Information Security Specialist Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the information security specialist job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

E Heaney

Ericka

Heaney

351 Hodkiewicz Isle

Chicago

+1 (555) 144 0968

351 Hodkiewicz Isle

Chicago

Phone

p +1 (555) 144 0968

Experience Experience

New York, NY

Information Security Specialist

New York, NY

Collier-Jacobi

New York, NY

Information Security Specialist

Work with 3rd party managed security services providers to develop improved system monitoring and correlation rules to improve overall security posture
Develop and manage program metrics and performance through tracking/reporting and active engagement with stakeholders for continuous service improvement
Working with Business Line Risk Managers to proactively manage and mitigate IS related risks
Develops account processes, network rights, and access to NTC network systems and equipment
Working with organizational stakeholders, assist the development and support of the information security strategy
Work with various risk and information security teams in presenting recommendations for improvement to technology subject matter experts and management
Provides central contact point for user support and problem management for managed security applications (Firewall, IDS, Encryption, SIEM, EIQ, Web filtering)

Chicago, IL

Information Security Specialist, Lead

Chicago, IL

Legros LLC

Chicago, IL

Information Security Specialist, Lead

Create a change management process for the team and lead change management related activities
Provide expert assistance, technical documentation, and white papers
Knowledge of network access, identity, and access management (e.g., PKI]
Provide guidance for securing information systems, and s upport information security assessments
Conduct FISMA security inspections and provide evaluations
Provide guidance for securing information systems, and support information security assessments
Collaborate with the Engineering Team on aspects of solution design and development

present

Boston, MA

Senior Information Security Specialist

Boston, MA

Hickle, Lang and Stehr

present

Boston, MA

Senior Information Security Specialist

present

Contribute to the definition, development, and oversight of a global security management strategy and framework
Support the senior team members in the management, reporting and co-ordination of day-day tasks during absence of the Security Manager
Assist in managing the development, testing, deployment, monitoring, maintenance and operations of information security systems
Perform Change Management, Configurations, Design and Implementation of Security Product & Systems
Performs analysis, design, and development of security features for system architectures
Perform and manage Onsite Risk Assessments as per process documents
Perform a periodic accounts and workspace audits

Education Education

Bachelor’s Degree in Computer Science

Brigham Young University

Bachelor’s Degree in Computer Science

Skills Skills

Able to work within the team to build measurable, repeatable processes
Ability to continually refine the vulnerability assessment and penetration testing methods and deliverables
Able to turn large piles of data into interesting, relevant, quantifiable stories quickly
Demonstrate the ability to learn quickly and apply knowledge accordingly
Knowledge of current security tools available such as Tenable NESSUS, RETINA, POAM’s
Demonstrable experience in creating a sustainable compliance capability
A professional attitude and fastidious attention to the details with strong analytical skills
One or more of the following qualifications are highly desirable
Persistent and analytical mindset with strong controllership focus and attention to all details
Knowledge of and ability to perform the primary responsibilities of this position

Create a Resume in Minutes

15 Information Security Specialist resume templates

Read our complete resume writing guides

Information Security Specialist Resume Examples & Samples

Support the migration of CitiSFT records into CTR. Once all the ICG CitiSFT records have been fully migrated into CTR, work with the record owners to ensure that the required information is provided in CTR
Continue to maintain and support CTR in production
Conduct follow-ups with end-users to close existing cases and escalate issues as necessary
Provide status updates as needed
Ensure that critical IT risk issues are communicated to and reviewed by appropriate levels of management
Assist in the delivery of key IT Risk Management program deliverables whether deemed a fire drill or Business As Usual (BAU)
Ensure that critical IT control processes conform to standards and provide appropriate reporting
Monitor applicability and changes to internal policies and adjust approach as required. This may entail adjusting existing reports, creating new reports, and changing approach in dealing with end users
Information Security and project delivery experience
Experience in the banking industry
Strong excel skills (vlookups, pivot tables etc...)
Advanced analytical and problem solving skills with the ability to present data in a format that facilitates senior management decision making
Strong time management skills with the ability to remain calm under pressure and meet deadlines
Ability to multi-task and work independently with a virtual team against tight timelines

Information Security Specialist Resume Examples & Samples

Provide SME in application security and vulnerability management in CIB
Project Engagement – SME support for Technology, IRM and Cyber Security teams to assist in application security assessment through the use of automated tools and manual techniques to identify and verify exposure to common security vulnerabilities and providing remediation guidance
Data Analysis – understand, interpret, validate, manipulate data using excel and other tools, and present conclusions and recommendations
Information security certifications (such as CISSP, CSSLP, CEH/CPT or related certifications) would be preferred
Working knowledge of application assessment, application security vulnerabilities, code review methodologies, and secure coding practices
Understanding of OWASP security concepts and common application security risks, such as XSS, XSRF, SQL Injection, Cookie Manipulation, etc
Exposure to automated application security-related tools such as AppScan, Fortify, QualysGuard and other commercial and open source tools
Ability to deliver secure code training to developers
4+ years experience in a similar risk role
A graduate degree or equivalent experience (in computer science, information systems management, business administration or related field) is preferred

Information Security Specialist Vulnerability Lifecycle Manager Resume Examples & Samples

Must build and maintain strong working relationships with IT engineering, operations, and other stakeholders to remediate Information Security and/or Vulnerability Findings
Coordinate and lead vulnerability management forums with operations and engineering leads as required to resolve outstanding/pending issues before requiring further escalation
Responsible for managing customer expectations and effective delivery of reported metrics
Must escalate issues appropriately and in a timely fashion with general management supervision
Prior experience includes 3+ years working in Information Technology or Information Security related field
BA/BS required, MA/MBA preferred
Must be proficient with Microsoft Office Suite - SQL / Database experience a plus
Professional Certifications will be expected to acquire: CISSP, CISA, CEH
Versed in Information Security and vulnerability management
Strong knowledge of industry standards as they relate to Vulnerability Management

Information Security Specialist Resume Examples & Samples

Highly proficient supporting Network, Operating System, Database, Application & Data layers, providing an escalation point for technicians
Expert security tool user, able to build-out, configure, monitor & mine for interesting data
Ability to lead the evaluation, troubleshooting, and identification of issues with security infrastructure technologies at an enterprise level
Reporting capabilities through SQL, SharePoint, Splunk, Cacti, and other tools
Able to define KPIs, build relevant reporting solutions
Able to turn large piles of data into interesting, relevant, quantifiable stories quickly
Participates in computer security incident response activities for network intrusions, virus infections, and internal security violations
Ability to work on multiple tasks simultaneously, set priorities, communicate delivery expectations, and meet deadlines
Ability to provide mentoring to other team members and ensure they remain on track with deliverables
Oversees New Hire Training and provides continuous training to technicians
Able to work within the team to build measurable, repeatable processes
2+ years working in an enterprise/information security
5+ years of IT infrastructure proficiency and experience that could include one or more of: Encryption, Tokenization, Forensics/eDiscovery, Penetration Testing, Firewalls (OS, WAF), Proxies, Gateways, Routers, VPN
A foundational understanding of security technologies commonly leveraged to support a large-scale, multi-platform enterprise environment (system and/or security support for Windows, Unix, and mainframe platforms; network security services; Firewalls, Proxies, IDS, VPN)
Proven ability to perform analysis (or vendor assessment), and document business objectives, problem statement, evaluates options and justifies a recommendation
Proven ability to define and deliver service management reporting for Information Security as a Service
Relevant certifications: CISSP, CCNA, MCSE, CISA, CISM, CIPP, Vendor Specific, etc

Information Security Specialist Resume Examples & Samples

Training and Awareness
Information Security Officer Council Member
Provide updates to the standard security language for supplier contracts
Understand business, local and Information Security strategies as they relate to the portfolio
Provide Information security requirements advice and counsel to portfolio personnel, project teams, and the Business ensuring alignment to IS processes and solutions
Provide consultation to portfolio and legal personnel in the negotiation of Information Security related contractual clauses with suppliers
Review and provide updates to the standard security language for supplier contracts
Work as Information Security subject matter experts and provide expertise in regards to their support area or portfolio
Provides coaching, professional guidance, and support to Information Security Analysts, as required, in order to foster professional development
Governance and Control: Implement information security risk governance and control framework for the local organization that incorporates a consistent, sustainable methodology for identifying, assessing, and documenting information security risk that provides early warning of potential failure to meet information security requirements
Directs and monitors due diligence of information security supplier risk assessments and results on an ongoing basis
Oversee and manage portfolio of Information Security Supplier exceptions (ISMEs) to ensure these are current, accurate and are supported by sound resolution plans. On an ongoing basis, ensure resolution plans are on target for implementation
Interprets and acts on IS reports
Review and provide recommendations to IS policies, standards, guidelines/ processes
Reporting: Consolidate, interpret and report key information security risk, trends for the portfolio and understand effectiveness of controls in managing the key risks. This includes standard and ad hoc analyses and reporting for a variety of stakeholders including: local organization, Operating Group, IS Corporate Support Area (CSA) and others as appropriate. Integrates, interprets and analyzes data to produce portfolio information security risk profile for the local organization and IS CSA, identifying potential exposures and trends
IS CSA
Corporate Audit
General understanding of a risk based assessment approach
Technical Hands on experience in security of data warehouses, mainframes, networks, applications etc
Experience with TRA
Working knowledge of Operating Group businesses
Expert knowledge of Security Corporate Policies, Standards, and operating procedures relating to information security risk
Information Security certification is desired (e.g. CISSP, CISSLP, GIAC, etc.)
Highly developed communication skills, both verbal and written
Demonstrate strong relationship management skills
Possess advanced problem solving skills

Senior Information Security Specialist Resume Examples & Samples

Appropriately and practically defend the information enterprise in accordance with established policies, procedures, guidelines and practices
Conduct and lead incident response activities as appropriate including triage, root cause analysis, kill chain analysis, escalations, notifications, communication, etc., and in accordance with the HBC Information Security Incident Response Plan
Conduct and lead the technical investigative and forensics activities for information security incidents
Provide subject matter expertise, leadership and coordination for the Incident Response Team throughout the incident response lifecycle
Coordinate ongoing improvements to HBC’s security incident response procedures and capabilities by developing tabletop exercises and full drills of incident response plans
Provide centralized support for all information security incidents, cyber investigations, forensics and e-discovery matters across the enterprise

a&a Information Security Specialist Resume Examples & Samples

3+ years of experience with certification and accreditation and assessment and authentication (C&A/A&A) for systems and applications in support of Cyber and IT programs and systems
Experience with all versions of Windows and UNIX operating systems
Knowledge of automated scan testing tools
Knowledge of NIST Special Publications, FIPS 199 and 200, and FISMA requirements
Active Secret clearance required
Possession of excellent analytical and interpersonal skills
BS degree in Engineering, CS, or other technical field preferred
CISSP, CEH, or other related certifications

Technology Information Security Specialist Resume Examples & Samples

Provide a single point of contact on Information Security for one or more Citi Technology Infrastructure functions
Proactively engage the businesses to identify, document and drive remediation of excessive risks and non-compliant activities
Escalate significant risks to the Regional/Sector IS Leadership for information or action
Support implementation of Information Security Training Plan
Demonstrate continuous improvement on all IS program by assessing and promptly reporting Corrective Action plan
Provide updates to business through established communication channels
Focus on process improvements, removing deficiencies and enhancing current tools for reducing overall risk profile
Ensure compliance to security practices & standards reducing likelihood of audit, regulatory & legal liabilities
Assist to pass with a satisfactory audit rating for all IS topics with no major IS issues
Support GIS policy and standards development and initiatives implementation
Provide a unified and holistic view of vulnerabilities and associated risk exposure
Provide technical security advice to various technology domains including, Windows, Unix Server, Database, Workstation, Network, Tech Room operations staff to help meet information security requirements
Communicates and discusses changes to IS regulations and standards with ISOs
Assist to pass with a satisfactory audit rating the external, internal and regulatory audit reviews
Determines ISO training needs and training requirements and provides appropriate materials and opportunities
Excellent problem solving abilities and analytical skills
Has the ability to influence others and shape / obtain desired outcome in areas outside of direct control
Demonstrated ability to develop and implement process improvement initiatives. Technical
Extensive technical background in current desktop and server operating systems
Must be proficient with Microsoft Office suite applications, including Excel and PowerPoint
Professional certifications required or will be expected to acquire CISSP in first 12 months
Strong knowledge of industry standards as they relate to security infrastructure technologies
Experience in vulnerability assessments and remediation of vulnerability findings
Other: Min 5 years of technical expertise and hands-on experience in the following security infrastructure technologies: - Leading Firewall technologies. - Intrusion Detection and Prevention Technologies. Vulnerability assessment technologies. - Network protocols and infrastructure. - Network admission control systems. - Policy based DLP infrastructure. - Antivirus, malware infrastructure

Information Security Specialist Resume Examples & Samples

Provide SME in automated security assessments and vulnerability management
Project Engagement – SME support for Technology, IRM and Cyber Security teams to assist in security assessment through the use of automated tools and manual techniques to identify and verify exposure to common security vulnerabilities and providing remediation guidance
Process – Provide oversight for the firm’s automated scanning capabilities and lead global ad-hoc scanning initiatives when necessary
Impact Analysis – Review proposed solutions, develop use cases to explain/demonstrate requirements/specifications to key stakeholders
Contribute to the development and implementation of security policies, standards, procedures, and guidelines
Vendor and Information security certifications (such as CCNA/CCNP, CISSP, CSSLP, CEH/CPT or related certifications) would be preferred
Working knowledge of application and infrastructure assessment methodologies, security vulnerability analysis, false positive reduction, and remediation strategies
Understanding of network operations and architecture
Exposure to automated security-related tools such as AppScan, Fortify, QualysGuard, Nessus, Metasploit, and other commercial and open source tools
Exposure to manual assessment tools such as HTTP Proxies, browser plug-ins, automation scripts, etc…

Information Security Specialist Resume Examples & Samples

Member of team responsible for monitoring and resolution of security incidents within established customer Service Level Agreements
Collaboration with Line of Business technical teams for issue resolution and mitigation
Documentation of actions taken for audit, regulatory and legal purposes within approved event tracking system
Provide workstation Full Disk Encryption (FDE) and External Media Data Protection administration and management (using Symantec PGP or other solution )
Provide desktop recovery support to include daily operational incident response support as well as potential on-call support

Information Security Specialist Resume Examples & Samples

Support the security needs of the organization by providing expertise and assistance in all projects with regards to security issues
Process security requests for all computing environments supported by the Information Security Department and provide on-call support for security systems
Work with business users to provide client support and trouble-shooting tasks
Develop, implement, and maintain security standards and procedures needed to provide an appropriate level of access control and data integrity for computerized information assets
Coordinate Corporate cyber investigations to ensure confidentiality and impartiality in all matters, while guarding the integrity of all evidence collected
Provide training for new staff members
Design, recommend, and implement security strategies that will provide the degree of asset protection compliant with Corporate security policies
Develop and maintain process documentation that will provide operational guidelines for all systems supported by the Information Security program
Conduct quality assurance reviews of the processes/practices employed by the Information Security staff in executing the responsibilities and operational activities of the department
May serve as a Team Leader with responsibility for day-to-day operations, mentoring of other team members, peer review of project work, and problem resolution
Bachelor's degree in Computer Science, business or related field, or equivalent education and related training
Five years of experience in the field of information security
Advanced knowledge of mainframe security systems, information security risk assessment techniques, system development/methodologies, and project management disciplines
Proficient in the use of personal computers and standard computer software applications, including Microsoft Office

Information Security Specialist Uat K Resume Examples & Samples

Bachelors Degree in Information Security or related field
3+ years experience in Information Security or related position
Understanding of SDLC methodologies and how to incorporate security controls in compliance with Enterprise standards into each phase
Risk based decision maker; able to balance business needs with security of data
Strong knowledge of information security industry
Well-versed in Corporate Information Security standards and policies
Strong communicator, able to work with all levels within the organization
Information Security certification (CISSP) a plus
Prior experience in implementing capacity planning, workflow, and other metrics a plus

Information Security Specialist Resume Examples & Samples

Reviews results of network and application ethical hacks in order to determine severity of findings and to ensure proper remediation is applied
Proficiency in one or more high level programming languages like Java, C, C++, Ruby etc
Expertise and experience in web/mobile application and network penetration testing
Prior experience with Red teaming would be an added advantage
Detailed understanding of OSI and TCP stack with emphasis on computer architecture and networking protocols

Information Security Specialist Resume Examples & Samples

Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs
Identify potential malicious activity from memory dumps, logs, and packet captures
Interact and assist other investigative teams within Visa on time sensitive, critical investigations
Demonstrated relevant experience as a key member of an incident response team, malware analyst, or similar role
Ability to rapidly analyze systems for signs of infection or compromise
Tangible experience combatting crimeware or APT is a distinguishing factor

Cyber Security Dashboard Sme Information Security Specialist Resume Examples & Samples

Supply recommendations and SME knowledge for the continued development of the Cyber Security RSA Archer platform
Integrate and maintain multiple data feeds of external data into the RSA Archer platform
Provide administration for the Archer implementation
Serve as the SME for the configuration of Archer during upgrades, patching and across testing and production environments
Team with data analysts, security SMEs to develop dashboards and produce key information for executive and leadership reporting and decision making
Work with teams to produce actuate key security metrics for IT assessments
Maintain in-depth knowledge of Visa policies, security standards, processes and controls and provide on demand support to Visa resources for these materials
Produce trending and analytics on demand using legacy data for stakeholders including security resources and senior leadership
Engage where needed to implement ratings, risk rankings, and prioritization from both internal and external sources. Work with auditors and assessors, including appropriate questioning of findings and discussions on justification
Interpret legal, compliance and privacy feedback on the Archer tool and data, implement controls and safeguards for data per requirements
Work with external vendors and consultants on global delivery and implementation teams which impact Archer efforts
Assist coordination and implementation of appropriate Cyber Security governance, metrics collection, and reporting capabilities across Global information Security
Provide guidance on implementing Cyber objectives through the Archer tool, maintain mappings of Visa specific controls
Partner with SMEs and stakeholders , e.g Cyber Security Leadership, GRC, Security Operations, VSIRT, Group Audit and business leaders
Bachelor’s Degree in Cyber Security, Information Security, or Computer Science (or related field) or equivalent work experience
8 to 10 years of experience in Information Security with experience in Cyber Security, Vulnerability Management, Security Configuration Management, Web Application Security, eGRC, , security dashboards, security analytics and metrics development, 1+ years in audit, risk management, governance and/ or compliance function desired
Hands on development with the RSA Archer eGRC solution for a global organization
Familiar with Security Single Pane of Glass implementations or frameworks such as RSA Archer, Modulo, etc…
In depth experience in designing, implementing and/or managing Cybersecurity dashboard, security based eGRC, or Security Analytics and Metrics portal
Deep understanding of Cyber Security workflow and process methodology
Comfortable working with security data to includes Vulnerability scans, Application scans, Policy Compliance, Incidents and Threat feeds
Providing support and assistance during internal and external audits
Training and evangelizing information security to Executive leaders, Engineers and Users
Responding to Security Incidents
Extensive knowledge and experience with diverse IT architectures and enterprise IT data centers, large scale transaction processing environments, external hosted services and cloud computing environments. Extensive knowledge and experience with physical and virtual server configurations and implementations
Extensive experience working with perimeter technologies (e.g., router, firewalls, web proxies and intrusion prevention, etc.) and security tools (i.e. web application scanners, vulnerability scanners, file integrity monitoring, configuration monitoring, etc.)
Extensive knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.)
Knowledge of and experience with applying Common Weakness Enumeration (CWE), Common Vulnerability Scoring System (CVSS), Common Vulnerabilities and Exposures (CVS) and Open Web Application Security Project (OWASP) processes and remediation recommendations
Experience working in a team of security subject matter experts
RSA Certified Administrator Certification highly desirable
Security-related certifications a plus: CISSP, CRISC, GIAC, CCIE, CCNP, ITIL etc…
Scripting skills (Java, Python, Perl, Ruby, Python, C/C++)

Information Security Specialist Visa Incident Response Team Resume Examples & Samples

Coordinate the initial workflow and response for varying case types with internal and external teams
Collaborate with operational support staff to ensure they are actively engaged in potential security threats and concerns
Provide technical advice and input for the support of integrated security systems and solutions
Strong analytical skills and an ability to quickly learn and adapt to new technologies
Strong working knowledge of malware in its varying forms, common delivery mechanisms, and common mitigation steps
Experience with IDS/IPS, Splunk, FireEye, and similar technologies is desired
Ability to communicate and collaborate effectively with other team members in a geographic and culturally diverse workforce

