribute to the definition, development, and oversight of a global network and endpoint security threat management strategy and framework
Provide education and assistance to application developers for applying security software development life cycle
Working knowledge of industry security frameworks such as ISO 27001, HIPAA, NIST Cyber Security Framework
Performing regular review of activities performed by the Access Control Group administrators
Strong track record in a consulting, relationship management, key account management, sales or marketing role
Security tool development: researching, planning, and implementing new tool features to make security tools more effective and add value; and
Proactively identify technical and architectural risks, commenting and/or providing alternatives for improvement

Education Education

Bachelor’s Degree in Computer Science

University of Central Florida

Bachelor’s Degree in Computer Science

Skills Skills

Professional certification and or industry recognized Users Group affiliation is highly desirable
Good technical knowledge with the ability to explain technical problems to non-technical business stakeholders at all levels
Strong follow-up, attention to detail, and organizational skills and the ability to
Strong working knowledge of IT Risk Management and Information Security
Knowledge of applicable practices and laws relating to data privacy and protection
Have a strong desire to learn continually and grow professionally
Ability to communicate with senior firm leadership and maintain strong business relationships
Able to exercise professional judgment within defined procedures
Excellent attention to detail
Strong knowledge of information security across all domains and at least five years of information security experience

Create a Resume in Minutes

15 Information Security Manager resume templates

Read our complete resume writing guides

Information Security Manager Resume Examples & Samples

5 years of relevant work experience
Knowledge and understanding of relevant legal and regulatory requirements such as the Gramm-Leach-Bliley Act (GLB Act), Guidelines for Safeguarding Member Information and Payment Card Industry/Data Security Standard
Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to community security and risk-related concepts to technical and non-technical audiences
Proven experience in developing information security policies and procedures, as well as, successfully executing programs that meet the objectives of excellence in a dynamic environment
Ability to work in high-pressure, high-stress situations
Critical thinker with strong problem solving skills
Excellent analytical, multi-tasking, and project management skills
Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
Ability to professionally handle confidential matters
High degree of initiative, dependability, and ability to work under minimal supervision
Previous financial services industry experience preferred
Professional security management certification, such as a Certified Information Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or similar desired
Bachelor’s degree in Business Administration or a technology related field or equivalent

VP-continuity of Business & Information Security Manager Resume Examples & Samples

Knowledge of business recovery policies and processes and well versed in Continuity of Business and related business recovery concepts
Previous experience in IS and IS programs including, but not limited to, Audit Reviews, IS Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment
Strong experience with information security controls and policy
Thorough understanding of MCA and iCAPS
Exceptional interpersonal and communications (both written and verbal)
Must demonstrate ability to successfully engage in multiple projects

Information Security Manager Senior Resume Examples & Samples

Bachelor's degree in computer science or related field
Eight or more years of experience in information and operating systems technology, telecommunications and systems security applications
Considerable technical and business knowledge of U.S. Bancorp
Excellent analytical, project management, and strategic planning skills
Demonstrated management, leadership and interpersonal skills
Microsoft Active Directory (AD)
Oracle Virtual Directory (OVD)
Project management of IAM-related projects
Lead projects with the design of IAM solutions

Information Security Manager Resume Examples & Samples

Five to eight years of experience in information and operating systems technology, telecommunications and systems security applications
Two or more years of managerial experience
Thorough knowledge of information and operating systems technology, telecommunications; especially systems security specific applications

Senior Information Security Manager Resume Examples & Samples

7-10 years of overall IT experience
Experience securing an enterprise Microsoft Active Directory Environment
Scripting experience
Familiar with data encryption & PKI technologies
CISSP or CISM
Experience with Citrix NetScalers
BlueCoat experience
Understanding of virtualization for both servers and desktops, with a focus on VMWare and Citrix technologies

Information Security Manager Resume Examples & Samples

Participating with the client in the definition and implementation of information security policies, strategies, procedures and settings to ensure confidentiality, integrity and availability of client’s environment and data
Participating with the client in the strategic design process to translate security and business requirements into processes and systems; evaluating new / emerging security products and technologies and making recommendations to customer leadership in regards to the security posture impact on the organization
Participating in internal and external audits for the client(e.g., SOX, PCI) and coordinating information security services activities
Identifying information security weaknesses and/or gaps in the client’s current operations and working with the client to bring information security operations up to standards
Reviewing service management reports to ensure tickets (i.e., incidents, problems, requests, changes), related to information security, are being acknowledged, worked and Service Level Agreements are being met; providing direction on ticket remediation and ensuring remediation is complete
Maintaining an information security strategy (forward looking roadmap),for your client, aligning services / portfolio components to the strategy

Information Security Manager Resume Examples & Samples

4-6+ years of experience
CISSP, GIAC Certifications, and CISA, CISM and other Information Assurance Certifications preferred
Other preferred experience - Project Management, Risk Management, DRBC experience, Technology Operations Management, Infrastructure Management
5+ years cyber security / information assurance is preferred
3+ years experience in cyber operations is preferred
5+ years experience in lead and management roles is preferred
Incident management experience is preferred
Info security / assurance certifications is preferred
Experience with common tools of the trade is preferred

Business Information Security Manager Resume Examples & Samples

Utilizing solid business knowledge and expert technical experience of security to provide comprehensive threat modelling and risk assessment
Collaborate with Business Information Security Managers to deliver end to end deep-dive risk assessments for business initiatives. The assessment should focus on critical layers of the product/solution and define the associated risks, business and technical impacts, remediation and residual risk
Apt in articulating the risk to BISM (Business Information Security Manager) and business leadership
Assist in the investigations of high level, complex violations of Information Security Policies
Work with architects and other cross functional teams like Product Management, Project Management, Release Engineering, Quality Assurance, Operations teams etc. to develop innovative and secure solutions that meet market needs with respect to functionality
Identify project risks and work effectively to mitigate them
Review product initiatives, and recommend improvements
Prescribe fix security/stability issues in a very time critical environment
Produce high quality technical assessment documentation for use by PayPal’s product development teams
Must have several years of information security risk assessment and threat modelling experience
Prior experience in designing, coding secure, scalable, reliable services
Experience with programming languages (C++, Java. Node.js)
Must have several years of Crytography experience - PKI, Digital Signing, Encryption/Decryption
Must have used Crypto libraries like OpenSSL and/or JCA/JCE
Familiar with Spring, Spring Security, Hibernate types of frameworks
Knowledge of HTTP, SSL, TCP/IP protocols
Knowledge of XSS, CSRF web attacks and mitigations
Knowledge of system security vulnerabilities and remediation techniques
Work in a team environment with a globally distributed team
Assist in producing technical documentation; review them with wide audience including business managers, Domain Leads, Architects, etc
Excellent problem analysis and solving skills

Information Security Manager Resume Examples & Samples

Provides advice to the regional business executives that could be impacted by compliance, risk, or Information Security threats
Defines, develops and consistently provides financial and security reporting metrics to the business which demonstrate the value proposition of Information Security shared services
Provides advice and counsel to the regional IT executives that could be impacted by compliance, risk, or Information Security threats
Attains a clear understanding of the region's business processes, local business initiatives and is able to proactively advise local leadership of potential risks that may have material impact to the business
Communicates, oversees, and localizes the implementations of security solutions required to meet business local objectives
Works closely with enterprise IT, PMO, other functional area specialists to ensure adequate security is in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements
Delivers a partnered role in providing network and system security advice and risk analysis to business units who engage with the Information Security team
Ensure there are appropriate and effective management of SOX and internal audit engagements globally including timely remediation of audit findings
Has expert knowledge and understanding of the following and is able to work as a liaison between the business and the security operations team in the following areas - networks, systems, cyber threats, platforms, IPS technology, DLP technology, firewalls, forensics, vulnerabilities, authentication, authorization, anti-malware systems, communication protocols, applications, databases, etc
Indirectly manages supporting resources across the globe to ensure control risks are appropriately addressed and mitigated
Establish credibility throughout the organization in systems, processes and people by demonstrating the Company's values
Six or more years of Information Security work experience as a regional or business unit security leader
A broad exposure to infrastructure/network and multiplatform environments in diverse geographic and regulatory environments is required
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is required
Capable of translating local and regional regulatory requirements or business mandates into actionable and proactive security measures to mitigate risk
Expert knowledge of modern network security technologies
Expert knowledge of security controls and the ability to leverage compensating controls in response to audit findings
Strong knowledge of SOX and internal audit processes to ensure a strong support engagement and the ability to navigate within the audit process and cycle
Expert knowledge of risk assessment design and delivery

Information Security Manager Resume Examples & Samples

Manage the Information Security Continuous Monitoring program
Design, implement and administer a process to report on the continuous monitoring of all Information Security controls
Provide for a regular management review (by the Chief Information Security Officer) of Information Security controls
Provide for a timely notification of control failure
Provide continuous access to Internal Audit for all regularly requested testing artifacts
Bachelor’s degree in information systems, finance, business or related field
Ten years or more of overall information Systems experience with a minimum of seven years in Information Security
Five years of management experience in a technical security role
Certified in Risk and Information Systems Control (CRISC) preferred
Investigation, incident management, and incident response experience
Forensic experience a strong plus
Knowledge of information systems in the financial industry with experience in large scale, mid-range and microtech environments
Knowledge of the financial services regulatory environment as it applies to information security
Familiarity with financial services regulatory guidance as it applies to information security
Working knowledge of operating systems, platforms, and network technologies including Windows, Unix/Linux, oracle, TCP/IP, voice/data networks, internet/intranet, routers, switches, firewalls, and WAN connectivity
Working knowledge of enterprise monitoring and reporting technologies
Working knowledge of industry Governance, Risk and Compliance (GRC) tools
Familiarity with security compliance strategies, and enterprise information security standards and policies, risk assessment principles
Familiarity with risk management and risk discipline methodologies
Experience with managing vendor services and relationships

Information Security Manager Resume Examples & Samples

Manage the Information Security Consulting program
Bachelor’s degree in information systems, information security, information assurance, business or related field
Certified Information Systems Security Professional (CISSP) or similar
Five to seven ten years of overall management, project management and/or business consulting experience with a minimum of three years in Information Security
One to three years of management experience in a technical, audit, or finance role
Knowledge of enterprise Information Security standards and policies, risk assessment principles
Knowledge of information systems in the financial industry
Knowledge of the financial services regulatory environment as it applies to Information Security including knowledge of financial services regulatory guidance as it applies to Information Security
Knowledge of enterprise monitoring and reporting technologies
General knowledge of information security controls and how they apply to mitigating the components of operational risk (people, process, technologies)
Familiarity with financial industry Governance, Risk and Compliance (GRC) tools
Ability to lead small teams of high-performance professionals with direct or indirect matrix relationships
Working knowledge of Enterprise Project Management discipline and the Enterprise Project Management process
Excellent decision making
Excellent analytical and research skills
Strong knowledge of bank products, services and policies and procedures
Compile statistics, review processes and procedures and prepare recommendations
Effective negotiation
Proficient in desktop applications
Strong project planning and project management
Strong resource forecasting
Excellent written and verbal communication
Ability to build and maintain consensus relationships

Senior Information Security Manager for Bloomberg Philanthropies Resume Examples & Samples

Proactively identifies risks and concerns that could negatively impact the business if not properly mitigated
Responds to the security-related questions and concerns from business unit staff as well as the IT team
Works with the business to review processes and controls to ensure the highest levels of system integrity, security and stability
Responds to security events and manages emergency actions to protect the business and infrastructure
Discovers vulnerabilities within internal systems and third party applications
Conducts audits using tools such as vulnerability scanners, IDS /IPS, SIEM and Anti-virus
Regularly audits all directory services and privileged accounts
Interacts with third party auditor to ensure standards compliance
Drives industry-leading practices with business owners
Develops end-user IT security training program to improve awareness
Remediates noncompliance of business units with IT policies
Involved with infrastructure design and budgeting
7 - 10 years of overall IT experience
3 or more years of experience with Information Security
Experience with application security review
Undergraduate degree or commensurate experience in related field such as IT, MIS, IS or CS
Web proxy and web filter experience
Packet and network analysis experience
Understanding of virtualization for both servers and desktops
Please note that this is a separate entity than Bloomberg LP. You will be working out of the Bloomberg Foundation office located at 25 E 78th Street (Madison Avenue)

Information Security Manager Resume Examples & Samples

Govern and seek compliance of CIS policies and standards within the respective LOB vertical
Ensure information security controls adhere to Industry-specific rules and regulations (example FINRA and SEC requirements for Broker-Dealers)
Act as a single interface for internal and external audit and regulatory exams for Information security questions directed to the respective subsidiary
Collaborate with Senior LOB management to balance business strategies and initiatives within a balanced risk-management framework, such that there are no security control gaps
Acquire a thorough knowledge of LOB applications, including 3rd party-hosted, to ensure they are compliant with required security standards
Interface with all levels of LOB associates, including those in the Information Security Compliance Management (ISCM) network, to promote security awareness and training
Ensure that Security Incidents and response are appropriately handled within the respective LOB to include processes within CIS, Compliance, Legal and other LOB processes
This position is anticipated to be approximately 70% business-oriented and 30% technical-focused
Bachelor’s degree in a technical or business field, or equivalent education and related training
Minimum of ten years of demonstrated experience in an Information Security or IT Risk management function
Ability to relate business requirements and risks to technical controls, systems and processes
Aptitude to understand and adapt to new technologies. Ability to clearly communicate new solutions and controls to business leaders
Experience with Information Security frameworks or standards such as ISO27001 or COBIT
One of the following certifications: CISSP, CISM, GSEC, CISA, PMP

Senior Information Security Manager Resume Examples & Samples

Track and provide project management for ongoing Information Security initiatives
Work directly with business groups to understand requirements and implement the correct level of security as needed
Analyze security data and produce regular reports containing system security status across various platforms
Works with the system and network administration team to implement the right security policies with the servers, laptops, desktops, storage appliances, virtualization platforms and network devices
Conducts system security risk assessments to identify weaknesses, scans for operating system vulnerabilities, recommends and prioritizes remediation actions
Produces audit reports to management with system security status across various platforms including application environment, firewalls, VPN endpoints, antivirus systems, and system patch level
Support the deployment and management of security platforms across the corporation
Investigate acts of fraud and user misconduct in region

Information Security Manager Resume Examples & Samples

Develop the Cyber/IT Security business, demonstrating a track record of identifying and securing new business
Enhance the Technical capabilities of the IT Security and wider Technology Assurance team
Oversee the delivery of the portfolio and ensure excellent client service
Be a strong leader of people, to inspire and motivate those around you
Build a strong network with the Partner community and enable them to help grow the business
Deliver security risk reviews and IT security assignments across complex IT environments
Scope and manage internal/external/application penetration testing
Discuss findings with clients and obtain their buy-in to a proposed way forward
Act as an ambassador of the firm, participate in marketing events, keep abreast of the wide range of services the firm offers and suggests innovative products and services
A professional qualification, relevant to Information Security (such as MSc, CISSP or CISM)
A strong understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, vulnerability scanning etc
Experience of taking Technology Risk and Governance topics to Boards and an ability to effectively engage Senior Management across information security/cyber security space
Strong experience in a Technology Risk, Cyber or Information Security role
A thorough understanding of Vulnerability and Risk Assessment approaches and methodologies
Strong understanding of the Cyber Security Strategy good practice frameworks (for example, the Cyber Security Essentials)
Thorough understanding of the ISO 2700X series of standards and guidelines
Thorough understanding of the PCI DSS series of standards and guidelines

Senior Information Security Manager Resume Examples & Samples

7+ years of overall IT experience; 3+ years of experience with Information Security
Undergraduate Degree or commensurate experience in related field such as IT, MIS, IS or CS
Packet and Network Analysis experience
Understanding of virtualization for both servers and desktops with a focus on VMWare and Citrix technologies

Information Security Manager Resume Examples & Samples

3-5 years of Archer or relevant experience
2-4 years of Information Security or relevant experience
Deep and broad technical background with 3-5+ years of experience of progressive scope/impact/responsibility (including both hands-on and leadership roles) working with relevant enterprise technologies
3+ years of project management experience with a proven track record for delivering projects and driving execution
Demonstrated experience and success in influencing, leading, and coaching without direct leadership responsibility
Demonstrated reasoning and troubleshooting skills
Technical skill requirements vary per domain
Proven ability to communicate and articulate technical information across various organizational levels
Experience working in a multi-vendor (outsourced) environment strongly preferred
Ability to negotiate or persuade others in moderately complex situations
Add additional job-specific preferred qualifications for this position
Archer experience required, Administrator or Developer experience preferred

Information Security Manager Resume Examples & Samples

Proactively engage all areas of the Time Warner enterprise, identifying security risks, defining mitigation/remediation, and balancing security, business, and financial objectives
Contribute to incident response, investigations, and forensics
Develop metrics associated with the execution of the information security program and escalate sensitive matters to senior team members and executives in a timely manner
Monitor security industry trends and news, researching threats, and ensure maximum preparedness
Develop and maintain security industry contacts

