Information Security Specialist Resume Samples

4.8 (64 votes) for Information Security Specialist Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the information security specialist job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
EH
E Heaney
Ericka
Heaney
351 Hodkiewicz Isle
Chicago
IL
+1 (555) 144 0968
351 Hodkiewicz Isle
Chicago
IL
Phone
p +1 (555) 144 0968
Experience Experience
09/2015 present
Boston, MA
Senior Information Security Specialist
Boston, MA
Senior Information Security Specialist
09/2015 present
Boston, MA
Senior Information Security Specialist
09/2015 present
  • Contribute to the definition, development, and oversight of a global security management strategy and framework
  • Support the senior team members in the management, reporting and co-ordination of day-day tasks during absence of the Security Manager
  • Assist in managing the development, testing, deployment, monitoring, maintenance and operations of information security systems
  • Perform Change Management, Configurations, Design and Implementation of Security Product & Systems
  • Performs analysis, design, and development of security features for system architectures
  • Perform and manage Onsite Risk Assessments as per process documents
  • Perform a periodic accounts and workspace audits
01/2011 03/2015
Chicago, IL
Information Security Specialist, Lead
Chicago, IL
Information Security Specialist, Lead
01/2011 03/2015
Chicago, IL
Information Security Specialist, Lead
01/2011 03/2015
  • Create a change management process for the team and lead change management related activities
  • Provide expert assistance, technical documentation, and white papers
  • Knowledge of network access, identity, and access management (e.g., PKI]
  • Provide guidance for securing information systems, and s upport information security assessments
  • Conduct FISMA security inspections and provide evaluations
  • Provide guidance for securing information systems, and support information security assessments
  • Collaborate with the Engineering Team on aspects of solution design and development
07/2004 07/2010
New York, NY
Information Security Specialist
New York, NY
Information Security Specialist
07/2004 07/2010
New York, NY
Information Security Specialist
07/2004 07/2010
  • Work with 3rd party managed security services providers to develop improved system monitoring and correlation rules to improve overall security posture
  • Develop and manage program metrics and performance through tracking/reporting and active engagement with stakeholders for continuous service improvement
  • Working with Business Line Risk Managers to proactively manage and mitigate IS related risks
  • Develops account processes, network rights, and access to NTC network systems and equipment
  • Working with organizational stakeholders, assist the development and support of the information security strategy
  • Work with various risk and information security teams in presenting recommendations for improvement to technology subject matter experts and management
  • Provides central contact point for user support and problem management for managed security applications (Firewall, IDS, Encryption, SIEM, EIQ, Web filtering)
Education Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
Brigham Young University
Bachelor’s Degree in Computer Science
Skills Skills
  • Able to work within the team to build measurable, repeatable processes
  • Ability to continually refine the vulnerability assessment and penetration testing methods and deliverables
  • Able to turn large piles of data into interesting, relevant, quantifiable stories quickly
  • Demonstrate the ability to learn quickly and apply knowledge accordingly
  • Knowledge of current security tools available such as Tenable NESSUS, RETINA, POAM’s
  • Demonstrable experience in creating a sustainable compliance capability
  • A professional attitude and fastidious attention to the details with strong analytical skills
  • One or more of the following qualifications are highly desirable
  • Persistent and analytical mindset with strong controllership focus and attention to all details
  • Knowledge of and ability to perform the primary responsibilities of this position
Create a Resume in Minutes

15 Information Security Specialist resume templates

1

Information Security Specialist Resume Examples & Samples

  • Support the migration of CitiSFT records into CTR. Once all the ICG CitiSFT records have been fully migrated into CTR, work with the record owners to ensure that the required information is provided in CTR
  • Continue to maintain and support CTR in production
  • Conduct follow-ups with end-users to close existing cases and escalate issues as necessary
  • Provide status updates as needed
  • Ensure that critical IT risk issues are communicated to and reviewed by appropriate levels of management
  • Assist in the delivery of key IT Risk Management program deliverables whether deemed a fire drill or Business As Usual (BAU)
  • Ensure that critical IT control processes conform to standards and provide appropriate reporting
  • Monitor applicability and changes to internal policies and adjust approach as required. This may entail adjusting existing reports, creating new reports, and changing approach in dealing with end users
  • Information Security and project delivery experience
  • Experience in the banking industry
  • Strong excel skills (vlookups, pivot tables etc...)
  • Advanced analytical and problem solving skills with the ability to present data in a format that facilitates senior management decision making
  • Strong time management skills with the ability to remain calm under pressure and meet deadlines
  • Ability to multi-task and work independently with a virtual team against tight timelines
2

Information Security Specialist Resume Examples & Samples

  • Provide SME in application security and vulnerability management in CIB
  • Project Engagement – SME support for Technology, IRM and Cyber Security teams to assist in application security assessment through the use of automated tools and manual techniques to identify and verify exposure to common security vulnerabilities and providing remediation guidance
  • Data Analysis – understand, interpret, validate, manipulate data using excel and other tools, and present conclusions and recommendations
  • Information security certifications (such as CISSP, CSSLP, CEH/CPT or related certifications) would be preferred
  • Working knowledge of application assessment, application security vulnerabilities, code review methodologies, and secure coding practices
  • Understanding of OWASP security concepts and common application security risks, such as XSS, XSRF, SQL Injection, Cookie Manipulation, etc
  • Exposure to automated application security-related tools such as AppScan, Fortify, QualysGuard and other commercial and open source tools
  • Ability to deliver secure code training to developers
  • 4+ years experience in a similar risk role
  • A graduate degree or equivalent experience (in computer science, information systems management, business administration or related field) is preferred
3

Information Security Specialist Vulnerability Lifecycle Manager Resume Examples & Samples

  • Must build and maintain strong working relationships with IT engineering, operations, and other stakeholders to remediate Information Security and/or Vulnerability Findings
  • Coordinate and lead vulnerability management forums with operations and engineering leads as required to resolve outstanding/pending issues before requiring further escalation
  • Responsible for managing customer expectations and effective delivery of reported metrics
  • Must escalate issues appropriately and in a timely fashion with general management supervision
  • Prior experience includes 3+ years working in Information Technology or Information Security related field
  • BA/BS required, MA/MBA preferred
  • Must be proficient with Microsoft Office Suite - SQL / Database experience a plus
  • Professional Certifications will be expected to acquire: CISSP, CISA, CEH
  • Versed in Information Security and vulnerability management
  • Strong knowledge of industry standards as they relate to Vulnerability Management
4

Information Security Specialist Resume Examples & Samples

  • Highly proficient supporting Network, Operating System, Database, Application & Data layers, providing an escalation point for technicians
  • Expert security tool user, able to build-out, configure, monitor & mine for interesting data
  • Ability to lead the evaluation, troubleshooting, and identification of issues with security infrastructure technologies at an enterprise level
  • Reporting capabilities through SQL, SharePoint, Splunk, Cacti, and other tools
  • Able to define KPIs, build relevant reporting solutions
  • Able to turn large piles of data into interesting, relevant, quantifiable stories quickly
  • Participates in computer security incident response activities for network intrusions, virus infections, and internal security violations
  • Ability to work on multiple tasks simultaneously, set priorities, communicate delivery expectations, and meet deadlines
  • Ability to provide mentoring to other team members and ensure they remain on track with deliverables
  • Oversees New Hire Training and provides continuous training to technicians
  • Able to work within the team to build measurable, repeatable processes
  • 2+ years working in an enterprise/information security
  • 5+ years of IT infrastructure proficiency and experience that could include one or more of: Encryption, Tokenization, Forensics/eDiscovery, Penetration Testing, Firewalls (OS, WAF), Proxies, Gateways, Routers, VPN
  • A foundational understanding of security technologies commonly leveraged to support a large-scale, multi-platform enterprise environment (system and/or security support for Windows, Unix, and mainframe platforms; network security services; Firewalls, Proxies, IDS, VPN)
  • Proven ability to perform analysis (or vendor assessment), and document business objectives, problem statement, evaluates options and justifies a recommendation
  • Proven ability to define and deliver service management reporting for Information Security as a Service
  • Relevant certifications: CISSP, CCNA, MCSE, CISA, CISM, CIPP, Vendor Specific, etc
5

Information Security Specialist Resume Examples & Samples

  • Training and Awareness
  • Information Security Officer Council Member
  • Provide updates to the standard security language for supplier contracts
  • Understand business, local and Information Security strategies as they relate to the portfolio
  • Provide Information security requirements advice and counsel to portfolio personnel, project teams, and the Business ensuring alignment to IS processes and solutions
  • Provide consultation to portfolio and legal personnel in the negotiation of Information Security related contractual clauses with suppliers
  • Review and provide updates to the standard security language for supplier contracts
  • Work as Information Security subject matter experts and provide expertise in regards to their support area or portfolio
  • Provides coaching, professional guidance, and support to Information Security Analysts, as required, in order to foster professional development
  • Governance and Control: Implement information security risk governance and control framework for the local organization that incorporates a consistent, sustainable methodology for identifying, assessing, and documenting information security risk that provides early warning of potential failure to meet information security requirements
  • Directs and monitors due diligence of information security supplier risk assessments and results on an ongoing basis
  • Oversee and manage portfolio of Information Security Supplier exceptions (ISMEs) to ensure these are current, accurate and are supported by sound resolution plans. On an ongoing basis, ensure resolution plans are on target for implementation
  • Interprets and acts on IS reports
  • Review and provide recommendations to IS policies, standards, guidelines/ processes
  • Reporting: Consolidate, interpret and report key information security risk, trends for the portfolio and understand effectiveness of controls in managing the key risks. This includes standard and ad hoc analyses and reporting for a variety of stakeholders including: local organization, Operating Group, IS Corporate Support Area (CSA) and others as appropriate. Integrates, interprets and analyzes data to produce portfolio information security risk profile for the local organization and IS CSA, identifying potential exposures and trends
  • IS CSA
  • Corporate Audit
  • General understanding of a risk based assessment approach
  • Technical Hands on experience in security of data warehouses, mainframes, networks, applications etc
  • Experience with TRA
  • Working knowledge of Operating Group businesses
  • Expert knowledge of Security Corporate Policies, Standards, and operating procedures relating to information security risk
  • Information Security certification is desired (e.g. CISSP, CISSLP, GIAC, etc.)
  • Highly developed communication skills, both verbal and written
  • Demonstrate strong relationship management skills
  • Possess advanced problem solving skills
6

Senior Information Security Specialist Resume Examples & Samples

  • Appropriately and practically defend the information enterprise in accordance with established policies, procedures, guidelines and practices
  • Conduct and lead incident response activities as appropriate including triage, root cause analysis, kill chain analysis, escalations, notifications, communication, etc., and in accordance with the HBC Information Security Incident Response Plan
  • Conduct and lead the technical investigative and forensics activities for information security incidents
  • Provide subject matter expertise, leadership and coordination for the Incident Response Team throughout the incident response lifecycle
  • Coordinate ongoing improvements to HBC’s security incident response procedures and capabilities by developing tabletop exercises and full drills of incident response plans
  • Provide centralized support for all information security incidents, cyber investigations, forensics and e-discovery matters across the enterprise
7

a&a Information Security Specialist Resume Examples & Samples

  • 3+ years of experience with certification and accreditation and assessment and authentication (C&A/A&A) for systems and applications in support of Cyber and IT programs and systems
  • Experience with all versions of Windows and UNIX operating systems
  • Knowledge of automated scan testing tools
  • Knowledge of NIST Special Publications, FIPS 199 and 200, and FISMA requirements
  • Active Secret clearance required
  • Possession of excellent analytical and interpersonal skills
  • BS degree in Engineering, CS, or other technical field preferred
  • CISSP, CEH, or other related certifications
8

Technology Information Security Specialist Resume Examples & Samples

  • Provide a single point of contact on Information Security for one or more Citi Technology Infrastructure functions
  • Proactively engage the businesses to identify, document and drive remediation of excessive risks and non-compliant activities
  • Escalate significant risks to the Regional/Sector IS Leadership for information or action
  • Support implementation of Information Security Training Plan
  • Demonstrate continuous improvement on all IS program by assessing and promptly reporting Corrective Action plan
  • Provide updates to business through established communication channels
  • Focus on process improvements, removing deficiencies and enhancing current tools for reducing overall risk profile
  • Ensure compliance to security practices & standards reducing likelihood of audit, regulatory & legal liabilities
  • Assist to pass with a satisfactory audit rating for all IS topics with no major IS issues
  • Support GIS policy and standards development and initiatives implementation
  • Provide a unified and holistic view of vulnerabilities and associated risk exposure
  • Provide technical security advice to various technology domains including, Windows, Unix Server, Database, Workstation, Network, Tech Room operations staff to help meet information security requirements
  • Communicates and discusses changes to IS regulations and standards with ISOs
  • Assist to pass with a satisfactory audit rating the external, internal and regulatory audit reviews
  • Determines ISO training needs and training requirements and provides appropriate materials and opportunities
  • Excellent problem solving abilities and analytical skills
  • Has the ability to influence others and shape / obtain desired outcome in areas outside of direct control
  • Demonstrated ability to develop and implement process improvement initiatives. Technical
  • Extensive technical background in current desktop and server operating systems
  • Must be proficient with Microsoft Office suite applications, including Excel and PowerPoint
  • Professional certifications required or will be expected to acquire CISSP in first 12 months
  • Strong knowledge of industry standards as they relate to security infrastructure technologies
  • Experience in vulnerability assessments and remediation of vulnerability findings
  • Other: Min 5 years of technical expertise and hands-on experience in the following security infrastructure technologies: - Leading Firewall technologies. - Intrusion Detection and Prevention Technologies. Vulnerability assessment technologies. - Network protocols and infrastructure. - Network admission control systems. - Policy based DLP infrastructure. - Antivirus, malware infrastructure
9

Information Security Specialist Resume Examples & Samples

  • Provide SME in automated security assessments and vulnerability management
  • Project Engagement – SME support for Technology, IRM and Cyber Security teams to assist in security assessment through the use of automated tools and manual techniques to identify and verify exposure to common security vulnerabilities and providing remediation guidance
  • Process – Provide oversight for the firm’s automated scanning capabilities and lead global ad-hoc scanning initiatives when necessary
  • Impact Analysis – Review proposed solutions, develop use cases to explain/demonstrate requirements/specifications to key stakeholders
  • Contribute to the development and implementation of security policies, standards, procedures, and guidelines
  • Vendor and Information security certifications (such as CCNA/CCNP, CISSP, CSSLP, CEH/CPT or related certifications) would be preferred
  • Working knowledge of application and infrastructure assessment methodologies, security vulnerability analysis, false positive reduction, and remediation strategies
  • Understanding of network operations and architecture
  • Exposure to automated security-related tools such as AppScan, Fortify, QualysGuard, Nessus, Metasploit, and other commercial and open source tools
  • Exposure to manual assessment tools such as HTTP Proxies, browser plug-ins, automation scripts, etc…
10

Information Security Specialist Resume Examples & Samples

  • Member of team responsible for monitoring and resolution of security incidents within established customer Service Level Agreements
  • Collaboration with Line of Business technical teams for issue resolution and mitigation
  • Documentation of actions taken for audit, regulatory and legal purposes within approved event tracking system
  • Provide workstation Full Disk Encryption (FDE) and External Media Data Protection administration and management (using Symantec PGP or other solution )
  • Provide desktop recovery support to include daily operational incident response support as well as potential on-call support
11

Information Security Specialist Resume Examples & Samples

  • Support the security needs of the organization by providing expertise and assistance in all projects with regards to security issues
  • Process security requests for all computing environments supported by the Information Security Department and provide on-call support for security systems
  • Work with business users to provide client support and trouble-shooting tasks
  • Develop, implement, and maintain security standards and procedures needed to provide an appropriate level of access control and data integrity for computerized information assets
  • Coordinate Corporate cyber investigations to ensure confidentiality and impartiality in all matters, while guarding the integrity of all evidence collected
  • Provide training for new staff members
  • Design, recommend, and implement security strategies that will provide the degree of asset protection compliant with Corporate security policies
  • Develop and maintain process documentation that will provide operational guidelines for all systems supported by the Information Security program
  • Conduct quality assurance reviews of the processes/practices employed by the Information Security staff in executing the responsibilities and operational activities of the department
  • May serve as a Team Leader with responsibility for day-to-day operations, mentoring of other team members, peer review of project work, and problem resolution
  • Bachelor's degree in Computer Science, business or related field, or equivalent education and related training
  • Five years of experience in the field of information security
  • Advanced knowledge of mainframe security systems, information security risk assessment techniques, system development/methodologies, and project management disciplines
  • Proficient in the use of personal computers and standard computer software applications, including Microsoft Office
12

Information Security Specialist Uat K Resume Examples & Samples

  • Bachelors Degree in Information Security or related field
  • 3+ years experience in Information Security or related position
  • Understanding of SDLC methodologies and how to incorporate security controls in compliance with Enterprise standards into each phase
  • Risk based decision maker; able to balance business needs with security of data
  • Strong knowledge of information security industry
  • Well-versed in Corporate Information Security standards and policies
  • Strong communicator, able to work with all levels within the organization
  • Information Security certification (CISSP) a plus
  • Prior experience in implementing capacity planning, workflow, and other metrics a plus
13

Information Security Specialist Resume Examples & Samples

  • Reviews results of network and application ethical hacks in order to determine severity of findings and to ensure proper remediation is applied
  • Proficiency in one or more high level programming languages like Java, C, C++, Ruby etc
  • Expertise and experience in web/mobile application and network penetration testing
  • Prior experience with Red teaming would be an added advantage
  • Detailed understanding of OSI and TCP stack with emphasis on computer architecture and networking protocols
14

Information Security Specialist Resume Examples & Samples

  • Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs
  • Identify potential malicious activity from memory dumps, logs, and packet captures
  • Interact and assist other investigative teams within Visa on time sensitive, critical investigations
  • Demonstrated relevant experience as a key member of an incident response team, malware analyst, or similar role
  • Ability to rapidly analyze systems for signs of infection or compromise
  • Tangible experience combatting crimeware or APT is a distinguishing factor
15

Cyber Security Dashboard Sme Information Security Specialist Resume Examples & Samples