Information Security Specialist Resume Examples & Samples

RESPONSIBILITIES
The candidate will be responsible for performing information security and controls assessments based on involvement and consulting with project teams
The candidate must be able to communicate the concepts of information security to guide information security practices and solutions within the IT environment
The candidate must possess leadership skills and be able to provide guidance to lower level Security Assessors
The individual will advocate enhancements to existing processes and procedures to improve information security controls. The candidate must have the superior ability to work well with others in a supportive team environment, the ability to prioritize multiple high priority activities, and must have outstanding written and verbal communication skills
10-15 years audit and risk management experience that includes a broad understanding of the software delivery process, professional services consulting and/or program management
10-15 years experience providing information security or information technology consulting services to a broad range of companies and/or federal and state agencies
Solid understanding of Security and Controls frameworks
In depth knowledge of
EDUCATION: Bachelor degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or other related field. (Master degree is preferred.) Significant and relevant technical experience meeting the job description may be substituted for degree requirements

Information Security Specialist Resume Examples & Samples

Information securityy or equivalent experience
Core knowledge and experience of Security Operations
Security certification desirable (CISSP, CISA, CISM, GSE or any other GIAC credential)
Experience with information security policies, intrusion response procedures, disaster recovery procedures, risk analysis
Experience in working with and implementing information security tools
Knowledge and understanding of network/security issues and solutions
Ability to acquire new technical skills quickly and contribute to a wide range of projects
A self-starter - highly motivated and able to work productively with minimal guidance
Excellent verbal and written English and Arabic language skills
Excellent communication skills to plan and coordinate projects and interact with colleague of all levels

Rft Risk & Controls Information Security Specialist Resume Examples & Samples

Strong in Informatica and SQL skills
8- 10 Years experience in working with Informatica
8- 10 Year experience in working with Oracle
8- 10 Year experience in working with Unix Environments(Solaris/AIX/Linux)
Knowledge in Shell/Perl scripting
8- 10 Years of experience in working in Informatica Development Role
8 - 10 Years working in Data Warehousing environment
Minimum of Bachelors Degree
Expert in SQL and should have good knowledge in Oracle 11 G and above
Expert in Shell Scripting
Experience in working in Investment bank
Tech Lead
Working Knowledge on Exadata
ETL Concepts - Working experience with Informatica
Oracle/Exadata
Unix environment
Shell/Perl Scripting

Information Security Specialist Portland Resume Examples & Samples

Generally 0 - 2 years experience in Information Technology, bank operations, or a risk management discipline
General understanding of information technology, including: operating systems, networking, application architecture, and malware prevention controls
General knowledge of risk management processes including internal audit and information security management. Ability to gain familiarity with company operations and/or policies and procedures in order to perform information security risk management tasks under the guidance of more senior staff
Proficiency with personal computers and related software packages such as Word and Excel
Expected to obtain CISSP certification within 1 year of hire

Information Security Specialist Resume Examples & Samples

Extensive experience in technology, risk or security related roles, with demonstrable experience of identifying and managing information security risks
Strong understanding of web application development and service oriented architecture, and related technologies and platforms
In depth knowledge of a wide range of information security related topics and industry standards, including ISO27001 and ITIL
Ability to review complex information systems and web applications, identify risks and recommend appropriate, pragmatic (and cost effective) solutions to mitigate those risks
Ability to communicate and collaborate at all levels of the corporation, and externally
Demonstrable experience of writing information security reports, documentation and standards accurately and to designated timescales
Agile and flexible
Web application development and architectural experience
Unix / linux security and/or administration experience, especially Red Hat/CentOS
VMWare / VBlock security and/or administration experience
Experience of ensuring security in agile/iterative development
Previous experience of Public Sector and/or Media organisations would be beneficial but not essential
An understanding of the culture and ethos of the BBC

Information Security Specialist Resume Examples & Samples

Establishing and maintaining the IS Organisation, Operating Model and Governance for GT
Acting as a Subject Matter Expert to GT and other partners on the topic of IS Policies and Standards
Elaborating the Strategy and Priorities for the GT Information Security Programme
Providing Subject Matter Expert Advisory services on group-/division-wide IS topics and initiatives, including Education and Awareness
Implementing the GT Information Security Programme, including partnering with group-/division-wide IS Risk Remediation programs/projects to facilitate their implementation in GT. Preparing, driving and post-processing operational IS tasks (for example access reviews.)
Performing IS Assessment of CtB initiatives impacting GT-owned information, and advising GT Information Owners as well as other partners on mitigation options
Reporting on the CtB and RtB activities of the GT Information Security Programme to its stakeholders (GT COO, DISO CC, GISO, IT Risk, Security IT.)
Acting as an escalation point regarding IS incidents affecting GT-owned information, and as a Subject Matter Expert for major IS Incidents that impact GT. Escalating identified IS issues that may substantially impact the IS exposure of the group, other divisions or functions

Rft Risk & Controls Information Security Specialist Resume Examples & Samples

Provide SME in risk management, application security and vulnerability management in RFT
SME support for Technology, IRM and Cyber Security teams to assist in application security assessment through the use of automated tools and manual techniques to identify and verify exposure to common security vulnerabilities and providing remediation guidance
Process – Develop, Implement and manage secure software life cycle processes to that will assist the application development teams in integrating security requirements within their applications and databases
Contribute to the development and implementation of application security software, policies, standards, procedures, and guidelines
Assist RFT IRM and Technology Teams to ensure that CIB can engage effectively in support of all risk-based projects
A graduate degree or equivalent experience in computer science is also required
Very strong data analysis, both quantitative and qualitative
Experience in a similar risk role
Experience of technology projects and/or the Risk and Finance business a plus

Information Security Specialist Resume Examples & Samples

Strong experience working with Infrastructure and Operations teams
Good technical understanding of the concepts and technologies used to provide Security controls management, Network security, Endpoint protection, Database security, Virtualisation security, Cloud (IaaS/SaaS) security, Mobile security, Web & Internet security, Messaging security, Enterprise Social Networking security and Content Delivery Network security
Good experience of managing vulnerability management programs
Understanding of methods used to protect media content, conditional access (CA) and Digital Rights Management (DRM) systems and digital watermarking
Experience or working with external suppliers of security services (MSSP)
Input into budget management
Significant experience within Information Security Operations
Information Security Accreditation (e.g. CISSP, CISM, CRISC)
Understanding of Information Risk Management frameworks and Information Security ISO standard’s
Please apply with your original CV and if you need more details please look for the full job description below. You will also need to complete an application form

Information Security Specialist Resume Examples & Samples

Develop repeatable audits and tests using both standard and non-standard tools and methodologies for a variety of products for the purpose of discovering weaknesses and vulnerabilities
Work with technical management to architect IT network and security infrastructure services addressing business and compliance requirements with best practices
Create extremely high quality written reports containing the methodology and assessment findings
Ensure that global security directives are implemented and complemented
Handle security incidents and investigations
Conduct and/or consult on Risk Assessments and Risk Assessment report
Conduct and/or consult on Vulnerability Assessments using Vulnerability Scanners and the Vulnerability Analysis report
Consult on security requirements compliance for product Security Declaration
Stay current on and/or disseminate regulatory requirements
Assess business activities and their impact on security requirements in order to recommend actions to reduce operational risks
Support Company/Unit Managers in establishing Business Continuity Plans for critical business operations
Establish and maintain a basic level of security awareness amongst ALL personnel and an additional level for certain target groups
Perform security training
Articulate findings to peer technical staff as well as various levels of management
Support Ericsson's personnel, contractors and visitors in minimizing safety risks
Provide input to the security plan and budget
Information security
Audits and Assessments

Information Security Specialist Resume Examples & Samples

Communicate security initiatives, practices, policies and procedures
Perform information security testing such as vulnerability tests, phishing tests... Investigate and remediation of advanced threats from intrusion reports and vulnerability scans
Utilize SIEM and other tools to assist in network investigations. Conduct system log forensic analysis for troubleshooting and researching security events and alerts
Investigate network incidents and events. Monitor systems and security alerts and perform thorough investigation
Perform post mortem analysis on logs, traffic flows, and other activities to identify malicious activity
Analyse and review escalated cases until closure. This includes investigating and recommending appropriate corrective actions for data security incidents
Research, develop, and stay current on testing tools, techniques, and process improvements in support of security event detection and incident response
Reverse engineer and analyse binaries, files, and other malicious attack artifacts
5 years + Information Security experience
A passion for security, systems monitoring, and automation
Thorough understanding and experience with, TCP/IP
Understanding of network protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems
Knowledge of encryption, load balancing, and other network protocols
Hands-on experience managing/using FireEye, Fidelis or similar IDS/IPS is a big plus
Knowledge of broad range of security and risk management standards and best practices, such as ISO 17799, CobiT and ITIL would be a big plus
Professional certification, such as a CISSP, CEH/CPT, GCIH, GCIA, GPEN, or similar industry certifications or other information security credentials, is preferred

Information Security Specialist Resume Examples & Samples

Configure identity management solutions to create efficient workflows for any TCF application, system, or infrastructure as needed
Manage assigned tools from end to end, including internal communications, vendor relationships, managing policies and handling all changes and upgrades
Serve as a Subject Matter Expert (SME) for TCF identity management solutions
Provide guidance to all assigned IT projects with regard to identity management issues in their technical project design, and/or other project lifecycle phases. May prepare technical specifications as needed
Lead the effort to research, evaluate, design, recommend, test, and plan implementation of new and/or improved identity management tools
Mentor and train less experienced staff
Conduct Quality Assurance (QA) on IdM solutions

Senior Information Security Specialist Resume Examples & Samples

Must be able to work independently demonstrating risk assessment and mitigation expertise in IT or IS, along with a track record owning information security/technology projects from start to finish
7-10 years (minimum) experience in the field of information security in at least three of the following areas: application whitelisting, incident handling, malware analysis, penetration testing, intrusion detection, firewall access control technologies, vulnerability management, identity management, Windows or *nix security, cloud integration security, encryption technologies, or endpoint security controls
If total Information Security experience is less than 7 years, 5-7 years in an area of information technology in two of the following areas: systems engineering (Windows/*nix), networking, applications engineering, database management, client-side technologies or systems' administration
Technical certifications are a plus including

Information Security Specialist Resume Examples & Samples

Proficient in MS Access and MS Excel
Strong attention to detail with ability to work with huge amount of data
Extensive knowledge and experience with policies, standards, and procedures intended to ensure the integrity and safety of information
Extensive knowledge of technologies and technology-based solutions dealing with information security issues and for protecting organizational data
Extensive knowledge and experience with access reviews and privileges including safeguarding and maintaining information security and data
Extensive knowledge and experience with access reviews for Nonstandard computing platforms and work-stations
Extensive knowledge and experience with remediation of logical access on various computing platforms CIBC computing platforms and environments e.g. Unix, Oracle, Mainframe etc

Information Security Specialist Resume Examples & Samples

ITGC Review: IT General Control review for various controls such as Logical access, Change Management, Incident Management, Physical Security, and Patch Management
IT Governance: Communicate the defects/risks identified in the various audits to the higher level management. Also, Tracking the progress of programs and preparing the focus areas for next reviews. Running various security awareness programs such as Audit lesson learnt, Education mailers
Perform site audits to check the implementation of physical security controls and its effectiveness
Risk Management & Assurance, Due Diligence and Compliance Assessments
Perform EU Model Contract review and assessment
Review the Service Delivery Document to ensure the security requirements of customer / contract are documented and compliant
Developed the end to end IAM processes for major financial client
Perform User Access Management Review to ensure the client credentials are managed properly
Participated in ISO 27001:2013 external audit
Contributes to the development and maintenance of the information security strategy and security governance
Conduct ISMS awareness sessions for new joiners
Security reporting and remediation activity – Prepare a monthly report on the system compliance status and ensure the remediation action is taken for the deviation and report IAM dashboards

Information Security Specialist Resume Examples & Samples

Installed and configured DB2,TDS,WAS,TIM
Integrated both agent less and agent based applications with TIM like Lotus Notes, AD, LDAP
Customized views for different user groups
Fix pack application in components etc
Applied authorization policies for applications

Monitoring Information Security Specialist Resume Examples & Samples

Managing business group specific quality assurance processes based upon established SOPs, security standards and approval workflows
Partnering with the CSS administration team to provide feedback and develop comprehensive and sustainable training plans and programs
Monitoring of hotline and mailbox activity to ensure quality standards are in place and operating as intended
Preparing, evaluating and reporting key quality metrics
Evaluation of operational standard operating procedures
Assisting in providing documentation required in support of audits
Participation and completion of assigned tasks for team projects and initiatives
Experience of Prudential Applications and Infrastructure Platforms is preferred
Possesses an 'ownership' mentality
Strong information gathering skills with the ability to analyze and draw conclusions from said information
Able to work on cross functional teams in various geographical locations; recognized as a collaborative and trusted peer and business partner
Previous experience with creating training plans and mentoring programs a benefit
Ability to work under tight time constraints when required
Excellent time management and organizational skills, with attention to detail
Bachelors degree or equivalent relevant experience

Information Security Specialist, Awareness Resume Examples & Samples

Develop and implement information security training for all TWDC employees and third parties, including customized information security training for discrete TWDC employee groups
Manage anti-phishing program and produce regular campaigns and assessments, adjusting as needed to prepare TWDC personnel to recognize evolving phishing attempts
Stay abreast of industry information security awareness trends and TWDC information security policies, standards, objectives and initiatives and evolve training modules and supporting communication as necessary to meet the changing needs of the organization
Maintain infosec.disney.com, where all TWDC information security content available to TWDC employees is housed
Partner with Global Information Security leadership to ensure all information security awareness tools, collateral and guidelines align to TWDC’s information security risk framework and support the objectives of each information security domain
Develop content specific to information security awareness for use by GIS partners and for syndication across the TWDC enterprise
Partner with business segment and TWDC communication teams, including DTSS Communications and Community Watch, to syndicate information security content within TWDC where appropriate
Demonstrated successful project management experience
Experience in designing and implementing an awareness program and/or employee training programs
Experience developing end-user content and managing third-party content production, including video content
Understanding of emerging technology and security trends and issues as related to both enterprise and personal usage of information technology
Working knowledge of information security components, principles, practices and procedures
Demonstrated relationship management and customer service orientation; excellent verbal, written and listening skills across multiple audiences from highly technical team members to business consumers at the highest levels of management
Superior writing, presentation and written communication skills
Ability to create and implement communication plans in partnership with other communications teams
Experience using content management tools
Experience in entertainment/media/consumer goods companies a plus
Bachelor’s degree in a related field, such as information systems, business or communications and appropriate work experience
Security and process certifications a strong plus (CISSP, CISA, CRISC, CISM, etc.)

Information Security Specialist Resume Examples & Samples

Advise release management teams on control issues causing security risk and work with them to remediate
Able to work well with others and in particular be able to influence and change behaviors and build consensus
Report to management on recurring risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance with the SDLC
Other security-related projects that may be assigned according to skills
Ability to lead by example and influence change required
Excellent Excel and Powerpoint skills
Good understanding of Information Security standards, frameworks, and best practices (e.g., ISO 2700X, OWASP, ITIL, CoBIT, SANS Top 20) required
3+ years experience with and strong knowledge of SDLC methodologies including waterfall and agile
Development background is preferred but not required – experience with one or more of the following development languages: .Net, C#, Java, PHP, Objective-C, SQL, SOAP, REST, custom API, SAML preferred
Experience with at least one code security review tool preferred: examples include but are not limited to Fortify, WebInspect, Burp, AppScan
Experience working with agile development groups is a plus

Information Security Specialist Resume Examples & Samples

Provide SME in Identity & Access Management within RFT
Manage the recertification process, including support for Quarterly and off-cycle recertifications. Recertification tasks include IO attestation scope confirmation, functional ID mapping support, feed support and daily stakeholder inquiries
Provide first level privileged access account breakglass support, including working with stakeholders on functional account ownership, the breakglass onboarding process, support group reengineering, data/account remediation activities, enhancements, & training
Active Directory File Share Remediation/User Tools - Support identification of folder owners and coordinate with GIAM to secure active directory qtrees
Process - Develop, implement and manage secure software life cycle processes to that will assist the application development teams to integrity security requirements within their applications and databases
Data Analysis - Understand, interpret, validate, manipulate, data using excel and other tools, and present conclusions to the key stakeholders
Contribute to the development and implementation of security software, policies, standards, procedures, guidelines
Provide baseline metrics and reporting, both during impact analysis and on-going execution of risk-driven projects, organize and deliver clear and accurate data for Technology and Executive Management
Assist RFT IRM and Technology Teams to ensure that RFT can manage effectively in support of all risk-based projects
Information security certifications (such as CISSP, CSSLP, CEH/CPT or related certifications) world be preferred
A graduate degree or equivalent experience in computer science in also required
Very strong data analysis, both qualitative and quantitative
Exposure to financial services systems and process preferably in Investment Banking
Exposure to information security principles and relevant standards including access management, change management, security incidents, and business continuity management
Strong understanding of security software development life cycle/
Experience of technology projects and/or the Risk and Financial business is a plus point

Information Security Specialist Resume Examples & Samples

Provide SME in Risk Management, Application Security and Vulnerability Management in RFT
Monitor and enhance controls around the key scanning processes employed by the firm e.g. Black Duck, SSAP Static, Dynamic & Threat Modelling
Partner with AD Managers and Application Security Champions to obtain remediation plans for vulnerabilities identified by the scanning processes
Evaluate tollgate requests to ensure new application code being released does not introduce vulnerabilities into the production environment
Participate in firm-wide initiatives and projects to communicate enhanced controls and scanning requirement to the AD community in Asia
Participate in the production of weekly and monthly metrics
Partner with AD teams to ensure application level reference data is accurately reflected on firm wide systems
Develop and enhance existing controls around application scanning
Assist RFT IRM and Technology Teams to ensure that RFT can engage effectively in support of all risk-based projects
A graduate degree or equivalent experience in Computer Science is required
Information Security Certifications (CISSP, CSSLP, CEH/CPT or related certifications) preferred
Good reasoning and logic, problem solving, project management skills
Exposure to Information Security Principles and relevant standards, including Access Management, Change Management, Security Incidents and Business Continuity Management
Strong understanding of Secure Software Development Life Cycle
Exposure to manual assessment tools such as HTTP Proxies, browser plug-ins, automation scripts, etc
Experience of technology projects and/or the RFT business a plus

Information Security Specialist Resume Examples & Samples

Develop and manage program metrics and performance through tracking/reporting and active engagement with stakeholders for continuous service improvement
Provide oversight and governance to engineering and operating processes
Prior experience includes 7+ years+ in information security or information technology management

Information Security Specialist Resume Examples & Samples

Have a broad knowledge of security methodologies, solutions and best practices
Be able to gather business requirements and to conduct security reviews on third-party vendor products
Provide governance and recommendations in the design, implementation, and support of a diverse security infrastructure including but not limited to: two-factor authentication, host-based intrusion prevention (HIDS), security logging, anti-virus, remote access, VPN, network IPS, and forensic tools
Serve as an internal information security advisor and subject matter expert to the organization on various Technology projects and incidents
Manage vendors and subcontractors as part of the information security portfolio
Develop and manage project plans and roadmaps; perform risk assessment analysis and mitigation plans
Provide leadership and motivation to project team members throughout the project life cycle
Assist with security incident response, investigations, and incident documentation and reporting
Oversee the remediation and tracking of security audit/assessment/testing findings
Ability to learn and stay updated with latest information security and risk management events, including new and emerging threats and vulnerabilities
Bachelor’s degree in Computer Science or related field. Masters a plus
1-3+ years of cyber security experience
Knowledge of cyber-attack response and mitigation procedures
Familiarity with technical solution design and implementation procedures
Leadership and project management skills
Ability to organize and track workloads

Senior Information Security Specialist Resume Examples & Samples

Able to work independently with minimal guidance and act as coach to other team members
Ability to develop a strong network and collaborate across business units and corporate functions
Prior experience planning and leading small to medium scale projects a plus
Strong oral and written communication skills; able to communicate with all levels within the organization
Information Security certification (CISSP or CISA) a plus

Infrastructure Information Security Specialist Resume Examples & Samples

Work collaboratively within TRMIS, ITS and with other key stakeholders including technology lead on activities targeting the management of business risks associated with technology
Deliver risk assessments, controls design, control assurance and testing, program support and expert knowledge advisory services accordance with BTRM ITS specific service delivery processes
Participate as required on all strategic objectives established IT executive leadership
Ensure ITS management understand the business implications of technology risks and the commensurate security and IT risk strategies associated with these risks; escalating urgent issues in a time appropriate manner
Work with 3rd party vendors and outsourcing partners ensuring they adhere to TDBG security policies and standards

Information Security Specialist Resume Examples & Samples

Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals
Develop and optimize processes to improve software development efficiency in the consumption of security development practices
Maintain active understanding of industry practices for secure software development and incident response
MUST have deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
Well versed in web application design, penetration testing, application risk assessment and risk categorization
Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models. Deep knowledge of/experience with the following
If you are still reading this and think you meet ALL the requirements or have a few skills that you can teach us, CLICK APPLY!!!