Information Security Manager Resume Examples & Samples

Managing multiple aspects of the information security program, including policy, compliance, risk management, and ad-hoc consultancy to the business; reviewing and proposing changes to existing policies, standards and guidelines
Engaging with business stakeholders to understand business practices; gathering and facilitating the convergence of business, technical and security requirements; liaising with IT to align the environment with existing and future requirements
Risk assessing external entities (e.g. vendors, suppliers, partners, joint ventures); assisting with due diligence reviews of merger and acquisition deals
Collaborating with IT to ensure security is factored into the evaluation, selection, installation and configuration of hardware, applications and software; researching technologies and identifying differentiators and integration challenges; providing technical and managerial expertise on maintenance and administration aspects
Providing support and guidance on legal and regulatory compliance including data privacy
Tracking and coordinating the remediation of security vulnerabilities
Delivering security awareness training to employees
40% Compliance; system platform validation; vulnerability management; reporting
30% Risk management; ad-hoc consultancy; requirements gathering
20% Policy exception handling; security awareness training

Information Security Manager Resume Examples & Samples

Manages the user application access provisioning function and all staff associates associated with that function
Ensures that the daily security administration of information systems, which includes the addition and removal of user accounts and modification of user access rights on multiple systems is done according to company policy
Mentor and train new information security administrators
Assist in development of roadmaps and participate in the standards process for Identity and Access Management (IAM) solutions
Monitors user access to critical and sensitive systems that ISG does not administer directly
Ensures that ISG’s current service level agreements (SLA’s) are met with regard to access requests. Escalates requests as necessary
Assists other Information Security Administrators in resolving access control issues for customers
Provide advice, guidance and direction to carry out plans and procedures, ensuring schedule attainment, product development process adherence, and performance level are met
Participates in new system development and testing as it relates to user access provisioning and monitoring
Ensures that 24 x 7 emergency coverage for security-related matters is provided
Ensures that all requested security documentation is provided timely to internal and external auditors as needed
Maintains, in cooperation with the Director, the ISG SOX control narrative and ensures that all controls related to user provisioning are functioning as intended
Ensure that weekly, monthly, quarterly and annual reviews are completed as required
Completes special projects as assigned by the Information Security Director
Minimum of five years of experience in an IT environment with three years of experience managing and supporting projects
Experience managing teams of resources, including resources new to the technologies, and assigning resources across multiple projects based on the deadlines & project priorities
Experience with administration of specific systems as Active Directory, Microsoft Exchange/Outlook, UNIX, IBM AS400, and SAP
Experience with Identity & Access management tools, including Hitachi Password Manager
Understanding of information system security and security controls
Understanding of internet protocols, firewalls, web security and computer

Information Security Manager Resume Examples & Samples

Prior experience with security systems management and audits, preferably SSAE 16, ISO 27001, FISMA, HIPAA, as auditor or audited party
Strong knowledge of current NIST Frameworks, ISO, and executive security policies, standards, and regulations, particularly NIST 800-53 rev 4 controls
Current NACI clearance or ability to obtain
Experience identifying and resolving security issues on complex systems
CISSP, CompTIA Security+, CEH, or equivalent certification
GIAC GISF, or equivalent certification or in progress
Experience using commercial and open source security software such as Nmap, Nessus, Wireshark, Rapid7, WebInspect, Metasploit Framework, Ettercap, Cali Linux, etc
Experience with log monitoring, analysis, and correlation
Working knowledge of firewalls, Cisco ASA or Fortinet Fortigate preferred

Information Security Manager Resume Examples & Samples

Build strong internal relationship with other Managed Services teams, within Advisory and across other EY services
Experience and understanding of Financial Services
Awareness of National and International security standards
Experience in senior stakeholder management
Client service delivery and able to manage multiple engagement teams and projects

Information Security Manager Resume Examples & Samples

Perform control and risk assessment of technical operating environments. This includes the
Experience with information security compliance issues relating to people,
Strong follow-up, attention to detail, and organizational skills and the ability to
Ability to communicate and operate in a complex global organization and promote

Senior Information Security Manager Resume Examples & Samples

Performing regular review of activities performed by the Access Control Group administrators
Provide implementation and support expertise in deploying a Global Identity and Access Management solution (IAM), support our Data Loss Prevention (DLP), Security Awareness trainings, and Privilege Access Management programmes in the APAC Region
Ensure smooth transition of services into the Access Control Group, including involvement in projects to completion as well being the first point of contact for the project teams
Perform effective and efficient validation to ensure controls are adequately met
Possess clear and concise understanding of user access matrix to facilitate user functions and roles
Proactively identify, escalate and address knowledge gaps, broken processes or improvement areas for Access Control Group activities
Experience setting up processes and deploying a privileged ID management product
Experience setting up a program to detect data-leakage rules, with an investigation process around it

Senior Information Security Manager Resume Examples & Samples

10+ years of relevant Information Security experience
5+ years of relevant Security Operations experience
3+ years of relevant SIEM product management experience
Strong understanding of cyber security controls and frameworks (COBIT, COSO, ISACA, ISO2700x, NIST, SANS, etc.)
Strong understanding of regulative controls related to security (SOX & PCI)
Advanced knowledge of various security technologies, frameworks and products
Advanced knowledge of technology standards (e.g., Infrastructure, Network, Architecture)
Strong understanding of security technologies (e.g. Antivirus, IDS, IPS, firewall, VPN, Spam filtering, Web content filtering, Directories, Encryption, WAF)
Experience in managing a team of diverse, dedicated individuals
A solid understanding of financial industry and key strategic direction of the Bank
One of the recognized security certifications: CISSP, CISM, CISRCP

Cyber & Information Security Manager Resume Examples & Samples

Assesses the firm's exposure to potential cyber threats by (1) identifying and assessing key cyber security risk scenarios, (2) analyzing the bank's defense capabilities against these threats and (3) ensuring that cross-functional mitigation activities are initiated and executed
Manages intelligence-led penetration testing and red teaming activities, including participation to regulatory initiatives such as CBEST in the UK and Quantum Dawn in the US
5+ years substantial experience within Information Technology, ideally in the Financial Industry, with a particular focus and practical experience on Cyber Security e.g. risk mgmt., project mgmt., security operations
Solid understanding of Cyber defense, Information Technology, Information Security Frameworks, Risk Management and IT Security
Substantial experience in the analysis of Information & Cyber Security Risk issues and their business impact
Ability to setup operational models for security technologies including organization, operational processes and key performance indicators
Ability to drive complex cross functional prograMS
Target Rank: D/ED
Excellent problem solving and analytical skills
Team player with the ability to work independently to organize, manage and complete projects within tight deadlines
Persuasive oral and effective written presentation skills
Has a strong understanding of available resources available and leverages and uses them effectively

Information Security Manager Resume Examples & Samples

Risk management experience, including developing and deploying remediation actions
Strong knowledge of technical terminology such as platforms, procedures and architecture
Proven record of developing, designing and implementing on strategies and plans
Previous experience managing a team and projects
Minimum of 5-8 years of Technical Risk Management, Information Security, IT Auditing or similar experience
Master's Degree or technical certifications are preferred
Experience working in a financial services area, where you had exposure to managing regulatory assessment for the company

Information Security Manager Resume Examples & Samples

Bachelor's degree required, candidates must possess significant analytical skills which likely evolved from early academic training in Computer Science, Computer Engineering, or Information Systems
Minimum 5 years of business experience in the areas of Information Security
Certified Information Systems Security Professionals (CISSP) or willingness to obtain
We require some prior experience supervising junior level resources in the areas of Information Security
Knowledge of internetworking technology
System and network administration experience on UNIX (any flavor), Windows 2003/2008/2012
Willingness to travel 60% or more annually
And any other duty assigned by employer

Information Security Manager Resume Examples & Samples

Experience dealing with the Identity and Access Management of Enterprise Security systems in a complex multi-platform environment
Demonstrate extensive knowledge across a broad range of Identity and Access Management technologies
Effective time management skills demonstrated by successful and timely completion of projects
Bachelor’s Degree in related field from an accredited college or university
Ability to work overtime required on occasion
Ability to obtain and maintain firm independence and abide by firm ethics requirements

Information Security Manager Resume Examples & Samples

Develop, publish and monitor Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements
Manage and review Bose’s Payment Card Industry (PCI) Data Security Standards (DSS)
Develop the Information Security Risk Management Program including risk assessment surveys; identification of key risks, mitigation strategies, and gaps in controls focused in Information Security
Responsible for Information Security Awareness training and communications
Perform analysis of existing controls and comparing such controls to commonly used standards such as ISO, NIST, COBIT, and PCI
Develop and manage the Information Security Risk Acceptance program
Assist with the reports to senior management, Audit Committee and Board of Directors
Providing support for external and regulatory IT audits
Monitor and advise on information security issues related to internal systems and workflow to ensure that security controls for the company are appropriate and operating as intended
Assist business units in identifying security requirements, using risk based and business impact assessments
Coordinate response to information security incidents, and escalate as necessary
Collaborate with internal partners to manage security vulnerabilities. Create, manage and maintain user security awareness programs
Conduct security research in keeping abreast of latest security issues and facilitating professional development. Adhere to company values at all times
Bachelor’s Degree in Information Technology or related technical field
8+ years of related experience in Information Security & Compliance
2-4 years of Audit experience and/or Big Four Accounting experience
Must have one or more of the following certifications; CISSP, CISA and/or CISM
PCI DSS experience (ability to obtain ISA certification within first 90 days)
Experience with common Information Security management frameworks, such as SOX, PCI, HIPAA, ISO 27001, and NIST frameworks
Must have exceptional written, verbal and presentation communication skills
Ability to facilitate cross-functional teams
Ability to translate business requirements into control objectives
Aptitude for working well under pressure
Accepting responsibility for own work

Information Security Manager Resume Examples & Samples

Manage and develop the location Information security Officers
Provide business relationships with aligned Divisions and functions and support other areas for location specific activities
Support ISS related change initiatives
Provide oversight of all Operational Business Services being delivered from the location
Understand and analyze business risk management from an information security perspective
Interact closely with the business on new projects and advise the business on information security relevant aspects
Perform risk assessments on complex and vendor applications
Identify security gaps and evaluate with IT or other stakeholders options for remediation
Liaise with senior subject matter experts (e.g. in Legal, Group Data Protection, Compliance etc.) to gauge severity of security gaps
Present assessment results and options to the business and discuss steps for resolution
Work with the business to close security gaps or to initiate risk acceptance
Train junior staff to develop the required skill and experience in information security assessments
Develop an area of deep expertise and knowledge in information security
Support the business and ISS management during Audits and with Audit resolution as it relates to issues that address information security
Support the business during regulatory exams on information security relevant topics
People management experience
Experienced employee with background in information security and/or risk management
Prior experience in a risk and control role would be an advantage (e.g. in CISO, BISO, TISO, ORM, Audit, Data Privacy)
Background in the business or having worked with a business division or function
Ability to manage multiple assignments and efficiently prioritize workload with limited supervision and resilient under pressure
Ability to quickly build a network in the business and among subject matter experts
Good team leader skills and ability to train, develop and coach staff
Strong analytical skills to evaluate risks and control processes
Excellent communication skills both verbal and written and ability to deal with people at all levels in a global matrix organization
Flexible, pro-active and innovative
A certificate from an Information Security Professional Consortium such as ISC², ISACA is an advantage

Information Security Manager Resume Examples & Samples

Oversees the Firm’s information security program development and management, information security incident management and coordination of the program’s compliance with the Firm’s overall risk management approach
Develops an information security strategy in alignment with the Firm’s goals and objectives
Implements information security policies that communicate management’s directives and guides the development of standards, procedures and guidelines
Establishes a program for information security awareness and provides training to promote a secure environment and an effective security culture
Identifies legal, regulatory, organizational and other applicable requirements to manage the risk of noncompliance to acceptable levels
Evaluates information security controls to determine whether they are appropriate and effectively mitigates risk to an acceptable level
Creates and oversees an incident response plan to ensure an effective and timely response to information security incidents
Integrates the information security program with the incident response plan, disaster recovery plan and business continuity plan
Assists the Chief Information Officer with information security governance
Tracks progress and status of all information security projects and reports to the Chief Information Officer
Selects, trains and motivates staff; provides staff professional development; and works with staff to correct deficiencies
Keeps up to date with the latest technologies

Information Security Manager Resume Examples & Samples

Bachelor’s degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics (or equivalent work experience)
5+ years of experience of network/security or operations experience
Experience with leading the development, implementation, and management of incident response plans and response activities
Experience with the computer network defense tools , including SIEM, anti-virus, anti-malware, DLP, IDS/ IPS, vulnerability scanners, configuration management, and encryption
Experience with performing management of 24x7 Security Operation Center services
Certifications: CISSP, CISM, GCIA, GWAPT, GCIH, GSEC, or similar certification preferable

Information Security Manager Resume Examples & Samples

Applying proven communication, analytical, and problem-solving skills to help identify, communicate and resolve system security issues
Provide strategic direction to related governance functions (such as Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance) plus senior and middle managers throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies
Lead the design, implementation, operation and maintenance of the Information Security Management System based on ISO 9001 and 27001 series standards

Senior Ent Information Security Manager Resume Examples & Samples

Make proactive assessments of threat information in and outside the public domain, understanding the threat as it relates to T-Mobile and its customers, and implementing measures to combat the threat
Understand the operations of the business and comprehend how these create value and risk for the organization
Collaborate with team members, peers and the business unit management team to determine technical information security requirements, planned remediation, and advocate for the program to gain resources to implement appropriate protection technologies and processes
Implement and monitor controls necessary to ensure operational processes are performed and are effective to protect the environment from all forms of malicious cyber activity
Assist the Governance group in the development and refinement of technical security standards, key performance indicators and other necessary processes to maintain effective operational security, as it relates to the business
Make risk-based decisions on a daily basis that has the potential to impact T-Mobile's ability to operate and communicate
Ensure the information and network security controls for T-Mobile are appropriate and operating as intended; includes solutions that are directly controlled as well as security solutions that are operated by other internal and external groups
Liaise with and assist outsourced security service providers with vulnerability assessments of business applications, systems and architectures
Prefer six years’ experience in information security related discipline, in addition to several years’ relevant systems and/or network administration experience
Expert relationship building and partnering skills, including persuasion, negotiation and consensus building
Demonstrated ability to work effectively in a complex matrixed environment
Ability to translate security requirements into business risks and impacts
Experience with high level design Architecture, Firewall, Internet, LAN Router, Network, Protocols, Web Services and SOA
Telecommunications industry expertise, Six Sigma Training, Audit, Compliance & Network experience preferred
10 years of system, network, and application design and architecture experience. Preferably in the wireless communications space
A broad, enterprise-wide view of the wireless (or similar) business and understanding of strategy, processes and capabilities, enabling technologies, and governance. Experience in telecommunications, internet service provider, or application service providers a plus
Extensive experience planning and deploying both business and technology security initiatives
Exceptional communication skills and the ability to convey results in a summarily and persuasive manner to business owners. This includes written and verbal communications as well as visualizations
The ability to act as liaison conveying information needs of the business to technology teams and technology constraints to the business
Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus
Understanding of Local (Wired & Wireless), Wide area, and mobile networks
Strong background and experience in IP Networking and Routing Protocols

Senior Insider Threat Information Security Manager Resume Examples & Samples

Strong management skill. Experience with Insider Threat as a focus area within Information Security
Experience and hands on knowledge with Data Loss Prevention security controls
Ability to navigate and work effectively across a complex organization that is geographically dispersed
Broad knowledge of change and project management methodologies and principles and the ability to integrate them into project design; experience in managing complex technical projects, meeting target timelines, facilitating project team meetings, project documentation, issue resolution and project resource identification
Knowledge of Network configuration, certifications in CISSP, A+, CCNA, CCNP, EnCEP, SQL, Microsoft Office
Experience with Web Application Firewalls (WAF)
Experience with Unix system administration

Information Security Manager / Consultant Resume Examples & Samples

Track record of delivering information security frameworks and management systems
Managing ISO 27001 certifications and external audits
Maintaining PCI DSS compliance within a large complex organisation
Scoping, facilitating independent security tests and subsequently analysing and remediating based on the output
Internal audit qualifications and experience
Delivering and auditing against HMG and Public Services Network (PSN) security standards
Experience of information security requirements within large telecommunications and call centre environments
Delivery of timely and accurate client and business focused information security reports
Delivering presentations on Information Security to colleagues, clients and senior management
People management [including performance management]
Client management
Experience in influencing key stakeholders to amend and /or implement business practices and proposing solutions to mitigate risk of non-adherence
Experience in preparing and delivering reports highlighting risks for senior management
Ability to manage team members to ensure that resources are deployed to achieve necessary results
ISO 27000 series of standards
Payment Card Industry Data Security Standard
HMG/PSN Security policies and standards
Information security technology, tools and techniques
Information security legislation, regulations, and standards
ICT security architectures and common designs for mitigating information security risks

Information Security Manager Resume Examples & Samples

Support file integrity verification and monitoring software, including the design, architecture and deployment of FIM for PCI
Own the design, architecture and deployment of security controls in virtualized and IaaS cloud environments
Prevent and analyze malware
Works with the outsourced IT services companies to ensure that the vendor is meeting the security Service Level Agreements (SLAs), which in turn ensures that IT Security is meeting its SLAs to its internal customers. Reports on SLAs
Provide leadership and guidance to internal employees and external vendor staff relating to security access and vendor management
Provide leadership and delivery responsibilities
Proven experience in host and application security – 5+ years of relevant experience in a fast-paced environment ideal
Advanced Linux / Windows administration and/or engineering skills
Working knowledge of network protocols, such as DNS, LDAP, DHCP, NFS and Kerberos
Understanding of applied cryptography, including PKI, SSL, key management, SSH identities
Demonstrated knowledge in privacy and compliance frameworks such as PCI, HIPAA, SOX and GLBA