  • Supply recommendations and SME knowledge for the continued development of the Cyber Security RSA Archer platform
  • Integrate and maintain multiple data feeds of external data into the RSA Archer platform
  • Provide administration for the Archer implementation
  • Serve as the SME for the configuration of Archer during upgrades, patching and across testing and production environments
  • Team with data analysts, security SMEs to develop dashboards and produce key information for executive and leadership reporting and decision making
  • Work with teams to produce actuate key security metrics for IT assessments
  • Maintain in-depth knowledge of Visa policies, security standards, processes and controls and provide on demand support to Visa resources for these materials
  • Produce trending and analytics on demand using legacy data for stakeholders including security resources and senior leadership
  • Engage where needed to implement ratings, risk rankings, and prioritization from both internal and external sources. Work with auditors and assessors, including appropriate questioning of findings and discussions on justification
  • Interpret legal, compliance and privacy feedback on the Archer tool and data, implement controls and safeguards for data per requirements
  • Work with external vendors and consultants on global delivery and implementation teams which impact Archer efforts
  • Assist coordination and implementation of appropriate Cyber Security governance, metrics collection, and reporting capabilities across Global information Security
  • Provide guidance on implementing Cyber objectives through the Archer tool, maintain mappings of Visa specific controls
  • Partner with SMEs and stakeholders , e.g Cyber Security Leadership, GRC, Security Operations, VSIRT, Group Audit and business leaders
  • Bachelor’s Degree in Cyber Security, Information Security, or Computer Science (or related field) or equivalent work experience
  • 8 to 10 years of experience in Information Security with experience in Cyber Security, Vulnerability Management, Security Configuration Management, Web Application Security, eGRC, , security dashboards, security analytics and metrics development, 1+ years in audit, risk management, governance and/ or compliance function desired
  • Hands on development with the RSA Archer eGRC solution for a global organization
  • Familiar with Security Single Pane of Glass implementations or frameworks such as RSA Archer, Modulo, etc…
  • In depth experience in designing, implementing and/or managing Cybersecurity dashboard, security based eGRC, or Security Analytics and Metrics portal
  • Deep understanding of Cyber Security workflow and process methodology
  • Comfortable working with security data to includes Vulnerability scans, Application scans, Policy Compliance, Incidents and Threat feeds
  • Providing support and assistance during internal and external audits
  • Training and evangelizing information security to Executive leaders, Engineers and Users
  • Responding to Security Incidents
  • Extensive knowledge and experience with diverse IT architectures and enterprise IT data centers, large scale transaction processing environments, external hosted services and cloud computing environments. Extensive knowledge and experience with physical and virtual server configurations and implementations
  • Extensive experience working with perimeter technologies (e.g., router, firewalls, web proxies and intrusion prevention, etc.) and security tools (i.e. web application scanners, vulnerability scanners, file integrity monitoring, configuration monitoring, etc.)
  • Extensive knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.)
  • Knowledge of and experience with applying Common Weakness Enumeration (CWE), Common Vulnerability Scoring System (CVSS), Common Vulnerabilities and Exposures (CVS) and Open Web Application Security Project (OWASP) processes and remediation recommendations
  • Experience working in a team of security subject matter experts
  • RSA Certified Administrator Certification highly desirable
  • Security-related certifications a plus: CISSP, CRISC, GIAC, CCIE, CCNP, ITIL etc…
  • Scripting skills (Java, Python, Perl, Ruby, Python, C/C++)
16

Information Security Specialist Visa Incident Response Team Resume Examples & Samples

  • Coordinate the initial workflow and response for varying case types with internal and external teams
  • Collaborate with operational support staff to ensure they are actively engaged in potential security threats and concerns
  • Provide technical advice and input for the support of integrated security systems and solutions
  • Strong analytical skills and an ability to quickly learn and adapt to new technologies
  • Strong working knowledge of malware in its varying forms, common delivery mechanisms, and common mitigation steps
  • Experience with IDS/IPS, Splunk, FireEye, and similar technologies is desired
  • Ability to communicate and collaborate effectively with other team members in a geographic and culturally diverse workforce
17

Information Security Specialist Resume Examples & Samples

  • RESPONSIBILITIES
  • The candidate will be responsible for performing information security and controls assessments based on involvement and consulting with project teams
  • The candidate must be able to communicate the concepts of information security to guide information security practices and solutions within the IT environment
  • The candidate must possess leadership skills and be able to provide guidance to lower level Security Assessors
  • The individual will advocate enhancements to existing processes and procedures to improve information security controls. The candidate must have the superior ability to work well with others in a supportive team environment, the ability to prioritize multiple high priority activities, and must have outstanding written and verbal communication skills
  • 10-15 years audit and risk management experience that includes a broad understanding of the software delivery process, professional services consulting and/or program management
  • 10-15 years experience providing information security or information technology consulting services to a broad range of companies and/or federal and state agencies
  • Solid understanding of Security and Controls frameworks
  • In depth knowledge of
  • EDUCATION: Bachelor degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or other related field. (Master degree is preferred.) Significant and relevant technical experience meeting the job description may be substituted for degree requirements
18

Information Security Specialist Resume Examples & Samples

  • Information securityy or equivalent experience
  • Core knowledge and experience of Security Operations
  • Security certification desirable (CISSP, CISA, CISM, GSE or any other GIAC credential)
  • Experience with information security policies, intrusion response procedures, disaster recovery procedures, risk analysis
  • Experience in working with and implementing information security tools
  • Knowledge and understanding of network/security issues and solutions
  • Ability to acquire new technical skills quickly and contribute to a wide range of projects
  • A self-starter - highly motivated and able to work productively with minimal guidance
  • Excellent verbal and written English and Arabic language skills
  • Excellent communication skills to plan and coordinate projects and interact with colleague of all levels
19

Rft Risk & Controls Information Security Specialist Resume Examples & Samples

  • Strong in Informatica and SQL skills
  • 8- 10 Years experience in working with Informatica
  • 8- 10 Year experience in working with Oracle
  • 8- 10 Year experience in working with Unix Environments(Solaris/AIX/Linux)
  • Knowledge in Shell/Perl scripting
  • 8- 10 Years of experience in working in Informatica Development Role
  • 8 - 10 Years working in Data Warehousing environment
  • Minimum of Bachelors Degree
  • Expert in SQL and should have good knowledge in Oracle 11 G and above
  • Expert in Shell Scripting
  • Experience in working in Investment bank
  • Tech Lead
  • Working Knowledge on Exadata
  • ETL Concepts - Working experience with Informatica
  • Oracle/Exadata
  • Unix environment
  • Shell/Perl Scripting
20

Information Security Specialist Portland Resume Examples & Samples

  • Generally 0 - 2 years experience in Information Technology, bank operations, or a risk management discipline
  • General understanding of information technology, including: operating systems, networking, application architecture, and malware prevention controls
  • General knowledge of risk management processes including internal audit and information security management. Ability to gain familiarity with company operations and/or policies and procedures in order to perform information security risk management tasks under the guidance of more senior staff
  • Proficiency with personal computers and related software packages such as Word and Excel
  • Expected to obtain CISSP certification within 1 year of hire
21

Information Security Specialist Resume Examples & Samples

  • Extensive experience in technology, risk or security related roles, with demonstrable experience of identifying and managing information security risks
  • Strong understanding of web application development and service oriented architecture, and related technologies and platforms
  • In depth knowledge of a wide range of information security related topics and industry standards, including ISO27001 and ITIL
  • Ability to review complex information systems and web applications, identify risks and recommend appropriate, pragmatic (and cost effective) solutions to mitigate those risks
  • Ability to communicate and collaborate at all levels of the corporation, and externally
  • Demonstrable experience of writing information security reports, documentation and standards accurately and to designated timescales
  • Agile and flexible
  • Web application development and architectural experience
  • Unix / linux security and/or administration experience, especially Red Hat/CentOS
  • VMWare / VBlock security and/or administration experience
  • Experience of ensuring security in agile/iterative development
  • Previous experience of Public Sector and/or Media organisations would be beneficial but not essential
  • An understanding of the culture and ethos of the BBC
22

Information Security Specialist Resume Examples & Samples

  • Establishing and maintaining the IS Organisation, Operating Model and Governance for GT
  • Acting as a Subject Matter Expert to GT and other partners on the topic of IS Policies and Standards
  • Elaborating the Strategy and Priorities for the GT Information Security Programme
  • Providing Subject Matter Expert Advisory services on group-/division-wide IS topics and initiatives, including Education and Awareness
  • Implementing the GT Information Security Programme, including partnering with group-/division-wide IS Risk Remediation programs/projects to facilitate their implementation in GT. Preparing, driving and post-processing operational IS tasks (for example access reviews.)
  • Performing IS Assessment of CtB initiatives impacting GT-owned information, and advising GT Information Owners as well as other partners on mitigation options
  • Reporting on the CtB and RtB activities of the GT Information Security Programme to its stakeholders (GT COO, DISO CC, GISO, IT Risk, Security IT.)
  • Acting as an escalation point regarding IS incidents affecting GT-owned information, and as a Subject Matter Expert for major IS Incidents that impact GT. Escalating identified IS issues that may substantially impact the IS exposure of the group, other divisions or functions
23

Rft Risk & Controls Information Security Specialist Resume Examples & Samples

  • Provide SME in risk management, application security and vulnerability management in RFT
  • SME support for Technology, IRM and Cyber Security teams to assist in application security assessment through the use of automated tools and manual techniques to identify and verify exposure to common security vulnerabilities and providing remediation guidance
  • Process – Develop, Implement and manage secure software life cycle processes to that will assist the application development teams in integrating security requirements within their applications and databases
  • Contribute to the development and implementation of application security software, policies, standards, procedures, and guidelines
  • Assist RFT IRM and Technology Teams to ensure that CIB can engage effectively in support of all risk-based projects
  • A graduate degree or equivalent experience in computer science is also required
  • Very strong data analysis, both quantitative and qualitative
  • Experience in a similar risk role
  • Experience of technology projects and/or the Risk and Finance business a plus
24

Information Security Specialist Resume Examples & Samples

  • Strong experience working with Infrastructure and Operations teams
  • Good technical understanding of the concepts and technologies used to provide Security controls management, Network security, Endpoint protection, Database security, Virtualisation security, Cloud (IaaS/SaaS) security, Mobile security, Web & Internet security, Messaging security, Enterprise Social Networking security and Content Delivery Network security
  • Good experience of managing vulnerability management programs
  • Understanding of methods used to protect media content, conditional access (CA) and Digital Rights Management (DRM) systems and digital watermarking
  • Experience or working with external suppliers of security services (MSSP)
  • Input into budget management
  • Significant experience within Information Security Operations
  • Information Security Accreditation (e.g. CISSP, CISM, CRISC)
  • Understanding of Information Risk Management frameworks and Information Security ISO standard’s
  • Please apply with your original CV and if you need more details please look for the full job description below. You will also need to complete an application form
25

Information Security Specialist Resume Examples & Samples

  • Develop repeatable audits and tests using both standard and non-standard tools and methodologies for a variety of products for the purpose of discovering weaknesses and vulnerabilities
  • Work with technical management to architect IT network and security infrastructure services addressing business and compliance requirements with best practices
  • Create extremely high quality written reports containing the methodology and assessment findings
  • Ensure that global security directives are implemented and complemented
  • Handle security incidents and investigations
  • Conduct and/or consult on Risk Assessments and Risk Assessment report
  • Conduct and/or consult on Vulnerability Assessments using Vulnerability Scanners and the Vulnerability Analysis report
  • Consult on security requirements compliance for product Security Declaration
  • Stay current on and/or disseminate regulatory requirements
  • Assess business activities and their impact on security requirements in order to recommend actions to reduce operational risks
  • Support Company/Unit Managers in establishing Business Continuity Plans for critical business operations
  • Establish and maintain a basic level of security awareness amongst ALL personnel and an additional level for certain target groups
  • Perform security training
  • Articulate findings to peer technical staff as well as various levels of management
  • Support Ericsson's personnel, contractors and visitors in minimizing safety risks
  • Provide input to the security plan and budget
  • Information security
  • Audits and Assessments
26

Information Security Specialist Resume Examples & Samples

  • Communicate security initiatives, practices, policies and procedures
  • Perform information security testing such as vulnerability tests, phishing tests... Investigate and remediation of advanced threats from intrusion reports and vulnerability scans
  • Utilize SIEM and other tools to assist in network investigations. Conduct system log forensic analysis for troubleshooting and researching security events and alerts
  • Investigate network incidents and events. Monitor systems and security alerts and perform thorough investigation
  • Perform post mortem analysis on logs, traffic flows, and other activities to identify malicious activity
  • Analyse and review escalated cases until closure. This includes investigating and recommending appropriate corrective actions for data security incidents
  • Research, develop, and stay current on testing tools, techniques, and process improvements in support of security event detection and incident response
  • Reverse engineer and analyse binaries, files, and other malicious attack artifacts
  • 5 years + Information Security experience
  • A passion for security, systems monitoring, and automation
  • Thorough understanding and experience with, TCP/IP
  • Understanding of network protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems
  • Knowledge of encryption, load balancing, and other network protocols
  • Hands-on experience managing/using FireEye, Fidelis or similar IDS/IPS is a big plus
  • Knowledge of broad range of security and risk management standards and best practices, such as ISO 17799, CobiT and ITIL would be a big plus
  • Professional certification, such as a CISSP, CEH/CPT, GCIH, GCIA, GPEN, or similar industry certifications or other information security credentials, is preferred
27

Information Security Specialist Resume Examples & Samples

  • Configure identity management solutions to create efficient workflows for any TCF application, system, or infrastructure as needed
  • Manage assigned tools from end to end, including internal communications, vendor relationships, managing policies and handling all changes and upgrades
  • Serve as a Subject Matter Expert (SME) for TCF identity management solutions
  • Provide guidance to all assigned IT projects with regard to identity management issues in their technical project design, and/or other project lifecycle phases. May prepare technical specifications as needed
  • Lead the effort to research, evaluate, design, recommend, test, and plan implementation of new and/or improved identity management tools
  • Mentor and train less experienced staff
  • Conduct Quality Assurance (QA) on IdM solutions
28

Senior Information Security Specialist Resume Examples & Samples

  • Must be able to work independently demonstrating risk assessment and mitigation expertise in IT or IS, along with a track record owning information security/technology projects from start to finish
  • 7-10 years (minimum) experience in the field of information security in at least three of the following areas: application whitelisting, incident handling, malware analysis, penetration testing, intrusion detection, firewall access control technologies, vulnerability management, identity management, Windows or *nix security, cloud integration security, encryption technologies, or endpoint security controls
  • If total Information Security experience is less than 7 years, 5-7 years in an area of information technology in two of the following areas: systems engineering (Windows/*nix), networking, applications engineering, database management, client-side technologies or systems' administration
  • Technical certifications are a plus including
29

Information Security Specialist Resume Examples & Samples

  • Proficient in MS Access and MS Excel
  • Strong attention to detail with ability to work with huge amount of data
  • Extensive knowledge and experience with policies, standards, and procedures intended to ensure the integrity and safety of information
  • Extensive knowledge of technologies and technology-based solutions dealing with information security issues and for protecting organizational data
  • Extensive knowledge and experience with access reviews and privileges including safeguarding and maintaining information security and data
  • Extensive knowledge and experience with access reviews for Nonstandard computing platforms and work-stations
  • Extensive knowledge and experience with remediation of logical access on various computing platforms CIBC computing platforms and environments e.g. Unix, Oracle, Mainframe etc
30

Information Security Specialist Resume Examples & Samples

  • ITGC Review: IT General Control review for various controls such as Logical access, Change Management, Incident Management, Physical Security, and Patch Management
  • IT Governance: Communicate the defects/risks identified in the various audits to the higher level management. Also, Tracking the progress of programs and preparing the focus areas for next reviews. Running various security awareness programs such as Audit lesson learnt, Education mailers
  • Perform site audits to check the implementation of physical security controls and its effectiveness
  • Risk Management & Assurance, Due Diligence and Compliance Assessments
  • Perform EU Model Contract review and assessment
  • Review the Service Delivery Document to ensure the security requirements of customer / contract are documented and compliant
  • Developed the end to end IAM processes for major financial client
  • Perform User Access Management Review to ensure the client credentials are managed properly
  • Participated in ISO 27001:2013 external audit
  • Contributes to the development and maintenance of the information security strategy and security governance
  • Conduct ISMS awareness sessions for new joiners
  • Security reporting and remediation activity – Prepare a monthly report on the system compliance status and ensure the remediation action is taken for the deviation and report IAM dashboards
31

Information Security Specialist Resume Examples & Samples

  • Installed and configured DB2,TDS,WAS,TIM
  • Integrated both agent less and agent based applications with TIM like Lotus Notes, AD, LDAP
  • Customized views for different user groups
  • Fix pack application in components etc
  • Applied authorization policies for applications
32

Monitoring Information Security Specialist Resume Examples & Samples

  • Managing business group specific quality assurance processes based upon established SOPs, security standards and approval workflows
  • Partnering with the CSS administration team to provide feedback and develop comprehensive and sustainable training plans and programs
  • Monitoring of hotline and mailbox activity to ensure quality standards are in place and operating as intended
  • Preparing, evaluating and reporting key quality metrics
  • Evaluation of operational standard operating procedures
  • Assisting in providing documentation required in support of audits
  • Participation and completion of assigned tasks for team projects and initiatives
  • Experience of Prudential Applications and Infrastructure Platforms is preferred
  • Possesses an 'ownership' mentality
  • Strong information gathering skills with the ability to analyze and draw conclusions from said information
  • Able to work on cross functional teams in various geographical locations; recognized as a collaborative and trusted peer and business partner
  • Previous experience with creating training plans and mentoring programs a benefit
  • Ability to work under tight time constraints when required
  • Excellent time management and organizational skills, with attention to detail
  • Bachelors degree or equivalent relevant experience
33

Information Security Specialist, Awareness Resume Examples & Samples

  • Develop and implement information security training for all TWDC employees and third parties, including customized information security training for discrete TWDC employee groups
  • Manage anti-phishing program and produce regular campaigns and assessments, adjusting as needed to prepare TWDC personnel to recognize evolving phishing attempts
  • Stay abreast of industry information security awareness trends and TWDC information security policies, standards, objectives and initiatives and evolve training modules and supporting communication as necessary to meet the changing needs of the organization
  • Maintain infosec.disney.com, where all TWDC information security content available to TWDC employees is housed
  • Partner with Global Information Security leadership to ensure all information security awareness tools, collateral and guidelines align to TWDC’s information security risk framework and support the objectives of each information security domain
  • Develop content specific to information security awareness for use by GIS partners and for syndication across the TWDC enterprise
  • Partner with business segment and TWDC communication teams, including DTSS Communications and Community Watch, to syndicate information security content within TWDC where appropriate
  • Demonstrated successful project management experience
  • Experience in designing and implementing an awareness program and/or employee training programs
  • Experience developing end-user content and managing third-party content production, including video content
  • Understanding of emerging technology and security trends and issues as related to both enterprise and personal usage of information technology
  • Working knowledge of information security components, principles, practices and procedures
  • Demonstrated relationship management and customer service orientation; excellent verbal, written and listening skills across multiple audiences from highly technical team members to business consumers at the highest levels of management
  • Superior writing, presentation and written communication skills
  • Ability to create and implement communication plans in partnership with other communications teams
  • Experience using content management tools
  • Experience in entertainment/media/consumer goods companies a plus
  • Bachelor’s degree in a related field, such as information systems, business or communications and appropriate work experience
  • Security and process certifications a strong plus (CISSP, CISA, CRISC, CISM, etc.)
34

Information Security Specialist Resume Examples & Samples

  • Advise release management teams on control issues causing security risk and work with them to remediate
  • Able to work well with others and in particular be able to influence and change behaviors and build consensus
  • Report to management on recurring risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance with the SDLC
  • Other security-related projects that may be assigned according to skills
  • Ability to lead by example and influence change required
  • Excellent Excel and Powerpoint skills
  • Good understanding of Information Security standards, frameworks, and best practices (e.g., ISO 2700X, OWASP, ITIL, CoBIT, SANS Top 20) required
  • 3+ years experience with and strong knowledge of SDLC methodologies including waterfall and agile
  • Development background is preferred but not required – experience with one or more of the following development languages: .Net, C#, Java, PHP, Objective-C, SQL, SOAP, REST, custom API, SAML preferred
  • Experience with at least one code security review tool preferred: examples include but are not limited to Fortify, WebInspect, Burp, AppScan
  • Experience working with agile development groups is a plus
35