Information Security Specialist Resume Examples & Samples

Development of formal training program for the technology risk and information security program
Facilitation of communication and training sessions on new and changing aspects of the technology risk and information security program to tech and non-tech audiences
Identification of tool / solution needs and requirements as well as working with technology support teams to coordinate setup and deployment
Driving a formal set of training requirements for tech risk and security teams
Facilitating the formal information security training program across the organization
Ensuring tech and non-tech teams are updated and aware of training resources available to them

Information Security Specialist Resume Examples & Samples

Manage and maintain risks profiles, risk and controls assessments, controls design and assurance testing programs focused on infrastructure technologies and applications managed by the ITS team
Continually demonstrate initiative and leadership as the TRMIS representative for ITS promoting TDBG technology policies and the Enterprise Technology Risk & Control Framework on all risk and controls related issues, on all programs
Provide a point of coordination for various security related activities within the TRMIS group; serve as key liaison and contact for stakeholder groups including ITS, audit and BTRM groups supporting the various lines of business in TDBG
Identify and prioritize key controls deficiencies at formative stages of technology development programs and as part of controls assurance and verification testing in the IT environment
Interpret and advise with expert knowledge on risks, business impacts and matters of security (including vulnerabilities and threat management), compliance/regulatory standards, audit programs and audit findings
Support ITS deliver teams with technology-specific security advisory for security events and as part of post security incident remediation activity; advise senior leadership and BTRMs supporting lines of business of potential impacts related to current security events

Senior Information Security Specialist Resume Examples & Samples

Very solid communication skills
Proficient in English (spoken and written), German is a plus
Solid IT background (IT degree holder preferred)
Experience in and knowledge of industry standards (e.g. ISO 27001, CobiT, ITIL)
Advanced skills and established experience in IT security and risk management (understanding risk assessment, legal and regulatory requirements, threats, vulnerabilities, security policies etc.)
Good understanding of Operating Systems (e.g. Windows Server, Unix) security and typical OS controls, application development, SDLC, Penetration Testing, access controls, encryption etc
Good understanding of infrastructure components, including infrastructure security components (e.g. Network security, Firewalls, IDS, IPS etc.)
Good understanding of security architecture best practices
Information Security Assessment and/or Audit experience
CISSP, CISA, CISM, CompTIA Security+ or equivalent certification a plus
Experience in financial services industry a plus

Information Security Specialist Resume Examples & Samples

Conduct application focused pentests (Penetration Testing) for Visa internally developed or hosted services
Conduct infrastructure focused pentests for Visa internally hosted environments
Perform vulnerability assessments on mobile technologies used by Visa
Work with other functional groups within Information Security included, Risk, Security Architecture and SSDLC
Performs remediation testing & reporting through the application of expert ethical hacking and penetration techniques in a fast-paced, highly technical environment
Provide technical support to Business Leaders
Perform research of emerging technologies and design frameworks and capabilities required to perform pentest exercises of new technologies adopted by Visa
Bachelor's Degree (or equivalent) in Computer Science, Information Security or a related field
At least 8-10 years of progressive experience with increasing responsibility in Information Technology, Information Security and Compliance that includes a combination of technical and project leadership responsibilities
Prior experience or expertise performing application and infrastructure pentests
Experience in writing proof-of-concept exploits
Well versed with security tools & frameworks like Metasploit, Core, Canvas, AppScan, WebInspect, etc
Good understanding of Ethernet, switched LAN and WAN environment and detailed understanding of layer 3 and layer 4 specifications, including IP, TCP, TCP/IP routing protocols and management of ACLs
Knowledge of logical / physical access control methods, connections alternatives using private, public and wireless solutions, Network/Host Intrusion Detection Engines, Vulnerability Management Tools, Patch Management Tools, Penetration Testing Tools, Anti-Virus/Anti-Spyware solutions

Senior Information Security Specialist Resume Examples & Samples

Act as a key resource for development teams by assisting with code reviews/assessments, explaining security deficiencies in programming techniques and providing information on how to remediate vulnerabilities detected during application scans
Provide security consultation services to development organizations and business units in all phases of the lifecycle to ensure security is considered and included
Interact with TD personnel at all levels and across all business units to advance security initiatives, communicate risk findings, and advance improvement
Remain informed of new cyber threat techniques used to target TD systems and programs
Ability to offer reasonable remediation solutions to problems created by insecure code required
Understanding of complex project timelines required
Development background is required – experience with one or more of the following development languages: .Net, C#, Java, PHP, Objective-C, SQL, SOAP, REST, custom API, SAML preferred
Experience with at least one code security review tool: Fortify, WebInspect, Burp, AppScan preferred
Understanding and awareness of documentation required in a secure software development lifecycle required

Information Security Specialist Resume Examples & Samples

Assist customers or facilitate the implementation of protective and mitigating security controls as required
Perform manage, add, change, delete operations within the security tools
Analyze and validate the network and hosts based on Intrusion Detection System events
5-7 years of experience actively working in or with security and networking devices
Ability to multi-task with different types of problems

Information Security Specialist Resume Examples & Samples

Key individual contributor role responsible for
Reviewing large data sets using internal tools and software (Qualys, Archer, SQL Server Management Studio, MS Excel, Tableau)
Absorbing vulnerability, policy compliance, and web application scan results to an analytics platform (RSA Archer)
Correlating security information with internal data repositories
Integrating scan data with other security tools and business/technical processes
Analyzing large data sets; normalizing and de-duplicating data were appropriate
Prioritizing and smart routing of information to appropriate data owners
Reporting of key metrics across different functional teams
Automating manual security processes to deliver efficiencies in ticketing and data hand-offs to teams or individuals
Designing and implementing workflow
Focusing on speed to delivery and driving next-level action
Continuously enhancing strategy and processes within Vulnerability Management program (with effects across enterprise)
Building and maintaining close relationships with upstream/downstream teams: Engineering, Operations & Infrastructure, Cyber, GRC, leadership, security tool teams, and data owners
Handling inquiries and information requests from internal clients
Maintaining qualitative practices within the team to ensure consistency in delivery of information
Uncovering problems in the data sets and also proposing and implementing solutions
Facilitating business conclusions by understanding and presenting the message behind the raw data
Prioritizing competing business and information needs
Examining and recommending introduction of security technologies or practices where warranted
This position will require minimal after-hours and weekend work, as necessitated by change control windows and security incidents
Bachelor's Degree in Computer Science or related field and/or equivalent work experience
6-10 years of working experience; 3+ in Information Security; 2+ in RSA Archer strongly preferred
Solid technical and analytical background
Ability to understand data models and data mining
Ability to construct queries
Scripting/programming skills preferred
Experience with Remedy, ServiceNow, and Tableau preferred
Ability to organize, associate, and correlate information
Past tools integration experience
High proficiency in Microsoft Excel, Visio, and PowerPoint
Experience with QualysGuard, WhiteHat Sentinel or other security tools is a plus
Attentive to detail with a focus on accuracy and high quality results
Excellent written and verbal communications skills, including an ability to communicate very technical findings to both technical and non-technical audiences, including project managers, systems engineers, developers, enterprise architects, and senior management; and the proven ability to influence and communicate effectively
Able to multi-task in a fast-paced, deadline-drive environment
Security-related certifications a plus

Information Security Specialist Resume Examples & Samples

Process
Ensuring escalation and notification for security and IT Risk related issues
Comprehension of Federal and Industry based regulations as well as alignment to Supplier technology controls
Socialization and Communication
Maintaining the Supplier Inventory and developing the Supplier information repository
Performing Due diligence, Contract Assessments, and Monitoring/Oversight for high risk Suppliers
A collaborative team player who partners well with others; the individual will partner with Supplier Program Manager to assist with Business and Technology Front line Managers, Vendors, Auditors, Regulators and counterparts at other Financial Institutions
Deep Financial Institution knowledge is an asset as the job requires solid lobbying and influencing skills across TDBG and a pragmatic, reasoned approach is often required for success
University degree in technology or engineering
7-9 years' experience in the area of IT risk and technology in a large organization
CISSP and/or CISM accreditation
Supplier Risk Management experience dealing with high transaction, large/complex/matrix business environment ideally within Financial Services
Deep knowledge of IT security and Risk disciplines and practices
Ability to articulate technology into business solutions
Excellent client engagement/management skills
Possesses exceptional strategic thinking, planning and relationship skills
Ability to influence management and build credibility across the organization
Proven ability to work with external regulators
Bilingual (English and French) is an asset

Information Security Specialist Resume Examples & Samples

Demonstrable practical experience of information security
Understanding of technologies, infrastructure and architectures and demonstrable understanding of information security protection and methodologies
In depth Knowledge of a wide range of Information Security Subjects and the Industry Standards, including ISO27001 and Data Protection, required in order to protect data
Ability to review Information Systems, identify risks and provide industry recognised solutions
View Security as an enabler to the business
Understanding of how information security strategy aligns with business and technology strategies
Formal information security qualifications such as CISSP, CISM or CRISC, ISO27001 preferred but not essential
ISO27001 Lead Auditor

Information Security Specialist Access Management Resume Examples & Samples

Active Directory account administration experience
Active Directory file system and security related settings
Shared Drive mapping, permissions, and inheritance
Information security principles, administration, and audits
5+ years of experience with processes and tools assuring adherence to standards associated with accessing, altering and protecting organizational data
Planning and Deploying Windows Server Group Policy
EDirectory administration
PowerShell scripting
Perl scripting
Oracle, DB2, and/or SQL Server knowledge
Structured Query Language
Change control systems
Experience with Dell Change Auditor
Experience with Dell Enterprise Reporter

Information Security Specialist Resume Examples & Samples

Provides desktop and laptop security assessment by:Scheduling through the appropriate channels user desktop / laptop security assessment. Manages schedule and must be punctual to ensure that users receive the assessment in a timely manner. Arranges schedule to ensure that any travel is minimized. Reviewing OS level security settings (e.g. firewall settings, antivirus settings, patch and OS update settings) Reviewing application security settings (e.g. Browser based security settings, e-mail client settings)
Reviewing network security settings (e.g. wireless network configuration)
Provides security awareness / best practices training to sales force, preferred bankers, relationship managers, and clients: Provides instruction on desktop / laptop best practices (e.g. keeping patches current, running regular antivirus checks, setting up system restore points). Advises end users on current security incident trends and effective methods of counteracting (e.g. phishing attempts, untrusted web sites)
Provides documentation of security assessment engagement: Prioritizes and documents findings and recommended changes. Continually researches and recommends best security practices for end user / desktop interaction. Follows up with user to ensure that service was satisfactory (documents survey results to be used for metrics to assess the effectiveness of the assessment)
Updates the assessment as required. Stays current on malware trends, especially in the financial industry and adjusts the assessment accordingly to reflect the latest trends. Stays current on wireless network technologies and encryption methodologies. Continually reviews latest hacking techniques and adjusts the assessment accordingly to reflect the latest trends
Assists in marketing of the security assessment program. Makes recommendations to modify advertisement based upon updates to the security assessment. Works with internal groups to develop marketing strategies
Performs other duties & responsibilities as required or assigned by supervisor
Information Security Engineers, Information Systems personnel, sales force, relationship managers, and Internet Services, Preferred Banking members
Vision must be sufficient to read data reports, manuals and computer screens
Hearing must be sufficient to understand a conversation at a normal volume, including telephone calls and in person
Speech must be coherent to clearly convey or exchange information, including the giving and receiving of assignments and/or directions
Position involves sitting most of the time, but may involve walking or standing for brief periods of time
May be required to lift 25-50lbs

Information Security Specialist Senior Resume Examples & Samples

Bachelor’s degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology. Master Degree in Cyber Security is a plus
7+ years of experience of network/security or operations experience
Requires thorough knowledge of security practices, procedures, and capabilities in order to perform non-repetitive, analytical work
Experience in Cloud Security and Penetration testing
Experience in monitoring external data sources to maintain currency of CND threat conditions and determine which security issues may have an impact on the Network Environment

Senior Information Security Specialist Resume Examples & Samples

8 years of IT Security related work experience
Ability to speak multiple languages
Security or technical certification
Functional Expertise

Information Security Specialist Resume Examples & Samples

Bachelors degree (any subject) and10 years of systems applications experience with equipment, applications, networks, and systems, with at least 5 years as a security manager on classified systems
Experience with security activities described above for applications, infrastructure, network, hardware and communications
Experience assessing security for all types of systems that use a multitude of technologies
At least five years of experience preparing all technical, implementation and management documentation related to security policies and assessments for federal technology operations
Ability to work as a partner with the client staff, the client's customers, and other support contractor teams in a professional manner
Exceptional written and verbal communications skills
Experience having regular interface with client managers and staff as well as support contactor staff from other companies
Experience performing these responsibilities in a federal law enforcement organization or in a federal organization other than Defense with highly secure requirements
Experience in DHS or USSS
Security certifications

Information Security Specialist Resume Examples & Samples

Engineering degree in CS, CE, IT, Sys IE, or EE
5 year of experience working across IT functions
Experience of IT Security, data protection, networking, servers and PC systems is an advantage
Experience of Whole Disk Encryption, Enterprise Rights Management, Host Data Loss Protection and Data protection products
Understanding of the Information Security Common Body's of Knowledge
Security certifications like CISA, CISSP, CISM or progress towards a Security Certification is desired
Excellent communication, stakeholder and customer management skills

Information Security Specialist Resume Examples & Samples

Knowledgeable with the five categories of the RMF (Risk Management Framework) Workflow
Working experience with preparing security plans and all security artifacts required for certification and accreditation
Experience helping ensure that system users receive initial computer security indoctrination and annual follow-on training as required by applicable directives
Immediately reporting any security violation, attempt to gain unauthorized access to sensitive but unclassified data, virus infection, or other event affecting the security of DHS systems and networks
Experience in supporting the management of the Information Assurance Program metrics program for business applications and infrastructure systems with the collection and analysis of security related data
Associate’s degree or higher and\or 5 - 15 years of work experience

Information Security Specialist Resume Examples & Samples

Minimum of 30 days as a Rockwell Automation contract employee
3 years + IT security related experience
Bachelor's degree in Computer Science, MIS or other related field
GIAC Certified Intrusion Analyst – GCIA
Knowledge in the area of computer Incident Response
Hands on experience performing digital forensics analysis of IT systems to include remote evidence acquisition
Knowledge of common attack methods and possible mitigations
Knowledge of enterprise class network forensics systems, performing packet analysis, and understanding of TCP/IP protocols and services
Knowledge of enterprise class SIEM tools, creating and modify correlation alert rules, parsers, reports, and managing dashboards
Solid understanding of information security operations principles, application and infrastructure security technologies, and practices in a global environment
Experience with at least one scripting language (Bash, Perl, Python, etc)
Ability to prepare and explain meaningful security assessment reports for internal system owners, users, and business stakeholders
Ability to provided quantifying incident response security metrics
High aptitude for troubleshooting, with a background in enterprise IT operations (network, Wintel server, Unix server, desktop, applications, security) a plus

Information Security Specialist Resume Examples & Samples

The ideal candidate must have the following skills and qualifications
System Administration
Network Security
Manage and update information security policies
Network Troubleshooting
Network Protocols, Routers, Hubs, and Switches

Information Security Specialist Resume Examples & Samples

Assist the Information Security Officer (ISO) with internal consulting, advisement and assistance for all aspects of Information Security with a focus on client security
Lead small to mid-size security related projects to increase maturity of the Information Security program
Participate/facilitate client and/or third party onsite inspections and related conference calls
Provide support for application and business related security risk assessments
Evaluate and advise on risk management processes for the business unit
Assist Global Security peers from other business units as time allows to enable and implement more globally consistent processes
Understand Gramm-Leach-Bliley Act (GLBA), ISO 27001 Standards, Payment Card Industry Data Security Standard (PCI DSS), NIST Standards, standard security practices, current and emerging privacy and security regulations
Demonstrated operational knowledge of EWS services and applications
Excellent organizational, time management, customer service and problem-solving skills
Ability to effectively manage a small team
Minimum 1 year relevant experience

Information Security Specialist Resume Examples & Samples

Vestas Security Controls are observed at all sourcing partners, on a continuous basis
Existing Control framework is enhanced and adjusted, in order to ensure the right level of comfort for Vestas
Global IT and main sourcing partners' maturity level is increased in regards to Control environment
A yearly activity cycle is planned and executed
Bachelor or Master degree in computer science, auditing, management information systems
5-8 years of experience with operational auditing, risk management and compliance at Manager or Specialist level
Thorough knowledge of IT Security practices and standards
Work experience with Business Continuity Management and Business Continuity Planning
Certifications in the domain of Information Security and/or auditing (ESL, CISSP, CISA, CISM, …)
Familiarity with COBIT, ISO and ITIL frameworks
Excellent written and verbal communication skills in English
Knowledge on project management methods and practices is an advantage
Knowledge on ITIL processes is an advantage
Pro-active team player with strong stakeholder management skills
Persistent and analytical mindset with strong controllership focus and attention to all details
Flexible of nature and able to prioritize workloads
Able to understand complex business processes and identify the full range of risks related to compliance-, organization-, and technology processes

Information Security Specialist Resume Examples & Samples

7+ years of relevant experience
Expert knowledge of IT security and risk disciplines and practices
Advanced knowledge of of organization, technology controls, security and risk issues
Demonstrated ability to participate in complex, comprehensive or large projects and initiatives

Lead Technology Information Security Specialist Resume Examples & Samples

5-7 years information security experience, primarily in security consulting, assessment and/or auditing
Proven ability to research and analyze complex data and problems, develop appropriate solutions and concisely and clearly communicate to stakeholders
Demonstrated knowledge and experience with assessing and protecting industrial control systems (ICS) and facilities related technology/platforms
Demonstrated expertise with information security assessment frameworks such as NIST, SANS and/or ISO 27001,
Demonstrated expertise with network protection controls, including firewalls, intrusion detection systems, anti-malware software, data encryption, VPN’s, vulnerability scanners, server operating systems, and other industry-standard techniques and practices
Demonstrated report writing and presentation skills such as application assessment reports, operating procedure documents, and formal policy and procedure documents
Demonstrated ability to positively influence and persuade individuals of varying levels
Demonstrated strong organizational skills with attention to detail
Solution architecture design
Demonstrated experience with technical penetration testing techniques and related tools
Knowledge of common web and mobile application vulnerabilities, such as the OWASP Top 10 for web and mobile, and ability to provide solutions
Knowledge of regulatory requirements (PCI, SOX, Safe Harbor, etc.)
Experience with e-commerce/web app penetration testing
Experience with n-tier architectures and development
Bachelor's degree or related experience

Senior Information Security Specialist Resume Examples & Samples

Develops, implements, and administers security procedures for classified computer systems based on ICD 503 and JSIG, including Defense Security Service (DSS) Office of Designated Approving Authority (ODAA) standard, to ensure compliance with NISPOM
Implements RMF lifecycle principles/guidelines into USG Information Technology environments
Ensures security logs and audit trails are reviewed in accordance with established schedules
Develops, conducts, coordinates, and delivers site ISs security education program requirements
Generates maintenance security documentation for system hardware and software, to include SSPs, Plan of Action and Milestones, equipment specifications, practices, and procedures
Manages mandatory IS patching, updating, and scanning based on vulnerabilities and threats or regulatory compliance
Interfaces with company and customer staff at all levels
Performs duties as Alternate COMSEC Custodian
8+ year’s Information Technology experience in a classified environment
Bachelor's Degree: Computer Science or IS Management
Candidate must possess a current DODI 8570.01 compliant certification (CISSP / Security+ CE)
Experience with auditing/assessing the security aspects of various OSs (Windows and Linux). Must demonstrate a complete understanding of Information Security Administration principles, concepts, practices, and standards as well as a complete understanding of network devices
Strong communication, critical thinking, and problem-solving skills; self-motivated with ability to effectively prioritize multiple projects; ability to work with people in a team environment

Information Security Specialist Resume Examples & Samples

Responsibility for the accuracy and reliability of configuration items with the configuration management database (CMDB)
Defining priorities and helping to coordinate activities across the IT asset management team
Provide regular updates to track and measure the overall quality of information in the CMDB
Work with the ServiceMap tool to support daily activities: run reports, investigate data, update records, examine and update configuration settings, etc
Work with team members from ITS and the LOBs to ensure that individual information for applications is maintained throughout the asset management lifecycle
Work on projects supporting the continuous improvement of configuration management in ServiceNow: addition of new CI types, expanded discovery of applications and business services, integration with other systems to support end-to-end lifecycle management
Ability to perform analysis and reporting of information from multiple data sources for the purpose of executive communication
Respond to ad hoc requests to provide information about the asset inventory for TD employees, internal audit and external regulators
Understanding of Asset Management, CMDB and basic ITIL processes
Simple scripting ability like writing regular expressions
MS Office (esp. Excel, PowerPoint)
Highly motivated with ability to work with little direction
Critical thinking and analytical skills with the ability to proactively follow up on identified issues and gain resolution
Ability to work in a team with diverse skills, providing ongoing feedback
Excellent communicator; able to clearly articulate messages both verbally and in writing