Information Security Manager Resume Examples & Samples

Threat Intelligence – Manage and coordinate activities driven by threat intelligence feeds from our MSS partners
Prior experience in threat analysis and threat management activities
Bachelor’s degree in Business, Information Technology, or equivalent combination of education and industry certifications (CISSP or GIAC preferred)
Minimum of 3 years of experience in IT, with at least 1 year of hands-on experience in information security intelligence analysis; financial industry experience is a plus

Information Security Manager Resume Examples & Samples

Incident Response – Management and delivery of response to security incidents for GBT’s global operations
Prior hands-on experience in incident response and planning (CERT/CSIRT) is required
Bachelor’s degree in Business, Information Technology, or equivalent combination of education, industry certifications (CISSP, CERT-CSIH, GCIH), and experience required
Minimum of 5 years of experience in IT, with at least 3 years in leadership experience in Information Security

Information Security Manager Resume Examples & Samples

Agile Practices
Coaching and Mentoring
Business Case Development

Information Security Manager Resume Examples & Samples

Extensive people management experience, leading teams of technical experts
Working in remote teams across geographies
Technical skills and a good knowledge of the Oracle Security and/or Database Security portfolio
Technical and functional knowledge of one or more of following areas: Identity Management, Access Management, Directory Services, Mobile Security, Oracle Database Security, Audit Vault, Database Vault, Advanced Security, Data Redaction, Label Security, Data Masking, etc
Sales Consulting, Presales or customer facing Consulting experience, with a demonstrable record of achievement
Organisation skills – an ability to plan and organise projects and people
A passion for people
An eloquent and clear English speaker
People management experience, leading direct teams with proven results
Experience in building teams, recruiting and forming new hires, coaching and mentoring
Working remotely across geographies
Information Technology degree level or higher
At least 7 years’ experience working in a technology sales consulting role, presales, engineering, development or consulting role
Information Security experience and/or Oracle Database knowledge

IT Corporate Information Security Manager Resume Examples & Samples

Privacy/Protection: Provide the necessary subject matter expertise and ensure the implementation of the DLP architecture, risk management standards, best practices and systems/processes to ensure information privacy/protection
Monitoring of security procedures and practices: Review on a timely basis the various analyses of the reports and logs available. Review the recommendations for noted irregularities
Ensure adequate security for new business services and systems: Assist in the development of scenarios of usage, test for abnormalities or exposures. Prepare documentation to augment vendor materials that include local enhancements and implementations
Support or direct enterprise level information security related functions such as: Firewall Administration, Intrusion Detection, Communications, Incident Response, RACF, Encryption, Access Control, Threat Management, Data Loss Prevention, Cyber Forensics, and other security related functions as required. . Make recommendations for improvements to the program, respond to alleged policy violations and act as participant in event of a breach. Ensure communications to the CISO, and other senior level officers, are accurate and timely
Plans and develop departmental budgets in accordance with established guidelines; administer compliance to meet budgetary goals and negotiates changes as required
Seven years of experience in IT, of which at least three years was in the information security field in a leadership/supervisory position
Demonstrated SME level knowledge in the Data Loss Prevention security discipline
Strong oral and written communications skills; strong presentation and marketing skills
30%/70%business/technology acumen
Advanced knowledge of the use and management of Data Loss Prevention technologies
Experience in the management of data loss/theft events and corresponding data privacy legislation (GLBA, HIPAA, PCI, etc.) INDBBTIT

Information Security Manager Resume Examples & Samples

Assist with the development of policies and technical configuration standards
Assist with the development of security training materials and programs for use throughout the firm
Conduct periodic reviews of Crowe’s information resources security policies, procedures, and compliance
Working with all areas of IS to implement and maintain information resources security
Assist all BU’s with client questions related to information resources security
Review and recommend to the Legal department all requests for the access of departed employee data
Assist in the employee termination process by ensuring all required access to data and firm data/technologies are properly removed in a timely and secure manner
Maintain the Disaster Recovery database and all documents within it
Serve as the Disaster Recovery coordinator should a disaster be declared
4 years experience in the security related processes and procedures
4 years experience in security administration, review of information security related regulations, systems, processes and procedures
Ability to build strong working relationships at all levels, internal and/or external to the organization
Exposure to Gramm-Leach Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), and other security related legislation and regulations
Experience with and knowledge of Disaster Recovery programs
Bachelor’s Degree or equivalent work experience in the field of Information Security
Relevant security certifications desired (CISSP or CISA)

Senior Information Security Manager Resume Examples & Samples

Development and maintenance of all information security policies, processes, standards, architecture and guidelines
Define security requirements for all projects and development of security strategies
Manage security awareness programs to improve level of security knowledge and awareness of employees
Establish an effective business relationship with all stakeholders and business partners, to communicate on security issues and provide assurance to senior executives
Consult with business owners, technology teams, risk team, to ensure compliance of the information security policies company
Govern security services provided to the Group (both internally or by third party service partners) to ensure that the Group continues to be protected against current and emerging threats
Influence information security requirements for business processes, applications and other software products to ensure that the Group continues to be protected against current and emerging threats

Information Security Manager TS Resume Examples & Samples

Identifies; reports; and resolves security violations
Establishes and satisfies information assurance and security requirements based upon the analysis of user; policy; regulatory; and resource demands
Coordinates with DISA or other outside entities in support of audits and inspections and provides any required documentation in support of such audits/inspections

Information Security Manager Resume Examples & Samples

Facilitate departmental compliance with all Information Security policies, standards and regulations (Sarbanes Oxley (Sox-404), Operational Risk, Cross-border Data Privacy, GLBA, etc.)
Conduct Application Security Assessments on new, existing, vendor and in-house applications, etc.)
Review and approve (e.g., unwrapped software, Functional IDs, USB / Local Admin access, SSL Certificates, Firewall Requests, toxic entitlements, etc.)
Liaise with Business Information Security Officers and application development community to assist in identifying and reducing IS risk within applications to acceptable levels
Monitor risk mitigation process and risk oversight
Engender a culture of secure coding practices as part of SDLC process
Drive execution of directives as mandated by Global IS Organization
Monitor progress of corrective action plans and risk exceptions
Lead and /or contribute to ad-hoc requests and projects as required
Act as subject matter expert on Application Information Security topics during Audit meetings
Minimum of 8- 12 years of Information security experience
3-5 years of experience of Project Management and / or Web Development / Application Development / Architecture
Understanding of Operating Systems (e.g., UNIX, Linux, WINTEL), Databases (e.g., Oracle, SYBASE, MS-SQL), and Programming Languages (e.g., JAVA, .Net, C/C++)
Knowledge of Information Security, IT Risk and Controls

Information Security Manager Resume Examples & Samples

Work in partnership with Director of Risk, Director of Business Assurance, SH&E Manager and Head of Clinics to ensure any reporting, security updates and recommendations are synergised with current reporting requirements, i.e. SH & E manuals, BCP/DR, evacuations, Dawn Raids, security advice or training, etc
Monitoring the contractual minimums including compliance with DWP and Capita Policy
Responsibility for ensuring that PIP specific security processes and policies are documented and rolled out to the business
Promoting security awareness
Maintaining a security risk register
Maintaining an audit schedule
Maintaining a security improvement plan (SIP) containing outputs from his audit schedule and managing remedial action
Responsibility for security incident management and reporting
Ensuring staff have the appropriate security awareness training
Ensuring that controls are in place to monitor access to DWP data, limit users to only those functions they need to perform their business and detection of unauthorised access, misuse or loss
Responsibility ensuring that the transfer, handling, storage and retention of authority data is compliant with DWP requirements
Support the business with RBAC requirements (advisory capacity)
Produce Monthly report on all aspects of Security for inclusion in the overall IT Monthly Report
Impact assessment of all Change Requests to ensure no security breaches or weaknesses are introduced either from an IT or physical perspective
Monthly
DID report, including IT and Incident reporting actions
Liaise with Business Assurance Director to capture incidents reported and capture/escalate to Divisional Risk Director for review
Hub and clinic physical security audits including reporting and cascading of physical security faults
Robust compliance with clear desk policy and staff DPA including monthly random checks and providing evidence and feedback
Ensure that data back-ups are available to the Authority at all times upon request and are delivered to the Authority at no less than monthly intervals (Contractual)
Review and cascade the security risk register
Review, assess and make recommendations on the DBS process and disclosures, highlighting to Operations Director where action is required
Excellent customer services skills
Good written and verbal communications skills
Communicate at senior management level providing solutions, updates and reports
An ability to manage a portfolio of core tasks and responsibilities
Flexibility will be essential to the support the changing needs of the business
CISSP Qualified
ISO 27001 experience
Experience in managing the overall security operations and policies of a business unit delivering a service into the public sector
Experience in government information classification standards
Excellent with standard MS office programs

Information Security Manager Resume Examples & Samples

Develop and maintain security and privacy self-assessments for Apttus services
Complete due diligence assessments and information security questionnaires for prospective and current clients in a timely and accurate manner
Develop, perform and analyze vulnerability assessments and penetration tests using generally accepted tools (and recommend remediation(s), as needed)
Review and enhance security policies
Perform IT risk assessments, incident investigations, root cause analyses and forensics
Partner with internal teams to ensure successful security and compliance programs that align with client and regulatory compliance requirements
Assist with regular and periodic internal risk assessments and SOC Audits
Evaluate risks that the applicable vulnerabilities pose to the organization and understand the technical implementation details in order to assess and recommend security control improvements or identify mitigating controls
Assist with remediation of control deficiencies identified during the audit process
Experience in cloud environment such as Microsoft Azure
5-7 years professional experience with 3-5 years involving security, risk management, compliance, and privacy of non-public personal data
Experience with IT security and privacy risk assessments and audits of IT general security controls
CISA, CISM, CISSP or CIPP certificate a plus
Demonstrated experience with technology industry compliance standards and regulations as they relate to company's services such as ISO27001/2, HIPAA, SOC 1/2
Experience with the phases of the software development lifecycle
Experience with common vulnerability scanning and penetration testing tools
Knowledge of common computer security issues, including network and application vulnerabilities
Thorough understanding of computer networking, routing, and protocols

Information Security Manager Resume Examples & Samples

Providing specialist Information Security input to support business operations, change initiatives and Bids to ensure that security risks are identified and managed
Definition of Security Requirements and sign-off throughout development and change processes
Ensuring delivery against Client information security requirements
Oversight of Information Risk across CIBS client and internal business units
Oversight and communication of Client specific Information Security MI
Acting as the key Information Security contact for allocated clients
Representing Information Security at relevant risk committees
Providing SME guidance to Information Security related audits and reviews and ensuring action resolution (internal, external and client driven) to ensure that business units understand issues and remediation effectively mitigates information security risks
Qualified to degree level or equivalent experience
Certified Information Systems Security Professional (CISSP) and/or
Certified Information Security Manager (CISM) and/or
Good technical knowledge with the ability to explain technical problems to non-technical business stakeholders at all levels
Aptitude to remain up to date with Information Security Standards and Technology
Self-motivated individual with flexible approach to working
Effective and persuasive in both written and oral communications
Experience of working in Private Sector organisations
Current Driving License
PCIDSS knowledge/experience
ISO27001 Auditor
Continuous improvement
Experience of working within a financial services/regulated or outsourced service provision environment

China Information Security Manager Resume Examples & Samples

Understanding of emerging threats, including tactics, techniques and procedures used by advanced adversaries
Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
Proven leadership in building effective security teams and ability to influence strategic and tactical decisions that affect security objectives
Ability to demonstrate how security protects market share, revenue and brand including prioritization, modeling and pricing of risk
Proven track record on measuring effectiveness of risk management strategies and progress using data-driven metrics
Experience in securing large enterprise, product design/development, lab and factory environments, including use of third parties
Ability to clearly and concisely articulate issues to both technical and non-technical audiences
Ability to influence using insight, logic, and data to effectively persuade partners or customers or partners on recommendation or course of action
Preferred certifications: CISSP, CISA certifications are preferred

Business Information Security Manager Resume Examples & Samples

This position will report to the Chief Information Security Officer and will be responsible for the following activities within a given IT Portfolio
Ensuring effective implementation of information security standards, processes and procedures, and guidelines for the enterprise
Ensuring and monitoring security compliance with industry and government rules and regulations
Ensuring security compliance and meeting all service-level agreement requirements
Reporting security performance against established security metrics
Understanding the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balancing this with risk investments
Supporting an information security awareness program to ensure staff members across the organization understand the trade-off between risk and return
Coordinating with technology and business groups to assess, implement, and monitor IT-related security risks/hazards
Lead investigation of high level complex violations of Information Security Policies and direct activity to analyze forensic data from Sr. Analysts
Develop recommendations and take appropriate action. Present to Information Technology management development/implementation plan for secure solutions
Present findings to manager on compliance reporting for Information Securities Policies. Drive the Disaster Recovery and Business Continuity strategy
Provide technical direction to analysts, associates and contractors
Develop Information Security Policies, Standards and Guidelines
Automate access provisioning across supported systems and applications with documentation. Direct, define and provide audit reporting
Professional experience in analyzing and applying information security, risk management, and privacy practices
Experience in strategic planning, budgeting, and allocation
Security consulting and general industry experience
Experience in law enforcement and/or national security is highly relevant
Knowledge of national and international regulatory compliances and frameworks such as NIST,PCI, ISO, etc

Information Security Manager, VP Resume Examples & Samples

The management of the primary Identity & Access Management tool (RBAM) and related systems. This includes the on boarding of new applications, the management of change to applications in the framework and the identification and management of control exceptions
The management and execution of the business application User Entitlement Review programme and supporting processes such as Movers, Past Due controls
The management and execution of the File Data Share review framework
Assuming responsibility for all aspects of AIM in India, with a particular focus on operational delivery
Redesigning and optimizing the India AIM team in order to help deliver a larger AIM and Information Security global strategy
Taking ownership of the day-to-day running of the AIM function in India, including prioritizing incoming workload, management of resources, identifying potential issues with process and systems and interacting with stakeholders of all levels
Working closely with the departmental systems and interacting regularly with support teams to ensure the tools are operating correctly
Contributing to a revised location strategy and the anticipated realignment of functions to establish a service-aligned global structure
Experience working in complex global functions, preferably in an Investment Banking environment
Strong understanding of ITIL frameworks and approaches with 10+ years Identity & Access Management/Information Security management experience
Effective stakeholder management skills; experience of building relationships with key technology and business representatives
Understanding of infrastructure and technology platforms, application development methodologies and Information Security principles and tools
Background in technical security controls and Security qualifications like CISSP or CISM

Information Security Manager Resume Examples & Samples

Conducting information security reviews across the business and recommending appropriate actions to management
Conducting investigations, analysis and review following breaches of Information Security controls and preparing recommendations for appropriate control improvements, involving other professionals as required
Interpreting and applying information security policy and standards, and contributing to the development of these documents including delivery and development of education and training materials
Identifying threats and providing authoritative advice and guidance on the application and operation of all types of information security controls
Horizon Scanning - keeping abreast of external events, imminent industry and regulatory changes and ensuring that L&P understands impacts and plan accordingly
Actively maintaining specialist knowledge
The role will be based in Dublin, but will involve some travel to other sites which may include Belfast, the Isle of Man, Glasgow and Cheltenham

Information Security Manager Resume Examples & Samples

Supports and maintains the overall information security strategy and architecture to be used by INTEGRIS Health
Responsible for assessment, development, implementation, documentation and maintenance for all INTEGRIS Health information security planning, programs and security policies and procedures
Responsible for requiring and providing information security training related to staff functions and responsibilities
Develops annual budgets and maintains all expenses with in budgetary limits through control and discretion in ordering supplies, hardware, software, minor equipment and usage monitoring
Organizes and facilitates committees necessary to support the implementation of information security projects and controls
Manages department staff including hiring, evaluating performance and competency as well as conducting disciplinary and counseling sessions as needed
Provides support and oversight of INTEGRIS Health's Information Security Business Continuity objectives
Masters Degree in Computer Science, Information Systems or related field with 3 years of relevant experience required
Bachelors Degree in Computer Science, Information Systems or related field with 5 years of relevant experience required
Associates Degree in Computer Science, Information Systems or related field with 8 years of relevant experience required
High School Diploma with 10 years of relevant experience required
Minimum of one recognized security certification required
Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) required or must be actively seeking
Must be able to communicate effectively in English (verbal/written)

Information Security Manager Resume Examples & Samples

Perform benchmarking assessments against industry best practices (e.g. NIST CSF, SANS CSC20, ISO 27002, etc.)
Identify any gaps as a result of benchmarking activities, and recommend remediation steps to close those gaps. Track remediation activities to completion
Manage the Global PCI Compliance Program
Address SOC 2 Reporting requirements
Perform Security Risk Assessments
Monitor adherence to stated Security Policies and Technical Standards
Support the development, implementation, and maintenance of the global information security strategy program
Be a subject-matter expert across all relevant technical security domains
Stay current with new and emerging technologies such as cloud services and infrastructure, mobility models, and big data concepts, and how those relate to enterprise security technology/controls
Oversight and development of technical security strategies
Review and assess technical security roadmaps aligned against strategic direction
Create and maintain working partnerships with architecture, engineering, and operations to understand needs, feasibility of strategic recommendations, and impact to organizations and people
Development of written documents and presentations at various levels of the organization – from technical to executive
Several years of work experience with information security, risk management, IT controls, or IT audit
People and matrix management skills
Excellent written and oral communication skills and presentation skills
Working knowledge of industry information security standards such as ISO 27002 and NIST SP 800 series publications, and familiarity with internal controls frameworks such as COSO or COBIT
Demonstrated integrity within a professional environment