Information Security Specialist Resume Examples & Samples

  • Provide SME in Identity & Access Management within RFT
  • Manage the recertification process, including support for Quarterly and off-cycle recertifications. Recertification tasks include IO attestation scope confirmation, functional ID mapping support, feed support and daily stakeholder inquiries
  • Provide first level privileged access account breakglass support, including working with stakeholders on functional account ownership, the breakglass onboarding process, support group reengineering, data/account remediation activities, enhancements, & training
  • Active Directory File Share Remediation/User Tools - Support identification of folder owners and coordinate with GIAM to secure active directory qtrees
  • Process - Develop, implement and manage secure software life cycle processes to that will assist the application development teams to integrity security requirements within their applications and databases
  • Data Analysis - Understand, interpret, validate, manipulate, data using excel and other tools, and present conclusions to the key stakeholders
  • Contribute to the development and implementation of security software, policies, standards, procedures, guidelines
  • Provide baseline metrics and reporting, both during impact analysis and on-going execution of risk-driven projects, organize and deliver clear and accurate data for Technology and Executive Management
  • Assist RFT IRM and Technology Teams to ensure that RFT can manage effectively in support of all risk-based projects
  • Information security certifications (such as CISSP, CSSLP, CEH/CPT or related certifications) world be preferred
  • A graduate degree or equivalent experience in computer science in also required
  • Very strong data analysis, both qualitative and quantitative
  • Exposure to financial services systems and process preferably in Investment Banking
  • Exposure to information security principles and relevant standards including access management, change management, security incidents, and business continuity management
  • Strong understanding of security software development life cycle/
  • Experience of technology projects and/or the Risk and Financial business is a plus point
36

Information Security Specialist Resume Examples & Samples

  • Provide SME in Risk Management, Application Security and Vulnerability Management in RFT
  • Monitor and enhance controls around the key scanning processes employed by the firm e.g. Black Duck, SSAP Static, Dynamic & Threat Modelling
  • Partner with AD Managers and Application Security Champions to obtain remediation plans for vulnerabilities identified by the scanning processes
  • Evaluate tollgate requests to ensure new application code being released does not introduce vulnerabilities into the production environment
  • Participate in firm-wide initiatives and projects to communicate enhanced controls and scanning requirement to the AD community in Asia
  • Participate in the production of weekly and monthly metrics
  • Partner with AD teams to ensure application level reference data is accurately reflected on firm wide systems
  • Develop and enhance existing controls around application scanning
  • Assist RFT IRM and Technology Teams to ensure that RFT can engage effectively in support of all risk-based projects
  • A graduate degree or equivalent experience in Computer Science is required
  • Information Security Certifications (CISSP, CSSLP, CEH/CPT or related certifications) preferred
  • Good reasoning and logic, problem solving, project management skills
  • Exposure to Information Security Principles and relevant standards, including Access Management, Change Management, Security Incidents and Business Continuity Management
  • Strong understanding of Secure Software Development Life Cycle
  • Exposure to manual assessment tools such as HTTP Proxies, browser plug-ins, automation scripts, etc
  • Experience of technology projects and/or the RFT business a plus
37

Information Security Specialist Resume Examples & Samples

  • Develop and manage program metrics and performance through tracking/reporting and active engagement with stakeholders for continuous service improvement
  • Provide oversight and governance to engineering and operating processes
  • Prior experience includes 7+ years+ in information security or information technology management
38

Information Security Specialist Resume Examples & Samples

  • Have a broad knowledge of security methodologies, solutions and best practices
  • Be able to gather business requirements and to conduct security reviews on third-party vendor products
  • Provide governance and recommendations in the design, implementation, and support of a diverse security infrastructure including but not limited to: two-factor authentication, host-based intrusion prevention (HIDS), security logging, anti-virus, remote access, VPN, network IPS, and forensic tools
  • Serve as an internal information security advisor and subject matter expert to the organization on various Technology projects and incidents
  • Manage vendors and subcontractors as part of the information security portfolio
  • Develop and manage project plans and roadmaps; perform risk assessment analysis and mitigation plans
  • Provide leadership and motivation to project team members throughout the project life cycle
  • Assist with security incident response, investigations, and incident documentation and reporting
  • Oversee the remediation and tracking of security audit/assessment/testing findings
  • Ability to learn and stay updated with latest information security and risk management events, including new and emerging threats and vulnerabilities
  • Bachelor’s degree in Computer Science or related field. Masters a plus
  • 1-3+ years of cyber security experience
  • Knowledge of cyber-attack response and mitigation procedures
  • Familiarity with technical solution design and implementation procedures
  • Leadership and project management skills
  • Ability to organize and track workloads
39

Senior Information Security Specialist Resume Examples & Samples

  • Able to work independently with minimal guidance and act as coach to other team members
  • Ability to develop a strong network and collaborate across business units and corporate functions
  • Prior experience planning and leading small to medium scale projects a plus
  • Strong oral and written communication skills; able to communicate with all levels within the organization
  • Information Security certification (CISSP or CISA) a plus
40

Infrastructure Information Security Specialist Resume Examples & Samples

  • Work collaboratively within TRMIS, ITS and with other key stakeholders including technology lead on activities targeting the management of business risks associated with technology
  • Deliver risk assessments, controls design, control assurance and testing, program support and expert knowledge advisory services accordance with BTRM ITS specific service delivery processes
  • Participate as required on all strategic objectives established IT executive leadership
  • Ensure ITS management understand the business implications of technology risks and the commensurate security and IT risk strategies associated with these risks; escalating urgent issues in a time appropriate manner
  • Work with 3rd party vendors and outsourcing partners ensuring they adhere to TDBG security policies and standards
41

Information Security Specialist Resume Examples & Samples

  • Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals
  • Develop and optimize processes to improve software development efficiency in the consumption of security development practices
  • Maintain active understanding of industry practices for secure software development and incident response
  • MUST have deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
  • Well versed in web application design, penetration testing, application risk assessment and risk categorization
  • Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models. Deep knowledge of/experience with the following
  • If you are still reading this and think you meet ALL the requirements or have a few skills that you can teach us, CLICK APPLY!!!
42

Information Security Specialist Resume Examples & Samples

  • Development of formal training program for the technology risk and information security program
  • Facilitation of communication and training sessions on new and changing aspects of the technology risk and information security program to tech and non-tech audiences
  • Identification of tool / solution needs and requirements as well as working with technology support teams to coordinate setup and deployment
  • Driving a formal set of training requirements for tech risk and security teams
  • Facilitating the formal information security training program across the organization
  • Ensuring tech and non-tech teams are updated and aware of training resources available to them
43

Information Security Specialist Resume Examples & Samples

  • Manage and maintain risks profiles, risk and controls assessments, controls design and assurance testing programs focused on infrastructure technologies and applications managed by the ITS team
  • Continually demonstrate initiative and leadership as the TRMIS representative for ITS promoting TDBG technology policies and the Enterprise Technology Risk & Control Framework on all risk and controls related issues, on all programs
  • Provide a point of coordination for various security related activities within the TRMIS group; serve as key liaison and contact for stakeholder groups including ITS, audit and BTRM groups supporting the various lines of business in TDBG
  • Identify and prioritize key controls deficiencies at formative stages of technology development programs and as part of controls assurance and verification testing in the IT environment
  • Interpret and advise with expert knowledge on risks, business impacts and matters of security (including vulnerabilities and threat management), compliance/regulatory standards, audit programs and audit findings
  • Support ITS deliver teams with technology-specific security advisory for security events and as part of post security incident remediation activity; advise senior leadership and BTRMs supporting lines of business of potential impacts related to current security events
44

Senior Information Security Specialist Resume Examples & Samples

  • Very solid communication skills
  • Proficient in English (spoken and written), German is a plus
  • Solid IT background (IT degree holder preferred)
  • Experience in and knowledge of industry standards (e.g. ISO 27001, CobiT, ITIL)
  • Advanced skills and established experience in IT security and risk management (understanding risk assessment, legal and regulatory requirements, threats, vulnerabilities, security policies etc.)
  • Good understanding of Operating Systems (e.g. Windows Server, Unix) security and typical OS controls, application development, SDLC, Penetration Testing, access controls, encryption etc
  • Good understanding of infrastructure components, including infrastructure security components (e.g. Network security, Firewalls, IDS, IPS etc.)
  • Good understanding of security architecture best practices
  • Information Security Assessment and/or Audit experience
  • CISSP, CISA, CISM, CompTIA Security+ or equivalent certification a plus
  • Experience in financial services industry a plus
45

Information Security Specialist Resume Examples & Samples

  • Conduct application focused pentests (Penetration Testing) for Visa internally developed or hosted services
  • Conduct infrastructure focused pentests for Visa internally hosted environments
  • Perform vulnerability assessments on mobile technologies used by Visa
  • Work with other functional groups within Information Security included, Risk, Security Architecture and SSDLC
  • Performs remediation testing & reporting through the application of expert ethical hacking and penetration techniques in a fast-paced, highly technical environment
  • Provide technical support to Business Leaders
  • Perform research of emerging technologies and design frameworks and capabilities required to perform pentest exercises of new technologies adopted by Visa
  • Bachelor's Degree (or equivalent) in Computer Science, Information Security or a related field
  • At least 8-10 years of progressive experience with increasing responsibility in Information Technology, Information Security and Compliance that includes a combination of technical and project leadership responsibilities
  • Prior experience or expertise performing application and infrastructure pentests
  • Experience in writing proof-of-concept exploits
  • Well versed with security tools & frameworks like Metasploit, Core, Canvas, AppScan, WebInspect, etc
  • Good understanding of Ethernet, switched LAN and WAN environment and detailed understanding of layer 3 and layer 4 specifications, including IP, TCP, TCP/IP routing protocols and management of ACLs
  • Knowledge of logical / physical access control methods, connections alternatives using private, public and wireless solutions, Network/Host Intrusion Detection Engines, Vulnerability Management Tools, Patch Management Tools, Penetration Testing Tools, Anti-Virus/Anti-Spyware solutions
46

Senior Information Security Specialist Resume Examples & Samples

  • Act as a key resource for development teams by assisting with code reviews/assessments, explaining security deficiencies in programming techniques and providing information on how to remediate vulnerabilities detected during application scans
  • Provide security consultation services to development organizations and business units in all phases of the lifecycle to ensure security is considered and included
  • Interact with TD personnel at all levels and across all business units to advance security initiatives, communicate risk findings, and advance improvement
  • Remain informed of new cyber threat techniques used to target TD systems and programs
  • Ability to offer reasonable remediation solutions to problems created by insecure code required
  • Understanding of complex project timelines required
  • Development background is required – experience with one or more of the following development languages: .Net, C#, Java, PHP, Objective-C, SQL, SOAP, REST, custom API, SAML preferred
  • Experience with at least one code security review tool: Fortify, WebInspect, Burp, AppScan preferred
  • Understanding and awareness of documentation required in a secure software development lifecycle required
47

Information Security Specialist Resume Examples & Samples

  • Assist customers or facilitate the implementation of protective and mitigating security controls as required
  • Perform manage, add, change, delete operations within the security tools
  • Analyze and validate the network and hosts based on Intrusion Detection System events
  • 5-7 years of experience actively working in or with security and networking devices
  • Ability to multi-task with different types of problems
48

Information Security Specialist Resume Examples & Samples

  • Key individual contributor role responsible for
  • Reviewing large data sets using internal tools and software (Qualys, Archer, SQL Server Management Studio, MS Excel, Tableau)
  • Absorbing vulnerability, policy compliance, and web application scan results to an analytics platform (RSA Archer)
  • Correlating security information with internal data repositories
  • Integrating scan data with other security tools and business/technical processes
  • Analyzing large data sets; normalizing and de-duplicating data were appropriate
  • Prioritizing and smart routing of information to appropriate data owners
  • Reporting of key metrics across different functional teams
  • Automating manual security processes to deliver efficiencies in ticketing and data hand-offs to teams or individuals
  • Designing and implementing workflow
  • Focusing on speed to delivery and driving next-level action
  • Continuously enhancing strategy and processes within Vulnerability Management program (with effects across enterprise)
  • Building and maintaining close relationships with upstream/downstream teams: Engineering, Operations & Infrastructure, Cyber, GRC, leadership, security tool teams, and data owners
  • Handling inquiries and information requests from internal clients
  • Maintaining qualitative practices within the team to ensure consistency in delivery of information
  • Uncovering problems in the data sets and also proposing and implementing solutions
  • Facilitating business conclusions by understanding and presenting the message behind the raw data
  • Prioritizing competing business and information needs
  • Examining and recommending introduction of security technologies or practices where warranted
  • ​This position will require minimal after-hours and weekend work, as necessitated by change control windows and security incidents
  • ​​​​​​​Bachelor's Degree in Computer Science or related field and/or equivalent work experience
  • 6-10 years of working experience; 3+ in Information Security; 2+ in RSA Archer strongly preferred
  • Solid technical and analytical background
  • Ability to understand data models and data mining
  • Ability to construct queries
  • Scripting/programming skills preferred
  • Experience with Remedy, ServiceNow, and Tableau preferred
  • Ability to organize, associate, and correlate information
  • Past tools integration experience
  • High proficiency in Microsoft Excel, Visio, and PowerPoint
  • Experience with QualysGuard, WhiteHat Sentinel or other security tools is a plus
  • Attentive to detail with a focus on accuracy and high quality results
  • Excellent written and verbal communications skills, including an ability to communicate very technical findings to both technical and non-technical audiences, including project managers, systems engineers, developers, enterprise architects, and senior management; and the proven ability to influence and communicate effectively
  • Able to multi-task in a fast-paced, deadline-drive environment
  • Security-related certifications a plus​
49

Information Security Specialist Resume Examples & Samples

  • Process
  • Ensuring escalation and notification for security and IT Risk related issues
  • Comprehension of Federal and Industry based regulations as well as alignment to Supplier technology controls
  • Socialization and Communication
  • Maintaining the Supplier Inventory and developing the Supplier information repository
  • Performing Due diligence, Contract Assessments, and Monitoring/Oversight for high risk Suppliers
  • A collaborative team player who partners well with others; the individual will partner with Supplier Program Manager to assist with Business and Technology Front line Managers, Vendors, Auditors, Regulators and counterparts at other Financial Institutions
  • Deep Financial Institution knowledge is an asset as the job requires solid lobbying and influencing skills across TDBG and a pragmatic, reasoned approach is often required for success
  • University degree in technology or engineering
  • 7-9 years' experience in the area of IT risk and technology in a large organization
  • CISSP and/or CISM accreditation
  • Supplier Risk Management experience dealing with high transaction, large/complex/matrix business environment ideally within Financial Services
  • Deep knowledge of IT security and Risk disciplines and practices
  • Ability to articulate technology into business solutions
  • Excellent client engagement/management skills
  • Possesses exceptional strategic thinking, planning and relationship skills
  • Ability to influence management and build credibility across the organization
  • Proven ability to work with external regulators
  • Bilingual (English and French) is an asset
50

Information Security Specialist Resume Examples & Samples

  • Demonstrable practical experience of information security
  • Understanding of technologies, infrastructure and architectures and demonstrable understanding of information security protection and methodologies
  • In depth Knowledge of a wide range of Information Security Subjects and the Industry Standards, including ISO27001 and Data Protection, required in order to protect data
  • Ability to review Information Systems, identify risks and provide industry recognised solutions
  • View Security as an enabler to the business
  • Understanding of how information security strategy aligns with business and technology strategies
  • Formal information security qualifications such as CISSP, CISM or CRISC, ISO27001 preferred but not essential
  • ISO27001 Lead Auditor
51

Information Security Specialist Access Management Resume Examples & Samples

  • Active Directory account administration experience
  • Active Directory file system and security related settings
  • Shared Drive mapping, permissions, and inheritance
  • Information security principles, administration, and audits
  • 5+ years of experience with processes and tools assuring adherence to standards associated with accessing, altering and protecting organizational data
  • Planning and Deploying Windows Server Group Policy
  • EDirectory administration
  • PowerShell scripting
  • Perl scripting
  • Oracle, DB2, and/or SQL Server knowledge
  • Structured Query Language
  • Change control systems
  • Experience with Dell Change Auditor
  • Experience with Dell Enterprise Reporter
52

Information Security Specialist Resume Examples & Samples

  • Provides desktop and laptop security assessment by:Scheduling through the appropriate channels user desktop / laptop security assessment. Manages schedule and must be punctual to ensure that users receive the assessment in a timely manner. Arranges schedule to ensure that any travel is minimized. Reviewing OS level security settings (e.g. firewall settings, antivirus settings, patch and OS update settings) Reviewing application security settings (e.g. Browser based security settings, e-mail client settings)
  • Reviewing network security settings (e.g. wireless network configuration)
  • Provides security awareness / best practices training to sales force, preferred bankers, relationship managers, and clients: Provides instruction on desktop / laptop best practices (e.g. keeping patches current, running regular antivirus checks, setting up system restore points). Advises end users on current security incident trends and effective methods of counteracting (e.g. phishing attempts, untrusted web sites)
  • Provides documentation of security assessment engagement: Prioritizes and documents findings and recommended changes. Continually researches and recommends best security practices for end user / desktop interaction. Follows up with user to ensure that service was satisfactory (documents survey results to be used for metrics to assess the effectiveness of the assessment)
  • Updates the assessment as required. Stays current on malware trends, especially in the financial industry and adjusts the assessment accordingly to reflect the latest trends. Stays current on wireless network technologies and encryption methodologies. Continually reviews latest hacking techniques and adjusts the assessment accordingly to reflect the latest trends
  • Assists in marketing of the security assessment program. Makes recommendations to modify advertisement based upon updates to the security assessment. Works with internal groups to develop marketing strategies
  • Performs other duties & responsibilities as required or assigned by supervisor
  • Information Security Engineers, Information Systems personnel, sales force, relationship managers, and Internet Services, Preferred Banking members
  • Vision must be sufficient to read data reports, manuals and computer screens
  • Hearing must be sufficient to understand a conversation at a normal volume, including telephone calls and in person
  • Speech must be coherent to clearly convey or exchange information, including the giving and receiving of assignments and/or directions
  • Position involves sitting most of the time, but may involve walking or standing for brief periods of time
  • May be required to lift 25-50lbs
53

Information Security Specialist Senior Resume Examples & Samples

  • Bachelor’s degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology. Master Degree in Cyber Security is a plus
  • 7+ years of experience of network/security or operations experience
  • Requires thorough knowledge of security practices, procedures, and capabilities in order to perform non-repetitive, analytical work
  • Experience in Cloud Security and Penetration testing
  • Experience in monitoring external data sources to maintain currency of CND threat conditions and determine which security issues may have an impact on the Network Environment
54

Senior Information Security Specialist Resume Examples & Samples

  • 8 years of IT Security related work experience
  • Ability to speak multiple languages
  • Security or technical certification
  • Functional Expertise
55

Information Security Specialist Resume Examples & Samples

  • Bachelors degree (any subject) and10 years of systems applications experience with equipment, applications, networks, and systems, with at least 5 years as a security manager on classified systems
  • Experience with security activities described above for applications, infrastructure, network, hardware and communications
  • Experience assessing security for all types of systems that use a multitude of technologies
  • At least five years of experience preparing all technical, implementation and management documentation related to security policies and assessments for federal technology operations
  • Ability to work as a partner with the client staff, the client's customers, and other support contractor teams in a professional manner
  • Exceptional written and verbal communications skills
  • Experience having regular interface with client managers and staff as well as support contactor staff from other companies
  • Experience performing these responsibilities in a federal law enforcement organization or in a federal organization other than Defense with highly secure requirements
  • Experience in DHS or USSS
  • Security certifications
56