Information Security Specialist Resume Examples & Samples

Work in the ServiceNow ITAM module to support daily activities: run reports, investigate data, update records, examine and update configuration settings, etc
Work with team members from Operations and Build to ensure that individual asset records are maintained throughout the asset management lifecycle
Work on projects supporting the continuous improvement of IT asset management in ServiceNow: addition of new CI types, expanded discovery of locations and attributes, integration with other systems to support end-to-end lifecycle management

Information Security Specialist Resume Examples & Samples

Under limited supervision, develops, tests, and validates solutions to remediate exploitable conditions of increasing complexity on devices such as Web servers, mail servers, routers, firewalls and intrusion detection systems following established policies and procedures
Uses technical knowledge and expertise in examining security issues, techniques and implications across multiple computing platforms
Requires conceptual and practical expertise in own discipline and basic knowledge of related disciplines
Requires little or no supervision on a day to day basis
Solves problems using existing solutions; exercises judgment based on the analysis of multiple sources of information
Provides creative insights and / or solutions to address client / organizational challenges
Generates healthy debate within team, influencing team to look for a ‘better approach&#8217
Evaluates current situation based on previous experience; identifies advanced implications/ conclusions from the logical analysis of a complex situation or issue; weighs options critically
Recognizes the controls that mitigate the risk of negative outcomes through prevention or detection and correction; evaluates and quantifies the impact risk has on the business or its customers

Information Security Specialist, Senior Resume Examples & Samples

Providing systems engineering analysis and support data analysis from various legacy programs and systems System engineering services. This will include engineering analysis, design engineering, prototype development, software development configuration management, hardware/software lifecycle, verification and validation maintenance, and supporting engineering documentation
Ensuring that the images of required legacy systems are available in the development and test environment to simulate correlated data or mock up system components and data objects for the purpose of this contract
Testing with de-identified data for the purpose of developing the extraction and transformation routines
Coordinating with various program offices and system owners to conduct performance testing with the appropriately sized production like data
A critical component of SOA services architecture is to provide system security by ensuring services remain secure, preventing unauthorized access and use. The Security Engineer will be responsible for validating security settings for our SOA services
The Security Engineer candidate must have experience with Assessment and Authorization management activities, as well as FISMA Compliance, NIST 800-53 Security Controls, NIST 800-37 RMF Guide, and security documentation writing
The candidate must be detail-oriented, articulate, and computer-literate, and have strong interpersonal and organizational skills. Candidate must be able to lead effort to define remediation strategies/plans to address security incidents including
Analysis and remediation of security findings and requirements, including the interpretation of security scans and logs, vulnerability findings, security mandates and directives, and Security Technical Implementation Guidelines (STIGs)
Security Assessment Process (SAP) and Plan of Actions and Milestones (POA&Ms)
Information Assurance Vulnerability Alerts (IAVA) compliance
Assist in completion/review of data calls/documentation related to privacy risk assessments or security
Assist in reviewing security briefings and warnings for possible impact to systems
Identify systems that have unique security requirements, standards requirements or use cases that require customized approaches to SOA service development
Document and ensure approval of a System Security Authorization agreement (SSAA)
Ensure adherence to the system security requirements as specified in the Risk Management Framework (RMF) standards for cybersecurity policies
Validate security architecture compliance including encryption of sensitive data at rest and in transit
Ensure designs follow IA principles to protect sensitive PII and PHI. Review designs for proper authentication, authorization (access control), data integrity, and auditing
Ensure data integrity, by evaluating designs to verify encryption of data at rest and in transit
Review Access Control Policies (ACP) to ensure they strike a balance between the requirement to protect patient data with the need to share data with internal and external entities to enhance care delivery
Reviews and develops Automated Information System (AIS) accreditation and certification documentation
Defines scope and level of detail for security plans and policies applicable to security programs
Implements higher-level security requirements from law, regulations, and directives
Provide security coordination and review on acquisition documentation (e.g. CONOPS, ORDs, Test Plans)
Identify security vulnerabilities, implements countermeasures, and develops long range plans that anticipate, evaluate, and mitigate risks associated with vulnerabilities
Institute measures to ensure awareness and compliance
Review proposed new systems, networks, and software designs for potential security risks
Bachelors Degree (Computer Science, Information Technology, Information Security or related field)
A minimum of five (6) years of demonstrated experience in the Information Security (Cyber Security or Information Assurance) field
Demonstrates a proficiency with developing, maintaining and managing Security Authorizations and Assessments packages
Experience with developing and managing Plans of Action & Milestones (POA&M’s)
Displays technical experience with conducting research and providing review recommendations on software and technologies for vulnerabilities
Technical experience with reviewing vulnerability scans and providing mitigation techniques
Possess expertise in conducting annual assessments
Experienced writing security related policies and procedures
Possess experience conducting Contingency Plan test
Experience with conducting audit log reviews
Experience with NIST Special Publications and guidance
Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment
Excellent communication (written and verbal) skills
IT Security experience with FISMA Compliance
IT / Information Assurance Certification, i.e. CISSP, Security +, CAP, etc
IT Security documentation development and maintenance, i.e. SSP, CP, CM, etc
POA&M creation and mitigation
Developing ATO Packages
Good understanding of NIST 800-53 security controls
Good understanding of NIST 800-37 RMF Guide
Ability to work effectively both independently and on teams
Service Oriented Architecture (SOA)
Healthcare IT

Information Security Specialist Expert Resume Examples & Samples

5+ years of experience in security field specially around security assessments or audit field
Ability, drive and motivation to research and provide the right guidance and find possible solutions. Ability to push back where the risk outweighs the benefits
Curiosity to ask questions and challenge status quo
Problem Solving & Analysis
Good collaboration, relationship and interpersonal skills
CISA, CISM, CISSP, PCI QSA or comparable certifications preferred but not required

Information Security Specialist Resume Examples & Samples

The IS Architect’s first duty is to gain a comprehensive understanding of the company’s technology and information systems and capabilities. They must learn strengths and weaknesses of the application’s security to be able to recommend improvements
Understanding of end user and secure communications requirements for the addition of new applications and software into the environment
Determine application security requirements by evaluating business strategies and requirements, research information security standards, conduct system security and vulnerability analyses and risk assessments and identify integration issues
Lead in the development and provide guidance during architecture and design activities of new and existing applications, while also conducting application risk and impact assessments on new and existing applications
Plan security systems by evaluating and developing requirements for cloud security technologies. Identify security architecture capabilities and design security architecture patterns to mitigate threats
5 or more years of system security, controls or information management experience and/or end to end understanding of the software development lifecycle
3 or more years of application systems security and architecture experience
Experience with application and communication systems security and design
Industry experiences in financial services, high-tech, and /or healthcare preferred

Senior Information Security Specialist Resume Examples & Samples

Assist with Information Security related agent components including performing investigative follow-up, assigning responsibility for corrective action, and auditing for effective completion
Continues to increase knowledge by tracking and understanding emerging security practices and standards by participating in educational, social or professional opportunities and organizations and/or reading publications
Collaborates with other technical leads (Network, Server, and Application), field services technicians, project managers and data center operations and technical subject matter specialists to integrate security controls into a cohesive architecture that sufficiently mitigates risk to the company
Mentors and coaches other Security Analysts to provide guidance and expertise in their growth
Consistently demonstrates regular, dependable attendance & punctuality
College degree and 5-7 years of experience or an equivalent combination of education and experience
Basic math functions such as addition, subtraction, multiplication, division and analytical skills
Scripting languages such as Python and PowerShell desired
Have experience with certificate and key management
Knowledge or skill to consult the development and application owner community on certificates/keys
Knowledge of cryptography technologies and implementations of such
Maintaining security monitoring in addition to leading and analyzing security reporting
Understanding of agent technologies commonly used on endpoints for protection of assets
Strong knowledge of HTTP, FTP, authentication, virus scanning, web servers, certificates and key management, and TLS protocol
Ability to troubleshoot certificate issues
Identify common network and web site attacks such as SQL injection, cross site scripting, remote file inclusion and cookie manipulation
Understanding of web applications authentication, session management, requests, form submission processes
An understanding of a wide array of server grade applications to include email, DNS, SMTP, IIS, Apache, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others
Ability to work a flexible schedule based on department and company needs

Information Security Specialist Resume Examples & Samples

Ensures timely and effective response to handling of escalated security events
Performs incident responder job function as part of an on-call rotation
Maintains active participation in multiple threat intelligence communities
Conducts research into threats, campaigns and actors and implements improvements to counter those threats
Assists in development of internally built tools (Incident Response platform)
Manages Information Security’s ELK and Graylog implementations as well as others as necessary
Provides technical leadership for security projects
Other duties as necessary

Information Security Specialist Resume Examples & Samples

Assisting with CISP/ Gramm–Leach–Bliley Act (GLBA) governance activities, including but not limited to: Independent Validation of assurance control testing, ongoing and annual reporting, NPPI data flow mapping and threat assessment
Partnering with other groups within Information Security to document processes, identify controls, determine control adequacy and identify control monitoring opportunities and areas for improvement/enhancement
Building and maintaining strong relationships with business lines in order to identify issues and drive policy compliance
Working with Business Line Risk Managers to proactively manage and mitigate IS related risks
Reviewing and providing ongoing monitoring of IS related GRC issues and Accepted Risks
Acting as an advisor for business lines and TSPs as they work to apply IS policy requirements into their everyday business activities
Reviewing and ensuring periodic and annual updates of IS procedures to ensure they remain current and relevant to the existing IS posture
6 or more years of relevant Information Security or IT Audit experience
Ability to articulate technical risk issues in business terms
Working knowledge of Banking Regulations, with specific focus on GLBA
Ability to identify, assess and mitigate risks
Strong organizational, communication and planning skills
Strong interpersonal skills to interact with project teams and multiple departments and vendors to achieve project objectives
Demonstrated ability to manage multiple projects concurrently in an autonomous environment; ability to generate and pursue ideas
Strong capability and experience with meeting project timelines
Proficiency with MS Office skills including MS Word, MS PowerPoint, and MS Excel
Ability to work under pressure with efficiency and accuracy
Education, Certifications and/or Other Professional Credentials
BA/BS in Information Systems, Computer Science or related field preferred
Relevant Information Security or technical qualifications (e.g. CISSP, CISM, CISA, etc.) preferred

Information Security Specialist Resume Examples & Samples

Analyze security requirements, obtained from a variety of sources, on an ongoing basis
Analyze various data security, authentication / authorization, encryption, application level security and auditing requirements for the project
Work with the Architect team to design and implement necessary security components to meet requirements, as well as meet all applicable federal standards and guidelines
Work with development teams to carry out Application Security Reviews and Security Impact Assessments (SIA)
Support the technical teams in complex client engagements
Demonstrate strong awareness and experience with security implementation, complex solution deployment, and optimization supporting enterprise operations
Will be responsible for all aspects of delivery and deliverable quality for all Information Security Documentation and artifacts submitted to maintain ATO
Coordinate and support Security Controls Assessments (SCA), Risk and Vulnerability Assessments (RVA) and Annual Attestation
Perform periodic review and update to security documentation, to include the System Security Plan (SSP), Contingency Plan (CP), Information System Risk Assessment (ISRA) and Privacy Impact Assessment (PIA)
2+ years of IT security experience
Experience with the mission, tasking, and policies of the Centers for Medicare & Medicaid Services (CMS)
Experience with the CMS Acceptable Risk Safeguards (ARS), Risk Management Handbook (RMH) and other CMS documents and policies
Demonstrated ability applying technological and organizational solutions for client delivery assurance
Ability to develop tactical and strategic solutions to meet client security requirements
Experience supporting IT security audits, reviews, data calls by clients
Experience researching, evaluating, and recommending vital IT security-related technologies and services
Knowledge of the principles of security threat management, risk management, security policy and processes, security architecture, regulatory compliance, maturity of security capability, vulnerability assessment, and security incident response
Strong analytical expertise in the review and assessment of the security operations and related service groups within a service provider or enterprise
Familiarity with Microsoft Office tools including Outlook, Word, Excel
Demonstrated verbal and written skills
Familiarity with a variety of security concepts, practices, and procedures
Exposure to Identity Management standards, such as User Provisioning, User Life Cycle Management, and centralized Access Control
Experience with CMS FISMA Control Tracking System (CFACTS)
Experience working in a CMMI Level 3 (or higher) environments
Experience working with the Centers for Medicare and Medicaid Services (CMS) 3-zone architecture
Experience in security scanning tools like BURP Suite
Ability to resolve complex support issues by leveraging user forums, support forums, or opening support cases with vendors and following them to closure. Strong ability to find workarounds and alternative approaches
Certifications : CISSP, CISM, CISA, CGEIT, GWAPT, GPEN, Security +
Familiarity with HIPAA, HITECH Acts, the Privacy Act of 1974,OMB memoranda on security and privacy

Senior Principal Information Security Specialist Resume Examples & Samples

Responsible for elements of physical and environmental protection, personnel security, incident handling, and security training and awarenessEnsure systems are operated, maintained, and disposed of in accordance with security policies and procedures
Ensure all users have the requisite security clearance, authorization, need-to-know, and are aware of their security responsibilities before being granted access to the system, and periodically thereafter
Create security policies and maintain existing information system security documentation
Conduct periodic and continuous reviews of the system to ensure compliance with the authorization package
Work with the IA team to perform basic system administration and maintain various IA tools, including audit collection and reporting systems, vulnerability management programs, and other continuous monitoring capabilities
Continuously review and evaluate best practices for implementing a comprehensive audit program
Implement vulnerability management programs, including tracking and addressing IAVAs and security patches, accessing applicability to existing systems, and ensuring closure
Work on project teams responsible for engineering and packaging releases to integrate within the customer's production IT environment
Work in close coordination with the ISSM, you will play an active role in monitoring assigned systems and their environment of operation to include developing and maintaining the System Security Plan (SSP) and Security Controls Traceability Matrix (SCTM), managing and controlling changes to the system, and assessing the security impact of those changes

Information Security Specialist Resume Examples & Samples

Documented experience operating within high security environments
Programming experience in Python, PHP, Perl, Ruby, .NET or other interpreted or compiled languages
Proven track record in infosec consulting engagements
Preferably holds the Offensive Security Certified Professional (OSCP) and/or Offensive Security Certified Expert (OSCE) certifications. CEH and GPEN certified candidates will be considered as well
Bachelor’s degree or equivalent work experience preferred
Kali Linux operating systems
IP Network technologies
Microsoft operating systems and related technologies
Wireless network controls
Web application technologies
Physical security
Source code analysis software

Hbss Information Security Specialist Resume Examples & Samples

DISA approved HBSS Training
Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security
Perform Computer Network Defense incident triage to include determining scope, urgency, and potential impact; identify the specific vulnerability and make recommendations that enable expeditious remediation
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts
Apply security policies to applications that interface with one another
Apply security policies to meet security objectives of the system
Apply service oriented security architecture principles to meet organization's confidentiality, integrity, and availability requirements
Discover organizational trends with regard to the security posture of systems
Ensure all systems security operations and maintenance activities are properly documented and updated as necessary
Monitor information protection assurance mechanisms related to system implementation and testing practices
Verify and update security documentation reflecting the application/system security design features
Validate HBSS system alerts against network traffic using packet analysis tools
Knowledge and experience in working with McAfee Data Loss Prevention Endpoint
Ability to work independently/with others to resolve computer security incidents
Organizational skills
McAfee HBSS ePO administration
Knowledge of IA principles and organizational requirements
Experiences working within remedy a plus. Education/Certifications
Must be 8570 compliant

Information Security Specialist Resume Examples & Samples

Discovery: Working with the team to discover TD networks, applications, and mobile assets. Gather key information including registration data, operating system, patch, and service version information, and system and application configurations
Vulnerability Identification: Based on what they learn during the discovery phase, they will then take steps to test the discovered environment or requested applications for real world security issues. Using a variety of applicable tools, including in-house and commercially available programs, they will create a real-world scenario where they attempt to compromise systems, applications, and mobile security, gain access to resources, or disrupt and exploit system services
Exploitation: As a security expert, they will exploit vulnerabilities with applications, as detected during the identification stage, to determine the level of impact to the enterprise, had someone with malicious intent attempted the same action
Provide support in the discipline of vulnerability management
Participate in the development of new cyber security assessment practice services
Responsible for delivery and post-delivery penetration testing support and reporting
Provide delivery of specific vulnerability management and penetration testing services including
Network, System, Application, Mobile, traditional web and wireless penetration testing
Must have experience using methods such as HTML5 cross domain exploiting, sequel injection, Session tampering, cookie manipulation, XSS exploiting and others penetration testing exploitation techniques
Writing exploit code for local testing
Bachelors degree in IT security, computer science or equivalent experience
2+ years of experience delivering penetration testing consulting engagements
Must have Red Team or Ethical Hacking/Penetration testing experience
Experience delivering vulnerability management assessments and consulting
Must have outstanding written and verbal communication and presentation skills
Ability to work with others effectively
Ability to continually refine the vulnerability assessment and penetration testing methods and deliverables
Experience with application penetration testing highly desired
Security Certifications such as CEH, CISSP, CISM, OSCP, OSCE
Wireless, Network and TCP/IP skills
HTML5 penetration testing skills
Unix command, bash scripting, python coding

Information Security Specialist Resume Examples & Samples

Provide senior level leadership (document and present strategy, develop, plan, execute) the strategic goals of Identity and Access Management and Information Security from a Directory Services perspective
Act as technical SME in the areas of Active Directory, LDAP, Meta-directories, and Virtual Directories as well as federation services both internally and externally
Provide technical expertise to maintain environments and troubleshoot issues
Act as a manager between the Business Partner and vendor technical contacts. Ability to clearly communicate to key stakeholders including internal/external audit teams
Promote and work with team members to implement process improvement initiatives
Manage cross-functional teams, providing direction and leadership oversight in a matrix organization

Senior Information Security Specialist Resume Examples & Samples

Works autonomously on high profile, complex and/or high risk technology projects with significant impact to the organization
Provides technical leadership / consulting / direction to a larger team / portfolio on all aspects of technology controls / information security
Foresees issues / gaps and identifies emerging industry trends (i.e. future focused)
Provides recommendations on value-added improvements / enhancements
Top technical expert individual contributor with expert knowledge of IT security and risk disciplines and practices
Advanced and highly specialized knowledge of organization, technology controls / security/ risk issues

Information Security Specialist Resume Examples & Samples

Monitoring of security events with subsequent classification and investigation follow up
Identify, document, escalate and manage security events to support the established Incident Management and CSIRT processes
Participates in the delivery of the Information Security Program, including Enterprise Vulnerability Management, Incident Response, Threat Management and Monitoring, and Risk Reporting
Participate in an on-call rotation to provide after-hours pager support for escalations and incidents
Must be available to work shift patterns in line with US and Canadian time zones

Senior Information Security Specialist Resume Examples & Samples

Plan, execute on project and vendor risk assessments
Review, recommend, and draft IT controls
Educate IT management and owners on IT related security risks, controls and general awareness
Facilitate and coordinate on IT related internal and external audits
Track and report risks, audits, and certification testing
Coordinate and compile evidence for gap closures
Govern, monitor, and report on compliance to IT policies, standards, methodologies, and processes
Good knowledge of infrastructure platforms – Windows, Unix, Linux, etc
Strong documentation skills and communication skills to report to several layers of management and technical teams
Good understanding of vulnerability management and associated tools
Familiar with all types of threat and risk, vendor assessments
Understand System Development Life Cycle (SDLC) process and agile methodologies
Knowledge of IT general control components including logical access and security, change management, production operation and support, development and coding practices, and secure information management practices
CISSP, CISA, CISM and/or CRISC designations would be an asset
Security vulnerability scanning tools for systems, applications and web
Linux, Windows, AIX, web or cloud based applications
Application development, release management, code promotion, scripting concepts, schedulers and enterprise automation tools
IT risk and control frameworks including CobIT, NIST & Security Governance Frameworks such as ISO27001

Information Security Specialist Senior Resume Examples & Samples

Process driven and has eye for detail
Good collaboration and interpersonal skills, self-motivated, willingness to take on challenges and adaptability to change
Knowledge of IT Risk and Security governance frameworks such as ISO 27001, PCI, and HIPAA
Good understanding of key network and technical security controls
Understanding of risks in banking/financial services sector will be an added advantage
Desired Work Experience 2 to 4 years performing IT/Information Security Reviews
CISA, CISM, CISSP, PCI QSA, ISO27001 Lead Auditor or comparable certifications preferred but not required