DC Information Security Manager Resume Examples & Samples

Provides security oversight support to teams involved in strategic planning, program planning and execution, requirements and architecture definition, quality and process improvement projects
Provides design, planning, and direction for data security, systems, networks, applications and processes, in order to maintain the confidentiality, integrity, availability, and privacy of its systems and the information in those systems
Performs computer and/or network security vulnerability assessments to identify, evaluate, and mitigate security risks, threats and vulnerabilities. Designs, implements, integrates, configures and tests computer and network security solutions to manage the network/system's firewalls and intrusion detection systems
Provides expert guidance and oversight in assessing the security infrastructure and network and systems design to ensure system/network security
Oversees the security authorization process to review and maintain the security posture of the data center LAN in a manner as defined by DHS to identify weaknesses, develop mitigation plans and make informed decisions about accepting risk
Technical knowledge of network architecture, operations, and security
15 or more years of experience with a combination of security documentation, policies, and procedures, information systems security and computer operations

Information Security Manager Resume Examples & Samples

Reports directly to the Corporate Security Officer, manages the GDC security staff in Mumbai, Pune India, Manila, Philippines, Islamabad, Pakistan in day to day security operations and local security requirements that arise
Proactively leads the implementation of necessary information security policies, standards, procedures and guidelines in the Teradata Delivery Centers, in coordination and in alignment with standards that have been communicated by the Teradata Corporate Security Officer. This also includes any client specific policies enforced on particular projects requiring an increased level of security
Leads the design and operation of related compliance monitoring and improvement activities to ensure compliance both with corporate security policies, Teradata customer policies or any applicable laws and regulations
Proactively conducts periodic security risk assessments of the local Mumbai/Pune facilities and directs the Information security staffs of the remote GDC’s to do the same and determines appropriate actions to address identified risks
Responsible for security incident response and analysis, works with the GDC management team and other stakeholders in taking appropriate action during information security breaches, violations and incidents in a timely manner with a sense of urgency
Is responsible for prevention of IT security risks and issues and will develop and deliver suitable information security awareness, training and educational activities to the associates, managers and others as needed
Coordinates, executes and implements activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties
Coordinates and liaises with related functions (such as Physical Security/Facilities, ITS, HR) and senior managers throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies
Coordinates with the Chief Security Officer of Teradata to ensure all GDC security policies, standards, processes align with Corporate Security requirements
Education and Experience
Bachelor of Science in Computer Science, Management Information Systems from an accredited institution is preferred. BS in Mathematics, Physics, other science or Business course is also acceptable
At least 8 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management)
Knowledge of information system architecture and security controls (i.e. firewall and border router configurations, operating systems configurations, wireless architectures, databases, specialized appliances, access control systems and information security policies and procedures)
Knowledge of principles, practices and procedures of information security as it applies to and impacts the organization
Experience with incident response and analysis, information security breaches, violations and incidents
Information security management qualifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA)/ Certified Information Security Manager (CISM) are preferred
Strong verbal, written and presentation skills. Ability to interface effectively and decisively with all levels of management, departments and outside vendors
Strong leadership, organizational, decision-making and analytical skills
Ability to manage a small security team of remote locations to achieve desired objectives and project results as directed by the Corporate Security Officer and the Local GDC Business teams
Knowledge of ISO 27001, 27002 and ISO 22301 is a must

Information Security Manager Resume Examples & Samples

Proactively leads the implementation of necessary information security policies, standards, procedures and guidelines in the Teradata Pakistan Global Delivery Centers, in coordination and in alignment with standards that have been communicated by the Teradata Global Information Security Manager. This also includes any client specific policies enforced on particular projects requiring an increased level of security
Leads the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies, Teradata customer policies or any applicable laws and regulations
Proactively conducts periodic security risk assessments and determines appropriate actions to address identified risks
Responsible for security incident response and analysis, works with the local GDC management team and other stakeholders in taking appropriate action during information security breaches, violations and incidents in a timely manner with a sense of urgency
At least 6 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management)
Ability to work independently and as part of a team to achieve desired objectives and project results

Information Security Manager Resume Examples & Samples

Strategic support
Security liaison
Operational support
Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff
The ability to interact with Stewart Title personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives
Bachelor's degree in Computer Science or related field is required
Minimum of 10 years of experience in information security, which includes 3 years of experience in management
Possession of a ISC2 certificate, SANS certificate, ISACA certificate

Information Security Manager Resume Examples & Samples

Responsible for developing and maintaining the vision, strategy and operational oversight of a cyber security operations team
Advances a team of focused cyber investigations who are highly expired in advanced threat detection, analysis and forensics
Analyzes and enhances cyber security controls, such as web content security, email security, intrusion prevention systems, and IOC (indicators of compromise) hunting
Overseas the investigation of information security and data privacy incidents; serving as the primary contact for security incident response and execution
Independently leads technical and nontechnical team members in supporting Information Security programs and processes
Actively manages the full life-cycle of security incidents, including analysis and remediation of control failures
Maintains a strong, deliberate relationship with outsourced security services providers

Information Security Manager Resume Examples & Samples

Supervise and manage the Security Operations and Engineering team
Working with stakeholders to develop Security Operations strategies, architectures, and implementation plans
Serves as the Subject Matter Expert (SME) for the engineering, architecting, and provisioning of Perimeter Security
Establish security processes and controls and perform and/or oversee the performance of periodic risk assessments to identify current and future internal and external security vulnerabilities
Provide necessary information to derive decisions about risk acceptance and risk mitigation, and identify best practices to mitigate information security risks
Ensures adequate and effective IT controls exist to meet current and future security compliance requirements found in local, state, and federal laws and regulations (e.g., SSAE 16 SOC I & II, Payment Card Industry Security Standards, HIPAA)
Provide periodic management reports on key operational systems and applications, own and coordinate actions to analyze problems for root cause and identification of known problems
Responsible for establishing and delivering meaningful and actionable security metrics and reporting
Identify/recommend tools, processes, software, and hardware to improve or replace current security infrastructure practices, services, or technologies to meet future requirements
Identifying information security weaknesses and/or gaps in the current operations and working with other teams to bring information security operations up to standards
Ensures tests of information security measures, including targeted penetration attacks and other configurable and administrative controls reviews
Designs and engineers internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability
Leads the Darden CERT Team (Computer Emergency Response Team)
Manages special projects related to information security that may be needed to appropriately respond to ad-hoc or unexpected information security compliance events
Understands the business activities performed by company, and based on this understanding, suggests appropriate information security solutions that adequately protect these activities
Work with other departments and vendors to oversee Darden Data Security requirements are incorporated into the rollout of new systems
Minimum of 10 years’ of experience of progressive IT infrastructure and security experience
Minimum of 3-5 years’ of experience successfully leading and developing technical teams in a security function
Minimum of 5 years’ implementing IT security best practices and audits/controls processes that ensure compliance in PCI and PII
Experience with implementing, monitoring, maintaining, and tuning security tools such as IDS/IPS, SEIM, FIM, Malware Prevention, Email Security, Privilege Access Tools, etc
Bachelor’s degree in Computer Science, Electrical Engineering, Information Technology, or a relevant field
Experience developing annual performance goals, writing and delivering performance reviews, and coaching and holding team members accountable for performance
Strong organizational and planning skills, and the ability to meet deadlines, keep organized records, manage projects timelines and budgets and troubleshoot issues, ability to manage multiple objectives and tasks simultaneously
Ability to respond quickly and effectively to changing business environment, requirements or shifts in technology and/or skills
Ability to convey a strong presence, professional image, and deal confidently communicating complex technical problems to business clients
Excellent written and verbal communications skills and ability to work across organizational boundaries
Exceptional interpersonal and collaboration skills that will assist in both internal and external relationship building

Information Security Manager Resume Examples & Samples

8+ years' experience must include
8+ years' progressive technology, security and professional services experience to include progressive risk management, incident response, computer forensics and vulnerability assessment experience
3+ years’ experience managing, coaching, and developing professional staff. This experience should include training, assigning, and reviewing completed work assignments

Structured Data Information Security Manager Resume Examples & Samples

Experience in database technologies: (for example DB2 for z/OS, Oracle, MS SQL, Teradata, Hadoop)
General understanding of security controls all operating systems: (for example : Windows, Linux ,AIX, z/OS etc.)
Broad understanding of information security products with a focus on structured database products, controls and technology
Excellent analytic skills to be leveraged for the introduction of additional security controls and tool selection
Proven Big Data solutions experience is a plus
Expertise in designing business intelligence systems, dashboard reporting, and analytical reporting is also a plus
Bachelors degree in Computer Science or a related discipline, at least eight, typically twelve or more years of solid, diverse work experience in IT, or the equivalent in education and work experience

Information Security Manager Resume Examples & Samples

Serve as the Bank’s Information Security Manager providing all necessary oversight and advice
Develop, implement, and maintain the Bank’s Information Security Program and Policy, including all aspects of information and systems security necessary to ensure the security of information against unauthorized or accidental access, modification, destruction, or disclosure in order to comply with all applicable laws and regulations
Support Comptroller of the Currency’s (OCC) Federal Financial Institutions Examination Council (FFIEC) exam, Payment Card Industry (PCI) Data Security Standard (DSS) Attestation of Compliance (AOC) and Service Organization Control (SOC) 2 Report annually
Manage Bank’s Business Continuity Plan to include updating, training and testing
Coordinate Governance Risk and Compliance with managed service provider of security infrastructure
Monitor compliance with the Bank’s Information Security Program and Policy, referring issues to the appropriate managers; act as a liaison to the Bank and Holding Company’s information systems team
Manage Information Security and Business Continuity Analysts
Prepare for, support and manage regulatory IT examinations, and participate in management of other regulatory examinations, as appropriate, in consultation with the Bank’s legal and compliance department and other Bank staff
Direct and coordinate the activities of the Information Security Committee with specific outputs for prioritization of information security improvements and input to the capital planning process
Provide technical guidance and recommendations, as it applies to existing applications and new projects, to the Bank’s Information Technology department and business about the risks and control measures associated with new and emerging information systems technologies
Develop presentations for the Bank’s Board of Directors and Executive Committee. Brief senior management, as appropriate and necessary
Perform information security risk assessments, lead annual self-assessment process and conduct compliance testing
Develop, implement and oversee information security compliance training for all employees
Bachelor’s degree in Information Systems or related field or equivalent combination of related education and experience is required
Minimum of three years of job related experience including project management and process improvement is required
Certified Information Systems Security Professional (CISSP), Certified Information Systems Specialist (CISS), Certified Information Security Auditor (CISA) or Certified Information Systems Manager (CISM) is preferred
General knowledge of Microsoft Office in a Windows environment with an intermediate to advanced level of proficiency in word processing (Word), spreadsheet (Excel), presentation (PowerPoint) and database (Access) software applications is required
Ability to work independently and exercise sound judgment in identifying and explaining the regulatory impact of changes to existing regulations or implementation of new laws to Bank business units
Ability to build strong relationships, gain confidence and effectively communicate and work with business partners and external vendors is required

Information Security Manager Resume Examples & Samples

Information Security Management of large organizations
In-Depth knowledge of global regulations related to quality, financial and data privacy
Management of out-sourced resources, including external auditors
Alignment of security solutions to business strategies

Information Security Manager Resume Examples & Samples

CISSP, CISM, CSA, ISO27001 Lead Auditor
Good working knowledge of ITILv3 or ISO20000
Good working knowledge of Project Methodologies (Prince2)

Information Security Manager Resume Examples & Samples

Lead the creation of security policies and procedures
Establish and lead the incident response procedures and team
Shapes the tools, techniques, and protocols related to incident response
Oversee UniFirst compliance requirements (i.e. PCI, SOX)
Leads other security staff in relation to security detection and response
Work with other IT groups on training for first level detection of security events
Assist with the development of security training materials and programs for use throughout the company
Lead Senior IT management and business to build Security strategy and roadmap
Work with other IT teams on DR and BCP planning
Provide update on security initiatives for Board of Directors on a regular basis

Information Security Manager Resume Examples & Samples

Direct responsibility for managing the Information Security program and cyber threat protections
Cultivate effective partnerships with stakeholders, coordinating security efforts across all corporate disciplines (IT, HR, Legal, Communications, Facilities, Finance, etc.)
Manage Incident Response Planning and lead the investigation of security breaches
Drive and take ownership of identifying and mitigating risk
Ensure adherence to department risk policies, procedures and best practices
Promote and strengthen controls over security awareness and comply with corporate initiatives
This is a DIRECT HIRE opportunity with one of Spokane’s premier employers. It is offered through Volt Technical Resources - a division of a Fortune 1000 publicly traded Staffing Industry Leader. We are among the largest IT staffing companies in the United States for contract/temporary and direct hire placements and support most of the top rated IT companies in the Pacific Northwest, as well as, companies throughout the entire United States

Information Security Manager Resume Examples & Samples

Maintain tools like Rapid 7 Nexpose and Veracode used for conduction vulnerability scanning and application security testing
Prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets
Review application penetration test findings with the application owner and work to eliminate or remediate risks associated with those findings
Teach web application security trainings for web developers that cover common vulnerabilities
Champion the adoption of Application Security testing tools and procedures
Understand and communicate Application Security Best Practices and Secure Application Development
Work closely with business teams to promote secure code development by providing security requirements throughout the development process
Integrate security tools for dynamic and static testing, Information Security Standards and processes, into the product or application lifecycle
Helping to develop the firm’s next generation vulnerability management program including formalized assessment criteria, integration with asset inventory, enterprise vulnerability scanning, and remediation tracking and governance
Manage the firm’s penetration testing program by leveraging both in house staff and vendor expertise to identify weaknesses in technology, people or process
Minimum 2 years of experience as a Vulnerability Assessment and Application Security program manager
At least 3 years of exposure to OWASP Top 10, CWE/SANS 25, or WASC TV2
Experience in exploiting vulnerabilities
Ability to demonstrate knowledge with prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets
Experience conducting applications (Web-based and others) and database assessments
Ability to read, write and modify scripts for automation of vulnerability management tasks
Strong team player with ability to take charge of their area of expertise
Working experience with industry frameworks (CSF, ISO, COBIT, etc.)
Vulnerability Assessment: Nessus, Qualys, Foundstone, Nexpose, Metasploit, Kismet, etc
Web Application Testing: App Scan, Hailstorm, Nikto, Grendel, Burpsuite, etc
Database Testing: Scuba, SQLninja, AppDetectivePro, Havij, Mysqloit, SQLmap, etc
Forensic Software: FTK, F-Response, Encase, TASK
Must have experience developing Nessus/ACAS scan policies, reading and developing vulnerability reports
Knowledge of web application vulnerabilities such as cross-site scripting (XSS), sessions hijacking, SQL injection, CSRF (Cross-Site Request Forgery), OWASP Top 10, and other attack vectors

Information Security Manager Resume Examples & Samples

A minimum of 7-10 years IT experience; at least Five of those years focused on IT security, infrastructure or application- level vulnerability testing and auditing, and/or network security, at least 3+ years managing direct reports
Comfortable working on both Linux-based, MS Windows-based and OSX-based system platforms with a strong IT technical understanding and aptitude for analytical problem solving
Understanding of the system hardening processes, tools, guidelines and benchmarks. Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
Experience managing multiple technology projects simultaneously
Knowledge of Linux, Windows, OSX systems
Working knowledge of a range of diagnostic utilities
Exceptional written and oral communication skills
Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills
Working knowledge of industry-specific regulations (ITIL v3, AT101, SOX, PCI, HIPPA) required
Bachelor's degree in Computer Science, Information Technology or related field or a combination of education and experience
CISSP and CISM certifications desired

Information Security Manager Resume Examples & Samples

Manage the evaluation of systems and procedures to ensure integrity of internal information systems and platforms
Research potential changes to enhance the systems security, providing guidance to enhancing systems and changes in policies or procedures
Manage and lead the collaboration with other departments in an effort to support information confidentiality and integrity objectives
Manage the operation, maintenance, and configuration of encryption systems, intrusion detection, prevention systems, and firewalls
Minimum four years’ experience in information security required with an emphasis in cyber security preferred
Minimum two years’ experience in managing or supervising employees required

Information Security Manager Resume Examples & Samples

Accountable for specialist areas of information security, covering both governance and technical work streams
Driving strategic security improvement initiatives
Providing internal advisory services to projects (MGIS and demand BUs) in order to ensure that security is properly embedded at delivery
Stakeholder and vendor management
Managing and performing risk assessment activities
Providing regional coordination of security activities including business continuity
Acting as escalation point for information security issues
Keeping abreast of current and emerging security trends and threats
Knowledge and understanding of securing cloud technologies
Solid IT and security relevant experience, typically 7+ years, including Information Security and Risk Management experience
Knowledge international regulatory compliances and frameworks
Information Security Certification preferred (CISSP, CISM, Ethical hacking)
Previous roles would typically include Information Security Manager, operations manager
Information security skills (certification preferred)
Broad IT knowledge (networks, architecture, etc)
Legal and regulatory skills
Understanding of malware, vulnerability management, and phishing exploits
Cloud security
Risk Management & Mitigation
Strong Analytical and Problem Solving skills
High level communication skills
Networking skills
Ability to react to a changing environment