Information Security Specialist Resume Examples & Samples

  • Engineering degree in CS, CE, IT, Sys IE, or EE
  • 5 year of experience working across IT functions
  • Experience of IT Security, data protection, networking, servers and PC systems is an advantage
  • Experience of Whole Disk Encryption, Enterprise Rights Management, Host Data Loss Protection and Data protection products
  • Understanding of the Information Security Common Body's of Knowledge
  • Security certifications like CISA, CISSP, CISM or progress towards a Security Certification is desired
  • Excellent communication, stakeholder and customer management skills
57

Information Security Specialist Resume Examples & Samples

  • Knowledgeable with the five categories of the RMF (Risk Management Framework) Workflow
  • Working experience with preparing security plans and all security artifacts required for certification and accreditation
  • Experience helping ensure that system users receive initial computer security indoctrination and annual follow-on training as required by applicable directives
  • Immediately reporting any security violation, attempt to gain unauthorized access to sensitive but unclassified data, virus infection, or other event affecting the security of DHS systems and networks
  • Experience in supporting the management of the Information Assurance Program metrics program for business applications and infrastructure systems with the collection and analysis of security related data
  • Associate’s degree or higher and\or 5 - 15 years of work experience
58

Information Security Specialist Resume Examples & Samples

  • Minimum of 30 days as a Rockwell Automation contract employee
  • 3 years + IT security related experience
  • Bachelor's degree in Computer Science, MIS or other related field
  • GIAC Certified Intrusion Analyst – GCIA
  • Knowledge in the area of computer Incident Response
  • Hands on experience performing digital forensics analysis of IT systems to include remote evidence acquisition
  • Knowledge of common attack methods and possible mitigations
  • Knowledge of enterprise class network forensics systems, performing packet analysis, and understanding of TCP/IP protocols and services
  • Knowledge of enterprise class SIEM tools, creating and modify correlation alert rules, parsers, reports, and managing dashboards
  • Solid understanding of information security operations principles, application and infrastructure security technologies, and practices in a global environment
  • Experience with at least one scripting language (Bash, Perl, Python, etc)
  • Ability to prepare and explain meaningful security assessment reports for internal system owners, users, and business stakeholders
  • Ability to provided quantifying incident response security metrics
  • High aptitude for troubleshooting, with a background in enterprise IT operations (network, Wintel server, Unix server, desktop, applications, security) a plus
59

Information Security Specialist Resume Examples & Samples

  • The ideal candidate must have the following skills and qualifications
  • System Administration
  • Network Security
  • Manage and update information security policies
  • Network Troubleshooting
  • Network Protocols, Routers, Hubs, and Switches
60

Information Security Specialist Resume Examples & Samples

  • Assist the Information Security Officer (ISO) with internal consulting, advisement and assistance for all aspects of Information Security with a focus on client security
  • Lead small to mid-size security related projects to increase maturity of the Information Security program
  • Participate/facilitate client and/or third party onsite inspections and related conference calls
  • Provide support for application and business related security risk assessments
  • Evaluate and advise on risk management processes for the business unit
  • Assist Global Security peers from other business units as time allows to enable and implement more globally consistent processes
  • Understand Gramm-Leach-Bliley Act (GLBA), ISO 27001 Standards, Payment Card Industry Data Security Standard (PCI DSS), NIST Standards, standard security practices, current and emerging privacy and security regulations
  • Demonstrated operational knowledge of EWS services and applications
  • Excellent organizational, time management, customer service and problem-solving skills
  • Ability to effectively manage a small team
  • Minimum 1 year relevant experience
61

Information Security Specialist Resume Examples & Samples

  • Vestas Security Controls are observed at all sourcing partners, on a continuous basis
  • Existing Control framework is enhanced and adjusted, in order to ensure the right level of comfort for Vestas
  • Global IT and main sourcing partners' maturity level is increased in regards to Control environment
  • A yearly activity cycle is planned and executed
  • Bachelor or Master degree in computer science, auditing, management information systems
  • 5-8 years of experience with operational auditing, risk management and compliance at Manager or Specialist level
  • Thorough knowledge of IT Security practices and standards
  • Work experience with Business Continuity Management and Business Continuity Planning
  • Certifications in the domain of Information Security and/or auditing (ESL, CISSP, CISA, CISM, …)
  • Familiarity with COBIT, ISO and ITIL frameworks
  • Excellent written and verbal communication skills in English
  • Knowledge on project management methods and practices is an advantage
  • Knowledge on ITIL processes is an advantage
  • Pro-active team player with strong stakeholder management skills
  • Persistent and analytical mindset with strong controllership focus and attention to all details
  • Flexible of nature and able to prioritize workloads
  • Able to understand complex business processes and identify the full range of risks related to compliance-, organization-, and technology processes
62

Information Security Specialist Resume Examples & Samples

  • 7+ years of relevant experience
  • Expert knowledge of IT security and risk disciplines and practices
  • Advanced knowledge of of organization, technology controls, security and risk issues
  • Demonstrated ability to participate in complex, comprehensive or large projects and initiatives
63

Lead Technology Information Security Specialist Resume Examples & Samples

  • 5-7 years information security experience, primarily in security consulting, assessment and/or auditing
  • Proven ability to research and analyze complex data and problems, develop appropriate solutions and concisely and clearly communicate to stakeholders
  • Demonstrated knowledge and experience with assessing and protecting industrial control systems (ICS) and facilities related technology/platforms
  • Demonstrated expertise with information security assessment frameworks such as NIST, SANS and/or ISO 27001,
  • Demonstrated expertise with network protection controls, including firewalls, intrusion detection systems, anti-malware software, data encryption, VPN’s, vulnerability scanners, server operating systems, and other industry-standard techniques and practices
  • Demonstrated report writing and presentation skills such as application assessment reports, operating procedure documents, and formal policy and procedure documents
  • Demonstrated ability to positively influence and persuade individuals of varying levels
  • Demonstrated strong organizational skills with attention to detail
  • Solution architecture design
  • Demonstrated experience with technical penetration testing techniques and related tools
  • Knowledge of common web and mobile application vulnerabilities, such as the OWASP Top 10 for web and mobile, and ability to provide solutions
  • Knowledge of regulatory requirements (PCI, SOX, Safe Harbor, etc.)
  • Experience with e-commerce/web app penetration testing
  • Experience with n-tier architectures and development
  • Bachelor's degree or related experience
64

Senior Information Security Specialist Resume Examples & Samples

  • Develops, implements, and administers security procedures for classified computer systems based on ICD 503 and JSIG, including Defense Security Service (DSS) Office of Designated Approving Authority (ODAA) standard, to ensure compliance with NISPOM
  • Implements RMF lifecycle principles/guidelines into USG Information Technology environments
  • Ensures security logs and audit trails are reviewed in accordance with established schedules
  • Develops, conducts, coordinates, and delivers site ISs security education program requirements
  • Generates maintenance security documentation for system hardware and software, to include SSPs, Plan of Action and Milestones, equipment specifications, practices, and procedures
  • Manages mandatory IS patching, updating, and scanning based on vulnerabilities and threats or regulatory compliance
  • Interfaces with company and customer staff at all levels
  • Performs duties as Alternate COMSEC Custodian
  • 8+ year’s Information Technology experience in a classified environment
  • Bachelor's Degree: Computer Science or IS Management
  • Candidate must possess a current DODI 8570.01 compliant certification (CISSP / Security+ CE)
  • Experience with auditing/assessing the security aspects of various OSs (Windows and Linux). Must demonstrate a complete understanding of Information Security Administration principles, concepts, practices, and standards as well as a complete understanding of network devices
  • Strong communication, critical thinking, and problem-solving skills; self-motivated with ability to effectively prioritize multiple projects; ability to work with people in a team environment
65

Information Security Specialist Resume Examples & Samples

  • Responsibility for the accuracy and reliability of configuration items with the configuration management database (CMDB)
  • Defining priorities and helping to coordinate activities across the IT asset management team
  • Provide regular updates to track and measure the overall quality of information in the CMDB
  • Work with the ServiceMap tool to support daily activities: run reports, investigate data, update records, examine and update configuration settings, etc
  • Work with team members from ITS and the LOBs to ensure that individual information for applications is maintained throughout the asset management lifecycle
  • Work on projects supporting the continuous improvement of configuration management in ServiceNow: addition of new CI types, expanded discovery of applications and business services, integration with other systems to support end-to-end lifecycle management
  • Ability to perform analysis and reporting of information from multiple data sources for the purpose of executive communication
  • Respond to ad hoc requests to provide information about the asset inventory for TD employees, internal audit and external regulators
  • Understanding of Asset Management, CMDB and basic ITIL processes
  • Simple scripting ability like writing regular expressions
  • MS Office (esp. Excel, PowerPoint)
  • Highly motivated with ability to work with little direction
  • Critical thinking and analytical skills with the ability to proactively follow up on identified issues and gain resolution
  • Ability to work in a team with diverse skills, providing ongoing feedback
  • Excellent communicator; able to clearly articulate messages both verbally and in writing
66

Information Security Specialist Resume Examples & Samples

  • Work in the ServiceNow ITAM module to support daily activities: run reports, investigate data, update records, examine and update configuration settings, etc
  • Work with team members from Operations and Build to ensure that individual asset records are maintained throughout the asset management lifecycle
  • Work on projects supporting the continuous improvement of IT asset management in ServiceNow: addition of new CI types, expanded discovery of locations and attributes, integration with other systems to support end-to-end lifecycle management
67

Information Security Specialist Resume Examples & Samples

  • Under limited supervision, develops, tests, and validates solutions to remediate exploitable conditions of increasing complexity on devices such as Web servers, mail servers, routers, firewalls and intrusion detection systems following established policies and procedures
  • Uses technical knowledge and expertise in examining security issues, techniques and implications across multiple computing platforms
  • Requires conceptual and practical expertise in own discipline and basic knowledge of related disciplines
  • Requires little or no supervision on a day to day basis
  • Solves problems using existing solutions; exercises judgment based on the analysis of multiple sources of information
  • Provides creative insights and / or solutions to address client / organizational challenges
  • Generates healthy debate within team, influencing team to look for a ‘better approach&#8217
  • Evaluates current situation based on previous experience; identifies advanced implications/ conclusions from the logical analysis of a complex situation or issue; weighs options critically
  • Recognizes the controls that mitigate the risk of negative outcomes through prevention or detection and correction; evaluates and quantifies the impact risk has on the business or its customers
68

Information Security Specialist, Senior Resume Examples & Samples

  • Providing systems engineering analysis and support data analysis from various legacy programs and systems System engineering services. This will include engineering analysis, design engineering, prototype development, software development configuration management, hardware/software lifecycle, verification and validation maintenance, and supporting engineering documentation
  • Ensuring that the images of required legacy systems are available in the development and test environment to simulate correlated data or mock up system components and data objects for the purpose of this contract
  • Testing with de-identified data for the purpose of developing the extraction and transformation routines
  • Coordinating with various program offices and system owners to conduct performance testing with the appropriately sized production like data
  • A critical component of SOA services architecture is to provide system security by ensuring services remain secure, preventing unauthorized access and use. The Security Engineer will be responsible for validating security settings for our SOA services
  • The Security Engineer candidate must have experience with Assessment and Authorization management activities, as well as FISMA Compliance, NIST 800-53 Security Controls, NIST 800-37 RMF Guide, and security documentation writing
  • The candidate must be detail-oriented, articulate, and computer-literate, and have strong interpersonal and organizational skills. Candidate must be able to lead effort to define remediation strategies/plans to address security incidents including
  • Analysis and remediation of security findings and requirements, including the interpretation of security scans and logs, vulnerability findings, security mandates and directives, and Security Technical Implementation Guidelines (STIGs)
  • Security Assessment Process (SAP) and Plan of Actions and Milestones (POA&Ms)
  • Information Assurance Vulnerability Alerts (IAVA) compliance
  • Assist in completion/review of data calls/documentation related to privacy risk assessments or security
  • Assist in reviewing security briefings and warnings for possible impact to systems
  • Identify systems that have unique security requirements, standards requirements or use cases that require customized approaches to SOA service development
  • Document and ensure approval of a System Security Authorization agreement (SSAA)
  • Ensure adherence to the system security requirements as specified in the Risk Management Framework (RMF) standards for cybersecurity policies
  • Validate security architecture compliance including encryption of sensitive data at rest and in transit
  • Ensure designs follow IA principles to protect sensitive PII and PHI. Review designs for proper authentication, authorization (access control), data integrity, and auditing
  • Ensure data integrity, by evaluating designs to verify encryption of data at rest and in transit
  • Review Access Control Policies (ACP) to ensure they strike a balance between the requirement to protect patient data with the need to share data with internal and external entities to enhance care delivery
  • Reviews and develops Automated Information System (AIS) accreditation and certification documentation
  • Defines scope and level of detail for security plans and policies applicable to security programs
  • Implements higher-level security requirements from law, regulations, and directives
  • Provide security coordination and review on acquisition documentation (e.g. CONOPS, ORDs, Test Plans)
  • Identify security vulnerabilities, implements countermeasures, and develops long range plans that anticipate, evaluate, and mitigate risks associated with vulnerabilities
  • Institute measures to ensure awareness and compliance
  • Review proposed new systems, networks, and software designs for potential security risks
  • Bachelors Degree (Computer Science, Information Technology, Information Security or related field)
  • A minimum of five (6) years of demonstrated experience in the Information Security (Cyber Security or Information Assurance) field
  • Demonstrates a proficiency with developing, maintaining and managing Security Authorizations and Assessments packages
  • Experience with developing and managing Plans of Action & Milestones (POA&M’s)
  • Displays technical experience with conducting research and providing review recommendations on software and technologies for vulnerabilities
  • Technical experience with reviewing vulnerability scans and providing mitigation techniques
  • Possess expertise in conducting annual assessments
  • Experienced writing security related policies and procedures
  • Possess experience conducting Contingency Plan test
  • Experience with conducting audit log reviews
  • Experience with NIST Special Publications and guidance
  • Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment
  • Excellent communication (written and verbal) skills
  • IT Security experience with FISMA Compliance
  • IT / Information Assurance Certification, i.e. CISSP, Security +, CAP, etc
  • IT Security documentation development and maintenance, i.e. SSP, CP, CM, etc
  • POA&M creation and mitigation
  • Developing ATO Packages
  • Good understanding of NIST 800-53 security controls
  • Good understanding of NIST 800-37 RMF Guide
  • Ability to work effectively both independently and on teams
  • Service Oriented Architecture (SOA)
  • Healthcare IT
69

Information Security Specialist Expert Resume Examples & Samples

  • 5+ years of experience in security field specially around security assessments or audit field
  • Ability, drive and motivation to research and provide the right guidance and find possible solutions. Ability to push back where the risk outweighs the benefits
  • Curiosity to ask questions and challenge status quo
  • Problem Solving & Analysis
  • Good collaboration, relationship and interpersonal skills
  • CISA, CISM, CISSP, PCI QSA or comparable certifications preferred but not required
70

Information Security Specialist Resume Examples & Samples

  • The IS Architect’s first duty is to gain a comprehensive understanding of the company’s technology and information systems and capabilities. They must learn strengths and weaknesses of the application’s security to be able to recommend improvements
  • Understanding of end user and secure communications requirements for the addition of new applications and software into the environment
  • Determine application security requirements by evaluating business strategies and requirements, research information security standards, conduct system security and vulnerability analyses and risk assessments and identify integration issues
  • Lead in the development and provide guidance during architecture and design activities of new and existing applications, while also conducting application risk and impact assessments on new and existing applications
  • Plan security systems by evaluating and developing requirements for cloud security technologies. Identify security architecture capabilities and design security architecture patterns to mitigate threats
  • 5 or more years of system security, controls or information management experience and/or end to end understanding of the software development lifecycle
  • 3 or more years of application systems security and architecture experience
  • Experience with application and communication systems security and design
  • Industry experiences in financial services, high-tech, and /or healthcare preferred
71

Senior Information Security Specialist Resume Examples & Samples

  • Assist with Information Security related agent components including performing investigative follow-up, assigning responsibility for corrective action, and auditing for effective completion
  • Continues to increase knowledge by tracking and understanding emerging security practices and standards by participating in educational, social or professional opportunities and organizations and/or reading publications
  • Collaborates with other technical leads (Network, Server, and Application), field services technicians, project managers and data center operations and technical subject matter specialists to integrate security controls into a cohesive architecture that sufficiently mitigates risk to the company
  • Mentors and coaches other Security Analysts to provide guidance and expertise in their growth
  • Consistently demonstrates regular, dependable attendance & punctuality
  • College degree and 5-7 years of experience or an equivalent combination of education and experience
  • Basic math functions such as addition, subtraction, multiplication, division and analytical skills
  • Scripting languages such as Python and PowerShell desired
  • Have experience with certificate and key management
  • Knowledge or skill to consult the development and application owner community on certificates/keys
  • Knowledge of cryptography technologies and implementations of such
  • Maintaining security monitoring in addition to leading and analyzing security reporting
  • Understanding of agent technologies commonly used on endpoints for protection of assets
  • Strong knowledge of HTTP, FTP, authentication, virus scanning, web servers, certificates and key management, and TLS protocol
  • Ability to troubleshoot certificate issues
  • Identify common network and web site attacks such as SQL injection, cross site scripting, remote file inclusion and cookie manipulation
  • Understanding of web applications authentication, session management, requests, form submission processes
  • An understanding of a wide array of server grade applications to include email, DNS, SMTP, IIS, Apache, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others
  • Ability to work a flexible schedule based on department and company needs
72

Information Security Specialist Resume Examples & Samples

  • Ensures timely and effective response to handling of escalated security events
  • Performs incident responder job function as part of an on-call rotation
  • Maintains active participation in multiple threat intelligence communities
  • Conducts research into threats, campaigns and actors and implements improvements to counter those threats
  • Assists in development of internally built tools (Incident Response platform)
  • Manages Information Security’s ELK and Graylog implementations as well as others as necessary
  • Provides technical leadership for security projects
  • Other duties as necessary
73

Information Security Specialist Resume Examples & Samples

  • Assisting with CISP/ Gramm–Leach–Bliley Act (GLBA) governance activities, including but not limited to: Independent Validation of assurance control testing, ongoing and annual reporting, NPPI data flow mapping and threat assessment
  • Partnering with other groups within Information Security to document processes, identify controls, determine control adequacy and identify control monitoring opportunities and areas for improvement/enhancement
  • Building and maintaining strong relationships with business lines in order to identify issues and drive policy compliance
  • Working with Business Line Risk Managers to proactively manage and mitigate IS related risks
  • Reviewing and providing ongoing monitoring of IS related GRC issues and Accepted Risks
  • Acting as an advisor for business lines and TSPs as they work to apply IS policy requirements into their everyday business activities
  • Reviewing and ensuring periodic and annual updates of IS procedures to ensure they remain current and relevant to the existing IS posture
  • 6 or more years of relevant Information Security or IT Audit experience
  • Ability to articulate technical risk issues in business terms
  • Working knowledge of Banking Regulations, with specific focus on GLBA
  • Ability to identify, assess and mitigate risks
  • Strong organizational, communication and planning skills
  • Strong interpersonal skills to interact with project teams and multiple departments and vendors to achieve project objectives
  • Demonstrated ability to manage multiple projects concurrently in an autonomous environment; ability to generate and pursue ideas
  • Strong capability and experience with meeting project timelines
  • Proficiency with MS Office skills including MS Word, MS PowerPoint, and MS Excel
  • Ability to work under pressure with efficiency and accuracy
  • Education, Certifications and/or Other Professional Credentials
  • BA/BS in Information Systems, Computer Science or related field preferred
  • Relevant Information Security or technical qualifications (e.g. CISSP, CISM, CISA, etc.) preferred
74