Information Security Specialist With Top Secret Resume Examples & Samples

Typically requires a bachelor's degree or equivalent and seven to nine years of related experience
Prefer HDI-CSR certification
Must possess a current TOP SECRET Clearance with SCI eligibility
Must possess a current CISSP certification
Must possess an MCSA Windows Server 2008 or newer certification

Information Security Specialist, Principal Resume Examples & Samples

Experience in risk and vulnerability analysis in all phases of IT system life cycle development
Ability to understand security design and architecture to optimize security of information systems
Demonstrated experience in integration of risk management including assessment with security control specification and implementation
Demonstrated application of cybersecurity risk management frameworks to IT systems and operations and effective risk based decision making across multiple management levels and organizations
Experience/skill in interpretation and application of written policy and regulation
Experience in working with a federal information security program
Working knowledge and experience of intelligence community and/or DOD information security policies; relevant federal and private standards and requirements (e.g., NIST, CNSS)
Knowledge of and ability to assess systems based on DoD Security Technical implementation Guide (STIG) compliance policy and processes including Security Readiness Review results interpretation
Ability conduct qualitative and quantitative risk analysis
Ability to understand and convey threats and impact of threats related to the results of a security assessment
Ability to adhere to corporate policies and programs concerning information systems
Ability to understand the general information technology infrastructure and system inter connections (servers, local area networks (LANs), storage area networks (SANs), virtualization, etc.)
Experience with Microsoft and Linux Operating Systems
Experience using common IT security tools, including those used for assessment and evaluation
Experience with policy development and application in monitoring and analyzing data from information systems in support of active cybersecurity risk management
Exceptional presentation, oral, and written communication skills
Ability to ensure program needs are satisfied through interpersonal and trusted communication
Ability as self-starter with the ability to actively contribute on multiple efforts simultaneously, and have experience with and interest in process improvement
Ability remain focused, positive, and highly productive in a frequently changing and sometimes ambiguous environment
Knowledge of and experience using XACTA tool and associated workflows
Ability to develop and improve risk management and continuous monitoring processes
Ability to understand and analyze network security architectures
Ability to establish and foster effective interpersonal relationships and trusted partnerships
Ability to establish effective working relationships internally and externally to the agency

Information Security Specialist Resume Examples & Samples

Support multiple project teams using a shared software baseline
Complete of the Authorization and Accreditation process to achieve system ATO
Coordinate with customer IA representatives
Characterize systems in accordance with the Risk Management Framework
Write documents to include System Security Plans, Security Test Procedures, and Plan Of Actions & Milestones
Provide technical requirements and solutions to program engineers
Provide technical justifications to tailor security requirements
Execute government-witnessed security test events
Use automated tools to provide vulnerability and compliance assessments
Review IAVM notices and address with program engineers as required
Ensure regular patching of systems
Monitor software releases to ensure continued compliance and closure of POA&M items
Support corporate IA personnel in efforts related to assigned programs
Typically requires a Bachelor’s degree or equivalent and 5-7 years of related experience
Thrive in an energetic, fast-paced environment - learn and become productive quickly and meet team goals, can-do attitude, able to do what it takes to deliver
Demonstrated ability to work as part of an integrated team, as well as independently
Strong interpersonal and relationship building skills conducive to team building
Knowledge of DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria/procedures
Familiarity with the secure configuration of Linux systems
Experience creating, updating, and managing projects in Xacta
Certified in accordance with DoD 8570.1 IAT level II – (Security+, CISSP, or similar)
Experience operating ACAS/Nessus and interpreting resulting scans
Active TS/SCI with CI Poly
Position may require local, CONUS, or OCONUS travel up to 10% to support security test events
Familiarity with the secure configuration of Cisco devices
Familiarity with SSRDB and the process for vetting third party software products
Familiarity with DISA STIGs
Full Scope BI or willing to obtain one

Information Security Specialist Resume Examples & Samples

Work under close supervision with Information System administration personnel
Apply their knowledge of information network software and hardware to support their supervisor, manager and our customers
Apply their knowledge of information security procedures
Code and/or develop software patches to remediate vulnerabilities
Attend recurring status meetings with project team on a regular basis and keep management informed of all activities daily
Typically requires a Bachelors degree in Engineering, Computer Science or related discipline or equivalent experience
Verifiable experience in information security administration or network security (2 or more years)
Possess general network architectural knowledge of LANS/WANS
Ability to read and understand system vulnerability scan reports
Knowledge of Security Technical Implementation Guides (STIGs)
Possess Information Assurance certification of Level II or higher in accordance with DoD (Department of Defense Directive) 8570
Must have a current DoD Secret security clearance
Certifications as Microsoft Certified Engineer or Linux credentials are highly desired
Two or more years DoD experience (with references) is beneficial
Ability to read and understand Security Technical Implementation Guides (STIGs) is a big plus

Information Security Specialist, Lead Resume Examples & Samples

Executing the Certification and Accreditation implementation plans,
Conducting validation activities utilizing established procedures,
Ensure each assigned IA control is implemented according to the applicable guidelines,
Record the actual results and develop validation artifacts,
Preparing the IT Security plan,
Compiling the validation results in the reporting documentation
Prepare accreditation documentation and artifacts for Certification and Accreditation (C&A)
Successfully secure IT systems
Supervise, test, and monitor changes in information systems that might affect the security posture
Apply software patches
Develop and execute System Test and Evaluation (ST&E) plans
Prepare IT Security plans and policies
Ensure Information Assurance Vulnerability Management Compliance
Ensure assigned IA controls are properly implemented
Conduct validation activities utilizing established procedures
Experience and understanding of Risk Management Framework (RMF) IA Certification & Accreditation processes
Bachelors degree in an Information Assurance field
Experience utilizing the eMASS tool

Information Security Specialist, Lead Resume Examples & Samples

Must have a Top Secret level security clearance with SCI eligibility
Ability to Obtain DoD 8570.01/DOD 8140 IAM/IAT Level II certifications
Knowledge of DIACAP, RMF, DoD C&A processes, DoD 8500 (Cyber security) series and Common Criteria
Possess excellent briefing and technical writing skills
Bachelor's Degree in Cyber security, Computer Science or related field
Security certifications: CompTIA Security+, CISM, CISSP, CCIP, CCII

Information Security Specialist Resume Examples & Samples

CERTIFICATIONS
Position requires incumbent to maintain industry recognized CISSP certification
Candidate must have strong TCP/IP networking skills
Candidate must have a solid familiarity with application and network security
Must be able to provide technical subject matter expertise for a wide range of security technologies including, but not limited to SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, perimeter access controls, logical access controls, identity and access management, and data loss prevention
Candidate should have an understanding of vulnerabilities, exploits, and practical working knowledge of DoD IAVM program
Candidate should possess solid understanding of malware and associated risks attributed to system infections
Experience with CENTCOM and ARCSIGHT software is a plus

Information Security Specialist, Principal Resume Examples & Samples

Demonstrated expert level understanding of
Access/control, identity principles, and secure authentication
Secure development processes and practices
Vulnerability assessment, penetration testing, and remediation
Risk management and mitigation strategies
Operational knowledge of the following security technologies
IDS/IPS and DPI – NetWitness, Bluecoat, TCPdump/Wireshark, Security Onion, and Snort
DLP products – RSA, Symantec, and McAfee
Network and Security Monitoring and Management tools – HP, Cisco, and Security Onion
SIEM aggregator and analytics – ArcSight and Splunk with Enterprise Security
Penetration test and vulnerability test suites - Tenable Nessus, Nexpose, and Metasploit
Knowledge of perimeter security devices – Cisco ISE/ASA, CheckPoint NG, F5 Big-IP, Fortinet, Forefront, McAfee Web Gateway, FireEye, etc
Antimalware technologies, Endpoint encryption and Public Key Infrastructure (PKI)
General job responsibilities
Extensive experience with Microsoft and Unix/Linux operating systems
Proficiency with VMware technologies including ESX, Horizon View, vCloud
Ability to work in a team-centric environment
Strong critical thinking and analytical skills
Strong presentation, written, and oral communication skills
Draft technical manuals, installation manuals, procedure outlines and incident response plans in order to enhance system security documentation
Execute white, gray or black box security posture assessments and complete detailed reports that outline the findings and recommendations
Ability to work with internal and external stakeholders at all business levels
Additional but not required
Java, Python, C++, and/or .NET programming experience a plus
Bachelor’s degree and ten (10) to twelve (12) or more years’ experience in Information Assurance/Information System Security Engineering
CISSP, CEH, and other Security + certifications

Information Security Specialist Resume Examples & Samples

Oversight of the information security program ensuring compliance with government and corporate security policies and procedures by working with team members, engineers, program security and management personnel
Develops and implements the Security Requirements Document (SRD) and a System Configuration Specification (SCS), IAW ICD 503 and the NRO C&A process
Perform Information System (IS) self-inspections; provide security coordination and review of all system test plans
Ensure that periodic self-inspections of the facility's IS Program are conducted as part of the overall facility self-inspection program and that corrective action is taken for all identified findings and vulnerabilities
Develop and implement certification tests as required
Coordinate IS security related incidents, initiate investigations, and implement corrective actions and responses to incidents
Analyze and advise on the risk and remediation of security issues based on reports from vulnerability assessment scanners, patch management tools, and emerging threat information
Proactively research security/compliance changes in governmental/industry regulations or best practices that may affect security policies
Develop and maintain System Security Plans (SSPs) and/or concept of operations documents that accurately reflect the installation and security posture of the information systems in accordance with Government Assessment and Authorization (A&A) requirements
Conduct software evaluations and coordinate software approvals
Maintains, as required by the Designated Accrediting Authority, a repository for all system documentation and modifications
Monitors system security audit logs weekly, investigating and reporting all anomalies to management
Ensures all new personnel are trained prior to gaining access to classified networks
Ensures development and implementation of procedures for authorizing the use of software, hardware and firmware on systems under their purview
Ability to work in coordination with our System Administration and Infrastructure teams
Typically requires a bachelor's degree or five to seven years of related experience
System Administration background/Technical
U.S. citizenship and active TS/SCI Clearance with Poly
Security+ or DoD 8570 equivalent for Information Assurance Technical (IAT) Level II certification, otherwise required within 6 months of hire
Knowledge of specific IC, DoD, and Federal government A&A standards, processes and directives, particularly, ICD 503, IASD, CPBI 51E-1, JAFAN 6/3, JSIG, DSS ISFO (preferred)
Must be self-motivated and results oriented
Must be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues
Excellent written and oral communications and teamwork skills
Commitment to continuous learning and system development
Customer related security training
Experience with Windows Operating Systems (Windows 7, Windows 2008 R2 Server)
Experience in Virtualization technologies

Information Security Specialist Resume Examples & Samples

Provide Mitigation and Remediation in support of the Certification and Accreditation (C&A)/A&A process remotely and/or on-site including reports as required
Document residual risks by conducting a thorough review of all the vulnerabilities, architecture and defense in depth and provide the IA risk analysis and mitigation determination results for the Test Report
Work with system owners to develop specific site and system mitigation plans to achieve an overall reduction in residual risk
Develop all C&A documentation in accordance with DoD policies, NAVFAC policies and procedures to ensure that accreditation packages are complete and systemcompliance is met for Designated Accrediting Authority
Maintain documentation Plan of Action and Milestones
Travel to CONUS and OCONUS sites to conduct physical and cyber security assessments; conduct complete security baseline and inventory reports and packages
Bachelor's degree in engineering, business, mathematics, or related field
At least two years of experience in Information Technology
Five or more years of related experience
Experience with IA tools including but not limited to – Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), System Center Configuration Manager (SCCM), Data at Rest (DAR), Data in Transit, Group Policy Objects (GPO), Central Logging and audit reduction analysis, enterprise Mission Assurance Support Services (eMASS)
DoD Secret Clearance

Information Security Specialist Resume Examples & Samples

Participates in the development and implementation of policies, procedures and standards related to information security, privacy and incident response
Assists with security research, analysis, and design for assigned client computing systems and the network infrastructure
Uses tools and processes to monitor information systems for security-related events
Troubleshoots and resolves basic technical issues related with close supervision
Helps maintain a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues
Implements formal security programs and policies throughout the organization and monitors compliance to these policies and programs
May contribute general consulting (risk analysis) and project support in the area of information security to IT infrastructure
Monitors trends in information technology and security that could have an impact on the security of the organization’s
BA/BA degree and 5 to 7 years experience
The clearance level required is dependent on the type of clearance supported by our client
At a minimum CompTIA Security + certification. Higher IA security certifications desired

Hbss Information Security Specialist Resume Examples & Samples

Correlate incident data to identify specific vulnerabilities and make recommendations that enable remediation
Perform analysis of log files from a variety of sources to identify possible threats to network security
Perform computer network defense incident triage to include determining scope, urgency, and potential impact
Apply service oriented security architecture principles to meet organization’s confidentiality, integrity, and availability requirements
Perform security reviews and identify security gaps in security architecture resulting in recommendations for the inclusion into the risk mitigation strategy
Monitor/Analyze Rogue System Detection and respond/report IAW approved Navy TTPs/SOPs
Timely entry of communication and tasking into the ticket management tool (Remedy)

Senior Information Security Specialist Resume Examples & Samples

We seek an individual with the capability to to acquire knowledge of Broadridge Product/Service Offerings across all Business Units
You will address any assigned client Information Security onsite risk assessment requests and provide appropriate support, responses, presentations, reaching out to management as required for guidance
You will support any assigned client Vulnerability Assessment. and provide appropriate support and responses. as well as evaluate Client Information Security requests and provide appropriate responses, reaching out to management as required for guidance
Identify any assigned client Information Security questions that require Subject Matter Expert Support
Perform SharePoint status updates for assigned client Information Security requests in a timely manner
You will oversee Information Security knowledge base including Subject Matter Expert Responses
Evaluate/Update Information Security client questionnaire Policies, Standards, and Procedures when required
You will actively participate in the higher education security community such as ISACA
Perform other related duties as assigned and travel when required
LI-PH1 CE_TA

Information Security Specialist Resume Examples & Samples

Operates and provide second level support for Information Security applications used to administer privileged access
Supports System Integration and User Acceptance testing, including creation and execution of test cases
Create and maintain operational documentation and playbooks relating to system support role
Implement, and maintain security standards and procedures needed to provide an appropriate level of access control and data integrity for computerized information assets
Solid experience with Microsoft Directory Services and LDAP
Experience with SQL on one or more Database platforms (MSSQL Oracle, Sybase, MySQL, DB2)
Scripting experience (Powershell, Python, Ruby, Perl or equivalent) sufficient to manipulate extract files , load files using command interactions,
Ability to travel as needed (<10%)

Senior Information Security Specialist Resume Examples & Samples

Develops tactical and strategic solutions to client security requirements
Support IT security audits, reviews, data calls by clients
Assist with the preparation of new or revising of out-of-date IT security policies and procedures
Research, evaluate, and recommend vital IT security-related technologies and services
Assist the Information Assurance Director in executing various tasks and initiatives of the corporate IT governance program
Evaluate various security implementation options and tools to establish required security controls and recommend a solution
2+ years of experience in FISMA and / or HIPAA / HITECH compliance
Strong knowledge of all facets of information security across diverse infrastructure and regulatory environments
Highly refined knowledge of the principles of security threat management, risk management, security policy and process, security architecture, regulatory compliance, maturity of security capability, vulnerability assessment and security incident response
Strong analytical expertise in the review and assessment of the security operations and related service groups within a Service provider or Enterprise
Knowledge of security concepts surrounding PKI, SSL, JAAS, Java KeyStores, WS-* Security, WS-Federation, Security Token Service, SAML, Federated Identity
Hands on experience with WS-Trust, SAML, STS and other federated security standards and protocols
Understanding of security in cloud based environments such as AWS
Experience in secure code review and use of tools such as PMD, HP Fortify etc
Exposure to Application Security Vulnerability such as OWASP Top 10, CWE / SANS Top 25
Exposure to Identity Management products and standards such as User Provisioning, User Life Cycle Management, and centralized Access Control
Exposure to Java Cryptographic Services and encryption concepts
Experience with developing Security Documentation like System Security Plan and experience guiding an application to receive ATO from Client's Security Team or Office of Chief Information Security
Experience working in CMMI Level 3 (or higher) environments
Experience working with the Centers for Medicare and Medicaid Services (CMS) and the CMS 3-zone architecture
Ability to resolve complex support issues by leveraging user forums, support forums or opening support cases with vendors and following them to closure
Certifications: CISM, CISA, CGEIT, GWAPT, GPEN
Familiarity with HIPAA, HITECH Acts, the Privacy Act of 1974, OMB memoranda on security and privacy

IDS Information Security Specialist Resume Examples & Samples

Perform risk assessment of third party vendors but not limited to cloud computing and identifying gaps in the vendor IT control environment and recommending mitigating controls to address the gaps that are not in line with company IT Security requirements
Defining a framework for the risk assessment activity and an agenda for identification
An understanding of the IAM or the Active Directory structure
Implement security designs and approaches to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed
Knowledge of how network services and protocols interact to provide network communications
Knowledge of incident response and handling methodologies
Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol (TCP) and Internet Protocol (IP), Open System Interconnection Model (OSI), Information Technology Infrastructure Library, v3 (ITIL))
Knowledge of IT security principles and methods, such as firewalls, demilitarized zones, and encryption
Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins

100

Information Security Specialist Resume Examples & Samples

Make key contributions to the advancement of Application Security programs, providing expert technical solutions
Provide thought leadership driving strategic improvements at all levels for Application Security programs including leveraging or selecting tools and integrating into SDLC
Participate in annual review and development of security standards, policies, and processes
Perform mobile and web application vulnerability assessments, communicate remediation requirements to application owners and technical teams
Support IT Risk, Information Security, Compliance and Control, and Audit activities
Work across business units to provide security consulting services on incidents or projects
Guide third party and technical team members in remediation of existing vulnerabilities as well as best practices for future coding and adherence to standard
10+ years experience working in a complex enterprise IT or Information Security environment with 5+ years of emphasis on web/mobile application security
Deep technical knowledge of web and mobile application development and demonstrated expertise with web/mobile security testing
Experience with application security assessment tools such as Kali Linux, IBM AppScan, Trustwave Appscanner, Fortify, IDA Pro or other reverse engineering tools, Python (pen testing), SAST
Demonstrated expertise with API testing using Burp proxy and extensions
Ability to read, understand, and communicate code changes to application teams to support vulnerability remediation in Java/J2EE, Javascript, HTML, Node.js, iOS/Swift, Objective-C, and C
Strong written and verbal communication skills. Must be able to effectively explain technical concepts to technical and non-technical audiences and communicate effectively at all levels
Strong interpersonal relationship skills and ability to build new relationships quickly with customers and partners
Self-driven with the ability to manage own delivery of challenging targets and solve problems with limited guidance
B.S in Computer Science or equivalent work experience

101

Information Security Specialist Resume Examples & Samples

Responsible for reviewing and making recommendations on new vendor offerings such as new mobile operating systems, OS version upgrades, new OS security functionality, etc
Providing consulting from an information security perspective on new projects and capabilities being proposed by the enterprise’s Mobile organization. Coordinating efforts with other Information Security departments as needed to ensure the correct teams are engaged
Determining the security posture of the mobile platforms, and making determinations on whether apps should be whitelisted from an information security perspective
Comparing security coverage from a platform perspective (Android, Blackberry, iOS) and determine any gaps or inconsistencies
Reviewing current security standards, policies, and configuration around Mobile environment
May participate as subject matter expert or act as project manager for one large, complex or multiple moderately complex initiatives
Develop, plan and implement strategies that improve the overall maturity of our IT risk, governance and compliance processes, programs and/or skills
Provides strategic recommendations to leaders and key decision makers regarding security, IT risk, governance and compliance matters
Facilitates the development of plans and strategies for information security, service continuity and other risk processes and programs
Supports the investment decision process by developing business cases and cost benefit analyses for new information security, service continuity or other risk domain solutions
Documents current and desired future state capabilities, incorporating industry leading technologies that enhance AXP's ability to manage IT risk and protect data
Manages the integration of vendor requirements and tasks, and track and review vendor deliverables
Responsible for evaluation of applications, tools and systems
Makes recommendations and assists in the implementation of changes to strengthen processes, procedures and compliance resulting in enhanced information security, service continuity or reduced IT risk
Five or more years of Architecture/Engineering experience in Mobile platforms (Android, Blackberry, iOS)
Demonstrated information security experience around Mobile platforms
Demonstrated experience with information security around mobile devices (Blackberry, iOS, Android), and enterprise mobility management/Bring Your Own Device tools
Fluency in software development and scripting languages preferred such as Java, Python, Objective-C, Swift, etc. a plus
Experience working with internal and external auditors, and regulatory examiners
Demonstrated ability to deliver on time and on budget
Requires knowledge of a minimum of several business and technical functional capabilities in the following areas: security architecture; security engineering; threat management; vulnerability management; electronic discovery; computer and data breach incident management; data protection; forensics; 3rd party/vendor management; security monitoring; cryptography; security operations and administration; privilege access management; security policies and standards; security awareness; business continuity; disaster recovery; IT risk management and controls; web security; data security; network security; system security, technology operations and compliance