Information Security Manager Resume Examples & Samples

Manage a small team of analyst in support of a larger program
Continuously strive to identify gaps in security posture, prioritize gaps based upon risk, develop projects to mitigate
Manage projects as assigned - data classification, data loss prevention, security awareness, vulnerability management, threat modeling exercises, web application vulnerability remediation, critical controls implementation, cloud services risk assessment, and other projects
Perform day to day security operations tasks

Information Security Manager Resume Examples & Samples

Develop an information security management strategy that is aligned to service and operational requirements and develop information security design criteria and templates
Review service level and business requirements to develop service methodologies and an information security policy, assessments and methodologies
Review the security policy with the relevant 3rd parties ensuring that ISM service requirements are met and that integration into access management and security reporting occurs
Log major service requests for ISM transition and ensure that service activation, knowledge transfer and change management processes takes place
Possess sound knowledge of information security management and policies
Demonstrate an understanding of complex inter-relationships in an overall system or process
Possess sound knowledge of technological advances within the information security arena
Demonstrate solution and service knowledge
Demonstrate analytical thinking and a proactive approach

Information Security Manager Resume Examples & Samples

A strong and demonstrable knowledge of requirements of ISO27001 standard and experience of working within a certified business including developing, documenting and implementing information security policies
Proven IT management experience with a strong background in Information Security Management and Governance
Effectively negotiate and influence key decision makers
Strong analytical, judgement and decision making skills
Understands the clients' business and develops a partnership approach to problem resolution
Experience of case management and workflow systems

M HIS Senior Information Security Manager Resume Examples & Samples

Assist in setting the vision and establish direction for the HIS deployment of information security solutions that are clearly aligned with the strategic objectives and priorities of 3M and the HIS businesses
Actively participate in defining, designing and deploying an Information Security Management System (ISMS) including organization, architecture, and processes to satisfy business and regulatory requirements and comply with industry best practice standards such as HIPAA, HITRUST and NIST 800:53 to include
Minimum of ten (10) years of progressive responsibilities in IT security
Experience working with a global organization supporting $1B+ in Health Care sales/services
Experience in regulatory compliance and governance (e.g.: HIPAA, HITRUST, NIST Cybersecurity Framework, SOX, Data Privacy, FDA, GMP, etc)
Experience deploying HIPAA and HITRUST frameworks and achieving certification
Leadership experience managing a team of Information Security professionals
Certification in the IT Security field (e.g. ISSEP/CISSP, CompTIA Security+, CEH, GSEC: SANS GIAC, SSCP, CISM, CISA, CSFA, ECSP, CCSE, CSSLP, etc)
Proven leadership ability and collaboration skills; capable of energizing and motivating people to achieve their maximum potential
Change agent: ability to identify core issues, set strategic direction based upon the competencies of the organization, and roll out transition plans
Capable of establishing clear direction for and personally supporting recruitment, motivation and development of top talent at all levels of an organization
Excellent oral and written communication skills, both in person and via web collaboration tools
Strong information technology and applications leadership experiences in both traditional and DevOps computing environments

Information Security Manager Resume Examples & Samples

Assists the CIO in setting policies and procedures, technical standards and methods, and priorities for information systems activities
Direct supervision and provides direction to other information technology staff
Acts in staff capacity, when necessary,
Dispenses technical advice, guidance, direction, and authorization to carry out major plans and procedures
Analyzes new technologies and provides recommendations to CIO
May represents the agency’s information technology division at events and meetings that are within and outside state government
Assists the CIO in the budgeting process with agency senior management for the information technology division
Conduct investigations and coordinate remediation of suspected information security incidents
Respond in a timely manner to the misuse or loss of information assets
Develop, review and approve security polices and resource classification schemes
Maintain all information security standards, procedures and guidelines, including compliance monitoring procedures and documentation
Communicate unresolved security exposures, misuse and noncompliance situations to CIO and Privacy Officer
Research, evaluate, design, test, recommend, and plan implementation of new or improved security software or devices
Evaluate vendor services and products
Conduct technical risk assessments, application security reviews, and coordinate on network penetration testing activities
Interface with project management teams to assess associated project risk exposures and communicate feedback to project teams and CIO regarding risk minimization solutions
Provide training to workforce members to ensure understanding of security requirements and exposures
Analyze application security needs based on the sensitivity or confidential nature of the data and implement security structure to support the data security needs of systems being developed or enhanced
Coordinates the development of the agency's disaster recovery and business continuity plans for information systems and tests readiness
Monitors internal control systems to ensure that appropriate information access levels and security clearances are maintained
Monitors changes in legislation and accreditation standards that affect information security
Broad knowledge of all information technology disciplines and general business theory
Extensive knowledge of network infrastructure
Extensive knowledge of database applications
Thorough knowledge of IT operations and management
Thorough knowledge of current Federal and State information security laws and regulations as they pertain to safeguarding ePHI
Thorough knowledge in project management and change management process
Thorough knowledge with disaster recovery planning, testing, auditing, risk analysis, business resumption planning and contingency planning
Ability to manage and provide direction to senior level IT resources
Ability to communicate both orally and in writing
Ability to frame issues based on the policy implications associated with managing what is otherwise a very technical discipline
Ability to present to both large and small groups utilizing advanced oral and written communication skills
Ability to implement processes and methods for auditing and addressing non-compliance to information security policies and standards
Ability to conduct security investigations and provide data/information or internal investigations from an information systems perspective
Ability to oversee or conduct internal risk and security assessments, as well as enterprise security management tool evaluations
Ability to provide guidance and direction for HIPAA Security and IT security-related user training and development programs
Ability to work well under difficult and varied conditions and without close supervision
Bachelor's degree in Computer Science or related discipline
Certification for Information Systems Security Professional (CISSP) preferred
Eight to ten years of progressive experience in computing and security, including experience with Internet technology and related security issues
Experience with TCP/IP firewalls, VPNs and other security devices
High degree of personal integrity and trust
Ability to work with personnel at all organizational levels

Information Security Manager Resume Examples & Samples

The ISM will act as an empowered representative of the CISO during planning initiatives to ensure that security measures are incorporated into strategic plans and that service expectations are clearly defined
The ISM will also be responsible for working with business and other stakeholders to balance real-world risks with business drivers such as speed, agility, flexibility and performance
Strategic Support
Work with the CISO to mature the security program and security projects that address identified risks and business security requirements
Manage the process of gathering, analysing and assessing the current and future threat landscape, as well as providing the CISO with a realistic overview of risks and threats in the enterprise environment
Security Liaison
Serve as an active and consistent participant in the information security governance process
Provide support and guidance for legal and regulatory compliance efforts, including audit support
Architecture/Engineering Support
Consult with the enterprise architect, IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software
Research, evaluate, design, recommend or plan the implementation of new or updated information security hardware or software, and analyse its impact on the existing environment
Develop a strong working relationship with their local business teams, the engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements
Manage outsourced vendors, ensuring that service levels and vendor obligations are met
Provide expert guidance on security matters for other technical and non-technical projects
POSITION REQUIREMENTS
A minimum of four years in an information security role
Certification from CISSP, CISM, SSCP
A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred
Other certification could be advantageous, GSEC, GISP, CERT-CCSIH, OSCP
The ISM must have the following
A technical background, as well as an ability to work with the business management and IT organisation to align priorities and plans with key business objectives
The ability to interact with UBM personnel, build strong relationships at all levels and across all business units and organisations, and the ability of influence UBM personnel of all levels
Experience developing and maintaining policies, procedures, standards and guidelines
Highly self-motivated and directed, with keen attention to detail
Skilled at working within a team-oriented, collaborative environment
Experience with common information security management frameworks, such as International Standards Organisation (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks
OTHER KEY SUCCESS ATTRIBUTES
Able to travel globally when required
Familiarity with applicable legal and regulatory requirements, including, but not limited to, the U.S. Sarbanes-Oxley Act, the U.S. Health Insurance Portability and Accountability Act (HIPAA), and the European Union Privacy Directive
Why work for UBM?

Information Security Manager Resume Examples & Samples

Development and implementation of security policies, standards, guidelines and procedures
Ensuring continuous compliance with PCI-DSS regulations
Determines security violations and inefficiencies by conducting periodic audits
Observes and monitor the security of websites, applications, computers and databases
Compliance management and reporting pertaining of the Information Security function
Maintain ongoing employee awareness programs
Controlling access management activities
Establishing and overseeing the organization's security architecture
Representing security in IT/Business projects, purchasing projects

Information Security Manager Resume Examples & Samples

Defining security policies for all IT components and implementing procedures to ensure that all IT teams adhere to these policies
Ensures that IT security is aligned with agreed business security policy risks, impacts and requirements
Ensures protection, detection, and reaction capabilities are incorporated into information systems
Authorises and monitors access to IT facilities or infrastructure in accordance with established organisational policy. Includes the investigation of unauthorised access, compliance with data protection and performance of other administrative duties relating to security management
Ensures IT security compliance to identified audit requirements, security policies and legislation
Scheduling and directing activities to resolve security issues in a timely and accurate fashion
Proof of identity & eligibility to work in the UK which must include Photographic I.D - Passport or Driving License
Passport and all relevant work permits
NI Number information / proof and FULL Birth certificate (not the short version)
If no legal photographic documentation is owned then a passport photo which has been signed and verified by any of the above professionals will be required. This needs to show their title, signature and contact details
3 proofs of address from within the last 3 months (i.e. Driving License, council tax bill, bank statement, utilities bills)
Any required qualifications or driving licence if required for the role
Provides financial reporting – budget spend and forecasts, as required
Operates the company’s risk framework to identify and manage the required outcome of potential risks and opportunities
Provides a security strategy which provides the framework to produce metrics which can be used to assist current and future management decisions
Defines and maintains the policy, standards, procedures and documentation for security ensuring they are fit for purpose, current and correctly implemented across all services, suppliers and customers
Working with the Architects, supports the creation of the policy for information security
Demonstrates continual improvement in control
Provides advice and guidance associated with the planning, design, implementation and improvement of system security taking account of current best practice, legislation and regulation
Creates user documentation and security awareness literature maintaining awareness of emerging security technology and working with vendors to understand and procure new security technology or upgrades to existing security assets
Proactively manages security risk assessments and mitigation plans to address risks within agreed timescales, evaluating business impact (formulating and executing regular security testing plans)
Authorises implementation of procedures to satisfy new access requirements, or provide effective interfaces between users and vendors
Reviews information systems for actual or potential breaches in security, ensuring that all identified breaches in security are promptly and thoroughly investigated
Reports any significant breaches in security to senior management and where appropriate, participates in forensic evidence gathering, disciplinary measures, and criminal investigations
Ensures that any system changes required to maintain security are implemented
Ensures that security data and records are accurate and complete
Ensures all projects consider the security implications throughout the project lifecycle ensuring the security risks have been identified early on and catered for in the solution design and that the resulting implementation addresses these risks
Maintain ISMS and Security risk registers
CISMP (Certificate in Information Security Management Principles),
CISA (Certified Information Systems Auditor)
CISM (Certified information Security manager)

Information Security Manager Resume Examples & Samples

Design new functions to ensure consistent tracking, assessment, decision and execution of new products
Build a product capability matrix and roadmap which will assist in investment and re-engineering decisions
Create and maintain a web based team site (e.g. Confluence or Sharepoint) that contains TPM processes and documentation
Learn and follow documented processes and procedures while identifying and implementing improvements in such processes
Ensure issues are identified, tracked, reported, and resolved in a timely manner
Recognize and deal appropriately with confidential and sensitive information
Interact with vendor support to expedite ticket resolution and escalate when necessary
10+ years of experience in Information Security Roles
Broad understanding of all IS disciplines including, Governance, Cyber Threat, Identity and Access, Infrastructure, Endpoint, Vulnerability, Data Protection, Operations, Application, Incident Response
Understanding of Information Security Architecture and Engineering with experience in planning and execution of security projects
Knowledge of the latest threat vectors and actors through maintaining currency of threat landscape
Knowledge of the latest technology trends in Information Security
SharePoint and Confluence experience is preferred
Web Development experience is preferred
Project Management experience is preferred
In depth knowledge of the implementation of technology policies and procedures
Strong analytical and problem solving skills with ability to clearly articulate solution alternatives
Be able to collaborate effectively, work closely within a coordinated team environment, and maintain composure while dealing with time sensitive deadlines
In-depth experience with desktop software and office automation tools
A self-starter with excellent verbal and written communication skills

Information Security Manager Resume Examples & Samples

Strong Information Security leadership experience within a large corporate environment
Experience of maintaining information security systems to achieve and maintain ISO 27001 security standard
Technical knowledge on information security technologies and products
Strong written communication skills with experience of writing reports for audiences at all levels
Excellent interpersonal skills with the ability to explain technical problems to non-technical business stakeholders at all levels
Understanding of IT infrastructure , networking systems and information management systems
Business Continuity and Disaster Recovery
CISM/CISSP qualification

Information Security Manager Resume Examples & Samples

Responsibility for managing the Information Security program and cyber threat
8+ years' progressive technology, security and professional services experience to include progressive risk management, incident response, computer forensics and vulnerability assessment experience · 3+ years’ experience managing, coaching, and developing professional staff · 1+ years of experience in network, system or application architecture design, implementation or support
3+ years’ experience working with managed or hosted security solutions or services
1 year experience working in an AWS/Azure environment

Information Security Manager Resume Examples & Samples

Position requires experience in computing or related technology areas as well as proven successful experience in high-level service management, service delivery
Must have experience delivering identity access management services
Must have a solid understanding of information technology and information security
Professional certification and or industry recognized Users Group affiliation is highly desirable
Bachelor’s degree (B.A. / B.S.) in computer science, information systems or equivalent discipline required
2+ years of experience in identity access management processes development and delivery
CISSP, CISM, CEH or other relevant certification preferred
Must be able to work in sitting position, use computer and answer telephone
Office Work Environment

Information Security Manager Resume Examples & Samples

Deep understanding of, and experience in applying, Federal Information Processing Standards (FIPS) and National Institute of Standards and Technology (NIST) Special Publications (800 series) on Computer Security
Expert understanding of, and experience in applying, the NIST Risk Management Framework and Government Information Security Continuous Monitoring requirements and best practices
Interpreting, implementing and adhering to Agency and Federal standards, policies and directives
Analyzing and evaluating customer requirements and developing solutions to securely meet requirements
Providing management and high-level technical oversight for the implementation and operation of cybersecurity and information security tools, technologies, solutions and methodologies
Managing a team of cybersecurity and information security professionals supporting daily operational tasks, security services delivery, projects and initiatives. Ensuring that activities are completed and delivered on schedule and meet the requirements. Recruiting, hiring and retention of highly qualified cybersecurity and information security professionals. Assigning work and establishing priorities. Supervising staff on performance of tasks and activities
Providing cyber security and information security subject matter expertise and advice to the Government and to other contractor personnel
Collaborating with other technical leads to solve problems and conduct root cause analysis
Defining and maintaining organizational standards, procedures and policies related to cyber security and information security
Assisting the Government in predicting future cyber security and information security needs and developing strategic direction in cyber security and information security
Providing detailed development cost, resource, and technology estimates for proposed solutions, and providing status updates on projects and service delivery

Information Security Manager Resume Examples & Samples

Innovative approach to engage employees to reduce top risks to the company
Superior analytical and metrics skills, including managing multiple work stream simulations, reporting and packaging for senior executives
Create a metrics framework that can effectively measure the impact of the program
Experience with Phishing Simulator tools and industry knowledge of real phishing attacks
Clear understanding of consequence management programs and global implications
Experience in data visualization tools like Tableau, QlikView to create self-servicing reports for multiple stakeholders
Superior organizational skills, including managing multiple projects simultaneously
Customer focus and excellent written and oral communication skills to address individual needs across the Enterprise
Ensure program is effectively changing behaviors associated with top risks
Identify roles that require additional / specialized training to address LOB needs
Experience designing, organizing and rolling out companywide events
Experience in scripting languages like Visual Basic, Python
Experience working in a global environment with multiple locations and cultures
Experience with GRC tools (Archer)
Ability to handle internal and external audit requests
Excellent relationship building abilities and proven track record of developing solid partnerships with multiple business units
Ability to persuade and influence through established credibility
Self-starter with intellectual curiosity, initiative and strong work ethic are essential
Strong working knowledge of IT Risk Management and Information Security
Provides Security Awareness subject matter expertise regarding to drive behavioral change and need to lower human risk factor
Promotes best practices across the enterprise
Knowledge of security frameworks, standards, guidelines and best practices required (i.e. PCI, ISO, COBIT, FFIEC, GLBA, SOX)
Bachelors of Science / Engineering, or equivalent Preferred Additional
Relevant professional certification (e.g. CISSP, CISA, CISM, RSA Archer Admin)