Information Security Specialist Resume Examples & Samples

  • Analyze security requirements, obtained from a variety of sources, on an ongoing basis
  • Analyze various data security, authentication / authorization, encryption, application level security and auditing requirements for the project
  • Work with the Architect team to design and implement necessary security components to meet requirements, as well as meet all applicable federal standards and guidelines
  • Work with development teams to carry out Application Security Reviews and Security Impact Assessments (SIA)
  • Support the technical teams in complex client engagements
  • Demonstrate strong awareness and experience with security implementation, complex solution deployment, and optimization supporting enterprise operations
  • Will be responsible for all aspects of delivery and deliverable quality for all Information Security Documentation and artifacts submitted to maintain ATO
  • Coordinate and support Security Controls Assessments (SCA), Risk and Vulnerability Assessments (RVA) and Annual Attestation
  • Perform periodic review and update to security documentation, to include the System Security Plan (SSP), Contingency Plan (CP), Information System Risk Assessment (ISRA) and Privacy Impact Assessment (PIA)
  • 2+ years of IT security experience
  • Experience with the mission, tasking, and policies of the Centers for Medicare & Medicaid Services (CMS)
  • Experience with the CMS Acceptable Risk Safeguards (ARS), Risk Management Handbook (RMH) and other CMS documents and policies
  • Demonstrated ability applying technological and organizational solutions for client delivery assurance
  • Ability to develop tactical and strategic solutions to meet client security requirements
  • Experience supporting IT security audits, reviews, data calls by clients
  • Experience researching, evaluating, and recommending vital IT security-related technologies and services
  • Knowledge of the principles of security threat management, risk management, security policy and processes, security architecture, regulatory compliance, maturity of security capability, vulnerability assessment, and security incident response
  • Strong analytical expertise in the review and assessment of the security operations and related service groups within a service provider or enterprise
  • Familiarity with Microsoft Office tools including Outlook, Word, Excel
  • Demonstrated verbal and written skills
  • Familiarity with a variety of security concepts, practices, and procedures
  • Exposure to Identity Management standards, such as User Provisioning, User Life Cycle Management, and centralized Access Control
  • Experience with CMS FISMA Control Tracking System (CFACTS)
  • Experience working in a CMMI Level 3 (or higher) environments
  • Experience working with the Centers for Medicare and Medicaid Services (CMS) 3-zone architecture
  • Experience in security scanning tools like BURP Suite
  • Ability to resolve complex support issues by leveraging user forums, support forums, or opening support cases with vendors and following them to closure. Strong ability to find workarounds and alternative approaches
  • Certifications : CISSP, CISM, CISA, CGEIT, GWAPT, GPEN, Security +
  • Familiarity with HIPAA, HITECH Acts, the Privacy Act of 1974,OMB memoranda on security and privacy
75

Senior Principal Information Security Specialist Resume Examples & Samples

  • Responsible for elements of physical and environmental protection, personnel security, incident handling, and security training and awarenessEnsure systems are operated, maintained, and disposed of in accordance with security policies and procedures
  • Ensure all users have the requisite security clearance, authorization, need-to-know, and are aware of their security responsibilities before being granted access to the system, and periodically thereafter
  • Create security policies and maintain existing information system security documentation
  • Conduct periodic and continuous reviews of the system to ensure compliance with the authorization package
  • Work with the IA team to perform basic system administration and maintain various IA tools, including audit collection and reporting systems, vulnerability management programs, and other continuous monitoring capabilities
  • Continuously review and evaluate best practices for implementing a comprehensive audit program
  • Implement vulnerability management programs, including tracking and addressing IAVAs and security patches, accessing applicability to existing systems, and ensuring closure
  • Work on project teams responsible for engineering and packaging releases to integrate within the customer's production IT environment
  • Work in close coordination with the ISSM, you will play an active role in monitoring assigned systems and their environment of operation to include developing and maintaining the System Security Plan (SSP) and Security Controls Traceability Matrix (SCTM), managing and controlling changes to the system, and assessing the security impact of those changes
76

Information Security Specialist Resume Examples & Samples

  • Documented experience operating within high security environments
  • Programming experience in Python, PHP, Perl, Ruby, .NET or other interpreted or compiled languages
  • Proven track record in infosec consulting engagements
  • Preferably holds the Offensive Security Certified Professional (OSCP) and/or Offensive Security Certified Expert (OSCE) certifications. CEH and GPEN certified candidates will be considered as well
  • Bachelor’s degree or equivalent work experience preferred
  • Kali Linux operating systems
  • IP Network technologies
  • Microsoft operating systems and related technologies
  • Wireless network controls
  • Web application technologies
  • Physical security
  • Source code analysis software
77

Hbss Information Security Specialist Resume Examples & Samples

  • DISA approved HBSS Training
  • Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security
  • Perform Computer Network Defense incident triage to include determining scope, urgency, and potential impact; identify the specific vulnerability and make recommendations that enable expeditious remediation
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts
  • Apply security policies to applications that interface with one another
  • Apply security policies to meet security objectives of the system
  • Apply service oriented security architecture principles to meet organization's confidentiality, integrity, and availability requirements
  • Discover organizational trends with regard to the security posture of systems
  • Ensure all systems security operations and maintenance activities are properly documented and updated as necessary
  • Monitor information protection assurance mechanisms related to system implementation and testing practices
  • Verify and update security documentation reflecting the application/system security design features
  • Validate HBSS system alerts against network traffic using packet analysis tools
  • Knowledge and experience in working with McAfee Data Loss Prevention Endpoint
  • Ability to work independently/with others to resolve computer security incidents
  • Organizational skills
  • McAfee HBSS ePO administration
  • Knowledge of IA principles and organizational requirements
  • Experiences working within remedy a plus. Education/Certifications
  • Must be 8570 compliant
78

Information Security Specialist Resume Examples & Samples

  • Discovery: Working with the team to discover TD networks, applications, and mobile assets. Gather key information including registration data, operating system, patch, and service version information, and system and application configurations
  • Vulnerability Identification: Based on what they learn during the discovery phase, they will then take steps to test the discovered environment or requested applications for real world security issues. Using a variety of applicable tools, including in-house and commercially available programs, they will create a real-world scenario where they attempt to compromise systems, applications, and mobile security, gain access to resources, or disrupt and exploit system services
  • Exploitation: As a security expert, they will exploit vulnerabilities with applications, as detected during the identification stage, to determine the level of impact to the enterprise, had someone with malicious intent attempted the same action
  • Provide support in the discipline of vulnerability management
  • Participate in the development of new cyber security assessment practice services
  • Responsible for delivery and post-delivery penetration testing support and reporting
  • Provide delivery of specific vulnerability management and penetration testing services including
  • Network, System, Application, Mobile, traditional web and wireless penetration testing
  • Must have experience using methods such as HTML5 cross domain exploiting, sequel injection, Session tampering, cookie manipulation, XSS exploiting and others penetration testing exploitation techniques
  • Writing exploit code for local testing
  • Bachelors degree in IT security, computer science or equivalent experience
  • 2+ years of experience delivering penetration testing consulting engagements
  • Must have Red Team or Ethical Hacking/Penetration testing experience
  • Experience delivering vulnerability management assessments and consulting
  • Must have outstanding written and verbal communication and presentation skills
  • Ability to work with others effectively
  • Ability to continually refine the vulnerability assessment and penetration testing methods and deliverables
  • Experience with application penetration testing highly desired
  • Security Certifications such as CEH, CISSP, CISM, OSCP, OSCE
  • Wireless, Network and TCP/IP skills
  • HTML5 penetration testing skills
  • Unix command, bash scripting, python coding
79

Information Security Specialist Resume Examples & Samples

  • Provide senior level leadership (document and present strategy, develop, plan, execute) the strategic goals of Identity and Access Management and Information Security from a Directory Services perspective
  • Act as technical SME in the areas of Active Directory, LDAP, Meta-directories, and Virtual Directories as well as federation services both internally and externally
  • Provide technical expertise to maintain environments and troubleshoot issues
  • Act as a manager between the Business Partner and vendor technical contacts. Ability to clearly communicate to key stakeholders including internal/external audit teams
  • Promote and work with team members to implement process improvement initiatives
  • Manage cross-functional teams, providing direction and leadership oversight in a matrix organization
80

Senior Information Security Specialist Resume Examples & Samples

  • Works autonomously on high profile, complex and/or high risk technology projects with significant impact to the organization
  • Provides technical leadership / consulting / direction to a larger team / portfolio on all aspects of technology controls / information security
  • Foresees issues / gaps and identifies emerging industry trends (i.e. future focused)
  • Provides recommendations on value-added improvements / enhancements
  • Top technical expert individual contributor with expert knowledge of IT security and risk disciplines and practices
  • Advanced and highly specialized knowledge of organization, technology controls / security/ risk issues
81

Information Security Specialist Resume Examples & Samples

  • Monitoring of security events with subsequent classification and investigation follow up
  • Identify, document, escalate and manage security events to support the established Incident Management and CSIRT processes
  • Participates in the delivery of the Information Security Program, including Enterprise Vulnerability Management, Incident Response, Threat Management and Monitoring, and Risk Reporting
  • Participate in an on-call rotation to provide after-hours pager support for escalations and incidents
  • Must be available to work shift patterns in line with US and Canadian time zones
82

Senior Information Security Specialist Resume Examples & Samples

  • Plan, execute on project and vendor risk assessments
  • Review, recommend, and draft IT controls
  • Educate IT management and owners on IT related security risks, controls and general awareness
  • Facilitate and coordinate on IT related internal and external audits
  • Track and report risks, audits, and certification testing
  • Coordinate and compile evidence for gap closures
  • Govern, monitor, and report on compliance to IT policies, standards, methodologies, and processes
  • Good knowledge of infrastructure platforms – Windows, Unix, Linux, etc
  • Strong documentation skills and communication skills to report to several layers of management and technical teams
  • Good understanding of vulnerability management and associated tools
  • Familiar with all types of threat and risk, vendor assessments
  • Understand System Development Life Cycle (SDLC) process and agile methodologies
  • Knowledge of IT general control components including logical access and security, change management, production operation and support, development and coding practices, and secure information management practices
  • CISSP, CISA, CISM and/or CRISC designations would be an asset
  • Security vulnerability scanning tools for systems, applications and web
  • Linux, Windows, AIX, web or cloud based applications
  • Application development, release management, code promotion, scripting concepts, schedulers and enterprise automation tools
  • IT risk and control frameworks including CobIT, NIST & Security Governance Frameworks such as ISO27001
83

Information Security Specialist Senior Resume Examples & Samples

  • Process driven and has eye for detail
  • Good collaboration and interpersonal skills, self-motivated, willingness to take on challenges and adaptability to change
  • Knowledge of IT Risk and Security governance frameworks such as ISO 27001, PCI, and HIPAA
  • Good understanding of key network and technical security controls
  • Understanding of risks in banking/financial services sector will be an added advantage
  • Desired Work Experience 2 to 4 years performing IT/Information Security Reviews
  • CISA, CISM, CISSP, PCI QSA, ISO27001 Lead Auditor or comparable certifications preferred but not required
84

Information Security Specialist With Top Secret Resume Examples & Samples

  • Typically requires a bachelor's degree or equivalent and seven to nine years of related experience
  • Prefer HDI-CSR certification
  • Must possess a current TOP SECRET Clearance with SCI eligibility
  • Must possess a current CISSP certification
  • Must possess an MCSA Windows Server 2008 or newer certification
85

Information Security Specialist, Principal Resume Examples & Samples

  • Experience in risk and vulnerability analysis in all phases of IT system life cycle development
  • Ability to understand security design and architecture to optimize security of information systems
  • Demonstrated experience in integration of risk management including assessment with security control specification and implementation
  • Demonstrated application of cybersecurity risk management frameworks to IT systems and operations and effective risk based decision making across multiple management levels and organizations
  • Experience/skill in interpretation and application of written policy and regulation
  • Experience in working with a federal information security program
  • Working knowledge and experience of intelligence community and/or DOD information security policies; relevant federal and private standards and requirements (e.g., NIST, CNSS)
  • Knowledge of and ability to assess systems based on DoD Security Technical implementation Guide (STIG) compliance policy and processes including Security Readiness Review results interpretation
  • Ability conduct qualitative and quantitative risk analysis
  • Ability to understand and convey threats and impact of threats related to the results of a security assessment
  • Ability to adhere to corporate policies and programs concerning information systems
  • Ability to understand the general information technology infrastructure and system inter connections (servers, local area networks (LANs), storage area networks (SANs), virtualization, etc.)
  • Experience with Microsoft and Linux Operating Systems
  • Experience using common IT security tools, including those used for assessment and evaluation
  • Experience with policy development and application in monitoring and analyzing data from information systems in support of active cybersecurity risk management
  • Exceptional presentation, oral, and written communication skills
  • Ability to ensure program needs are satisfied through interpersonal and trusted communication
  • Ability as self-starter with the ability to actively contribute on multiple efforts simultaneously, and have experience with and interest in process improvement
  • Ability remain focused, positive, and highly productive in a frequently changing and sometimes ambiguous environment
  • Knowledge of and experience using XACTA tool and associated workflows
  • Ability to develop and improve risk management and continuous monitoring processes
  • Ability to understand and analyze network security architectures
  • Ability to establish and foster effective interpersonal relationships and trusted partnerships
  • Ability to establish effective working relationships internally and externally to the agency
86

Information Security Specialist Resume Examples & Samples

  • Support multiple project teams using a shared software baseline
  • Complete of the Authorization and Accreditation process to achieve system ATO
  • Coordinate with customer IA representatives
  • Characterize systems in accordance with the Risk Management Framework
  • Write documents to include System Security Plans, Security Test Procedures, and Plan Of Actions & Milestones
  • Provide technical requirements and solutions to program engineers
  • Provide technical justifications to tailor security requirements
  • Execute government-witnessed security test events
  • Use automated tools to provide vulnerability and compliance assessments
  • Review IAVM notices and address with program engineers as required
  • Ensure regular patching of systems
  • Monitor software releases to ensure continued compliance and closure of POA&M items
  • Support corporate IA personnel in efforts related to assigned programs
  • Typically requires a Bachelor’s degree or equivalent and 5-7 years of related experience
  • Thrive in an energetic, fast-paced environment - learn and become productive quickly and meet team goals, can-do attitude, able to do what it takes to deliver
  • Demonstrated ability to work as part of an integrated team, as well as independently
  • Strong interpersonal and relationship building skills conducive to team building
  • Knowledge of DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria/procedures
  • Familiarity with the secure configuration of Linux systems
  • Experience creating, updating, and managing projects in Xacta
  • Certified in accordance with DoD 8570.1 IAT level II – (Security+, CISSP, or similar)
  • Experience operating ACAS/Nessus and interpreting resulting scans
  • Active TS/SCI with CI Poly
  • Position may require local, CONUS, or OCONUS travel up to 10% to support security test events
  • Familiarity with the secure configuration of Cisco devices
  • Familiarity with SSRDB and the process for vetting third party software products
  • Familiarity with DISA STIGs
  • Full Scope BI or willing to obtain one
87

Information Security Specialist Resume Examples & Samples

  • Work under close supervision with Information System administration personnel
  • Apply their knowledge of information network software and hardware to support their supervisor, manager and our customers
  • Apply their knowledge of information security procedures
  • Code and/or develop software patches to remediate vulnerabilities
  • Attend recurring status meetings with project team on a regular basis and keep management informed of all activities daily
  • Typically requires a Bachelors degree in Engineering, Computer Science or related discipline or equivalent experience
  • Verifiable experience in information security administration or network security (2 or more years)
  • Possess general network architectural knowledge of LANS/WANS
  • Ability to read and understand system vulnerability scan reports
  • Knowledge of Security Technical Implementation Guides (STIGs)
  • Possess Information Assurance certification of Level II or higher in accordance with DoD (Department of Defense Directive) 8570
  • Must have a current DoD Secret security clearance
  • Certifications as Microsoft Certified Engineer or Linux credentials are highly desired
  • Two or more years DoD experience (with references) is beneficial
  • Ability to read and understand Security Technical Implementation Guides (STIGs) is a big plus
88

Information Security Specialist, Lead Resume Examples & Samples

  • Executing the Certification and Accreditation implementation plans,
  • Conducting validation activities utilizing established procedures,
  • Ensure each assigned IA control is implemented according to the applicable guidelines,
  • Record the actual results and develop validation artifacts,
  • Preparing the IT Security plan,
  • Compiling the validation results in the reporting documentation
  • Prepare accreditation documentation and artifacts for Certification and Accreditation (C&A)
  • Successfully secure IT systems
  • Supervise, test, and monitor changes in information systems that might affect the security posture
  • Apply software patches
  • Develop and execute System Test and Evaluation (ST&E) plans
  • Prepare IT Security plans and policies
  • Ensure Information Assurance Vulnerability Management Compliance
  • Ensure assigned IA controls are properly implemented
  • Conduct validation activities utilizing established procedures
  • Experience and understanding of Risk Management Framework (RMF) IA Certification & Accreditation processes
  • Bachelors degree in an Information Assurance field
  • Experience utilizing the eMASS tool
89

Information Security Specialist, Lead Resume Examples & Samples

  • Must have a Top Secret level security clearance with SCI eligibility
  • Ability to Obtain DoD 8570.01/DOD 8140 IAM/IAT Level II certifications
  • Knowledge of DIACAP, RMF, DoD C&A processes, DoD 8500 (Cyber security) series and Common Criteria
  • Possess excellent briefing and technical writing skills
  • Bachelor's Degree in Cyber security, Computer Science or related field
  • Security certifications: CompTIA Security+, CISM, CISSP, CCIP, CCII
90

Information Security Specialist Resume Examples & Samples

  • CERTIFICATIONS
  • Position requires incumbent to maintain industry recognized CISSP certification
  • Candidate must have strong TCP/IP networking skills
  • Candidate must have a solid familiarity with application and network security
  • Must be able to provide technical subject matter expertise for a wide range of security technologies including, but not limited to SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, perimeter access controls, logical access controls, identity and access management, and data loss prevention
  • Candidate should have an understanding of vulnerabilities, exploits, and practical working knowledge of DoD IAVM program
  • Candidate should possess solid understanding of malware and associated risks attributed to system infections
  • Experience with CENTCOM and ARCSIGHT software is a plus
91

Information Security Specialist, Principal Resume Examples & Samples

  • Demonstrated expert level understanding of
  • Access/control, identity principles, and secure authentication
  • Secure development processes and practices
  • Vulnerability assessment, penetration testing, and remediation
  • Risk management and mitigation strategies
  • Operational knowledge of the following security technologies
  • IDS/IPS and DPI – NetWitness, Bluecoat, TCPdump/Wireshark, Security Onion, and Snort
  • DLP products – RSA, Symantec, and McAfee
  • Network and Security Monitoring and Management tools – HP, Cisco, and Security Onion
  • SIEM aggregator and analytics – ArcSight and Splunk with Enterprise Security
  • Penetration test and vulnerability test suites - Tenable Nessus, Nexpose, and Metasploit
  • Knowledge of perimeter security devices – Cisco ISE/ASA, CheckPoint NG, F5 Big-IP, Fortinet, Forefront, McAfee Web Gateway, FireEye, etc
  • Antimalware technologies, Endpoint encryption and Public Key Infrastructure (PKI)
  • General job responsibilities
  • Extensive experience with Microsoft and Unix/Linux operating systems
  • Proficiency with VMware technologies including ESX, Horizon View, vCloud
  • Ability to work in a team-centric environment
  • Strong critical thinking and analytical skills
  • Strong presentation, written, and oral communication skills
  • Draft technical manuals, installation manuals, procedure outlines and incident response plans in order to enhance system security documentation
  • Execute white, gray or black box security posture assessments and complete detailed reports that outline the findings and recommendations
  • Ability to work with internal and external stakeholders at all business levels
  • Additional but not required
  • Java, Python, C++, and/or .NET programming experience a plus
  • Bachelor’s degree and ten (10) to twelve (12) or more years’ experience in Information Assurance/Information System Security Engineering
  • CISSP, CEH, and other Security + certifications
92