102

Information Security Specialist Resume Examples & Samples

Responsible for reviewing the security controls in place in the End User Computing environment on a regular basis. Looking for overlap or consolidation opportunities, identifying any gaps for existing or new attack vectors
Responsible for reviewing and making recommendations on new vendor offerings such as updated operating systems, OS version upgrades, new OS security functionality, etc
Providing consulting from an information security perspective on new projects and capabilities being proposed by the End User Computing organization. Coordinating efforts with other Information Security departments as needed to ensure the correct teams are engaged
Determining the security posture of the global desktop images, and making determinations on whether software should be on the whitelist from an information security perspective
Comparing security agent coverage from a platform perspective (Windows, OSX, etc.) and determine any gaps or inconsistencies
Reviewing current security standards, policies, and configuration around End User Computing environment
Developing reporting and remediation strategies for vulnerabilities/misconfigurations identified in the End User Computing environment
Five or more years of Architecture/Engineering experience in End User Computing platforms (Windows 7, Windows 10, Apple OSX, etc.)
Demonstrated information security experience around End User Computing platforms
Experience with virtualization and Virtual Desktop Infrastructure (VDI)
Experience with containerization tools such as Docker
Demonstrated experience with information security around mobile devices (Blackberry, iOS, Android), and enterprise mobility management/Bring Your Own Device tools a strong plus
Fluency in software development and scripting languages preferred such as Java, .Net, Python, PowerShell, Perl, etc. a plus

103

Information Security Specialist Resume Examples & Samples

Provide Mitigation and Remediation in support of the C&A/A&A process remotely and/or on-site including reports as required
Develop all C&A documentation in accordance with DoD policies to ensure that accreditation packages are complete and systemcompliance is met for Designated Accrediting Authority
Bachelors degree in engineering, business, mathematics, or related field
Five to seven years of experience in Information Technology
Experience with IA tools including but not limited to – Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), System Center Configuration Manager (SCCM), Data at Rest (DAR), Data in Transit, Group Policy Objects (GPO), Central Logging and audit reduction analysis
RMF experience

104

Information Security Specialist Resume Examples & Samples

Extensive C#, MS MVC framework, SQL server and web development experience
JSON, REST, XML API development
Knowledge and experience in Unix/Windows shell scripting including python and PowerShell
Familiar with Identity standards like SAML and OAUTH
Understand the value of commitments to delivery made by a development team
General knowledge of Security and technology standards (e.g., infrastructure, architecture, processes, applications)
Familiarity with common Agile practices, service-oriented environments, and better development practices
Proactive team player with effective time management skills; ability to work independently, manage multiple deadlines/projects

105

Information Security Specialist Resume Examples & Samples

Performing web application vulnerability assessments, communicating remediation requirements to application owners and technical teams
Participating in the development of strategies for information security processes and programs
Providing thought leadership driving strategic improvements for the web application security and assessment
Supporting Information Security, Compliance and Control, and Audit activities
Working across business units to provide security consulting services on incidents or projects
Guiding third party and technical team members in remediation of existing vulnerabilities as well as best practices for future coding and adherence to standards
5+ years experience working in a complex enterprise IT or Information Security environment with an emphasis on web application security
Deep technical knowledge of web application development and demonstrated expertise with web security testing
Ability to read, understand, and communicate code changes to application teams to support vulnerability remediation in HTML, Javascript, JAVA/J2EE, or .NET with competencies in secure coding practices
Experience with application security assessment tools such as Trustwave AppScanner, IBM AppScan, WebInspect, Veracode, WhiteHat, Paros Proxy, Burp Suite, etc
Strong written and verbal communication skills; must be able to effectively explain technical concepts to technical and non-technical audiences and communicate effectively at all levels
Industry recognized security certification including CISSP, CSSLP, and CEH
Web and mobile application development experience; experience with web services, REST APIs
Familiarity with Change Management procedures
Ability to manage multiple projects in a dynamic environment

106

Information Security Specialist Resume Examples & Samples

Building and maintaining strong relationships in order to identify issues and drive Information Security compliance
Developing a thorough understanding of divisional business, systems and processes in order to provide tailored Information Security solutions and services while minimizing impact or disruption to divisions
Ensuring information risk compliance to all regulatory, contractual and corporate policies
Identifying current risk positions, identifying potential exposures and driving actions to address or mitigate Information Security risk
Quality assuring Exception To Policy’s presented for approval to confirm risk statement and assess action plan adequately addresses the risk
Performing security risk assessments or providing specialist Information Security input to support major change programs
Engaging with business and technology projects to identify Information Security weaknesses in proposed systems / applications and developing appropriate solutions based on risk assessment
Escalating where appropriate any failures to comply with Information security controls in application / system implementation
Providing policy advice and guidance to business divisions and technology service providers
Supporting the production of high quality, informative and accurate management information for the division
Providing input to Information Security related briefings and Threat Management Groups
May be called upon to provide incident and investigations support
Identifying relevant training for this role and team to maintain required level of technical expertise within the Group
Providing both colleague and vendor support to assess, audit and remediate regulatory requirements
1 – 3 years of professional experience preferably in an Information Risk or Information Technology discipline (financial services experience desired)
Ability to work independently and manage time well
Proficient deductive reasoning skills
Refined written and communication skills
Industry certifications are a plus

107

Information Security Specialist Resume Examples & Samples

Gaining a comprehensive understanding of the company’s technology, information systems and capabilities
Leading in the development and providing guidance during application architecture design activities of new and existing applications
Conducting architectural risk and impact assessments on new and existing applications
Assess third party vendor capabilities and security standards while addressing security challenges
Implementing application security improvements by assessing current state, evaluating trends and anticipating future security requirements
Researching and evaluating proposed software architecture solutions for adherence to documented company standards, policies and regulatory responsibilities
Working collaboratively with multi-disciplinary teams and business units to implement and support existing and future solutions
Determining security requirements by evaluating business strategies and plans, researching information security standards, conducting system security and vulnerability analysis and identifying integration issues
Planning security systems by evaluating cloud and security technologies; developing requirements for cloud public networks, virtual private networks (VPNs) and related security and network devices while adhering to industry standards
Identifying security architecture capabilities and designing security architecture patterns to mitigate threats
Assessing emerging technologies against application security architecture to determine where they fill gaps, overlap with existing solutions or extend capabilities
3 or more years in system security, administration or information management experience and/or Security Engineer/Architect/Consultant
1 or more years of systems architecture experience
End-to-end understanding of the software development lifecycle
Experience with internal controls, risk assessments, business process and internal IT control testing
Experience defining and implementing cloud security with solid understanding of best practices
Industry experience in financial services, high-tech, and /or healthcare preferred

108

Information Security Specialist Resume Examples & Samples

Coordinating the delivery of all policy related activities for the Information Security Office, including but not limited to, annual policy reviews, policy attestation and assurance, and collaboration with key stakeholders to roll out and communicate changes
Developing, maintaining and recommending enhancements to information security policies, minimum requirements, procedures and guidelines using generally-recognized security concepts tailored to meet the requirements of the organization
Reviewing periodic and annual updates of IS procedures to ensure they remain current and relevant to the existing IS posture
Providing support for the creation, review and scheduling of Information Security training courses and security awareness campaigns
Responding to vendor standard information gathering requests and maintaining library of responses
Providing policy advice and guidance to business lines and technology service providers as they work to apply IS policy requirements into their everyday business activities
Gathering and reporting metrics to support the compliance of the Bank’s Information Security posture
Supporting the production of high quality, informative and accurate management information and reporting for various reviews and forums
Developing and maintaining dashboards to provide the IS policy owner with actionable reporting of IS governance activities
6 or more years of relevant Information Security policy and metrics reporting experience
Strong organizational and planning skills
Experience working with Information Security policy, controls, standards, frameworks and regulatory requirements (e.g., NIST, CoBIT, ISO 27000, FFIEC Guidelines, PCI/DSS, etc.)
Ability to team well with others to facilitate and enhance the understanding and compliance to security policies
Maintain awareness of the current security threat landscape, regulatory changes and new developments in the information security environment
Experience developing and maintaining IS policies and standards and security awareness campaigns
Excellent interpersonal, communications and presentation skills
Must be able to work independently and with minimal direct supervision

109

Information Security Specialist Resume Examples & Samples

Working experience and knowledge of the ILI Software Development Life Cycle (SDLC) with particular focus on areas related to information security is preferred
Knowledge of user authentication and access controls including SSO, LDAP, Active Directory, RACF, Windows, UNIX, ITIM/TAM is preferred
Ability to translate security and systems language into business context
Ability to partner and facilitate Information security related discussions with both technical and non technical business partners
Proven project management and risk management skills
Strong organization, written and verbal communication and presentation skills
Proficient in MS Office products, including but not limited to Word and Excel
Knowledge of Individual Life Insurance business functions and/or applications
Able to work independently and be a self starter; managing multiple tasks according to priorities; results oriented and proven ability to meet deadlines
Security Certifications (e.g., CISSP) a plus

110

Information Security Specialist Resume Examples & Samples

Comprehensive knowledge on cryptography and build up life cycle management processes for certificates used in corporation
Implementation experience or compliance owner of ISO27001
5+ years of professional experience in information security or related industry
Information Security Certifications such as LA-27001, CISSP, CISA and CISM are preferred
A professional attitude and fastidious attention to the details with strong analytical skills
Self-managing and able to successfully handle simultaneous projects
Senior working experience on information security administration and computer security incident response
Demonstrated ability to work in a close team environment with minimal guidance

111

Information Security Specialist Resume Examples & Samples

At least 4 years experience with processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data
Information security architecture
Information security management

112

Information Security Specialist Resume Examples & Samples

Work with the enterprise project management and SDLC processes to ensure SSDLC and security assessment requirements and artifacts are managed appropriately and are included as part of the enterprise processes
Write requirements and standards for SSDLC and security vulnerability assessment and secure coding as needed
Assist with developing and delivering secure coding as well as BTRM training as needed

113

Senior Information Security Specialist Resume Examples & Samples

Coordinates, develops, and evaluates security programs for an organization. Recommends information assurance/security solutions to support customers’ requirements
Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands
Supports customers at the highest levels in the development and implementation of doctrine and policies
Performs analysis, design, and development of security features for system architectures
Designs, develops, engineers, and implements solutions that meet security requirements
Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems

114

Senior Information Security Specialist Resume Examples & Samples

Provide Information Security support to internal and external customers in accordance with the terms of the customer contract and Service Level Agreements (SLAs)
Ensure the correct functioning and maintenance of all internal and external information security systems and products serviced by Service Operations
Act as the Security Incident Handler and co-ordinate the scheduling of intervention with Customers, internal resolver groups, and the Service Desk, ensuring communications are maintained to resolve the security incident within the prescribed SLA
Provide Information Security Leadership to a variety of Service Operations Teams
Carry out security incident & problem management support to the highest standards and co-ordinate the resolution with the appropriate resolver groups
Ensure shortest resolution times possible by initiating the timely escalations to specialized resolver groups, inside & outside SITA, according to the customer contracts, SLAs and monitoring requirements
Ensure the Service Operations team adheres to the highest working standards for all security incidents & problems by providing guidance, support and direct management
Proactively detect problems related to information security services, infrastructure operations & delivery services
Support the senior team members in the management, reporting and co-ordination of day-day tasks during absence of the Security Manager
Perform Change Management, Configurations, Design and Implementation of Security Product & Systems
Conduct the analysis, definition, documentation and testing of Security Applications & Systems
Continuously identify and document lessons learnt, known errors and security knowledge in order to improve services
When/where required, be contactable for escalations and support, on and on-call standby basis
Minimum 3-5 years experience in the Information Security domain
Minimum 3 - 5 years experience on SIEM tools
Minimum 2 - 3 years experience on Vulnerability Scanning Tools
Must have been directly involved in providing security expertise to internal and/or external customers
Security monitoring & Security Event & Incident Management (SIEM)
Knowledge of McAfee & Splunk SIEM tools
Vulnerability Management & Vulnerability Scanning
Knowledge of Nessus & Qualys Security suites
Ability to support, troubleshoot, analyze and perform security investigations on proprietary systems
Ability to analyze, draw conclusions and create solutions to moderately complex information security problems
Ability to build relationships with peer and management levels
Basic understanding & ability to troubleshoot LAN & WAN topologies based on TCP/IP
Basic understanding & ability to troubleshoot basic windows & Linux server issues
Exposure to ITIL, IT & network components and principles
Exposure to ISO27001 & 27002 frameworks & principles
Demonstrated maturity in handling complex customer issues and demanding customers
Ability to coach new joiners and to facilitate their integration into the team
Ability to organize the activity of a team and to take ownership of issues until resolution

115

Information Security Specialist Intermediate Resume Examples & Samples

Performs Information Security Audits and Information System Security Assessment
Creates Risk Management Plans
Reviews Information System Security policies and procedures guides, Command and Control Protest plans and policies, and Continuity of Operations Plans (COOP)
Installation and maintenance of Information System Security Products and Services
Monitors automated and manually submitted job schedules in support of multiple clients to ensure completion and timely production of work
Troubleshoots basic errors related to batch processing and works to improve productivity
Participates in testing new batch processes to ensure productivity is not adversely affected. Escalates issues as appropriate
Implements operating procedures and timely documentation of procedures; ensures implementation is in accordance to standard operating procedures and follows same; escalates errors as appropriate
Prepares for and participates in daily status reviews. Forwards status reports to clients and management
Provides technical and administrative support required for batch failures, late critical batches, and SRTs
Four or more years of Information Assurance experience for similar Government Program Offices
Experience working with mainframes, mainframe and midrange scheduling software, and other related technologies
Experience working with system job control language

116

Information Security Specialist Resume Examples & Samples

Requires a bachelor's degree or equivalent and more than five years of related experience
Possess active TS/SCI security clearance
Experience in cyber security practices
Familiarity with intelligence community directives (ICDs), Risk Management Framework (RMF) Assessment and Authorization (A&A) processes, DOD cyber security policies, Xacta IA manager certification and accreditation (C&A) tool
Intermediate to expert knowledge of cyber security tools; Kali Linux, Assured Compliance Assessment Suite (ACAS), DISA Security Technical Implementation Guides (STIGs), Secure Content Automated Protocol (SCAP), other DOD vulnerability scanning tools
Intermediate knowledge of standard configuration tools such as Windows Server Update Services (WSUS), System Center Configuration Manager (SCCM), Windows Svr 2012, and Windows 10/7
Possess organizational skills and ability to manage multiple tasks
DOD 8570 certification of IAM Level III
An ideal Candidate will possess USMC or Navy Validator Certification or equivalent training & certification as CNSS4016, CNSS4016

117

Information Security Specialist Resume Examples & Samples

Minimum of four years in Information Security
Experience and knowledge of leading information security risk assessments
Experience in taking an organisation though alignment, assessment or delivery of an industry recognised security standard such as ISO or COBIT
Demonstrable experience in creating a sustainable compliance capability
Ability to conduct and direct research into governance, risk and compliance capabilities and progression
Ability to present ideas in ‘non-technical’ business-friendly accessible language
Ability to effectively prioritise and execute tasks in a high-pressure environment
One or more of the following qualifications are highly desirable

118

Senior Information Security Specialist Resume Examples & Samples

Demonstrated use of data analysis software, audit management software and continuous audit solutions
Demonstrated understanding of data processing, hardware platforms, and enterprise software applications and outsourced systems
General knowledge of business theory, business processes, management, budgeting and business office operations
Ability to translate the company's vision, values, mission and objectives into drivers for designing the information security assessment/audit agenda
Proven experience in writing audit reports for different audiences
Proven experience of working in technology environments, including audit
Experience in risk-based audits

119

Information Security Specialist / Analyst Resume Examples & Samples

O This individual must display an in-depth understanding of the latest trends and technologies related to IT Security and Compliance
Bachelor’s degree in Computer Science, Management Information Systems, Information Risk Assurance or relevant work experience
Logic and scripting skills
CISSP, CISA, CCNA, GIAC, GCIH certifications are a plus

120

Information Security Specialist, Mid Resume Examples & Samples

3+ years of experience with providing information assurance support, documenting compliance, or evaluating IA security posture in a DoD environment
Experience with developing and maintaining DoD Information Assurance Certification and Accreditation Process (DIACAP) packages
Experience with reviewing government guidance, including task orders, directives, STIGs, or IAVAs for applicability and implementation
Ability to perform and support periodic IA assessments, including manual and automated code reviews or validation reviews
Ability to identify security engineering requirements for incorporation into software releases based on evolving DoD and DoN instructions, directives, and policies
Ability to obtain a DoD 8570.01
M Certification within 6 months of hire
Knowledge of Enterprise Mission Assurance Support Service (eMASS) and Vulnerability Management System (VMS)
Knowledge of Risk Management Framework (RMF)
M Certification

121

Information Security Specialist, Lead Resume Examples & Samples

Support Certification and Accreditation activities in accordance with NIST 800-171 requirements
Create, maintain, update applicable security documents including but not limited to: SOPs, Security Design, Traceability Matrix, Residual Risk Assessments, and tailored system requirements
Establish and maintain continuous monitoring solutions
Develop and maintain POA&M for all accepted risks
Manage, Monitor, and review security audit and intrusion detection system logs for attacks and anomalies
Periodic Vulnerability Assessments of system/sub-system components
IA Policy/procedure enforcement
Collaborate with the Engineering Team on aspects of solution design and development
Create a change management process for the team and lead change management related activities
Information Security Specialist experience
DoD 8570 (or DoD 8140) IAM II Certified, or higher
Knowledge of IC, DoD, and DoDIIS information security regulations and policies
Familiarity with Risk Assessment/Management techniques
Configuration Management experience
Lead experience
Demonstrated experience working with information security regulations and applicable laws
Demonstrated experience working with the NIST 800-171 process. Familiarity with terms, roles, and the process
Demonstrated ability to successfully work independently on complex tasks
Must possess high-degree of analytical and critical thinking skills
Must possess excellent oral and written communications skills
Must possess excellent interpersonal skills

122

Information Security Specialist, Lead Resume Examples & Samples

Strong Understanding of the Risk Management Framework based on NIST 800-37, NIST 800-53, NIST 800-53a, NIST 800-60
Provide guidance for securing information systems, and support information security assessments
Review, maintain, and ensure all Assessments and Authorizations (A&A) documentation to include System Security Plans (SSP)
Ensure security testing and evaluations are completed and documented
Ensure IA assessments and authorization tasks and solutions are collaborated with all necessary offices
Consult and coordinate with Intelligence Community and DoD entities to respond to authorization issues
Provide direct support as a technical representative for ensuring security is integrated throughout the lifecycle of systems and residual risk is acceptable
Provide expert assistance, technical documentation, and white papers
Collect and report Security Metrics
Conduct FISMA security inspections and provide evaluations, as required

123

Information Security Specialist, Lead Resume Examples & Samples

Bachelor’s Degree or higher in computer engineering or in a field related to the computer engineering or computer science disciplines plus 7 years Security Engineering experience. An additional 4+ years of Security Engineering experience may be substituted for the degree for a total of 11 years
Knowledge of the customer’s certification and accreditation process
Knowledge of and experience implementing the requirements in ICD 503
Experience developing and maintaining SSPs
Able to clearly communicate ideas and status updates to management and other stakeholders
Strong technical writing skills
Familiar with a variety of security policies, especially within the IC
Understands fundamentals of technical security risk assessment
Master’s degree in engineering, math, computer science, information security or related field

124

Information Security Specialist GS Resume Examples & Samples

Experience providing technical assistance to classified information security programs to safeguard classified national security information
Experience managing the development and execution of a nationwide classified information security program
Experience conducting training for small (1-10) and large (20-50) groups of individuals that includes explaining the material being presented, answering questions in front of the group and providing examples of what to do and what not to do concerning the handling of classified and sensitive information
Experience writing technical reports that are required by an Agency/Organization and submitted for accountability to higher authorities
Experience personally briefing senior level officials, answering their questions and providing examples pertaining to the handling of classified information
Experience writing technical reports, referencing all sources used and laws and directives, which will be used by the Agency’s senior leadership for accountability, external reporting and auditing purposes
Experience working to resolve national security program issues occurring within an Agency/Company and developing measures to prevent similar issues from reoccurring