Information Security Manager Resume Examples & Samples

Manage the information security management competency and ISO 27001 certification for the Deloitte Middle East
Actively manage the ISO certification requirements across the region and ensure compliance with internal and external auditors in order to maintain the certification status
Design and verify implementation of various information security controls. Governs security design and architecture during project delivery by enforcing the use of established standards and evolving solutions and patterns
Conduct analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products
Risk-based Assessment of Information Security policies and operating procedures against industry-recognized security standards and best practices such as NESA,ADSIC, and ISO, ensuring adequate preventive, detective and corrective controls to provide data integrity, confidentiality and availability
Identify, prioritize, remediate and report security risks and initiatives to the Chief Security Officer
Manage the information security governance, risk and compliance program
Cultivate relationships with key stakeholders and share your knowledge while leveraging prevalent methodologies
Participate in the development and delivery of training programs to employees
Ability to manage a number of projects and manage stakeholder expectations
Desire to work in a constantly changing environment as part of a team
Flexibility to travel across the region
Develops high-performing people and teams through challenging and meaningful opportunities
Delivers exceptional client service; maximizes results and drives high performance from people while fostering collaboration across businesses and borders
Influences clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
Understands key objectives for clients and Deloitte, aligns people to objectives and sets priorities and direction
University degree in Computer Science, Information Systems Engineering or any related field alternatively suitably international information security certifications i.e. CISSP, CISA, CISM, BS17799 Lead Auditor, CFE
Five to seven years of experience in information security management and compliance including or risk management with a focus on information security, information technology and related areas
Strong experience with privacy laws, data protection/security regulations, and frameworks, such as ADSIC, NESA, ISO 27001, NIST, or COBIT
Significant security design and/or architecture role(s) with a broad exposure to infrastructure/network and multiplatform environments preferred
Being able to understand complex business processes and activities
Flexible work approach, based on the job requirements
Familiarity with IT risk assessment methodologies and threat modeling frameworks
Knowledge of governance, risk and compliance systems and how to design a GRC framework

Information Security Manager Resume Examples & Samples

Strategic projects / initiatives – both customer facing and internally focused
New areas of business and/or emerging technologies
Acquisitions and divestitures
Customer assurance and vendor risk management
IT compliance – focusing initially in implementing a framework around the ISO 27001 security standard, and then incorporating other existing compliance areas such as HITRUST, NIST, PCI, SOX, HIPAA etc
Manage the IT security policy lifecycle – including policy maintenance, training and awareness, and compliance monitoring
Provide IT Risk Management consulting and advisory services to the businesses
Advice as part of their customer facing product and service development efforts
Advice on internal development projects
Support when responding to incidents
Services to perform more detailed risk assessments and security reviews as needed
Support in responding to customer requests related to IT risk management and security
Manage related governance structure, metrics and reporting protocols
Support the Business Information Security Officer Leader for their assigned Business Units in developing and promoting the IT Risk Management and Compliance Program
Support the continuous improvement of the business unit’s risk assessment processes
Support the evaluation of compliance with Corporate policies, regulations and contractual requirements
Support the development and implementation of the business unit’s self-assessment of controls, documenting findings and supporting remediation plans
Lead and/or support efforts to improve the tools and processes used by the IT risk management group to provide their services
Lead and/or coordinate with the Business Units and the Corporate functions in the event of any incidents or breaches
Support training and awareness efforts in the business units
Monitor business unit implementation of remediation measures
Lead and/or support information security related requests, such as policy & regulatory interpretation, firewall rule changes, policy exceptions, web filtering, use of cloud services
Perform and/or facilitate design or architecture reviews of new solutions to identify control requirements or clarify compliance
Support Third Party(Vendor, Partner) Risk efforts. Such as identifying risk, redlining contracts, defining and executing appropriate due diligence to ensure compliance
Support Customer Assurance efforts. Take point in responding to security related customer requests: Contracts, Audits, Questionnaires, Ad-hoc product security questions
Create, maintain and interpret policy, regulations and industry best practices
Manage third party resources as needed
Facilitate and represent McKesson as Information Security subject matter expert on calls with customers, partners and vendors
Liaise as is needed with other stakeholders (e.g. Product Security and Assurance, Legal, Compliance, ETS)
Maintain an intermediate understanding of
5+ years experience in IT Security, IT Compliance, IT audit, and/or IT Risk Management Experience
Strong interpersonal skills to build/ maintain ongoing business relationships
Experience with compliance regulations, IT, security frameworks and standards
Strong Project and Time Management Skills
Capable of anticipating needs and driving clarity on expectations
Able to exercise professional judgment within defined procedures
Knowledge of the healthcare and software industries is a plus

Senior Information Security Manager Resume Examples & Samples

Develop and analyze security architecture and guiding principles at macro & micro level across all cloud initiatives
Systematically address application security issues and develop secure coding practices for multiple development teams
Participate in the cloud security governance model, establishing policies, standards and best practices
Lead, coach and mentor Cloud Services team to incorporate security while developing highly scalable, distributed applications involving DevOps and Security teams
Develop effective complex security builds (both tools & processes) into the cloud services delivery standards
Performs periodic and on-demand system audits, vulnerability assessments, usability testing including user accounts, application access, file system and external web integrity scans to determine compliance and ensure performance and reliability to enhance the scalability and security requirements
Integration of application authentication, encryption, authorization, and access control
Provide cost effective mitigation strategies for applications from infrastructure, architecture, and secure coding perspectives
Proactively work with team members to address security and compliance issues
Provide education and assistance to application developers for applying security software development life cycle
Provide execution and management of multi-faceted projects related to compliance, control assurance, risk management, security, and infrastructure/information asset protection
Collaborate with development teams to prioritize and remediate vulnerabilities throughout the application lifecycle
Security tool development: researching, planning, and implementing new tool features to make security tools more effective and add value; and
Manage third party vendor penetration testing and act an advisor to Software Development Engineers to drive remediation
7+ years’ combined experience in a high-tech development environment public or private sector security
4+ years related experience with CEH certification
Demonstrated experience with various security tools and products (HP Fortify, Web Inspect, BurpSuite, Nexssus, etc.)
Proven knowledge and experience leading the implementation of security programs in a fast paced organization
Demonstrated experience leading a red team penetration testing program and successfully closing all open findings
In-depth knowledge and experience performing root cause analysis to identify and mitigate patterns of findings
Experience developing security policies, standards, controls, procedures and metrics
Strong communication and negotiation skills
Work independently and cross-functionally to identify and implement process and/or technology improvements
Experience with AGILE and Waterfall methodology
CISSP, CISA, OSCP or other information security certifications; and
Bachelor’s degree in Computer Science and/or a related discipline equivalent experience required

Information Security Manager Resume Examples & Samples

Managing the monitoring, evaluating, and maintenance of systems and procedures ensuring integrity of internal information systems and databases
Risk assessments and root cause analysis
Requirements and management review
ISO 9001

Senior Information Security Manager Resume Examples & Samples

Provide thought leadership to and collaborate with the CISO team to ensure that solutions necessary for integration are planned and integrated
Preparing plans and integration requirements based on the size and complexity of the acquisition and right-sizing the controls to be implemented
Cost estimation of security capabilities for integration work
Resource impact analysis considering all security domains for integration
Security consulting including assessments and associated risk analysis - Review of technology and security capabilities
Conduct risk assessments, gap analysis, document risks and provide recommendations for solutions
Work with recent acquisitions to provide for a security roadmap to remediate risks identified both during due diligence and post-acquisition
Partner with engineering, security operations, and delivery teams to create plans and estimates for rolling out security capabilities to the acquired organization

Information Security Manager Resume Examples & Samples

Implement and maintain the Information Security Framework and accompanying policy(s)
Develop and update Information Security directives, policies, standards and guidance in conjunction with the Interserve Information Security. Manage appropriate updates and approvals via the Information Security Forum
Oversee the RMD Information Security portfolio and advise on Information Security initiatives
Perform RMD Information Security reviews where appropriate and ensure timely management and resolution of non-compliance issues defined both internally and externally
Work with external consultants as appropriate for independent security audits
Develop and maintain the RMD Information Security training and awareness approach and support business units in developing and delivering their material
Ensure that Information Security issues are addressed properly with all relevant 3rd parties
Oversee Information Security incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary
Provide Information Security input in to RMD IT projects & software development and relevant strategic initiatives
Develop and implement security KPI monitoring and reporting
Follow all relevant legislation and liaise with the business units to ensure that security measures adequately protect RMD staff, client and supplier information
Ensure effective communication around key Information Security activities across the RMD Group
Chair the RMD Information Security Forum to enable collaboration and sharing of best practice amongst the business units
Hold dotted line responsibility for any additional Information Security / IT Security Professionals that are hired in either an FTE or Contractor capacity
Undertake such additional duties as are reasonably commensurate with the level of this post
Develop RMD’s policies for GDPR in alignment with Interserve’s Information Security Team
Involvement in with penetration testing & vulnerability testing programmes as required
Previous experience working in multinational Information Security environments, including experience of management roles
Experience of working in complex organisations with matrix reporting lines
Strong project analysis and problem resolution skills at both a strategic and functional level

Information Security Manager Resume Examples & Samples

Bachelor Degree in Computer Science or related field. 5+ years Information Security with 2+ years of managing associates
5 years of broad hands-on experience in Information Security
2-3 years of experience in technologies specific to the System & Data Security domain
Symantec DLP, Symantec PGP and Cylance, preferred
High level of analytical and problem-solving abilities
Ability to conduct research into security issues and products as required
Strong organizational, oral communication and project management skills
Must be willing to be on call 24x7 on a rotational basis
Active Directory set-up and GPO’s
Engineering, design and implementation of VMware Virtualization Solutions
Setting up security controls within AWS and/or Azure
Designing security controls around SaaS applications

Senior Information Security Manager Resume Examples & Samples

50 %
Lead GRC Efforts
Strong understanding of risk frameworks and data privacy
Strong telecommunications and wireless industry knowledge
Project Management concepts and skills
General Legal/HR knowledge
Certification as a CISSP, CISA and/or CFE, or GIAC certification(s) (desired)
Organization, leadership and facilitation skills
Strong influence skills
Expert Knowledge of Security Policies/Practices
Strong and current industry knowledge
BS in Computer Science, Information Systems, related field or equivalent work experience
8 to12 years of experience as a security practitioner, 5 of those in leadership roles
Information Security GRC experience with the following

Information Security Manager Resume Examples & Samples

Perform security architecture reviews and provide feedback on proposed designs
Review and approve firewall rule configuration changes
Manage security projects with Sony’s Operating companies and assist with integrating security best practices into business projects
Serve as a subject matter expert providing advisory services related to security architecture strategy as well as security requirements implementation both internally and at the global level
Analyze vulnerabilities discovered through scanning or industry reporting and propose remediation approaches
Recommend critical security tools and drive their capability and functionality improvements along with their associated processes
Assist the Incident Response Team with host and network incident analysis, response and mitigation
Collaborate with the Security Monitoring team to ensure that the SIEM tools support the overall security strategy
Support the planning, development and implementation of Sony’s most critical projects by enhancing defense-in-depth security architecture strategies
Implement company-specific policies and procedures in accordance with Sony’s global information security and privacy policies
Bachelor’s degree in a related field (such as information technology or management) or equivalent experience
Familiarity with network devices such as firewalls, IPS/IDS, VPNs and Proxies
Strong understanding of network architecture and security best practices
Experience working with a broad array of security tools (such as McAfee, FireEye, Bluecoat SSL Visibility appliance, Qualys,Tripwire, etc)
CISSP, CISM or related SANS certifications are desired but not required
Ability to negotiate compromise among business partners with competing priorities
Ability to work independently and proactively in unstructured environments
Ability to manage multiple projects simultaneously that involve key stakeholders across a global and complex organization

Information Security Manager Resume Examples & Samples

Lead 2LOD information security risk oversight team
Support and develop enterprise Privacy and Data Protection policies
Support and develop oversight routines to ensure effective management of risk to the security of information in all data storage and processing areas, including vendor, physical, network, systems and personnel handling environments
Support and develop independent assessment activities to provide insight on the effectiveness of first and second line of defense information protection controls
Review and provide direction on the soundness of remediation plans resulting from control assessments, internal audits or regulatory exam findings
Assess sufficiency of corporate information security controls, policies and training, and drive improvements, as necessary
Monitor information security testing results and risk metrics, identify risk tolerance breaches, research root causes, and provide recommendations for solutions
Routinely analyze corporate issues repository and identify and report new and/or pervasive risk trends
Support Technology Oversight team administration activities, as needed
10 or more years of experience in an applicable information security and/or risk management environment
Thorough understanding of information security regulations and best practices
Experience in formal business writing and multimedia communications skills
Proficient computer skills, especially Microsoft Excel and Power Point applications
Information security, compliance or regulatory program administration experience
Experience in corporate operational risk management
Experience in RSA Archer or similar governance, risk and compliance tool
Experience in PCI requirements and/or assessments
Skilled in data manipulation and report generation
Outstanding communication skills and ability to interact with all levels of management

Information Security Manager Resume Examples & Samples

Master degree in computer science, auditing, management information systems or similar
5-8 years of experience with operational auditing, risk management and compliance at a Manager/Specialist level
Minimum 3 years of documented manager experience, including responsibility for employees
Thorough knowledge of IT Security practices and standards including ISO 27001/27002
Familiarity with COBIT and ITIL frameworks
Working experience with Business Continuity Management and Business Continuity Planning
Knowledge on risk assessment and security related questions in the business application area is an advantage

Information Security Manager Resume Examples & Samples

Experience with presenting information security to business and IT stakeholders, including influencing and negotiating to further risk management concepts and security objectives
Team leadership experience including goal setting and performance management
Experience in planning and leading delivery of security projects, including familiarity with budgeting
Working experience with Vulnerability Management, Content Filtering, DLP, IDS/IPS, FIM and Incident Response
Working knowledge of industry frameworks and standards such as SSAE16, PCI, and ISO 27001/27002
Experience with performing system audits and security assessments, and in interfacing with external auditors
Working knowledge of information security in Windows and Linux operating systems as well as TCP/IP networks
Understanding of web application security and Layer 7 network protocols
Certification in information security such as the CISSP is a plus

100

Information Security Manager Resume Examples & Samples

Coordinate and gain input on enhancements to the framework
Facilitate maintenance and administration of the eGRC platform (Archer) that supports the vendor assessment process
Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest security risks, threats, and technology trends and incorporate information into processes, procedures, and audit preparedness activities
Advanced communication skills (both verbal and written)
Ability to multi-task, prioritize work and work independently

101

Information Security Manager Resume Examples & Samples

Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation
Work closely with IT department on corporate technology development to fully secure information, computer, network, and processing systems
Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
Assess and communicate any and all security risks associated with any and all purchases or practices performed by the company
Where necessary, supervise recruitment, development, retention, and organization of security staff in accordance with corporate budgetary objectives and personnel policies

102

Information Security Manager Resume Examples & Samples

*This position requires working onsite daily in Plano, TX and up to 15% domestic travel
Manage ISM’s and supporting team members to ensure the delivery of information security services to our customers is in compliance with their contract or statement of work
Ensure we are following project management best practices, aligning with ITIL processes and procedures, and providing quality services to our customers
Communicate and interact with project stakeholders and senior leadership
Escalate issues to stakeholders; coordinate escalations and collaborate with internal teams to ensure timely resolution of issues
Understand and manage customer business needs and expectations related to information security
Effectively communicate security concepts to team members, account personnel, project participants and stakeholders
Propose process improvements to management

103

Information Security Manager Resume Examples & Samples

PCI Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) designation or willingness to obtain
This position requires national travel- 60%
CISSP, QSA, CCSK, CEH, Microsoft, Cisco, HPUX, other vendor, application, or system certifications

104

Information Security Manager Resume Examples & Samples

Bachelor degree in Information Security, Computer Science, Information Management Systems, or related field required. Masters preferred
Minimum 5 years of experience in a combination of risk management, information security and IT jobs. Employment history must demonstrate increasing levels of responsibility
Strong project management skills: financial/budget management, scheduling and resource management
Ability to work cross-functional, interdisciplinary teams to achieve tactical and strategic goals
Understands "voice of the customer" and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with need

105

Cyber Information Security Manager Resume Examples & Samples

Documents and reports incidents from initial detection through final resolution using standard DoD incident reporting channels and methods (refer to CJCSM 6510.01B “Cyber Incident Handling Program” dated 10 July 2012 or later). Briefs incident details as necessary to leadership and determine all means by which to resolve any incidents as quickly and effectively as possible
Responsible for management oversight of testing of IA policies and security controls to level of risks associated with said policies and then is responsible for modifying and keeping those policies updated with the aid and support of the SOC and IA teams
Coordinates with the Cyber Security Team on all security related items as required, including risk assessments as well as design and implementation of breach or high-risk resolution solutions
Oversees performance of malware and/or forensic analysis as part of the incident management process
Ensures response to unauthorized disclosure: any incident where information, data, or files have been made available to a person or persons who do not have authorized access
Supports Security Incident Response to include: Perimeter Configuration Incidents, Security Events to address actual or potential CND events or identified threats; End user level intrusion or rouge systems; vulnerability identification and mitigation; and Mission Assurance Incidents impacting IT systems or networks
Coordinates with CNDSPs to develop incident response and reporting and policy updates as needed
Periodically reviews training requirements for personnel and ensure they are maintaining DoD requirements for their positions
10+ years of work experience in an IT/Operations role with
7+ years of IT Security and CND experience (DOD experience required)
3+ professional IT management experience
Demonstrate expert-level knowledge of DOD and industry accepted policies, standards, best practices, and regulations related to Cyber Security CND
Knowledge of NIST Frameworks, ISO standards and executive security policies, standards and regulations pertaining to a DoD environment
Knowledge and experience with security tools used by ACE-IT: ArcSight, Splunk, HBSS, Maltego, CyberArk, and FireEye
Comprehensive understanding of different kinds of Denial of Service (DoS) attacks and how to defend against them
Ability to interact with personnel on all levels to resolve issues and provide solutions in a timely manner