Information Security Specialist Resume Examples & Samples

  • Oversight of the information security program ensuring compliance with government and corporate security policies and procedures by working with team members, engineers, program security and management personnel
  • Develops and implements the Security Requirements Document (SRD) and a System Configuration Specification (SCS), IAW ICD 503 and the NRO C&A process
  • Perform Information System (IS) self-inspections; provide security coordination and review of all system test plans
  • Ensure that periodic self-inspections of the facility's IS Program are conducted as part of the overall facility self-inspection program and that corrective action is taken for all identified findings and vulnerabilities
  • Develop and implement certification tests as required
  • Coordinate IS security related incidents, initiate investigations, and implement corrective actions and responses to incidents
  • Analyze and advise on the risk and remediation of security issues based on reports from vulnerability assessment scanners, patch management tools, and emerging threat information
  • Proactively research security/compliance changes in governmental/industry regulations or best practices that may affect security policies
  • Develop and maintain System Security Plans (SSPs) and/or concept of operations documents that accurately reflect the installation and security posture of the information systems in accordance with Government Assessment and Authorization (A&A) requirements
  • Conduct software evaluations and coordinate software approvals
  • Maintains, as required by the Designated Accrediting Authority, a repository for all system documentation and modifications
  • Monitors system security audit logs weekly, investigating and reporting all anomalies to management
  • Ensures all new personnel are trained prior to gaining access to classified networks
  • Ensures development and implementation of procedures for authorizing the use of software, hardware and firmware on systems under their purview
  • Ability to work in coordination with our System Administration and Infrastructure teams
  • Typically requires a bachelor's degree or five to seven years of related experience
  • System Administration background/Technical
  • U.S. citizenship and active TS/SCI Clearance with Poly
  • Security+ or DoD 8570 equivalent for Information Assurance Technical (IAT) Level II certification, otherwise required within 6 months of hire
  • Knowledge of specific IC, DoD, and Federal government A&A standards, processes and directives, particularly, ICD 503, IASD, CPBI 51E-1, JAFAN 6/3, JSIG, DSS ISFO (preferred)
  • Must be self-motivated and results oriented
  • Must be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues
  • Excellent written and oral communications and teamwork skills
  • Commitment to continuous learning and system development
  • Customer related security training
  • Experience with Windows Operating Systems (Windows 7, Windows 2008 R2 Server)
  • Experience in Virtualization technologies
93

Information Security Specialist Resume Examples & Samples

  • Provide Mitigation and Remediation in support of the Certification and Accreditation (C&A)/A&A process remotely and/or on-site including reports as required
  • Document residual risks by conducting a thorough review of all the vulnerabilities, architecture and defense in depth and provide the IA risk analysis and mitigation determination results for the Test Report
  • Work with system owners to develop specific site and system mitigation plans to achieve an overall reduction in residual risk
  • Develop all C&A documentation in accordance with DoD policies, NAVFAC policies and procedures to ensure that accreditation packages are complete and systemcompliance is met for Designated Accrediting Authority
  • Maintain documentation Plan of Action and Milestones
  • Travel to CONUS and OCONUS sites to conduct physical and cyber security assessments; conduct complete security baseline and inventory reports and packages
  • Bachelor's degree in engineering, business, mathematics, or related field
  • At least two years of experience in Information Technology
  • Five or more years of related experience
  • Experience with IA tools including but not limited to – Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), System Center Configuration Manager (SCCM), Data at Rest (DAR), Data in Transit, Group Policy Objects (GPO), Central Logging and audit reduction analysis, enterprise Mission Assurance Support Services (eMASS)
  • DoD Secret Clearance
94

Information Security Specialist Resume Examples & Samples

  • Participates in the development and implementation of policies, procedures and standards related to information security, privacy and incident response
  • Assists with security research, analysis, and design for assigned client computing systems and the network infrastructure
  • Uses tools and processes to monitor information systems for security-related events
  • Troubleshoots and resolves basic technical issues related with close supervision
  • Helps maintain a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues
  • Implements formal security programs and policies throughout the organization and monitors compliance to these policies and programs
  • May contribute general consulting (risk analysis) and project support in the area of information security to IT infrastructure
  • Monitors trends in information technology and security that could have an impact on the security of the organization’s
  • BA/BA degree and 5 to 7 years experience
  • The clearance level required is dependent on the type of clearance supported by our client
  • At a minimum CompTIA Security + certification. Higher IA security certifications desired
95

Hbss Information Security Specialist Resume Examples & Samples

  • Correlate incident data to identify specific vulnerabilities and make recommendations that enable remediation
  • Perform analysis of log files from a variety of sources to identify possible threats to network security
  • Perform computer network defense incident triage to include determining scope, urgency, and potential impact
  • Apply service oriented security architecture principles to meet organization’s confidentiality, integrity, and availability requirements
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for the inclusion into the risk mitigation strategy
  • Monitor/Analyze Rogue System Detection and respond/report IAW approved Navy TTPs/SOPs
  • Timely entry of communication and tasking into the ticket management tool (Remedy)
96

Senior Information Security Specialist Resume Examples & Samples

  • We seek an individual with the capability to to acquire knowledge of Broadridge Product/Service Offerings across all Business Units
  • You will address any assigned client Information Security onsite risk assessment requests and provide appropriate support, responses, presentations, reaching out to management as required for guidance
  • You will support any assigned client Vulnerability Assessment. and provide appropriate support and responses. as well as evaluate Client Information Security requests and provide appropriate responses, reaching out to management as required for guidance
  • Identify any assigned client Information Security questions that require Subject Matter Expert Support
  • Perform SharePoint status updates for assigned client Information Security requests in a timely manner
  • You will oversee Information Security knowledge base including Subject Matter Expert Responses
  • Evaluate/Update Information Security client questionnaire Policies, Standards, and Procedures when required
  • You will actively participate in the higher education security community such as ISACA
  • Perform other related duties as assigned and travel when required
  • LI-PH1 CE_TA
97

Information Security Specialist Resume Examples & Samples

  • Operates and provide second level support for Information Security applications used to administer privileged access
  • Supports System Integration and User Acceptance testing, including creation and execution of test cases
  • Create and maintain operational documentation and playbooks relating to system support role
  • Implement, and maintain security standards and procedures needed to provide an appropriate level of access control and data integrity for computerized information assets
  • Solid experience with Microsoft Directory Services and LDAP
  • Experience with SQL on one or more Database platforms (MSSQL Oracle, Sybase, MySQL, DB2)
  • Scripting experience (Powershell, Python, Ruby, Perl or equivalent) sufficient to manipulate extract files , load files using command interactions,
  • Ability to travel as needed (<10%)
98

Senior Information Security Specialist Resume Examples & Samples

  • Develops tactical and strategic solutions to client security requirements
  • Support IT security audits, reviews, data calls by clients
  • Assist with the preparation of new or revising of out-of-date IT security policies and procedures
  • Research, evaluate, and recommend vital IT security-related technologies and services
  • Assist the Information Assurance Director in executing various tasks and initiatives of the corporate IT governance program
  • Evaluate various security implementation options and tools to establish required security controls and recommend a solution
  • 2+ years of experience in FISMA and / or HIPAA / HITECH compliance
  • Strong knowledge of all facets of information security across diverse infrastructure and regulatory environments
  • Highly refined knowledge of the principles of security threat management, risk management, security policy and process, security architecture, regulatory compliance, maturity of security capability, vulnerability assessment and security incident response
  • Strong analytical expertise in the review and assessment of the security operations and related service groups within a Service provider or Enterprise
  • Knowledge of security concepts surrounding PKI, SSL, JAAS, Java KeyStores, WS-* Security, WS-Federation, Security Token Service, SAML, Federated Identity
  • Hands on experience with WS-Trust, SAML, STS and other federated security standards and protocols
  • Understanding of security in cloud based environments such as AWS
  • Experience in secure code review and use of tools such as PMD, HP Fortify etc
  • Exposure to Application Security Vulnerability such as OWASP Top 10, CWE / SANS Top 25
  • Exposure to Identity Management products and standards such as User Provisioning, User Life Cycle Management, and centralized Access Control
  • Exposure to Java Cryptographic Services and encryption concepts
  • Experience with developing Security Documentation like System Security Plan and experience guiding an application to receive ATO from Client's Security Team or Office of Chief Information Security
  • Experience working in CMMI Level 3 (or higher) environments
  • Experience working with the Centers for Medicare and Medicaid Services (CMS) and the CMS 3-zone architecture
  • Ability to resolve complex support issues by leveraging user forums, support forums or opening support cases with vendors and following them to closure
  • Certifications: CISM, CISA, CGEIT, GWAPT, GPEN
  • Familiarity with HIPAA, HITECH Acts, the Privacy Act of 1974, OMB memoranda on security and privacy
99

IDS Information Security Specialist Resume Examples & Samples

  • Perform risk assessment of third party vendors but not limited to cloud computing and identifying gaps in the vendor IT control environment and recommending mitigating controls to address the gaps that are not in line with company IT Security requirements
  • Defining a framework for the risk assessment activity and an agenda for identification
  • An understanding of the IAM or the Active Directory structure
  • Implement security designs and approaches to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed
  • Knowledge of how network services and protocols interact to provide network communications
  • Knowledge of incident response and handling methodologies
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol (TCP) and Internet Protocol (IP), Open System Interconnection Model (OSI), Information Technology Infrastructure Library, v3 (ITIL))
  • Knowledge of IT security principles and methods, such as firewalls, demilitarized zones, and encryption
  • Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins
100

Information Security Specialist Resume Examples & Samples

  • Make key contributions to the advancement of Application Security programs, providing expert technical solutions
  • Provide thought leadership driving strategic improvements at all levels for Application Security programs including leveraging or selecting tools and integrating into SDLC
  • Participate in annual review and development of security standards, policies, and processes
  • Perform mobile and web application vulnerability assessments, communicate remediation requirements to application owners and technical teams
  • Support IT Risk, Information Security, Compliance and Control, and Audit activities
  • Work across business units to provide security consulting services on incidents or projects
  • Guide third party and technical team members in remediation of existing vulnerabilities as well as best practices for future coding and adherence to standard
  • 10+ years experience working in a complex enterprise IT or Information Security environment with 5+ years of emphasis on web/mobile application security
  • Deep technical knowledge of web and mobile application development and demonstrated expertise with web/mobile security testing
  • Experience with application security assessment tools such as Kali Linux, IBM AppScan, Trustwave Appscanner, Fortify, IDA Pro or other reverse engineering tools, Python (pen testing), SAST
  • Demonstrated expertise with API testing using Burp proxy and extensions
  • Ability to read, understand, and communicate code changes to application teams to support vulnerability remediation in Java/J2EE, Javascript, HTML, Node.js, iOS/Swift, Objective-C, and C
  • Strong written and verbal communication skills. Must be able to effectively explain technical concepts to technical and non-technical audiences and communicate effectively at all levels
  • Strong interpersonal relationship skills and ability to build new relationships quickly with customers and partners
  • Self-driven with the ability to manage own delivery of challenging targets and solve problems with limited guidance
  • B.S in Computer Science or equivalent work experience
101

Information Security Specialist Resume Examples & Samples

  • Responsible for reviewing and making recommendations on new vendor offerings such as new mobile operating systems, OS version upgrades, new OS security functionality, etc
  • Providing consulting from an information security perspective on new projects and capabilities being proposed by the enterprise’s Mobile organization. Coordinating efforts with other Information Security departments as needed to ensure the correct teams are engaged
  • Determining the security posture of the mobile platforms, and making determinations on whether apps should be whitelisted from an information security perspective
  • Comparing security coverage from a platform perspective (Android, Blackberry, iOS) and determine any gaps or inconsistencies
  • Reviewing current security standards, policies, and configuration around Mobile environment
  • May participate as subject matter expert or act as project manager for one large, complex or multiple moderately complex initiatives
  • Develop, plan and implement strategies that improve the overall maturity of our IT risk, governance and compliance processes, programs and/or skills
  • Provides strategic recommendations to leaders and key decision makers regarding security, IT risk, governance and compliance matters
  • Facilitates the development of plans and strategies for information security, service continuity and other risk processes and programs
  • Supports the investment decision process by developing business cases and cost benefit analyses for new information security, service continuity or other risk domain solutions
  • Documents current and desired future state capabilities, incorporating industry leading technologies that enhance AXP's ability to manage IT risk and protect data
  • Manages the integration of vendor requirements and tasks, and track and review vendor deliverables
  • Responsible for evaluation of applications, tools and systems
  • Makes recommendations and assists in the implementation of changes to strengthen processes, procedures and compliance resulting in enhanced information security, service continuity or reduced IT risk
  • Five or more years of Architecture/Engineering experience in Mobile platforms (Android, Blackberry, iOS)
  • Demonstrated information security experience around Mobile platforms
  • Demonstrated experience with information security around mobile devices (Blackberry, iOS, Android), and enterprise mobility management/Bring Your Own Device tools
  • Fluency in software development and scripting languages preferred such as Java, Python, Objective-C, Swift, etc. a plus
  • Experience working with internal and external auditors, and regulatory examiners
  • Demonstrated ability to deliver on time and on budget
  • Requires knowledge of a minimum of several business and technical functional capabilities in the following areas: security architecture; security engineering; threat management; vulnerability management; electronic discovery; computer and data breach incident management; data protection; forensics; 3rd party/vendor management; security monitoring; cryptography; security operations and administration; privilege access management; security policies and standards; security awareness; business continuity; disaster recovery; IT risk management and controls; web security; data security; network security; system security, technology operations and compliance
102

Information Security Specialist Resume Examples & Samples

  • Responsible for reviewing the security controls in place in the End User Computing environment on a regular basis. Looking for overlap or consolidation opportunities, identifying any gaps for existing or new attack vectors
  • Responsible for reviewing and making recommendations on new vendor offerings such as updated operating systems, OS version upgrades, new OS security functionality, etc
  • Providing consulting from an information security perspective on new projects and capabilities being proposed by the End User Computing organization. Coordinating efforts with other Information Security departments as needed to ensure the correct teams are engaged
  • Determining the security posture of the global desktop images, and making determinations on whether software should be on the whitelist from an information security perspective
  • Comparing security agent coverage from a platform perspective (Windows, OSX, etc.) and determine any gaps or inconsistencies
  • Reviewing current security standards, policies, and configuration around End User Computing environment
  • Developing reporting and remediation strategies for vulnerabilities/misconfigurations identified in the End User Computing environment
  • Five or more years of Architecture/Engineering experience in End User Computing platforms (Windows 7, Windows 10, Apple OSX, etc.)
  • Demonstrated information security experience around End User Computing platforms
  • Experience with virtualization and Virtual Desktop Infrastructure (VDI)
  • Experience with containerization tools such as Docker
  • Demonstrated experience with information security around mobile devices (Blackberry, iOS, Android), and enterprise mobility management/Bring Your Own Device tools a strong plus
  • Fluency in software development and scripting languages preferred such as Java, .Net, Python, PowerShell, Perl, etc. a plus
103

Information Security Specialist Resume Examples & Samples

  • Provide Mitigation and Remediation in support of the C&A/A&A process remotely and/or on-site including reports as required
  • Develop all C&A documentation in accordance with DoD policies to ensure that accreditation packages are complete and systemcompliance is met for Designated Accrediting Authority
  • Bachelors degree in engineering, business, mathematics, or related field
  • Five to seven years of experience in Information Technology
  • Experience with IA tools including but not limited to – Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), System Center Configuration Manager (SCCM), Data at Rest (DAR), Data in Transit, Group Policy Objects (GPO), Central Logging and audit reduction analysis
  • RMF experience
104

Information Security Specialist Resume Examples & Samples

  • Extensive C#, MS MVC framework, SQL server and web development experience
  • JSON, REST, XML API development
  • Knowledge and experience in Unix/Windows shell scripting including python and PowerShell
  • Familiar with Identity standards like SAML and OAUTH
  • Understand the value of commitments to delivery made by a development team
  • General knowledge of Security and technology standards (e.g., infrastructure, architecture, processes, applications)
  • Familiarity with common Agile practices, service-oriented environments, and better development practices
  • Proactive team player with effective time management skills; ability to work independently, manage multiple deadlines/projects
105

Information Security Specialist Resume Examples & Samples

  • Performing web application vulnerability assessments, communicating remediation requirements to application owners and technical teams
  • Participating in the development of strategies for information security processes and programs
  • Providing thought leadership driving strategic improvements for the web application security and assessment
  • Supporting Information Security, Compliance and Control, and Audit activities
  • Working across business units to provide security consulting services on incidents or projects
  • Guiding third party and technical team members in remediation of existing vulnerabilities as well as best practices for future coding and adherence to standards
  • 5+ years experience working in a complex enterprise IT or Information Security environment with an emphasis on web application security
  • Deep technical knowledge of web application development and demonstrated expertise with web security testing
  • Ability to read, understand, and communicate code changes to application teams to support vulnerability remediation in HTML, Javascript, JAVA/J2EE, or .NET with competencies in secure coding practices
  • Experience with application security assessment tools such as Trustwave AppScanner, IBM AppScan, WebInspect, Veracode, WhiteHat, Paros Proxy, Burp Suite, etc
  • Strong written and verbal communication skills; must be able to effectively explain technical concepts to technical and non-technical audiences and communicate effectively at all levels
  • Industry recognized security certification including CISSP, CSSLP, and CEH
  • Web and mobile application development experience; experience with web services, REST APIs
  • Familiarity with Change Management procedures
  • Ability to manage multiple projects in a dynamic environment
106

Information Security Specialist Resume Examples & Samples

  • Building and maintaining strong relationships in order to identify issues and drive Information Security compliance
  • Developing a thorough understanding of divisional business, systems and processes in order to provide tailored Information Security solutions and services while minimizing impact or disruption to divisions
  • Ensuring information risk compliance to all regulatory, contractual and corporate policies
  • Identifying current risk positions, identifying potential exposures and driving actions to address or mitigate Information Security risk
  • Quality assuring Exception To Policy’s presented for approval to confirm risk statement and assess action plan adequately addresses the risk
  • Performing security risk assessments or providing specialist Information Security input to support major change programs
  • Engaging with business and technology projects to identify Information Security weaknesses in proposed systems / applications and developing appropriate solutions based on risk assessment
  • Escalating where appropriate any failures to comply with Information security controls in application / system implementation
  • Providing policy advice and guidance to business divisions and technology service providers
  • Supporting the production of high quality, informative and accurate management information for the division
  • Providing input to Information Security related briefings and Threat Management Groups
  • May be called upon to provide incident and investigations support
  • Identifying relevant training for this role and team to maintain required level of technical expertise within the Group
  • Providing both colleague and vendor support to assess, audit and remediate regulatory requirements
  • 1 – 3 years of professional experience preferably in an Information Risk or Information Technology discipline (financial services experience desired)
  • Ability to work independently and manage time well
  • Proficient deductive reasoning skills
  • Refined written and communication skills
  • Industry certifications are a plus
107