125

Senior Information Security Specialist Resume Examples & Samples

Work alongside projects to ensure IT General Controls are being addressed
Escalate and assist resolving operational requirements not met by IT and Business projects
Educate project resources on IT related security risks, controls and general awareness
Work with projects to track and report IT security risks and the various security assessment and security testing results
Coordinate and compile evidence for project risk closures
Strong knowledge of infrastructure platforms – Windows, Unix, Linux, etc
Strong documentation and communication skills to report to several layers of management and technical teams
Good understanding of antivirus, SIEM and configuration management tools
Good understanding of OWASP and effectively applying its concepts and standards

126

Information Security Specialist Resume Examples & Samples

At least one year of experience in Information Technology
DIACAP and/or Risk Management Framework (RMF) experience
Five or more years of professional experience

127

Associate Professional Information Security Specialist Resume Examples & Samples

Assists with auditing computer systems to ensure they are operating securely and that data is protected from both internal and external attack
Supports security assessments to ensure adherence to customer specific security policy, procedures and industry standards
Assists with the review and definition of security requirements. Provides support for system reviews to determine if they are designed to comply with established standards
Basic analytical and problem solving skills

128

Information Security Specialist Resume Examples & Samples

Strong operational skills, previous experience in security
Proven experience with Linux, Windows, Networks, Python, some scripting skills
Positive attitude and an ability to adapt to an ever-changing environment
Fluent in English verbally and written, Swedish language would be preferred

129

Information Security Specialist Resume Examples & Samples

Providing support to the Team Leader and line management
Manual and automated source code review, especially for ASP.NET
System testing using approved bet365 methodologies
Creation of technical documentation
Developing an understanding of the business and supporting more junior members of the team
Liaising with the business to ensure that information security requirements are complied with
Identifying any nonconformity within the business and escalating appropriately
Taking an active role in the project process to ensure that information security points/matters are considered up front and throughout the project lifecycle
Taking an active role in external audits as necessary
Broad understanding of technology functions as they relate to information security
Use of planned, structured methodologies for conducting and reporting web application penetration testing
Excellent understanding of the general principles, practices and technologies of information/digital security
Examination of packets using Wireshark and other related tools
Experience with automated dynamic and static application security testing tools
Experience of manual security testing to find vulnerabilities and logical issues
Knowledge of developments in security technology and their application
Knowledge of risk management methodologies
Understanding of industry standard information security practices
Understanding of network infrastructure and network engineering topics
Awareness of PCI DSS current version
Ability to make informed decisions
Strong stakeholder management
Appreciation of IT principles
Committed, flexible, ‘can do’ attitude towards work.Please view our current vacancies

130

Information Security Specialist Resume Examples & Samples

Determining security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates
Planning security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards
Enhancing Cyber Security and organisation reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments
Ensuring cross-domain requirements are identified and issues resolved, resulting in the creation of a cohesive Enterprise Security
Updating job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations
Tracking industry trends for the domain and escalate potential areas of exploitation
Contributing to feasibility studies on domain specific new technologies
Participating in reviews of solution architectures developed by the programmes
Work with Security Architects at Senior and/or Advisor level, and on occasion with other tower Chief Architect(s), Solution Architect(s), Security and Commercial Partners to ensure that architecture solutions meet the business requirements and fit with the overall IT Enterprise Security Architecture & strategy
Working with key vendors to the domain to influence the direction of their products and services ensuring maximum value
Supporting Solution Architects on security issues
An understanding of the design, implementation and operation of large-scale security architecture solutions in a large and complex multi-supplier/multi-platform environment - mandatory
Sound basic knowledge of all areas of IT Security, including Identity and Access Management; Single Sign On; Secure communications and network protection; Data protection and privacy; Security Management; Audit; Cryptographic services; and Security Assurance and Maturity - mandatory
An understanding of the need for balancing the requirements of the business with the implementation of security technologies and processes – mandatory
An understanding of the need for developing and driving the commercial characteristics of security solutions e.g. designing security architecture based on unit cost targets- mandatory
An aptitude for Architecting innovative IT Security technology systems in a consumer-facing sector- mandatory
Experience with e-commerce and high volume online systems – desirable
Demonstrate good influencing, communications, interpersonal and organizational skills. – highly desirable
Any cyber based certifications commensurate with the relatively limited experience - highly desirable
Knowledge of SABSA/TOGAF and an aptitude progress to qualification - highly desirable
Knowledge and understanding of ISO 27001 - highly desirable
Knowledge and understanding of PCI DSS - highly desirable
UK HMG experience - highly desirable
ITIL qualified - desirable
PRINCE2 qualified – desirable
Degree or equivalent experience in computer science, telecommunications, networking, engineering or another computer-related field. Higher degree preferred
Hold or be able to obtain SC or DV clearance as required

131

Information Security Specialist Resume Examples & Samples

Provides subject matter expertise guidance on the interpretation of security revisions to the master security guide and declassification decisions
Updates and finalizes program protection policies and develops/prepares the final coordination of numerous continuity-related security SOPs
Travel to PAD-identified locations in support of mission requirements
Maintain and updates security education and awareness training policies
Draft co-utilization agreements and memorandums of agreement, as required, for assessed facilities
Establish and maintain the security container checklists for security containers
Ensures the proper implementation of COMSEC plans for assessed facilities
Ensure compliance in accordance with National Industrial Security Program DoD 5220.22-M

132

Senior Information Security Specialist Resume Examples & Samples

Perform and manage Onsite Risk Assessments as per process documents
Review vendor supplied policies & procedures, internal/external assessment reports, agreements and provide feedback
Provision assessment reports and executive summaries with recommendations & direction regarding remediation efforts and disposition of the third party
Communicate, escalate, and track vendor progress on assessment remediation activities
Act as a liaison & SME for internal departments & vendors to successfully manage Vendor Risk Assessment
Understand information security risks that are inherent to a business and articulate those risks in business terms
Maintain current knowledge on information security topics and their applicability program requirements
Engage VRO regarding any delays/deviations during remediation
Prior experience working with senior levels of management
Security expertise including knowledge on different security risk assessment frameworks (NIST), standards (ISO27001/HITRUST/Cobit), and act such as (HIPAA/GLBA)
Experience in examining audit reports (SSAE 16 Audit)
Knowledge and understanding of different security products (web/email filtering, disk encryption, IDS/IPS, antivirus, DLP, firewall etc.)
Knowledge of software development methodologies, application security, and OWASP Top 10 guidelines
Ability to document assessment work papers and preparing assessment report
Ability to manage vendor assessment independently with minimal supervision

133

Information Security Specialist Resume Examples & Samples

Bachelor?s degree, or a minimum of eight years? equivalent experience, in security, information technology, or a related field
Previous experience in physical security for SCI and SAP programs and facilities
Active DOE Q and SCI clearances
Experience working with the Department of Defense or the Intelligence Community agencies
Previous experience working in a Classified Document Control Center
Previous experience working in a SCI/SAP Personnel Security Office with an emphasis on personal security processing
Previous experience in security compliance assessment reviews, self-inspections and audits
Previous experience working with a Government-sponsored security organizations

134

Information Security Specialist Resume Examples & Samples

Monitor and analyze network traffic and IDS alerts, respond to potential threats/vulnerabilities
Conduct proactive threat research
Review security events that are populated in a Security Information and Event Management (SIEM) system
Create a final incident report detailing the events of the incident
Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functionsare completed
Provides oversight on incident handling to ensure all mitigation techniques are being achieved
Document and maintain a knowledge base of alarms (false positives and false negatives, blacklists, whitelists) that IDS and IPS encounter
Minimum of four (4) years of direct experience as a Security Analyst or SOC role within the last eight years, and demonstrated ability to carry out the functions of the job or any combination of education and experience, which would provide an equivalent background
Experience in Security Incident Handling procedures, Incident Management and Incident Triage
Experience with Account Management, Windows Events and Log Management
Bachelor’s degree in computer science, information systems security or other IT related field from an accredited institution preferred
At least four years of experience with security operations, computer network defense or intelligence analysis
LI-VD1

135

Information Security Specialist Resume Examples & Samples

Helps to monitors security systems and analyzes potential threats and vulnerabilities to client systems
Assists with the development of new computer and network security systems, including both hardware and software
Assists in the development and implementation of technical security policies
Coordinates technical incident response and remediation activities for client environments
Provides security analysis and consultation services for product, system, and network architecture designs
Assists in the analysis of network traffic and alerts to assess, prioritize, and differentiate between potential intrusion attempts and false alarms
Participates in investigations through to resolution and tracks solutions
Composes and sends alert notifications
Issues user ID's and passwords to new users, and monitors system access and use to identify any security violations
Analyzes basic security findings and data
Must be able to obtain Security + certification
Current Secret or higher security clearance.**
Software patching experience
IAVA processing experience
HBSS administration experience
SCCM administration experience
Current TS/SCI security clearance.**

136

Information Security Specialist Resume Examples & Samples

Responsible for Application Security, Certification and Accreditation and Security Operations in coordination with Information Assurance Manager (IAM)/Information System Security Manager (ISSM)
Facilitates and manages security vulnerability assessments and penetration tests
Develops, implements, and documents formal cyber security programs and policies throughout the organization and monitors compliance to these policies and programs
Contributes consulting (risk analysis) and project support in the area of information security to IT infrastructure and division computing projects as needed to support new business requirements
Maintain a system that can be certified and accredited in accordance with USDA OCIO security requirements and policy, in reference to the ATO renewals using NIST SP 800-53 V4 controls
Review and evaluate existing security and privacy incident response policies. Access and identify the need for changes based on new cyber security and privacy technologies, evolving Federal policy, or identified threats. Test and implement new policies, and institute measures to ensure awareness and compliance
Maintain and update the WBSCM security concept of operations document, architecture documentation, risk assessments, risk mitigation plans, and other supporting documents required to support RMF for USDA IT accreditation
Manage and maintain the WBSCM Ports, Protocols, and Services list
Work with WBSCM PMO to introduce security thresholds in the WBSCM Software Development Life-Cycle (SDLC)
Respond, report, and mitigate Security incidents (e.g., Personally Identifiable Information (PII), and unauthorized access)
Coordinate with USDA on alerts for WBSCM and, upon direction, WBSCM end users of security issues or updates to the applications and systems in use
Ensure the system and installed applications have current patches, security updates, and configuration settings in coordination with USDA
Demonstrate knowledge of Information Assurance Certification Accreditation Process including NIST SP 800-53 V4 Risk Management Framework
Demonstrate knowledge of Plan of Actions and Milestones, Executive Vulnerability Summary Reports
Demonstrate experience coordinating with external agencies
Demonstrate expert-level knowledge and management of contractor employees of various labor categories and technical skill levels in efforts similar in size and scope as this acquisition
Demonstrate mid-level knowledge of Federal standards, C&A techniques, actions and best practices related to C&A
Demonstrate experience interacting with and briefing senior government leader
Experience with SAP systems in a Public Sector is a plus
Experience with DIACAP/RMF is greatly desired
Knowledge of DoD space/architecture preferred
Knowledge of Risk Management Framework NIST SP 800-53 V4

137

Senior Information Security Specialist Resume Examples & Samples

Protecting the organization from business risks associated with technology, interfacing with Business and technology leads
Assisting the business in resolving technology based audit findings as well as consulting with IT Teams to identify mitigation strategies to internal audit findings
Providing a Single Security and IT Risk advisor for TD Bank, AMCB, for all issues, events, and programs
Providing a point of coordination for all security related activities within the central TRM&IS team
Participating in a State of Health program for the business, including reporting, planning and prioritization of key risks
Participating, as required, in support of all strategic objectives established by the CIO and her/his team
Ensuring the business understands key security and IT Risk strategies, and how they affect specific lines of business
Ensuring full participation in Audit programs assisting the business in identifying technology based controls
Comprehension of Federal and Industry based regulations as well as the alignment to technology controls
Providing guidance and/or consulting service to technology / business partners on key technology initiatives and providing expertise in the areas of Incident Response Management, Vulnerability Management & Reporting and Managed Security Services
Ensuring technology governance methodologies are in place within the business to minimize overall security risks to the Bank
Participating in the development of system security awareness and communication training programs across the enterprise to ensure alignment with the overall Technology strategy and compliance to regulatory and/or established Bank system security standards
Ensuring outsourcing partners adhere to TDBG security policies and standards, by establishing oversight controls, and by ensuring risk has been mitigated to protect the Bank
Participating in the development of on-going Technology Risk reporting, monitoring key trends and/or breaches
Staying current with emerging technology advancements / trends and regulations to support business needs and leverage a highly capable management team, actively developing and deploying talent across the business

138

Information Security Specialist Resume Examples & Samples

Identify security gaps, vulnerabilities and weaknesses in systems, networks and applications
Conduct security risk assessments both at the enterprise and system levels
Develop and maintain a security risk register
Track risk remediation activities
Evaluate security policies, standards and procedures, and suggest improvements
Conduct third-party security risk assessments
Evaluate existing security controls and participate in specifying and developing of new controls
Assist in security incident response activities
Lead and/or participate in security awareness and training initiatives
Identify, analyze and keep current on information security threats faced by the enterprise
Collect and disseminate actionable threat intelligence
At least 5 years of broad Information Security experience
Working knowledge of risk management methodologies
Familiarity with common security frameworks and standards, including NIST Cybersecurity Framework, ISO/IEC 27001:27013, CIS CSC, PCI DSS
Prior significant experience in at least one of the following

139

Information Security Specialist Resume Examples & Samples

Assists with DTO activities to assess the Cyber Security implications of changes to the ITI baseline and new requirements
Reviews changes for compliance
Develop technical documentation and artifacts, including technical papers, presentations, recommendations and findings, which are provided to senior Government IC officials
Develops the deliverables required for this WBS element while collaborating with other staff

140

Information Security Specialist, Principal Resume Examples & Samples

Must have current TS/SCI and able to pass polygraph with 60 days of hire
Working knowledge of TCP/IP networking technologies, Windows Active Directory and UNIX account administration, Windows Active Directory and UNIX folder permissions, Patch Management best practices on Operating Systems and applications, known vulnerabilities associate with Windows and UNIX platforms
Skill in assessing the robustness of security systems and designs
Skill in systems engineering, requirements analysis, system development, software development, or hardware development as applied to the information assurance or cyber security fields
Ability to conduct vulnerability scans and recognize vulnerabilities in security systems
Ability to evaluate the trustworthiness of the supplier and/or product
Ability to establish effective working relationships internally and externally to the client organization

141

Information Security Specialist Sec-pcc Resume Examples & Samples

Incorporate security awareness into classroom and virtual learning, including new hire orientation, new manager training, and other events
Owns and manages relationships with security education and awareness related vendors
Scoping of security awareness campaigns to meet targeted goals
Measurement and reporting of campaign attendance and effectiveness
Experience working in information security and demonstrable understanding of the concepts of information security
Experience deploying and measuring effectiveness of security awareness to a global audience, leveraging LMS, webcasts, and other technology
An in-depth understanding of ISO 27002 security policy, and a working knowledge of other policy frameworks such as ISO, COBIT and NIST a plus
Experience managing the communication to internal customers
Experience developing and delivering security awareness programs
Experience managing a global team, and working in a global virtual environment

142

Information Security Specialist, Principal Resume Examples & Samples

P rovide technical services for installation, operation, maintenance and authorization of hardware and software required for vulnerability scanning capabilities
Review system security body of evidence documentation for accuracy and completeness
Support development of Plan of Action and Milestones (POA&M) containing corrective actions required for unacceptable system and enterprise level risks
Provide support to configuration management and control processes to integrate security and risk management
Scan for network security compliance in accordance with DISA STIGs
Conduct security impact analyses of security controls based on proposed system changes
Support the preparation of security test plans, execute and assess the security control effectiveness using security control test procedures, and create Security Assessment Reports (SAR) based on assessment findings
Support vulnerability scanning activities for external audits (i.e. FISMA and CCRI)
Develop tools and methodologies for tracking and reporting on identified information system vulnerabilities
Must have a current certification compliant with DoD 8570 IAM or IAT level 3. OR must provide demonstrable progress to achieve a DoD 8570 compliant certification within 90 days of hire and maintain certification throughout employment
Typically requires bachelor's degree or equivalent and ten to twelve years of related experience
Experience with ICD 503 and working knowledge of Risk Management Frame work as outlined in NIST SP 800-37
Working knowledge of information system security controls and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A
Knowledgeable in continuous monitoring processes as outlined in NIST SP 800-137 appropriate for systems, leveraging existing tools, efforts, and incorporating new automation techniques
Knowledgeable in information system vulnerability analysis and management
Must have a thorough knowledge of IT including but not limited to network sub netting
Experienced in system testing methodologies that include
Configuration analysis
Security best practices validation
Experienced in security testing and penetration tools that include
WASSP
SECSCN
Backtrack 5
Assured Compliance Assessment Solution (ACAS)
Retina
HP Fortify Web Inspect
Network Discovery & Visual Analytics experience (i.e., IP Sonar, etc.)
Knowledgeable in cyber Incident handling
Experienced in using the XACTA application
Proficient in the use of Microsoft Application tools (i.e. Excel and Powerpoint)

143

Information Security Specialist Resume Examples & Samples

Assist the Information Security Officer with internal consulting, advisement and assistance for all aspects of Information Security
Key point of contact for all regulatory compliance audits and inspections including coordination of evidence gathering from subject matter experts across the business unit
Assist with application and business process related security risk assessments and remediation efforts
Evaluate and advise on policy exceptions for the business unit
Maintain and monitor internal observations/findings for both internal customers and third parties Assist Information Security Officers on information security risk management projects
Understand Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), SSAE-16 attestations, ISO 27001 Standards, Payment Card Industry Data Security Standard (PCI DSS), NIST Standards, standard security practices, current and emerging privacy and security regulations

144

Information Security Specialist Resume Examples & Samples

At least 3-5 years of IT experience with a Bachelor’s Degree in Information Security, Cyber Security or related fields
1-2 years of Security Awareness / Training or a similar background in the Security Control Education areas, preferably in a Fortune 500
3 or more years of relevant Information Security policy and metrics reporting experience
Adept at creating and delivering stimulating and exciting presentations
Creative, positive, optimistic, energetic, and organized
Strong project management skills with the ability to manage multiple priorities
Can communicate an understanding of Business Continuity Planning and the sub-processes of Crisis Management and Disaster Recover

145

Information Security Specialist, Senior Resume Examples & Samples

IBM Tivoli Endpoint Manager / BigFix – security management to monitor & manage physical and virtual endpoints—servers, desktops, and laptops. Utilize software to screen emerging threats in order to pro-actively remediate, protect, and report on endpoints in real-time
Nessus vulnerability Assessment including weaknesses that allow a remote hacker to control or access sensitive data on the system and identify misconfiguration (e.g. open mail relay, missing patches, etc.), default passwords or common passwords on system accounts, or denials of service attacks. Utilize reporting in preparation for PCI DSS audits
Splunk security information and event management (SIEM). Ensure log capture of all critical devices, create searches, reports and dashboards to accurately indicate security posture. Analyse and interpret raw data, identify trends to anticipate potential threats
Utilize, create, and maintain Standard Operating Procedures (SOPs) and Knowledge Base articles
08-10 years w/Bachelors Degree

146

Information Security Specialist Engineer Resume Examples & Samples

At least 4 years of experience in Security Information Event Management (SIEM) and Splunk Tool administration
In depth knowledge of Vulnerability scanning tools, intrusion detection/intrusion prevention systems, and a core understanding of DoD/DISA compliance methodologies/requirements
Expert experience with at least one of the following tool suites highly desired, ArcSight, ACAS, Maltego, CyberArk, HBSS, Imperva, Splunk, Encase, Websense, SourceFire, AlgoSec, Forcepoint/Websense, or FireEye
Strategic and tactical mindset
High tolerance/evolved ability to lead and manage ambiguous situations
Excellent verbal, written, facility and presentation skills
Collaboration and team leadership abilities

147

Information Security Specialist Engineer Resume Examples & Samples

At least 7 years’ experience in Information Security
At least 3 years of experience in Security Information Event Management (SIEM) and Splunk Tool administration
Moderate experience with at least one of the following toll suites highly desired, ArcSight, ACAS, Maltego, CyberArk, HBSS, Imperva, Splunk, Encase, Websense, SourceFire, AlgoSec, Forcepoint/Websense, or FireEye