106

Information Security Manager Resume Examples & Samples

Ensure compliance with Group Information Security Policy
Further develop and maintain the Information Security framework in alignment with industry frameworks such as the ISF, ISO27001, NIST
Provide advice and guidance to relevant stakeholders,
Ensuring that global and local standards and policies are applied and followed
Drive ongoing risk management activities and culture; including undertaking risk assessments, coordinating and managing the implementation of suitable, cost-effective risk mitigation strategies
Drive GDPR activities
Handle Identity and Access Management related activities
Promote good Information Security and represent Information Security on all levels

107

Information Security Manager Resume Examples & Samples

Develops, maintains, publishes, and enforces corporate information security standards and guidelines encompassing data and intellectual security
Develops and implements a renewable security awareness program for the University
Proactively protects the integrity, confidentiality, and availability of information in the custody of company and provides reports regarding the effectiveness of network and data security
Manages the security of information and establishes security systems, policies and procedures to prevent system compromise or infiltration
Develops and implements standards for application security
Makes recommendations for the adoption of new procedures and technologies as required
Performs application security assessments
Assesses the impact on the business caused by theft, destruction, alteration, or denial of access to information because of application security weaknesses
Develops policies and procedures to ensure the security of new solutions
Acts as a central point of contact for internal and external customers on security issues
Participates in change control boards and work to ensure security of products and services
Monitors and evaluates internal and external security threats; researches security threats and implement appropriate changes to the security program to prevent data from being compromised
Monitors security hardware and software for trends in capacity and performance
Provides leadership in cross-functional business and security teams
Provides support for audit and remediation activities
Provides lifecycle planning, quality control, and support for security platforms
Coordinates security-related reviews and follows up on security findings from these and other third-party reviews

108

Senior Information Security Manager Resume Examples & Samples

Build, design and operate and effective team to manage the operations of infrastructure security for the firm
Develop and operate processes to manage currency and efficiency of security technologies within the department
Ensure security configurations within the technology environments are current and aligned to policies and standards
Ensure accurate reporting of both state of health and security posture for infrastructure assets, and facilitate escalation/remediation where required
Vulnerability Management: Guardium Data Base Vulnerability Scanning, Distributed Database Public Scanning
Compliance/Configuration Management
Network Devices Health Checking & Configuration Drift – HPNA - Daily - Network Switches, Routers, Firewalls (Palo Alto), Load balancers (F5), - Operation System compliance check – HPSA, - Network Services Tool Access Administration Attestation network tools ownership, administration and privilege access, - VMware vSphere vCentre Role Attestation – Monthly attestations the permissions of their individuals, groups that have access to the VirtualCentre, - Palo Alto and CISCO Firewalls monthly password change – Changing Passwords on all firewalls as per the password compliance policy, - MW Websphere monitoring & remediating file permissions exceptions
Data Leakage Prevention (DLP) scanning for data at rest
Remediation, escalation and triage
Ensure prompt and thorough resolution of all inquiries, problems and issues
Lead resource planning, approvals changes and reporting activities
Coordination of business cases and other signing party requirements
Provide thought leadership to enhance and promote Cyber security operations related services
Lead development and/or implementation of significant or Bank-wide Technology Controls / Information Security strategies, policies, programs, tools and provide expert advice and guidance on technical solutions
Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to current and emerging security threats against TDBG’s business : ensure continuous improvement/optimization of processes
Provide guidance to the team in the development of on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area . Monthly and adhoc reporting of KPI's MOR reporting etc
Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities
Lead or contribute to cross-functional / enterprise initiatives as an organizational or subject matter expert helping to identify risk / provide guidance for complex situations
Direct development of resolutions, plans and strategies for operational effectiveness
Manage vendor relationship for key infrastructures and tools
Manage finance/budget to ensure appropriate cost recovery and process effectiveness
Develop strategy-aligned staffing plans to ensure continuous and timely support and delivery of related product and services
At least one recognized security certifications: CISSP, CISM, CISRCP
Strong understanding of regulatory controls related to security (SOX & PCI)
Experience in managing a team of diverse, dedicated individuals: coaching and developing, managing training plans etc

109

Information Security Manager Resume Examples & Samples

Responsible for the planning, coordination, and status reporting of Information Security Projects from initiation to completion. Responsible for managing project costs, resources, change requests, risks and issues to ensure that maximum business benefits are maintained. Provides regular project status updates
Provides consultation and strategic recommendations to internal business partners, customers and vendors in assessing IT risks and mitigating controls to protect corporate intellectual capital and other sensitive data based on each specific program or project objective
Will lead projects that encompass cross-functional teams and work with business/technology partners to determine and translate business requirements into technology solutions
Accountable for engaging appropriate delivery resources both FTE and Contract to ensure project delivery
Communicate with leaders across both ITR&IS, AET, and business partners with regard to program strategy direction and changes
Develop / enhance / manage information security programs, processes, and policies by ensuring requirements align to business strategies, legal and regulatory drivers, and other industry best practices
Develops the program strategy and the various enterprise-wide high-level project plans and ensures that scope and approach are fully understood by all stakeholders
Provides all critical reporting in support of audit, governance, and regulatory requirements
Drive organizational optimization and business process improvement
Engages and coordinates audit related activities for Security Assurance (SA)
Strong project management skills with proven record of leading complex, large-scale, cross-functional initiatives
Active listening skills, summarization skills and lateral thinking to uncover and react to emerging opportunities
Effective communicator who is able to relay technical messages to technical and non-technical users
Ability to lead and to influence leaders at all levels in the organization
Demonstrated ability to remain calm under pressure and be flexible when faced with changing priorities
Keeps abreast of Regulatory changes and requirements
Create and monitor appropriate Key Risk Indicators (KRI) to proactively identify exposures or control weaknesses
Able to deal with confidential information without exception
Requires knowledge and understanding of IT Security best practices and principles
Must have Advanced Microsoft Excel skills
Must have strong analytical skills
Ability to understand complex processes and anticipate downstream impact
Effective at tracking multiple issues simultaneously and see them through to resolution
Perform other IT security related duties and consultation as needed
Typically has a Bachelor’s or Master’s Degree in Computer Science, Information Systems, or other related field (or has equivalent work experience)
Experience providing consulting services to internal technology and business partners
CISM or other industry certifications is a plus

110

Senior Information Security Manager Resume Examples & Samples

Develop, maintain and implement improvements to a landscape of technical security safeguards, including assessment and deployment of new capabilities, technologies, and systems
Facilitate organizational change by defining strategies with respect to technology domain standards and design goals
Conduct research focused on identifying emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase security posture
Assess, monitor and recommend improvements to the global security architecture based on improving productivity, reducing risk, and balancing costs
Identify and understand issues, problems, and opportunities as applied to security architecture; obtain and compare information from different sources to draw conclusions, develop and evaluate alternative solutions, solve problems, and choose a course of action
Translate internal and external security requirements into design of specific information security safeguards
In collaboration with internal (IT, legal, audit, business and other) and external stakeholders, develop roadmaps and deployment plans for technical solutions and related procedures in line with global information security program
Manage activities of the security architecture team and where necessary third-party specialists to support design, development and implementation of information security safeguards
Minimum of 10 years of professional experience in Information Security, Risk Management, IT Controls or other related area is mandatory, including minimum of 3 years in Information Security Architecture
Excellent communication skills, including ability to communicate across countries and cultures
High level of accountability and ability to execute; experience of estimating and planning work effort including managing risks and issues in relation to delivery of work
Commitment to ongoing professional development and development of team capabilities
Strong staff management skills and the ability to effectively manage resources
TOGAF, CEH or GIAC certifications preferred
An ITIL or project management certificates are not required but beneficial

111

Information Security Manager Resume Examples & Samples

A Bachelor of Science degree in Computer Science, or related field , or related experience
10+ years’ experience in IT
GCFA certification
Knowledge of the PCI DSS framework
10+ years working within the Information Security field
5+ years leading IR teams
IT security certification - CISSP, CISM or GIAC is a plus
Relevant areas of experience include but not limited to; Firewalls, VPNs, Intrusion prevention/detection (IDS), File Integrity Monitoring (FIM), Perimeter security, Secure content including Network Access Control (NAC), Data Loss Prevention (DLP), Security Information and Event Management, FTK, EnCase or other Ediscovery capabilitiesNice to Haves
Experience within a retail environment
Exposure within an international organization
5+ years of experience in assessments of controls required for PCI-DSS compliance
Ability to work with little or no direct supervision
Demonstrated experience managing Tier 3-4 IR Teams
Experience in document management for sustaining IR policies and procedures
Experience interfacing with peer support teams (Security Engineering, Network Operations, Access Management, Legal, -, etc.)
Comprehensive knowledge in workflow work management tools (i.e. Service Now, IBM resilient, Archer GRC SecOps, Riverbed, Splunk ES, etc.) or experience in work management tracking with included process measurements for monthly KPI metrics
Familiar with training frameworks or tracking skill development and mentorship
Knowledge of forensics, chain of custody, and e-discovery processes
Comprehensive knowledge of reporting capabilities that utilize Security Incident and Event Management (SIEM) technologies
Has and in-depth knowledge of incident response methodologies
Possess in-depth technical skills for forensic operational practices and forensic artifacts
Must be great at working with and leading people minority applicants to apply

112

HBO Senior Information Security Manager Resume Examples & Samples

Partner with engineering to develop the overall security strategy, policy and procedure
Drive the vulnerability management lifecycle, advise on business impact and provide practical risk based security services and solutions
Identify a roadmap for security auditing and testing that meets the engineering/product/market need
Improve and monitor our security best practices; from SDLC to infrastructure hardening
Represent security interests within Production, Engineering, Procurement and Legal teams
Develop SIEM process and tools with operational responsibility
Drive awareness on current security thinking within the Security Architecture and Development
IP Multicast: PIM,IGMP,MSDP,SSM
Secure network architecture and segmentation
Comfort with host and network virtualization technologies and IP Storage
Proficiency in code auditing (Java)
Strong understanding of encryption

113

Information Security Manager Resume Examples & Samples

Creates content, and provides oversight, execution, tool strategy and governance of the Input Catalog in partnership with various work-stream owners across numerous organizations
Improves visibility to AXP’s risk, cyber security and regulatory posture
Drives consistent taxonomy across all data elements of the Input Catalog
Develops, documents and produces strategy for IT Risk and Control Framework
Ensures clearly defined controls and communicates gaps to be addressed
Advises leadership team on tool strategy and plan, collaborates across multiple teams, making necessary adjustments as needed
Has excellent interpersonal skills to work with varied constituencies and drive results without direct authority
Works closely with cross-functional teams to engage resources and drive progress
Transforms risk management with a growth mindset
Supports the executive leadership team in their overall program risk management
Encourages and motivates team members
Applies situation leadership
Provides consulting services to leadership and business team on catalog as required
Providing guidance on information security processes, controls, and compliance, and information security risk management to team members
Encouraging employee contribution, such as feedback, career development planning, and goal setting
Developing plans and strategies for information security tools, processes, and programs
Responding to changes in the regulatory environment and assisting other organizations in doing the same
Making strategic recommendations to enhance information security, including processes, procedures, governance approaches, and compliance
5+ years experience managing risk and controls, preferably within a technology organization
Must have experience with Archer, other risk management tools are a plus
RCSA experience desired
Knowledge of Information Security; risk management disciplines; security policies and standards; IS risk management controls; 3rd party / vendor management is preferred
Drive results through the prioritization of work under tight timeframes
Takes on additional responsibilities and is a self-starter
Proven ability to lead teams toward a common goal and drive overall tool and process improvement
Proven experience implementing and rolling out key initiatives and tools
Highly developed communication skills both verbal and written, as well as presentation skills
Demonstrated ability to focus on larger picture while being detail oriented
Proven ability to work with and across all levels of the organization
Demonstrated problem-solving skills
Excellent time management skills; ability to prioritize and multi-task

114

Senior Information Security Manager Resume Examples & Samples

Security tool development: researching, planning, and implementing new tool features to make security tools more effective and add value
Maintain compliance with Inovalon’s policies, procedures and mission statement
Adhere to all confidentiality and HIPAA requirements as outlined within Inovalon’s Operating Policies and Procedures in all ways and at all times with respect to any aspect of the data handled or services rendered in the undertaking of the position; and
Fulfill those responsibilities and/or duties that may be reasonably provided by Inovalon for the purpose of achieving operational and financial success of Employer
4+ years related experience with CEH cerfication
Demonstrated experience with various security tools and products (HP Fortify, Web Inspect, BurpSuite, Nessus, etc.)
Experience with AGILE and Waterfall methodology; and
CISSP, CISA, OSCP or other information security certifications

115

Information Security Manager Resume Examples & Samples

Managing delivery of business aspects of Security Improvement Projects so that expected outcomes are delivered
Supporting the business and information security practice in the effective implementation of security controls and risk management practices
Working with the business and information security practice in the development of Information Security breach / incident management process
Supporting the business and information security practice in the resolution of issues identified during external and internal audits
Accountability for implementation of Data Protection controls for the business unit such that the risk of a loss of data is reduced to acceptable levels
Ensuring effective planning and delivery of Information Security by I.S. and business resources
Consulting and influencing to support shared objectives for risk reduction
Advising on supplier contracts and consult on data protection implications
Consult and advising Senior Business Stakeholders on Information Security impacts on business initiatives
Ensuring effective delivery of Information Security controls by working with 3rd Party service providers

116

Information Security Manager Resume Examples & Samples

Lead both internal and external audits to ensure compliance with all industry-mandated regulations
Manage compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures
Monitor activities of assigned IT areas to ensure compliance with internal policies and standards
Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Ensure documentation is standardized, updated and organized
Participate in the development and implementation of new business initiatives involving compliance to ensure functionality required to support required compliance
Provide guidance to business functions on compliance/security-related matters
Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables
Bachelors degree in the field of Information Security, Computer Science or highly related program
Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues
Deep understanding and experience with ISO 27001 & PCI DSS
Experience or understanding of governance, risk and compliance (GRC) processes and solutions
Experience in information security and auditing with increasing responsibilities
Desired certifications: PCIP, ISA/QSA, CISSP, CISA, CISM, and related GIAC
Ability to express medium complexity technical concepts in business terms
Organized and detail-oriented, able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently
Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change
Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status
Review and coordinate changes to information security policies, procedures, and standards

117

Information Security Manager Resume Examples & Samples

Communicates effectively with clients to address complex information security issues
Reviews documentation created by team members and peers to provide constructive feedback
Prepares and reviews activity reports as requested by management
Coordinates and implements information security, operations and activities to ensure protection of information assets while ensuring optimal use of personnel and equipment
Works with business teams to ensure information security initiatives are understood and implemented
Establishes goals and objectives for team performance and manages attainment of those goals
Develops and ensures services in response to various risks and threats
Keeps senior management apprised on the status of information security issues and initiatives
Assists in establishing department financial goals and objectives and ensures all objectives and expectations are met
Performs staff leadership role and promotes motivation through effective management and mentoring
Masters an understanding of the regulatory and audit requirements with respect to information security and privacy issues
Knowledge of networks technologies (protocols, design concepts, access control), design and engineering
Knowledge of security technologies (encryption, data protection, design, privilege access, etc
Proficiency in establishing and maintaining effective working relationships with employees and clients
Excellent input and planning into application development, systems engineering, and network engineering for development of security requirements and best practices are implemented and followed
Proficiency in managing teams and projects

118

Regional Information Security Manager Resume Examples & Samples

Bachelor’s degree from an accredited college or university is required, preferably in computer science or related field. Advanced degree preferred
Security and technical certifications are desirable (CSSP, CISM, or equivalent)
Minimum of 10 years of progressive experience in information services (IS/IT) with 5 years of security management and/or risk management experience is required
The successful candidate will have an extensive knowledge of privacy, access control, network and information security procedures and technologies. The individual must have experience in the development of information security strategies, protocols and policies. This position requires proven skills to influence people in a matrix organization. The selected candidate must have strong consulting, communication and presentation skills
Must frequently meet internally or externally imposed deadlines or accomplish projects that require greater than normal working hours

119

Information Security Manager Resume Examples & Samples

Work with stakeholders in the Business Units and Information Security to define and agree the controls and associated processes that will be applied to the Crown Jewel assets, ensuing alignment with other governance processes
Manage the program to assess control gaps for a pilot set of assets and implement remediation plans
Extend the governance program to cover all Crown Jewel assets and provide status reports on the progress
Resolves issues across multiple teams and manage dependencies between projects
Develop management reporting to highlight risks with critical assets to support transparent risk decision making
She/he will support strategies that guide the organization towards making effective risk decisions. They will be comfortable and confident when articulating recommendations to Senior Management, Business stakeholders and/or our Technology Partners
Strong knowledge of or business experience in other business units or functional areas outside Security
Extensive experience of information security, particularly with focus on risk management or governance programs