Information Security Specialist Resume Examples & Samples

  • Gaining a comprehensive understanding of the company’s technology, information systems and capabilities
  • Leading in the development and providing guidance during application architecture design activities of new and existing applications
  • Conducting architectural risk and impact assessments on new and existing applications
  • Assess third party vendor capabilities and security standards while addressing security challenges
  • Implementing application security improvements by assessing current state, evaluating trends and anticipating future security requirements
  • Researching and evaluating proposed software architecture solutions for adherence to documented company standards, policies and regulatory responsibilities
  • Working collaboratively with multi-disciplinary teams and business units to implement and support existing and future solutions
  • Determining security requirements by evaluating business strategies and plans, researching information security standards, conducting system security and vulnerability analysis and identifying integration issues
  • Planning security systems by evaluating cloud and security technologies; developing requirements for cloud public networks, virtual private networks (VPNs) and related security and network devices while adhering to industry standards
  • Identifying security architecture capabilities and designing security architecture patterns to mitigate threats
  • Assessing emerging technologies against application security architecture to determine where they fill gaps, overlap with existing solutions or extend capabilities
  • 3 or more years in system security, administration or information management experience and/or Security Engineer/Architect/Consultant
  • 1 or more years of systems architecture experience
  • End-to-end understanding of the software development lifecycle
  • Experience with internal controls, risk assessments, business process and internal IT control testing
  • Experience defining and implementing cloud security with solid understanding of best practices
  • Industry experience in financial services, high-tech, and /or healthcare preferred
108

Information Security Specialist Resume Examples & Samples

  • Coordinating the delivery of all policy related activities for the Information Security Office, including but not limited to, annual policy reviews, policy attestation and assurance, and collaboration with key stakeholders to roll out and communicate changes
  • Developing, maintaining and recommending enhancements to information security policies, minimum requirements, procedures and guidelines using generally-recognized security concepts tailored to meet the requirements of the organization
  • Reviewing periodic and annual updates of IS procedures to ensure they remain current and relevant to the existing IS posture
  • Providing support for the creation, review and scheduling of Information Security training courses and security awareness campaigns
  • Responding to vendor standard information gathering requests and maintaining library of responses
  • Providing policy advice and guidance to business lines and technology service providers as they work to apply IS policy requirements into their everyday business activities
  • Gathering and reporting metrics to support the compliance of the Bank’s Information Security posture
  • Supporting the production of high quality, informative and accurate management information and reporting for various reviews and forums
  • Developing and maintaining dashboards to provide the IS policy owner with actionable reporting of IS governance activities
  • 6 or more years of relevant Information Security policy and metrics reporting experience
  • Strong organizational and planning skills
  • Experience working with Information Security policy, controls, standards, frameworks and regulatory requirements (e.g., NIST, CoBIT, ISO 27000, FFIEC Guidelines, PCI/DSS, etc.)
  • Ability to team well with others to facilitate and enhance the understanding and compliance to security policies
  • Maintain awareness of the current security threat landscape, regulatory changes and new developments in the information security environment
  • Experience developing and maintaining IS policies and standards and security awareness campaigns
  • Excellent interpersonal, communications and presentation skills
  • Must be able to work independently and with minimal direct supervision
109

Information Security Specialist Resume Examples & Samples

  • Working experience and knowledge of the ILI Software Development Life Cycle (SDLC) with particular focus on areas related to information security is preferred
  • Knowledge of user authentication and access controls including SSO, LDAP, Active Directory, RACF, Windows, UNIX, ITIM/TAM is preferred
  • Ability to translate security and systems language into business context
  • Ability to partner and facilitate Information security related discussions with both technical and non technical business partners
  • Proven project management and risk management skills
  • Strong organization, written and verbal communication and presentation skills
  • Proficient in MS Office products, including but not limited to Word and Excel
  • Knowledge of Individual Life Insurance business functions and/or applications
  • Able to work independently and be a self starter; managing multiple tasks according to priorities; results oriented and proven ability to meet deadlines
  • Security Certifications (e.g., CISSP) a plus
110

Information Security Specialist Resume Examples & Samples

  • Comprehensive knowledge on cryptography and build up life cycle management processes for certificates used in corporation
  • Implementation experience or compliance owner of ISO27001
  • 5+ years of professional experience in information security or related industry
  • Information Security Certifications such as LA-27001, CISSP, CISA and CISM are preferred
  • A professional attitude and fastidious attention to the details with strong analytical skills
  • Self-managing and able to successfully handle simultaneous projects
  • Senior working experience on information security administration and computer security incident response
  • Demonstrated ability to work in a close team environment with minimal guidance
111

Information Security Specialist Resume Examples & Samples

  • At least 4 years experience with processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data
  • Information security architecture
  • Information security management
112

Information Security Specialist Resume Examples & Samples

  • Work with the enterprise project management and SDLC processes to ensure SSDLC and security assessment requirements and artifacts are managed appropriately and are included as part of the enterprise processes
  • Write requirements and standards for SSDLC and security vulnerability assessment and secure coding as needed
  • Assist with developing and delivering secure coding as well as BTRM training as needed
113

Senior Information Security Specialist Resume Examples & Samples

  • Coordinates, develops, and evaluates security programs for an organization. Recommends information assurance/security solutions to support customers’ requirements
  • Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands
  • Supports customers at the highest levels in the development and implementation of doctrine and policies
  • Performs analysis, design, and development of security features for system architectures
  • Designs, develops, engineers, and implements solutions that meet security requirements
  • Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems
114

Senior Information Security Specialist Resume Examples & Samples

  • Provide Information Security support to internal and external customers in accordance with the terms of the customer contract and Service Level Agreements (SLAs)
  • Ensure the correct functioning and maintenance of all internal and external information security systems and products serviced by Service Operations
  • Act as the Security Incident Handler and co-ordinate the scheduling of intervention with Customers, internal resolver groups, and the Service Desk, ensuring communications are maintained to resolve the security incident within the prescribed SLA
  • Provide Information Security Leadership to a variety of Service Operations Teams
  • Carry out security incident & problem management support to the highest standards and co-ordinate the resolution with the appropriate resolver groups
  • Ensure shortest resolution times possible by initiating the timely escalations to specialized resolver groups, inside & outside SITA, according to the customer contracts, SLAs and monitoring requirements
  • Ensure the Service Operations team adheres to the highest working standards for all security incidents & problems by providing guidance, support and direct management
  • Proactively detect problems related to information security services, infrastructure operations & delivery services
  • Support the senior team members in the management, reporting and co-ordination of day-day tasks during absence of the Security Manager
  • Perform Change Management, Configurations, Design and Implementation of Security Product & Systems
  • Conduct the analysis, definition, documentation and testing of Security Applications & Systems
  • Continuously identify and document lessons learnt, known errors and security knowledge in order to improve services
  • When/where required, be contactable for escalations and support, on and on-call standby basis
  • Minimum 3-5 years experience in the Information Security domain
  • Minimum 3 - 5 years experience on SIEM tools
  • Minimum 2 - 3 years experience on Vulnerability Scanning Tools
  • Must have been directly involved in providing security expertise to internal and/or external customers
  • Security monitoring & Security Event & Incident Management (SIEM)
  • Knowledge of McAfee & Splunk SIEM tools
  • Vulnerability Management & Vulnerability Scanning
  • Knowledge of Nessus & Qualys Security suites
  • Ability to support, troubleshoot, analyze and perform security investigations on proprietary systems
  • Ability to analyze, draw conclusions and create solutions to moderately complex information security problems
  • Ability to build relationships with peer and management levels
  • Basic understanding & ability to troubleshoot LAN & WAN topologies based on TCP/IP
  • Basic understanding & ability to troubleshoot basic windows & Linux server issues
  • Exposure to ITIL, IT & network components and principles
  • Exposure to ISO27001 & 27002 frameworks & principles
  • Demonstrated maturity in handling complex customer issues and demanding customers
  • Ability to coach new joiners and to facilitate their integration into the team
  • Ability to organize the activity of a team and to take ownership of issues until resolution
115

Information Security Specialist Intermediate Resume Examples & Samples

  • Performs Information Security Audits and Information System Security Assessment
  • Creates Risk Management Plans
  • Reviews Information System Security policies and procedures guides, Command and Control Protest plans and policies, and Continuity of Operations Plans (COOP)
  • Installation and maintenance of Information System Security Products and Services
  • Monitors automated and manually submitted job schedules in support of multiple clients to ensure completion and timely production of work
  • Troubleshoots basic errors related to batch processing and works to improve productivity
  • Participates in testing new batch processes to ensure productivity is not adversely affected. Escalates issues as appropriate
  • Implements operating procedures and timely documentation of procedures; ensures implementation is in accordance to standard operating procedures and follows same; escalates errors as appropriate
  • Prepares for and participates in daily status reviews. Forwards status reports to clients and management
  • Provides technical and administrative support required for batch failures, late critical batches, and SRTs
  • Four or more years of Information Assurance experience for similar Government Program Offices
  • Experience working with mainframes, mainframe and midrange scheduling software, and other related technologies
  • Experience working with system job control language
116

Information Security Specialist Resume Examples & Samples

  • Requires a bachelor's degree or equivalent and more than five years of related experience
  • Possess active TS/SCI security clearance
  • Experience in cyber security practices
  • Familiarity with intelligence community directives (ICDs), Risk Management Framework (RMF) Assessment and Authorization (A&A) processes, DOD cyber security policies, Xacta IA manager certification and accreditation (C&A) tool
  • Intermediate to expert knowledge of cyber security tools; Kali Linux, Assured Compliance Assessment Suite (ACAS), DISA Security Technical Implementation Guides (STIGs), Secure Content Automated Protocol (SCAP), other DOD vulnerability scanning tools
  • Intermediate knowledge of standard configuration tools such as Windows Server Update Services (WSUS), System Center Configuration Manager (SCCM), Windows Svr 2012, and Windows 10/7
  • Possess organizational skills and ability to manage multiple tasks
  • DOD 8570 certification of IAM Level III
  • An ideal Candidate will possess USMC or Navy Validator Certification or equivalent training & certification as CNSS4016, CNSS4016
117

Information Security Specialist Resume Examples & Samples

  • Minimum of four years in Information Security
  • Experience and knowledge of leading information security risk assessments
  • Experience in taking an organisation though alignment, assessment or delivery of an industry recognised security standard such as ISO or COBIT
  • Demonstrable experience in creating a sustainable compliance capability
  • Ability to conduct and direct research into governance, risk and compliance capabilities and progression
  • Ability to present ideas in ‘non-technical’ business-friendly accessible language
  • Ability to effectively prioritise and execute tasks in a high-pressure environment
  • One or more of the following qualifications are highly desirable
118

Senior Information Security Specialist Resume Examples & Samples

  • Demonstrated use of data analysis software, audit management software and continuous audit solutions
  • Demonstrated understanding of data processing, hardware platforms, and enterprise software applications and outsourced systems
  • General knowledge of business theory, business processes, management, budgeting and business office operations
  • Ability to translate the company's vision, values, mission and objectives into drivers for designing the information security assessment/audit agenda
  • Proven experience in writing audit reports for different audiences
  • Proven experience of working in technology environments, including audit
  • Experience in risk-based audits
119

Information Security Specialist / Analyst Resume Examples & Samples

  • O This individual must display an in-depth understanding of the latest trends and technologies related to IT Security and Compliance
  • Bachelor’s degree in Computer Science, Management Information Systems, Information Risk Assurance or relevant work experience
  • Logic and scripting skills
  • CISSP, CISA, CCNA, GIAC, GCIH certifications are a plus
120

Information Security Specialist, Mid Resume Examples & Samples

  • 3+ years of experience with providing information assurance support, documenting compliance, or evaluating IA security posture in a DoD environment
  • Experience with developing and maintaining DoD Information Assurance Certification and Accreditation Process (DIACAP) packages
  • Experience with reviewing government guidance, including task orders, directives, STIGs, or IAVAs for applicability and implementation
  • Ability to perform and support periodic IA assessments, including manual and automated code reviews or validation reviews
  • Ability to identify security engineering requirements for incorporation into software releases based on evolving DoD and DoN instructions, directives, and policies
  • Ability to obtain a DoD 8570.01
  • M Certification within 6 months of hire
  • Knowledge of Enterprise Mission Assurance Support Service (eMASS) and Vulnerability Management System (VMS)
  • Knowledge of Risk Management Framework (RMF)
  • M Certification
121

Information Security Specialist, Lead Resume Examples & Samples

  • Support Certification and Accreditation activities in accordance with NIST 800-171 requirements
  • Create, maintain, update applicable security documents including but not limited to: SOPs, Security Design, Traceability Matrix, Residual Risk Assessments, and tailored system requirements
  • Establish and maintain continuous monitoring solutions
  • Develop and maintain POA&M for all accepted risks
  • Manage, Monitor, and review security audit and intrusion detection system logs for attacks and anomalies
  • Periodic Vulnerability Assessments of system/sub-system components
  • IA Policy/procedure enforcement
  • Collaborate with the Engineering Team on aspects of solution design and development
  • Create a change management process for the team and lead change management related activities
  • Information Security Specialist experience
  • DoD 8570 (or DoD 8140) IAM II Certified, or higher
  • Knowledge of IC, DoD, and DoDIIS information security regulations and policies
  • Familiarity with Risk Assessment/Management techniques
  • Configuration Management experience
  • Lead experience
  • Demonstrated experience working with information security regulations and applicable laws
  • Demonstrated experience working with the NIST 800-171 process. Familiarity with terms, roles, and the process
  • Demonstrated ability to successfully work independently on complex tasks
  • Must possess high-degree of analytical and critical thinking skills
  • Must possess excellent oral and written communications skills
  • Must possess excellent interpersonal skills
122

Information Security Specialist, Lead Resume Examples & Samples

  • Strong Understanding of the Risk Management Framework based on NIST 800-37, NIST 800-53, NIST 800-53a, NIST 800-60
  • Provide guidance for securing information systems, and support information security assessments
  • Review, maintain, and ensure all Assessments and Authorizations (A&A) documentation to include System Security Plans (SSP)
  • Ensure security testing and evaluations are completed and documented
  • Ensure IA assessments and authorization tasks and solutions are collaborated with all necessary offices
  • Consult and coordinate with Intelligence Community and DoD entities to respond to authorization issues
  • Provide direct support as a technical representative for ensuring security is integrated throughout the lifecycle of systems and residual risk is acceptable
  • Provide expert assistance, technical documentation, and white papers
  • Collect and report Security Metrics
  • Conduct FISMA security inspections and provide evaluations, as required
123

Information Security Specialist, Lead Resume Examples & Samples

  • Bachelor’s Degree or higher in computer engineering or in a field related to the computer engineering or computer science disciplines plus 7 years Security Engineering experience. An additional 4+ years of Security Engineering experience may be substituted for the degree for a total of 11 years
  • Knowledge of the customer’s certification and accreditation process
  • Knowledge of and experience implementing the requirements in ICD 503
  • Experience developing and maintaining SSPs
  • Able to clearly communicate ideas and status updates to management and other stakeholders
  • Strong technical writing skills
  • Familiar with a variety of security policies, especially within the IC
  • Understands fundamentals of technical security risk assessment
  • Master’s degree in engineering, math, computer science, information security or related field
124

Information Security Specialist GS Resume Examples & Samples

  • Experience providing technical assistance to classified information security programs to safeguard classified national security information
  • Experience managing the development and execution of a nationwide classified information security program
  • Experience conducting training for small (1-10) and large (20-50) groups of individuals that includes explaining the material being presented, answering questions in front of the group and providing examples of what to do and what not to do concerning the handling of classified and sensitive information
  • Experience writing technical reports that are required by an Agency/Organization and submitted for accountability to higher authorities
  • Experience personally briefing senior level officials, answering their questions and providing examples pertaining to the handling of classified information
  • Experience writing technical reports, referencing all sources used and laws and directives, which will be used by the Agency’s senior leadership for accountability, external reporting and auditing purposes
  • Experience working to resolve national security program issues occurring within an Agency/Company and developing measures to prevent similar issues from reoccurring
125

Senior Information Security Specialist Resume Examples & Samples

  • Work alongside projects to ensure IT General Controls are being addressed
  • Escalate and assist resolving operational requirements not met by IT and Business projects
  • Educate project resources on IT related security risks, controls and general awareness
  • Work with projects to track and report IT security risks and the various security assessment and security testing results
  • Coordinate and compile evidence for project risk closures
  • Strong knowledge of infrastructure platforms – Windows, Unix, Linux, etc
  • Strong documentation and communication skills to report to several layers of management and technical teams
  • Good understanding of antivirus, SIEM and configuration management tools
  • Good understanding of OWASP and effectively applying its concepts and standards
126

Information Security Specialist Resume Examples & Samples

  • At least one year of experience in Information Technology
  • DIACAP and/or Risk Management Framework (RMF) experience
  • Five or more years of professional experience
127

Associate Professional Information Security Specialist Resume Examples & Samples

  • Assists with auditing computer systems to ensure they are operating securely and that data is protected from both internal and external attack
  • Supports security assessments to ensure adherence to customer specific security policy, procedures and industry standards
  • Assists with the review and definition of security requirements. Provides support for system reviews to determine if they are designed to comply with established standards
  • Basic analytical and problem solving skills
128

Information Security Specialist Resume Examples & Samples

  • Strong operational skills, previous experience in security
  • Proven experience with Linux, Windows, Networks, Python, some scripting skills
  • Positive attitude and an ability to adapt to an ever-changing environment
  • Fluent in English verbally and written, Swedish language would be preferred
129

Information Security Specialist Resume Examples & Samples

  • Providing support to the Team Leader and line management
  • Manual and automated source code review, especially for ASP.NET
  • System testing using approved bet365 methodologies
  • Creation of technical documentation
  • Developing an understanding of the business and supporting more junior members of the team
  • Liaising with the business to ensure that information security requirements are complied with
  • Identifying any nonconformity within the business and escalating appropriately
  • Taking an active role in the project process to ensure that information security points/matters are considered up front and throughout the project lifecycle
  • Taking an active role in external audits as necessary
  • Broad understanding of technology functions as they relate to information security
  • Use of planned, structured methodologies for conducting and reporting web application penetration testing
  • Excellent understanding of the general principles, practices and technologies of information/digital security
  • Examination of packets using Wireshark and other related tools
  • Experience with automated dynamic and static application security testing tools
  • Experience of manual security testing to find vulnerabilities and logical issues
  • Knowledge of developments in security technology and their application
  • Knowledge of risk management methodologies
  • Understanding of industry standard information security practices
  • Understanding of network infrastructure and network engineering topics
  • Awareness of PCI DSS current version
  • Ability to make informed decisions
  • Strong stakeholder management
  • Appreciation of IT principles
  • Committed, flexible, ‘can do’ attitude towards work.Please view our current vacancies
130

Information Security Specialist Resume Examples & Samples

  • Determining security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates
  • Planning security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards
  • Enhancing Cyber Security and organisation reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments
  • Ensuring cross-domain requirements are identified and issues resolved, resulting in the creation of a cohesive Enterprise Security
  • Updating job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations
  • Tracking industry trends for the domain and escalate potential areas of exploitation
  • Contributing to feasibility studies on domain specific new technologies
  • Participating in reviews of solution architectures developed by the programmes
  • Work with Security Architects at Senior and/or Advisor level, and on occasion with other tower Chief Architect(s), Solution Architect(s), Security and Commercial Partners to ensure that architecture solutions meet the business requirements and fit with the overall IT Enterprise Security Architecture & strategy
  • Working with key vendors to the domain to influence the direction of their products and services ensuring maximum value
  • Supporting Solution Architects on security issues
  • An understanding of the design, implementation and operation of large-scale security architecture solutions in a large and complex multi-supplier/multi-platform environment - mandatory
  • Sound basic knowledge of all areas of IT Security, including Identity and Access Management; Single Sign On; Secure communications and network protection; Data protection and privacy; Security Management; Audit; Cryptographic services; and Security Assurance and Maturity - mandatory
  • An understanding of the need for balancing the requirements of the business with the implementation of security technologies and processes – mandatory
  • An understanding of the need for developing and driving the commercial characteristics of security solutions e.g. designing security architecture based on unit cost targets- mandatory
  • An aptitude for Architecting innovative IT Security technology systems in a consumer-facing sector- mandatory
  • Experience with e-commerce and high volume online systems – desirable
  • Demonstrate good influencing, communications, interpersonal and organizational skills. – highly desirable
  • Any cyber based certifications commensurate with the relatively limited experience - highly desirable
  • Knowledge of SABSA/TOGAF and an aptitude progress to qualification - highly desirable
  • Knowledge and understanding of ISO 27001 - highly desirable
  • Knowledge and understanding of PCI DSS - highly desirable
  • UK HMG experience - highly desirable
  • ITIL qualified - desirable
  • PRINCE2 qualified – desirable
  • Degree or equivalent experience in computer science, telecommunications, networking, engineering or another computer-related field. Higher degree preferred
  • Hold or be able to obtain SC or DV clearance as required
131

Information Security Specialist Resume Examples & Samples

  • Provides subject matter expertise guidance on the interpretation of security revisions to the master security guide and declassification decisions
  • Updates and finalizes program protection policies and develops/prepares the final coordination of numerous continuity-related security SOPs
  • Travel to PAD-identified locations in support of mission requirements
  • Maintain and updates security education and awareness training policies
  • Draft co-utilization agreements and memorandums of agreement, as required, for assessed facilities
  • Establish and maintain the security container checklists for security containers
  • Ensures the proper implementation of COMSEC plans for assessed facilities
  • Ensure compliance in accordance with National Industrial Security Program DoD 5220.22-M
132

Senior Information Security Specialist Resume Examples & Samples

  • Perform and manage Onsite Risk Assessments as per process documents
  • Review vendor supplied policies & procedures, internal/external assessment reports, agreements and provide feedback
  • Provision assessment reports and executive summaries with recommendations & direction regarding remediation efforts and disposition of the third party
  • Communicate, escalate, and track vendor progress on assessment remediation activities
  • Act as a liaison & SME for internal departments & vendors to successfully manage Vendor Risk Assessment
  • Understand information security risks that are inherent to a business and articulate those risks in business terms
  • Maintain current knowledge on information security topics and their applicability program requirements
  • Engage VRO regarding any delays/deviations during remediation
  • Prior experience working with senior levels of management
  • Security expertise including knowledge on different security risk assessment frameworks (NIST), standards (ISO27001/HITRUST/Cobit), and act such as (HIPAA/GLBA)
  • Experience in examining audit reports (SSAE 16 Audit)
  • Knowledge and understanding of different security products (web/email filtering, disk encryption, IDS/IPS, antivirus, DLP, firewall etc.)
  • Knowledge of software development methodologies, application security, and OWASP Top 10 guidelines
  • Ability to document assessment work papers and preparing assessment report
  • Ability to manage vendor assessment independently with minimal supervision
133

Information Security Specialist Resume Examples & Samples

  • Bachelor?s degree, or a minimum of eight years? equivalent experience, in security, information technology, or a related field
  • Previous experience in physical security for SCI and SAP programs and facilities
  • Active DOE Q and SCI clearances
  • Experience working with the Department of Defense or the Intelligence Community agencies
  • Previous experience working in a Classified Document Control Center
  • Previous experience working in a SCI/SAP Personnel Security Office with an emphasis on personal security processing
  • Previous experience in security compliance assessment reviews, self-inspections and audits
  • Previous experience working with a Government-sponsored security organizations
134

Information Security Specialist Resume Examples & Samples

  • Monitor and analyze network traffic and IDS alerts, respond to potential threats/vulnerabilities
  • Conduct proactive threat research
  • Review security events that are populated in a Security Information and Event Management (SIEM) system
  • Create a final incident report detailing the events of the incident
  • Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functionsare completed
  • Provides oversight on incident handling to ensure all mitigation techniques are being achieved
  • Document and maintain a knowledge base of alarms (false positives and false negatives, blacklists, whitelists) that IDS and IPS encounter
  • Minimum of four (4) years of direct experience as a Security Analyst or SOC role within the last eight years, and demonstrated ability to carry out the functions of the job or any combination of education and experience, which would provide an equivalent background
  • Experience in Security Incident Handling procedures, Incident Management and Incident Triage
  • Experience with Account Management, Windows Events and Log Management
  • Bachelor’s degree in computer science, information systems security or other IT related field from an accredited institution preferred
  • At least four years of experience with security operations, computer network defense or intelligence analysis
  • LI-VD1
135

Information Security Specialist Resume Examples & Samples

  • Helps to monitors security systems and analyzes potential threats and vulnerabilities to client systems
  • Assists with the development of new computer and network security systems, including both hardware and software
  • Assists in the development and implementation of technical security policies
  • Coordinates technical incident response and remediation activities for client environments
  • Provides security analysis and consultation services for product, system, and network architecture designs
  • Assists in the analysis of network traffic and alerts to assess, prioritize, and differentiate between potential intrusion attempts and false alarms
  • Participates in investigations through to resolution and tracks solutions
  • Composes and sends alert notifications
  • Issues user ID's and passwords to new users, and monitors system access and use to identify any security violations
  • Analyzes basic security findings and data
  • Must be able to obtain Security + certification
  • Current Secret or higher security clearance.**
  • Software patching experience
  • IAVA processing experience
  • HBSS administration experience
  • SCCM administration experience
  • Current TS/SCI security clearance.**
136

Information Security Specialist Resume Examples & Samples

  • Responsible for Application Security, Certification and Accreditation and Security Operations in coordination with Information Assurance Manager (IAM)/Information System Security Manager (ISSM)
  • Facilitates and manages security vulnerability assessments and penetration tests
  • Develops, implements, and documents formal cyber security programs and policies throughout the organization and monitors compliance to these policies and programs
  • Contributes consulting (risk analysis) and project support in the area of information security to IT infrastructure and division computing projects as needed to support new business requirements
  • Maintain a system that can be certified and accredited in accordance with USDA OCIO security requirements and policy, in reference to the ATO renewals using NIST SP 800-53 V4 controls
  • Review and evaluate existing security and privacy incident response policies. Access and identify the need for changes based on new cyber security and privacy technologies, evolving Federal policy, or identified threats. Test and implement new policies, and institute measures to ensure awareness and compliance
  • Maintain and update the WBSCM security concept of operations document, architecture documentation, risk assessments, risk mitigation plans, and other supporting documents required to support RMF for USDA IT accreditation
  • Manage and maintain the WBSCM Ports, Protocols, and Services list
  • Work with WBSCM PMO to introduce security thresholds in the WBSCM Software Development Life-Cycle (SDLC)
  • Respond, report, and mitigate Security incidents (e.g., Personally Identifiable Information (PII), and unauthorized access)
  • Coordinate with USDA on alerts for WBSCM and, upon direction, WBSCM end users of security issues or updates to the applications and systems in use
  • Ensure the system and installed applications have current patches, security updates, and configuration settings in coordination with USDA
  • Demonstrate knowledge of Information Assurance Certification Accreditation Process including NIST SP 800-53 V4 Risk Management Framework
  • Demonstrate knowledge of Plan of Actions and Milestones, Executive Vulnerability Summary Reports
  • Demonstrate experience coordinating with external agencies
  • Demonstrate expert-level knowledge and management of contractor employees of various labor categories and technical skill levels in efforts similar in size and scope as this acquisition
  • Demonstrate mid-level knowledge of Federal standards, C&A techniques, actions and best practices related to C&A
  • Demonstrate experience interacting with and briefing senior government leader
  • Experience with SAP systems in a Public Sector is a plus
  • Experience with DIACAP/RMF is greatly desired
  • Knowledge of DoD space/architecture preferred
  • Knowledge of Risk Management Framework NIST SP 800-53 V4
137

Senior Information Security Specialist Resume Examples & Samples

  • Protecting the organization from business risks associated with technology, interfacing with Business and technology leads
  • Assisting the business in resolving technology based audit findings as well as consulting with IT Teams to identify mitigation strategies to internal audit findings
  • Providing a Single Security and IT Risk advisor for TD Bank, AMCB, for all issues, events, and programs
  • Providing a point of coordination for all security related activities within the central TRM&IS team
  • Participating in a State of Health program for the business, including reporting, planning and prioritization of key risks
  • Participating, as required, in support of all strategic objectives established by the CIO and her/his team
  • Ensuring the business understands key security and IT Risk strategies, and how they affect specific lines of business
  • Ensuring full participation in Audit programs assisting the business in identifying technology based controls
  • Comprehension of Federal and Industry based regulations as well as the alignment to technology controls
  • Providing guidance and/or consulting service to technology / business partners on key technology initiatives and providing expertise in the areas of Incident Response Management, Vulnerability Management & Reporting and Managed Security Services
  • Ensuring technology governance methodologies are in place within the business to minimize overall security risks to the Bank
  • Participating in the development of system security awareness and communication training programs across the enterprise to ensure alignment with the overall Technology strategy and compliance to regulatory and/or established Bank system security standards
  • Ensuring outsourcing partners adhere to TDBG security policies and standards, by establishing oversight controls, and by ensuring risk has been mitigated to protect the Bank
  • Participating in the development of on-going Technology Risk reporting, monitoring key trends and/or breaches
  • Staying current with emerging technology advancements / trends and regulations to support business needs and leverage a highly capable management team, actively developing and deploying talent across the business
138

Information Security Specialist Resume Examples & Samples

  • Identify security gaps, vulnerabilities and weaknesses in systems, networks and applications
  • Conduct security risk assessments both at the enterprise and system levels
  • Develop and maintain a security risk register
  • Track risk remediation activities
  • Evaluate security policies, standards and procedures, and suggest improvements
  • Conduct third-party security risk assessments
  • Evaluate existing security controls and participate in specifying and developing of new controls
  • Assist in security incident response activities
  • Lead and/or participate in security awareness and training initiatives
  • Identify, analyze and keep current on information security threats faced by the enterprise
  • Collect and disseminate actionable threat intelligence
  • At least 5 years of broad Information Security experience
  • Working knowledge of risk management methodologies
  • Familiarity with common security frameworks and standards, including NIST Cybersecurity Framework, ISO/IEC 27001:27013, CIS CSC, PCI DSS
  • Prior significant experience in at least one of the following
139

Information Security Specialist Resume Examples & Samples

  • Assists with DTO activities to assess the Cyber Security implications of changes to the ITI baseline and new requirements
  • Reviews changes for compliance
  • Develop technical documentation and artifacts, including technical papers, presentations, recommendations and findings, which are provided to senior Government IC officials
  • Develops the deliverables required for this WBS element while collaborating with other staff
140

Information Security Specialist, Principal Resume Examples & Samples

  • Must have current TS/SCI and able to pass polygraph with 60 days of hire
  • Working knowledge of TCP/IP networking technologies, Windows Active Directory and UNIX account administration, Windows Active Directory and UNIX folder permissions, Patch Management best practices on Operating Systems and applications, known vulnerabilities associate with Windows and UNIX platforms
  • Skill in assessing the robustness of security systems and designs
  • Skill in systems engineering, requirements analysis, system development, software development, or hardware development as applied to the information assurance or cyber security fields
  • Ability to conduct vulnerability scans and recognize vulnerabilities in security systems
  • Ability to evaluate the trustworthiness of the supplier and/or product
  • Ability to establish effective working relationships internally and externally to the client organization
141

Information Security Specialist Sec-pcc Resume Examples & Samples

  • Incorporate security awareness into classroom and virtual learning, including new hire orientation, new manager training, and other events
  • Owns and manages relationships with security education and awareness related vendors
  • Scoping of security awareness campaigns to meet targeted goals
  • Measurement and reporting of campaign attendance and effectiveness
  • Experience working in information security and demonstrable understanding of the concepts of information security
  • Experience deploying and measuring effectiveness of security awareness to a global audience, leveraging LMS, webcasts, and other technology
  • An in-depth understanding of ISO 27002 security policy, and a working knowledge of other policy frameworks such as ISO, COBIT and NIST a plus
  • Experience managing the communication to internal customers
  • Experience developing and delivering security awareness programs
  • Experience managing a global team, and working in a global virtual environment
142

Information Security Specialist, Principal Resume Examples & Samples

  • P rovide technical services for installation, operation, maintenance and authorization of hardware and software required for vulnerability scanning capabilities
  • Review system security body of evidence documentation for accuracy and completeness
  • Support development of Plan of Action and Milestones (POA&M) containing corrective actions required for unacceptable system and enterprise level risks
  • Provide support to configuration management and control processes to integrate security and risk management
  • Scan for network security compliance in accordance with DISA STIGs
  • Conduct security impact analyses of security controls based on proposed system changes
  • Support the preparation of security test plans, execute and assess the security control effectiveness using security control test procedures, and create Security Assessment Reports (SAR) based on assessment findings
  • Support vulnerability scanning activities for external audits (i.e. FISMA and CCRI)
  • Develop tools and methodologies for tracking and reporting on identified information system vulnerabilities
  • Must have a current certification compliant with DoD 8570 IAM or IAT level 3. OR must provide demonstrable progress to achieve a DoD 8570 compliant certification within 90 days of hire and maintain certification throughout employment
  • Typically requires bachelor's degree or equivalent and ten to twelve years of related experience
  • Experience with ICD 503 and working knowledge of Risk Management Frame work as outlined in NIST SP 800-37
  • Working knowledge of information system security controls and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A
  • Knowledgeable in continuous monitoring processes as outlined in NIST SP 800-137 appropriate for systems, leveraging existing tools, efforts, and incorporating new automation techniques
  • Knowledgeable in information system vulnerability analysis and management
  • Must have a thorough knowledge of IT including but not limited to network sub netting
  • Experienced in system testing methodologies that include
  • Configuration analysis
  • Security best practices validation
  • Experienced in security testing and penetration tools that include
  • WASSP
  • SECSCN
  • Backtrack 5
  • Assured Compliance Assessment Solution (ACAS)
  • Retina
  • HP Fortify Web Inspect
  • Network Discovery & Visual Analytics experience (i.e., IP Sonar, etc.)
  • Knowledgeable in cyber Incident handling
  • Experienced in using the XACTA application
  • Proficient in the use of Microsoft Application tools (i.e. Excel and Powerpoint)
143

Information Security Specialist Resume Examples & Samples

  • Assist the Information Security Officer with internal consulting, advisement and assistance for all aspects of Information Security
  • Key point of contact for all regulatory compliance audits and inspections including coordination of evidence gathering from subject matter experts across the business unit
  • Assist with application and business process related security risk assessments and remediation efforts
  • Evaluate and advise on policy exceptions for the business unit
  • Maintain and monitor internal observations/findings for both internal customers and third parties Assist Information Security Officers on information security risk management projects
  • Understand Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), SSAE-16 attestations, ISO 27001 Standards, Payment Card Industry Data Security Standard (PCI DSS), NIST Standards, standard security practices, current and emerging privacy and security regulations
144

Information Security Specialist Resume Examples & Samples

  • At least 3-5 years of IT experience with a Bachelor’s Degree in Information Security, Cyber Security or related fields
  • 1-2 years of Security Awareness / Training or a similar background in the Security Control Education areas, preferably in a Fortune 500
  • 3 or more years of relevant Information Security policy and metrics reporting experience
  • Adept at creating and delivering stimulating and exciting presentations
  • Creative, positive, optimistic, energetic, and organized
  • Strong project management skills with the ability to manage multiple priorities
  • Can communicate an understanding of Business Continuity Planning and the sub-processes of Crisis Management and Disaster Recover
145

Information Security Specialist, Senior Resume Examples & Samples

  • IBM Tivoli Endpoint Manager / BigFix – security management to monitor & manage physical and virtual endpoints—servers, desktops, and laptops. Utilize software to screen emerging threats in order to pro-actively remediate, protect, and report on endpoints in real-time
  • Nessus vulnerability Assessment including weaknesses that allow a remote hacker to control or access sensitive data on the system and identify misconfiguration (e.g. open mail relay, missing patches, etc.), default passwords or common passwords on system accounts, or denials of service attacks. Utilize reporting in preparation for PCI DSS audits
  • Splunk security information and event management (SIEM). Ensure log capture of all critical devices, create searches, reports and dashboards to accurately indicate security posture. Analyse and interpret raw data, identify trends to anticipate potential threats
  • Utilize, create, and maintain Standard Operating Procedures (SOPs) and Knowledge Base articles
  • 08-10 years w/Bachelors Degree
146

Information Security Specialist Engineer Resume Examples & Samples

  • At least 4 years of experience in Security Information Event Management (SIEM) and Splunk Tool administration
  • In depth knowledge of Vulnerability scanning tools, intrusion detection/intrusion prevention systems, and a core understanding of DoD/DISA compliance methodologies/requirements
  • Expert experience with at least one of the following tool suites highly desired, ArcSight, ACAS, Maltego, CyberArk, HBSS, Imperva, Splunk, Encase, Websense, SourceFire, AlgoSec, Forcepoint/Websense, or FireEye
  • Strategic and tactical mindset
  • High tolerance/evolved ability to lead and manage ambiguous situations
  • Excellent verbal, written, facility and presentation skills
  • Collaboration and team leadership abilities
147

Information Security Specialist Engineer Resume Examples & Samples

  • At least 7 years’ experience in Information Security
  • At least 3 years of experience in Security Information Event Management (SIEM) and Splunk Tool administration
  • Moderate experience with at least one of the following toll suites highly desired, ArcSight, ACAS, Maltego, CyberArk, HBSS, Imperva, Splunk, Encase, Websense, SourceFire, AlgoSec, Forcepoint/Websense, or FireEye
148

Information Security Specialist, Lead Resume Examples & Samples

  • Knowledge of IA principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation
  • Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption)
  • Knowledge of network access, identity, and access management (e.g., PKI]
  • Knowledge of security system design tools, methods, and techniques
  • Knowledge of relevant laws, policies, procedures, or governance as they relate to work that may impact critical infrastructure
  • Knowledge of TCP/IP networking technologies, Windows Active Directory and UNIX account administration, Windows Active Directory and UNIX folder permissions, Patch Management best practices on Operating Systems and applications, known vulnerabilities associated with Windows and UNIX platforms
  • Knowledge of Ports, Protocols, and Services for common network traffic
  • Knowledge of ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37
  • Knowledge of industry information security standards and protocols
  • Knowledge of commercial or military software development methodologies, process, and standards
  • Knowledge of web services protocols, including Simple object Access Protocol (SOAP), Web Services Description Language (WSDL), and Universal Description, Discovery and Integration (UDDI)
  • Knowledge of structured content tools and languages, and content management systems
  • Knowledge of known vulnerabilit