120

Information Security Manager Resume Examples & Samples

Proficiency in utilization of information security tools such as Nessus, Kismet, Airsnort, NMAP, Ethereal, WebInspect, Nikto, and manual techniques to exploit vulnerabilities in the OWASP top 10 including but not limited to cross-site scripting, SQL injections, session hi-jacking and buffer overflows to obtain controlled access to target systems
Strong experience with programming languages such as Java, C, C++, C#, and .NET
Strong experience with Cloud security
Attack and penetration experience in testing of Internet infrastructure and Web-based applications utilizing manual and automated tools
Solid knowledge of Sarbanes Oxley (SOX) compliance, corporate security and network policies and procedures and experience in a compliance management leadership role
Working knowledge of ISO 17799 Security Standards and SAS 70 auditing techniques
Demonstrated experience with regulatory acts to include SOX, Proofs of Compliance (PCI), and Family Educational Rights and Privacy Act (FERPA)
Strong experience with Data Loss Prevention (DLP) programs a plus
Understanding of information technology infrastructure library (ITIL) standards along with IT security management principles
Technical expertise in a wide portfolio of security control technologies security control technologies
Strong leadership, technical expertise, and security related experiences/skills
Large enterprise IT security capacity planning experience
Strong understanding and experience executing several software development methodologies and life cycles
High level of knowledge of principles, practices, and procedures of information security as it applies to and impacts the organization
Strong leadership, organizational, decision-making, and analytical skills
Knowledge of application security best practices, tools and methodologies
Knowledge of standard systems development life cycle (SDLC) practices
Experience in a fast paced environment
Self-starter and self-managing work style; ability to work from home or remote locations without direct supervision
Motivated to work in a growing company; interested in developing the business
Continual learning and skills development to maintain technical currency
Ability to work independently or with other team members
Methodical, organized and detail oriented
Must be flexible enough to meet the demands of a fluid and changing environment
Bachelor's degree in IT/computer science or related field or equivalent experience
Five to eight years of combined IT security experience
Five to eight years of hands on experience in one or more of the following operating systems: Windows Server 2008/2003, Linux and UNIX
Five to eight years of practical experience in TCP/IP Networking
Five to eight of experience in one or more of the following database environments: Microsoft SQL Server, MySQL
CISSP or CISA/CISM security certifications preferred
Experience working in publicly traded company preferred

121

Information Security Manager Cyber Security RCS Resume Examples & Samples

Provide functional leadership and direction for the Cyber Security framework and counter measures in Express, ensuring the development and management of cyber security policies, standards and regulations, best practice guidelines, support tools and projects in line with the DPDHL security policies and Express IT Security Strategy
Ensure compliance with the Deutsche Post DHL Information Security Policy, and responsible for the implementation of fit for purpose cyber security defense and incident response programs globally
University degree or equivalent
Formal information security accreditation (e.g. CISSP, CISM, CISA,CRISC or equivalent experience)
IT Consulting Skills Certification
8-12 years minimum in Senior Information/Cyber Security role
5 Years experiences in leading and implementing Cyber Security framework and Security Incident Response process
Proven experience in implementing cyber security strategies and policies and counter measures
In depth knowledge of Cyber Security practices and methodologies
Cyber Security incident investigation and response
Risk Based Cyber/Information Assurance, scoping and planning for security configuration and control assessments over OS/Database/Application/Networks/Infrastructure, processes and organisations
Threat and Vulnerability Analysis
Security testing techniques tools and methodologies (OSSTMM and OWASP Top 10)
Strong stakeholder management - develops and manages all defined communication channels/stakeholder groups
Strong written and communications skills
Strong interpersonal communications
Broad IT service / technical understanding
Strong organisational and cultural awareness
Strong diplomacy and negotiating skills
Proven ability to lead and manage a specialist based, high performing and multicultural team

122

Information Security Manager Resume Examples & Samples

Primary responsibility of the security implementation in the organization (s)he is assigned to
Complete understanding of customer and Nokia’s security policies
Identifying information security objectives and strategizing them consistently with GS strategic plans
Ensuring the establishment of the ISMS objectives and plans
Managing and approving the development and implementation of the information security policy and its procedures to ensure on-going maintenance of information security
Overseeing security operations by coordinating with global shared services teams and resources needed for information security including business continuity management and information security incident management
Overseeing investigations / forensics of security breaches, including suspected insider threat. In this area, ISPM may seek assistance from experienced teams internally or externally
Managing development and implementation of information training and awareness programs
Keeping the management updated with effective, efficient and reliable approaches to information security
Conducting management reviews of the ISMS. Support Information Security Group during external & internal IT Security & IS audits
Deciding the acceptable level of risk and maturity, providing feedback for improvement of ISMS
Co-ordinating with global shared services teams to carry out internal audits and technical compliance checks

123

Application Information Security Manager Resume Examples & Samples

Translation of requirement / attribute in a tool or system specification; a statement that identifies the capability, characteristic, or quality factor. Security requirements are handled inside the “system design process”. They define the essential controls that must be implemented
Compose security requirements using baseline requirements and threat/risk analysis as a basis
Definition and identification Sensitive Data, as described in the Technical Compliance Management process
Define a high level description of how tool or system meets the security requirements
Implementation the privacy/sec by design on applications and tools in coordination with IT
Identify, analyze and classification of threat and risks
Design for Security all security related activities from Security Threat & Risk Analysis to Security Auditing
Information security and Data Privacy solution engineering, security technology implementation, and security service delivery role
Certified in ISO 27001 / 22301 LA /CISA/ CISM/ CISSP (Any one preferred)
Ability to perform security requirements capture and analysis with a working ability to identify architecturally significant requirements and their ramifications
3+ years experience in hands-on technical security control architecture & design, InfoSec Operations reporting
Good understanding of computer information operate environment,
Knowledge related with Information Security on CISSP level,
Understanding on working with quality management standards,
Excellent communications and documentation skills in English,
Ability of easy communication in English in international environment,

124

NPI Information Security Manager Resume Examples & Samples

Develop the privacy/sec by design on new technologies and services ensure security and privacy is embedded since conception
Collaborate with CREATE-process for Services (CPS) program
Delivery of security solutions to enable Nokia operations to access customer systems and manage customer data in accordance with security policies
Enforce “CREATE-process for Services”
Ensure that Privacy Threshold Assessments (PTA) and Privacy Impact Assessments (PIA) are conducted according to “Privacy by Design for Services”
Responsibility to drive “Security by Design” principles
Managing and approving the development and implementation of the information security policy and controls in applications impacting Global Services organization
Assisting in consequence management and legal matters associated with security breaches, as necessary
Good understanding ISO27001 implementation and maintenance mechanism,
Security (and privacy) threat analysis and their risk mitigations
Working knowledge of Business Continuity Management
Gap assessment for new technology assessments
ITIL Information Security area good knowing,

125

Information Security Manager Resume Examples & Samples

Responsible for reporting on the effectiveness of information security arrangements in Cloud throughout the Region
Providing expert advice on internal and third party Information Security matters as they relate to Cloud’s information assets
Experience in performing a similar role as an Information Security Manager
Background in Information Security with good working knowledge of Information Security principles
Proven track record of managing ISO27001 certified Information Security Management Systems
Strong ability in developing and applying Risk Management frameworks
Excellent experience of stakeholder engagement
Experience in developing and documenting Information Security Policies, Standards and Processes
Information Security certifications such as M.Inst.ISP, CISSP or ISO27001 Lead Auditor/Implementer are desirable but not essential

126

Information Security Manager Resume Examples & Samples

Risk Management and methodology
Good knowledge of Information Assurance within the Public Sector
Good knowledge of HMG/PSN accreditation schemes
Good experience of IT/communication infrastructure
Good knowledge of Access Control, Authentication and Cryptography
Excellent communication skills, internal and client facing
Experience of developing/accrediting an IL3 service
Knowledge of ITIL best practices
One or more professional qualifications (e.g. CISSP, CISM, CISA, SSCP, CEH etc)

127

Information Security Manager / Architect Resume Examples & Samples

Reports to the Head of Security Strategy Architecture on plans and status of relevant projects, including the regional security strategy and implementation initiatives
Contributes to the design, development, and deployment of global security strategy and architecture concepts
Cooperates with regional teams in understanding global security strategy and architecture requirements
Conducts periodic review of security-related SDLC processes and stage gates Incorporates cyber security and IT risk management into regional activities
Be the subject matter expert in security and assessments, including vulnerability management processes, vendor security reviews, penetration testing, and application security
Conducts follow-ups on any identified corrective actions
Functions as an advisor to system owners, security program managers and others in all matter technical and otherwise involving IT security and continuity
Directs or delegates level 3 support services for the region
Manages the relationship between IT security and regional business executives and business managers
Provides recommendations in planning of programs and projects in the area of cyber security
Reviews and manages budget and reports financial and event status to Head of Security Strategy Architecture
Bachelors Degree business administration, risk management, information security, Management Information Systems MIS , Computer Science or related IT field or high school degree
7+ years IT experience
5+ years of work experience in developing, implementing and managing security solutions
3+ years of work experience in designing and architecture security strategy and solutions
Demonstrated leadership role in working with C-Suite executives and the Board Experience with implementing and operating security programs in a global environment, with a focus in Germany and European countries
Hands-on experience with the development of security strategy and frameworks, architectural methodologies, and service delivery
Proven ability to analyse a wide variety of data and make calculated, risk-based decisions
Ability to communicate ideas and data both verbally and written in a persuasive and appropriate manner
Ability to assess strengths and weaknesses of staff members and provide suggestions for improvement
In-depth pharmaceutical industry and drug development experience/

128

Information Security Manager Resume Examples & Samples

Work with Application Security leadership on scope and schedule while focusing on regular and timely delivery of value
Organize and/or lead status and working meetings, prepare and distribute progress reports, manage risks and issues, and correct deviations from plans
Assist in team development while holding teams accountable for their commitments, remove roadblocks to delivery, leverage organizational resources to improve capacity for work, and mentor and develop team members
Support Application Security leadership to manage expectations for customer deliverables, manage stakeholder communications, and help to implement an effective system of work governance
Develop and manage a well-defined delivery process and champion ongoing improvement initiatives to implement best practices for agile delivery
Promote empowerment of teams, ensure that team members are fully engaged and making a meaningful contribution, and encourage a sustainable pace with high levels of quality across the Application Security organization
Understand customer, stakeholder, and partner needs to ensure the right services and solutions are being delivered
Drive adoption of agile and DevOps principles across the Application Security organization
Provide consultation and strategic recommendations based on specific program or project objectives
Communicate with stakeholders across Information Security, Technology, and the Business with regard to program strategy, direction, and changes
Provide support for critical reporting in support of audit, governance, and regulatory requirements to ensure accuracy and timely delivery
Coordinate audit-related activities for the Application Security organization
Bachelor’s Degree; advanced degree preferred
Relevant professional certification required
Strong understanding of DevOps models and agile principles and practices
5+ years of experience as a Project Manager managing large, complex projects in a high-tech development environment with cross-functional teams
Ability to provide technical leadership to stakeholders and to be able to accurately and objectively evaluate complex project risks and issues
Ability to provide leadership to customers and develop strategies and solutions of high business value
Strong interpersonal skills including mentoring, coaching, collaborating, and team building
Strong analytical, planning, and organizational skills with an ability to manage competing demands
Strong knowledge and understanding of business needs with the ability to establish/maintain high levels of customer trust and confidence
Solid understanding of and demonstrated experience in using tools like JIRA, Confluence, and Microsoft Office
Excellent oral and written communications skills and experience interacting with both business and technical individuals at all levels including the executive level
Creative approach to problem-solving with the ability to focus on details while maintaining the “big picture” view
Keeps abreast of regulatory changes and requirements
Maintains knowledge and understanding of Information Security best practices and principles

129

Information Security Manager Login to Save This Vacancy Resume Examples & Samples

JOB CONTEXT
KEY RESPONSIBILITIES
Defining the core security principles within the define and design phases of projects, programs and IT initiatives (Security Solution Architecture)
Liaising and partnering with key stakeholders across the Halfords Group (IT Execs, CIO, CFO, Business Execs), building strong relationships and elevating the Information Security program
Driving the execution of the security initiatives with the respective teams to meet the changing needs of the business
Senior Advisor, providing direction on Information Security matters and emerging security risks and control technologies, industry best practice controls including any legal and regulatory requirements
Monitoring and reporting the status of Information Security and Infrastructure controls and escalating significant control failings to the CIO and IT Leadership Team
Governing, developing and implementing Security policies and procedures (including processes and controls) based on the ISO/IEC 27000 series standard and SANS controls
Responsible for Information Security Risk Management across the Halfords Group plc
Developing security related processes; patch / vulnerability management, anti-virus protection and change management
Managing Information Security requirements ensuring controls remain effective throughout the lifespan of the relationship with partners and third parties
Leading the PCI DSS program and all related activities including information security risk assessments and controls selection activities
Leading the Information Security and educational and promotional programs for colleagues across the Halfords Group plc
Facilitate security audits and reviews, track mitigation actions within the organisation until resolution
Manage and track relevant regulatory compliance activities
Manage security incidents including post incident analysis. Ensure improvements arising are implemented
PERSON SPECIFICATION
Experience of a senior Information Security role within a retail or similar organisation
Experience of developing and championing security initiatives
Experience of developing a security governance framework
An expert level of knowledge in technical security protocols and mechanisms
Experience of delivering PCI-DSS, PA-DSS (Payment Card Security) programme
Experience of technical security products and solutions
Experience of organisation information security audits

130

Senior Information Security Manager Resume Examples & Samples

Establish and maintain a global cyber risk and security program driven by established information protection and physical security policies. Collaborate with internal stakeholders to develop processes and procedures to carry out the intended goals of the policies
Implement protection goals and objectives consistent with the corporate strategic plan
Write and maintain company security standards and policies
Create and maintain company information security framework
Evaluate technical security architecture, processes, and vendors safeguarding the company's assets, intellectual property, computer systems and physical security
Direct compliance related to, privacy, internal security controls and reporting
Work closely with executives, technical staff, and both internal and external auditors
Create processes and conduct audits supporting corporate, financial, and regulatory processes in computer and communication hardware, OS software and applications
Set vendor security requirements and evaluate vendor compliance
Identify gaps in IT security processes and design and lead initiatives to close gaps
Work with all departments to perform security risk assessments and prioritize risk mitigation
Evangelize and train on security awareness across all departments within the company
Report quarterly progress of security maturity and metrics to executive management
Direct quarterly security committee meeting attending by all departments
Experience writing clear and concise policies, processes, and training
Strong knowledge of InfoSec best practice for databases, network, and active directory
Demonstration of physical security practices
Able to analyze problems and implement/suggest resolutions
History of working in large national corporate environments
Background in business continuity planning, auditing and risk management
Firm understanding of authentication and authorization technologies and protocols such as Kerberos, certificate, basic, forms-based and multi-factor authentication etc
Working knowledge of industry security frameworks such as ISO 27001, HIPAA, NIST Cyber Security Framework
Hands on experience with firewalls, IPS/IDS, SIEM, AV, forensic, malware detection and other security technologies
Superb interpersonal skills empowering manager to work with a highly diverse and global staff working in a fast-pace and dynamic environment
10+ years of Information Technology experience with a BS or MS in the Information Systems, Computers Science, or related technical field
5+ years specializing in information security
CISSP, CISM, CRISC or CISA security certification

Download Information Security Manager Resume Sample as Image file

Related Job Titles

Information Security Specialist Resume Sample

Information Security Risk Manager Resume Sample

Security Account Manager Resume Sample

Security Product Manager Resume Sample

Information Security Project Manager Resume Sample

Security Operations Center Manager Resume Sample

Information System Security Manager Resume Sample

Security Technical Manager Resume Sample

VP Information Security Resume Sample

Security Information Specialist Resume Sample

Security Information Analyst Resume Sample

Security Information Manager Resume Sample

Browse More

Information Security Manager Resume Samples

The Guide To Resume Tailoring

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Resume Builder

15 Information Security Manager resume templates

Read our complete resume writing guides

How to Tailor Your Resume

How to Make a Resume

How to Mention Achievements

Work Experience in Resume

50+ Skills to Put on a Resume

How and Why Put Hobbies

Top 22 Fonts for Your Resume

50 Best Resume Tips

200+ Action Words to Use

Internship Resume

Killer Resume Summary

Write a Resume Objective

What to Put on a Resume

How Long Should a Resume Be

The Best Resume Format

How to List Education

CV vs. Resume: The Difference

Include Contact Information

Resume Format PDF vs Word

How to Write a Student Resume

Information Security Manager Resume Examples & Samples

VP-continuity of Business & Information Security Manager Resume Examples & Samples

Information Security Manager Senior Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Senior Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Business Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Senior Information Security Manager for Bloomberg Philanthropies Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Senior Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Senior Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Senior Information Security Manager Resume Examples & Samples

Senior Information Security Manager Resume Examples & Samples

Cyber & Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Senior Ent Information Security Manager Resume Examples & Samples

Senior Insider Threat Information Security Manager Resume Examples & Samples

Information Security Manager / Consultant Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

IT Corporate Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Senior Information Security Manager Resume Examples & Samples

Information Security Manager TS Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

Information Security Manager Resume Examples & Samples

China Information Security Manager Resume Examples & Samples

How to Make
a Resume

50 Best
Resume Tips

200+ Action
Words to Use

Internship
Resume