148

Information Security Specialist, Lead Resume Examples & Samples

Knowledge of IA principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation
Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption)
Knowledge of network access, identity, and access management (e.g., PKI]
Knowledge of security system design tools, methods, and techniques
Knowledge of relevant laws, policies, procedures, or governance as they relate to work that may impact critical infrastructure
Knowledge of TCP/IP networking technologies, Windows Active Directory and UNIX account administration, Windows Active Directory and UNIX folder permissions, Patch Management best practices on Operating Systems and applications, known vulnerabilities associated with Windows and UNIX platforms
Knowledge of Ports, Protocols, and Services for common network traffic
Knowledge of ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37
Knowledge of industry information security standards and protocols
Knowledge of commercial or military software development methodologies, process, and standards
Knowledge of web services protocols, including Simple object Access Protocol (SOAP), Web Services Description Language (WSDL), and Universal Description, Discovery and Integration (UDDI)
Knowledge of structured content tools and languages, and content management systems
Knowledge of known vulnerabilities from alerts, advisories, and bulletins
Skill in assessing the robustness of security systems and designs through testing and analysis
Skill in assessments of industry IT operating system, software database, or hardware
Ability to prepare the various types of security-related documentation
Current certification compliant with DoD 8570 IAM or IAT level 3. At minimum, Candidates must provide demonstrable progress to achieve a DoD 8570 compliant certification within 90 days of hire and maintain certification throughout employment
Working knowledge or experience with ICD 503/RMF/NIST 800-37/53

149

Information Security Specialist Resume Examples & Samples

Analyzing identity and access management processes / workflows and recommend ways to improve effectiveness and efficiency
Support the implementation of the agreed solutions and improvements
Assisting in managing stakeholder expectations of IAM initiatives, develops communication plans, produce status reports and other similar artifacts
Supporting business with creation and maintenance of the Role Based Access Control model
Translating business rules into IAM policies to manage risk
Follow up on new developments in the IAM domain (such as Access Governance around unstructured data) and explore the added value of this for Philips
Understand the IAM architecture and business processes around these implementations
Minimum 5 years of experience in Identity and Access Management
At least a bachelor degree in Information Security, Information Management or Information Technology. If you also have an MBA this is highly appreciated
Experience in delivering projects in an international environment
Strong communication, persuasion, and presentation skills, ability to drive change and manage stakeholders within a complex organization
Experience in improving and developing processes – doing As-Is and To-Be analysis
Experience with adaptive authentication and adaptive access control
Privileged access management exposure or experience is a plus

150

Information Security Specialist Resume Examples & Samples

Hands-on secure application development in a Java environment
Experience with Threat Modeling, DevOps, Secure SDLC and a range of software security testing tools
Advanced Information Security knowledge within several disciplines with strong understanding of relevant supporting architecture domains (business, data, application, technical, integration, etc.)
Expertise in designing and implementing scalable solution architectures that perform at a global enterprise scale
Security solution architecture skills with wide-ranging experience; knowledge within multiple architectural specialties

151

Senior Information Security Specialist Resume Examples & Samples

Completing detailed, risk-based approach Information Security Risks Assessments
Providing Information Security guidance and consultation on policies and standards
Demonstrating advanced understanding of business processes, internal control risk management, IT controls and related standards
Identifying and evaluating complex technology risks and assessing the effectiveness of internal controls to mitigate or eliminate identified risks, and where appropriate proposing related opportunities for internal control improvements
Understanding complex business and information technology management processes
Facilitating the use of technology-based security testing tools or methodologies and synthesizing results to make recommendations for remediation
Using a risk management based approach, working in a collaborative and positive manner with involved personnel to negotiate risk levels and responses and completing all required security documentation
Reviewing project documentation, including but not limited to, business requirements documents, architecture diagrams, white papers, solution documents as input to providing IS guidance and oversight throughout the project life-cycle
Assisting the Business Unit Risk Manager, when necessary, in translating the language of complex vulnerabilities to language easily understood for insertion into Operational Risk Management Accepted Risks and Issues with Action Plans
Partnering with multiple project teams simultaneously executing concurrent work streams as the Information Security stakeholder
Fostering a culture of responsible risk management through the definition of and adherence to appropriate risk appetites, control frameworks, processes and procedures
Updating relevant systems weekly to maintain current status to ensure the integrity of reporting and overall metrics from which reporting is extracted
Building and developing the capability and competency of the IS Project Consultants and Analysts to drive engagement, efficiency and effectiveness of the team. Mentoring new and less experienced team members and training the IS Analysts so they can develop the knowledge and skills necessary to take ownership of several IS Project related deliverable's
7 or more years in system security, controls, and / or information management experience
Demonstrated ability to write business and technical reports and to participate in presentations
Prior Big 4 or other consulting experience desired
Influencing experience at senior levels within an organization

152

Information Security Specialist Resume Examples & Samples

Assist in development and maintenance of the Facilities Engineering Command (FEC) User’s Guide in support of the NAVFAC CyberSAFE Program Office (CSPO)
Work with CSPO to decompose security controls into groups for implementation
Assist in development and maintenance of FEC Component Grading Checklist
Create and demonstrate feasibility of Criticality Analyst Checklist for the CSPO at NAVFAC Headquarters
Support NAVFAC Systems Engineering Technical Review (SETR) working group
Generate and update Program Protection Plan for the CyberSAFE
Generate training briefs in support of CyberSAFE initiatives
Provide support of the Certification and Accreditation (C&A)/A&A processes and reports as required
Develop all C&A documentation in accordance with DoD policies, NAVFAC policies and procedures to ensure that
Accreditation packages are complete and system compliance is met for Designated Accrediting Authority
Conduct CyberSAFE security assessments and assist in assigning of CyberSAFE grade determinations for building and utility control systems
Train and mentor junior staff on information assurance best practices via lunch and learns and local training sessions
15+ years of experience in Information Technology, COMSEC, Network Security and Information Assurance. Must possess strong leadership, communication, and organizational skills
Goal oriented, strategic thinker with a proven excellent ability to manage change, programs, and build partnerships
Must be capable of providing technical expertise on issues relating to Information Assurance of information systems
DOD Top Secret level required with SCI eligibility
Bachelor’s degree in technical field
Bachelors in engineering, business, mathematics, or related field
Both DIACAP and Risk Management Framework (RMF) experience
Familiar with or have working knowledge of the following: KG-84, KG 175, KG-194, KOI-18, KIV-7, NES, SKL, Data Transfer Devices (DTD), STU, STE, PKI, TACLANE, CAC, Fortezza, PCMCIA, SATE, IAAP, CCRI, COMPUSEC, EKMS, EMSEC/TEMPEST, COMSEC, ADPE, JPAS, eMASS, EQIP, DCS DCID 1/19, NISPOMSUP, Joint DODIIS/Crypto logic, NITISSAM 2/95, AUTODIN, Sarah Lite, Active Directory, Microsoft Exchange Server, All Microsoft Office suites, VMware, Unix, Linux, DAMEWARE, Inmarsat BGAN, Iridium, Base Stations, LMR, ITAMS, KVL3000, Land Mobile Radio, Blackberry Enterprise Server, Win XP, KIV-7HS, SharePoint, Tandberg VTC, DCO Chat, BMC Remedy 7.6, Anti-Virus software and Crisis Management System, VMS, PKI, LRA, JAFAN, SAPF, STIGS, Retina, and ACAS

153

Information Security Specialist Resume Examples & Samples

Assess threats and risks with respect to proposed and actual application, system, network and service solution designs
Select, implement and administer security tools
Design and implement appropriate IT security controls
Select, apply and ensure adherence to good information security practice
Define and implement IT security controls that align with the business need and future strategy
Ensure internal and external suppliers and partners implement security to the required standard
Specify, understand and monitor the effectiveness and efficiency of IT Security controls
Work closely with key internal stakeholders to help deliver business critical projects, whilst being an ambassador for information security
Drive action to help achieve continuous improvement

154

Information Security Specialist Resume Examples & Samples

Develop and implement security procedures and ensures compliance with government and IT security policies
Coordinate certification and accreditation for IT systems
Perform file transfers and security classification reviews
Control access to networks and systems
Identifies abnormalities, reports violations, and conducts periodic audits
Typically requires a bachelor's degree or equivalent and 10 to 12 years related experience
Requires demonstrated experience in security procedures and compliance
Experience working in a cloud environment is a plus!
This position requires TS/SCI poly

155

Information Security Specialist Resume Examples & Samples

Provide information security safeguards for multiple or large-scale programs
Implement security improvements by assessing current situation, evaluating trends, and anticipating requirements
Conduct security briefings and participates in the development and implementation of security education programs
Manage physical access to buildings and rooms, clearances, packages, documentation, and debriefings
Acts as a liaison with outside agencies

156

Information Security Specialist Resume Examples & Samples

Responsible for developing and administering data security policies as well as safeguarding information, evaluating existing data security procedures and identifying new areas of risk
Receives assignments in the form of objectives and determines how to use resources to meet schedules and goals. Provides guidance to subordinates within the latitude of established company policies. Recommends changes to policies and establishes procedures that affect immediate organization's operation
Perform event analysis using the Splunk Enterprise Security App
Additional SIEM solutions like Arcsight, QRadar, McAfee Nitro/ESM
Security Analysts with Event Analysis background
Excellent written and oral communication are mandatory
Certifications: Security Analyst / Splunk / CISSP

157

Senior Application Information Security Specialist Resume Examples & Samples

Responsible for developing and/or enhancing the strategies and processes to identify, analyze, and communicate application vulnerabilities as per the CISO Directive and published communication process flows
Must remain current in the web application security space and to ensure web application security principles are implemented and integrated into the Bank’s web application security assessment program
Must have a comprehensive understanding of the HTTP protocol, System Development Lifecycle (SDLC), and Web Programing for multi-tier web applications and web services
Experience performing source code reviews manually or using analysis tools would be considered an asset. Example HP Fortify, IBM AppScan Source, SonaQube, BlackDuck, Sonatype, etc

158

Mobile Information Security Specialist Resume Examples & Samples

This is an opportunity to work with a best in class global enterprise team. Once you work with “A” players you will never want to go back
Cutting edge tech and innovative research
Exposure to the latest developments in technology and latest threats
Fantastic career mobility
Bachelor’s degree or higher-level education or equivalent work experience
5+ years experience in mobile device or information security
Experience with iOS and Android development and testing
Knowledge of current mobile threats
Must be a self-starter, self-motivated, and able to work independently with little oversight
Ability to communicate (verbal and written) with executives and stakeholders in non-technical terms while accurately encompassing risk, impact, likelihood and threat actor techniques, tactics and procedures
Ability to handle multiple work efforts in a fast-paced environment and to be able to quickly change direction as needed
Strong influencing skills
Ability to prioritize conflicting tasks
Proven experience with cyber threat intelligence or information security related activities
Experience in an operations focused information security role
Familiarity with cyber threat landscape, geopolitical issues that could have cyber impacts, security vulnerabilities, exploits, malware, digital forensics, network security vulnerabilities, exploits and attacks
Ability to work in a strong team-oriented environment with a sense of urgency and resilience while being a self-starter and able to work independently
Formal military or intelligence community involvement

159

Senior Information Security Specialist Resume Examples & Samples

Perform Continuous Monitoring
Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the information system
Report all security-related incidents to the ISSM
Conduct periodic reviews of information systems to ensure compliance with security authorization package
Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
Ensure all information system security-related documentation is current and accessible to properly authorized individuals

160

Information Security Specialist BC / DR Resume Examples & Samples

Develops, coordinates, and maintains comprehensive business continuity and disaster recovery plans to ensure the ability to recover in the event of an unforeseen disruptions
Establishes testing methodologies; plans and coordinates the testing of recovery support and business resumption procedures in different functional areas. Assures that recovery procedures are effective for the restoration of key firm resources and for the resumption of critical business processes
Develops strong relationships with business and technology leaders and other business continuity and disaster recovery stakeholders to ensure an integrated approach to both planning and incident response activities
Provides expert guidance to and coordinates the efforts of relevant IT, Business, and other department leaders in developing and documenting recovery procedures
Facilitates the production of documentation, process training, and arranges training for recovery procedures to employees
Performs risk analysis to identify points of vulnerability to assess the firm’s resilience to withstand business disruption and recommends disaster avoidance and mitigation strategies
Audits Business Continuity & Disaster Recovery Plans, documents preparedness status and reports to management and tracks status of any agreed remediation items to closures
Assists incident response team members during a disaster in the implementation of response and alternate operating strategies. Acts as a resource during an emergency situations
Observes incident response and disaster recovery processes and recommends changes as appropriate
Develop and manage information security risk management program for IT services to define and implement an appropriate level of confidentiality, availability and integrity of data and systems for each service
Manage and monitor formal risk analysis and self-assessment program for key systems and processes, including managing risk remediation activities, coordinating customer and third party audits, coordinating responses to RFPs on IT security, controls and compliance areas
Bachelor's degree in Computer or Management Information Systems, Computer Engineering, Accounting, Finance, or other related field or three 3 to five 5 years of equivalent relevant work experience at a management level
Minimum 7 years risk management, business continuity, disaster recovery, internal controls, security audit, risk assessment, information security, and/or technology process experience
Knowledge of COBIT, COSO, ISO, PCI, NIST and Sarbanes Oxley legislation and impact, and other regulations
Demonstrated ability to apply analytical skills in dealing with issues that are not readily defined or that conflict with available information
Solid understanding of industry best practices and standards for business continuity, disaster recovery and risk management
Demonstrated facilitation and project management experience including attention to detail, time management and problem solving skills
Excellent communication skills, both verbal and written. Ability to build and maintain close relationships in a globally diverse, large organization
Well-developed organization skills to manage multiple projects and priorities. Ability to prioritize tasks, work on various engagements and manage rapidly changing assignments in a team environment
Ability to maintain organizational relationships with various stakeholders

161

Information Security Specialist Resume Examples & Samples

12-years of experience with C4ISR
Understanding of the Risk Management Framework process
Experience in accreditation of communication systems in theRisk Management Framework at the federal/ DOD level
Expert in NIST SP 800-53, 800-53a, CNSS 1253
S trong documentation, research, testing, and evaluation skills
Familiar with Assured Compliance Assessment Solution (ACAS)
Must have an active Secret Clearance and be able to obtain TS/SCI security clearance

162

Cyber Information Security Specialist Resume Examples & Samples

Bachelor's Degree in Information Security or at least
3-4 years of directly related experience
Knowledge of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP (and other routing protocols)
Experience with log and packet analysis tools, DLP and techniques
Strong time management, attention to detail, and ability to manage priorities
Experience with routers and other network devices, firewalls, proxies, incident response, forensics, and information security frameworks
Experience with CompTIA Security, GIAC Security Essentials, CEH-Certified Ethical Hacker, CISSP-Certified Information Systems Security Professional, CISM-Certified Information Security

163

Information Security Specialist Resume Examples & Samples

TS/SCI Clearance with polygraph
Bachelor’s Degree or higher in computer engineering or in a field related to the computer engineering or computer science disciplines plus 5 years System Engineering experience. An additional 4+ years of System Engineering experience may be substituted for the degree for a t otal of 9 years
Familiar with Public Key Infrastructure-based authentication
Understands requirement engineering
Understands how to perform analysis of alternatives
Designing security service or integrating with security services
Digital policy management
Working with inter-agency teams
Working with standards boards and organizations
Agile development processes
Cloud technology and cloud security

164

Data & Information Security Specialist Resume Examples & Samples

Ability to handle peak flows
Timely update and escalation to relevant stakeholders
Responsible for execution and maintenance of the security operation
Strong communication skills in order to drive the various operationally required communication processes with the Security Infrastructure Monitoring
Daily Health Checks
Incident and Error Handling
Follow Change Management and Incident Management
On-call Support
Service Request processing and ad-hoc request handling
Good understanding of SLA
Knowledge on Symantec Products
Proper understanding of Audit requirements in Data and Information Security
7+ years relevant experience in Security Operation which includes Data & Information Security
Degree in Computer Science, Data / Information Technology, Engineering or similar
Exposure in D&I / EP Security products
Customized and correlative reporting efficiency

165

Information Security Specialist Resume Examples & Samples

Performs oversight of the development, implementation and evaluation of information systems security program for assigned in compliance with ICD 503, JSIG RMF and NISPOM
Conducts periodic self-inspections on local processes and practices to ensure compliance; accurately reports security posture to site leadership
Ensures configuration management is appropriate for all ISs’ software and hardware, including documentation and tracking of change control actions
Develop policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents
Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system
Ensure that data ownership and responsibilities are established for each IS, to include accountability, access rights, and special handling requirements
Ensure development and implementation of an information security education, training, and awareness program, to include attending, monitoring, and presenting local IS security training
Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed
Assess changes in the system, its environment, and operational needs that could affect the accreditation
Ensure that certification is accomplished on each AIS
5-8 year’s Information Technology experience in a classified environment
Bachelor's Degree: Computer Science, Information Systems, or Information Management
Candidate must possess a current DODI 8570.01 compliant certification (CISSP)
Possesses a working knowledge of applicable Information Assurance-related NIST 800-53 and CNSSI-1253 documents
Experience with supporting various system configurations (Stand-alone, Peer-to-Peer networks, LANs, and WANs)
Experience with auditing/assessing the security aspects of various OSs (Windows and Linux)
Must demonstrate a complete understanding of Information Security Administration principles, concepts, practices, and standards as well as a complete understanding of network devices
Skills with Microsoft Office, including Word, Excel, and PowerPoint
Excellent writing skills, including understanding of grammatical rules, punctuation, sentence structure

166

Privacy & Information Security Specialist Resume Examples & Samples

Identify and analyze sensitive data and the environments in which they are processed, transmitted, or stored
Execute the development and implementation of processes that support business and research needs across the University
Apply security knowledge, skills, and abilities on assignments, projects and programs at the discretion of the Chief Privacy and Security Officer
Design and advise on process, solutions, technical specifications, and implementation details to provide confidentiality, integrity, and availability of systems and process that involve sensitive data and/or mission critical systems
Work with operational security staff to implement proactive detection, automation, and defenses into the University IT infrastructure and respond to security incidents
Contribute to team discussions on formulating new or improving existing processes, policies, and standards
Use discretion and maintain confidential information
Review existing and planned practices, policies, and standards with University stakeholder to implement University policy and standards
Set and manage customer expectations through partnership with the Technology Services Service Center
Maintain professional expertise by attending outside seminars/courses and thorough review of published literature
Consult with business and technical partners across campus regarding HIPAA & PHI privacy and security matters
Analyze existing solutions and advise privacy and security operations team on monitoring, detection, and response for HIPAA & PHI related processes and systems
Facilitate completion of vulnerability assessment and risk analyses of existing and planned HIPAA & PHI systems
Advise and support University general security and HIPAA training programs
Conduct partial and/or complete HIPAA & PHI privacy and security assessments and audits at the discretion of the Chief Privacy and Security Officer
Experience authoring and presenting a wide range of formal and informal business and technical communications tailored to individual or plural organizational audiences
Experience participating in diverse workgroups
Experience with healthcare regulatory matters
One or more years of experience in an academic campus IT environment
Experience working with or for a dedicated IT security office
Experience working with IT Security Incident Response
Experience evaluating vulnerability scans in a professional environment
Applied knowledge in one or more of the following domains including but not limited to Data Security, IT Systems and Operations, Network Security, Systems and Applications Security or Vulnerability Management
Understand instructional design methodologies
Experience and knowledge of HIPAA, HITECH, and related domestic privacy laws
Familiarity working with a Security Event Management product
Letter of application
Names/contact information of three professional references

167

Information Security Specialist Resume Examples & Samples

Maintain and track vulnerability assessment and mitigation efforts using Tenable System Center Continuous View, Nessus scanners and other analytical tools as appropriate
Utilize experience with firewalls to monitor and audit access lists, IDS/IPS incidents, security controls, and maintain logging
Identify log and event sources, including Active Directory, network devices, access management logs, IDS/IPS, VPN access, etc., to feed into MSSP on premise security sensors for threat detection, behavioral analysis and anomalies requiring investigation
Utilize MSSP sensor software to support dashboard, report, and other capabilities to support the CMP
Assist with maintaining Plan of Action and Milestones (POAM) and tracking remediation within required timelines
Support Incident Response efforts and track incidents to completion
Support cyclical auditing and monitoring required within Federal and International security frameworks
Develop and submit submission packages, including POAM status, vulnerability assessments, and mitigation efforts
Assist with coordination of yearly vulnerability and penetration testing (External & Internal) to be performed by 3rd party provider
Assist with coordination and performance of internal vulnerability and penetration testing, and risk assessments by IMPAQ personnel
Maintain baseline configurations, including SQL DISA STIGS, CIS for all Windows servers, USGCB for workstations and make recommendations for system hardening accordingly
Conduct security impact analyses of controls on proposed system changes
Other information security duties as assigned
Minimum of 5 years of experience completing security duties as outlined in Duties & Responsibilities
Experience working with the Tenable SCCV suite (preferred) or other SCAP compliant tools
Minimum of 5 years of experience applying security requirements within industry standard risk management frameworks, including, but not limited to: FISMA, HIPAA and PCI
Three or more years of experience with reviewing intrusion detection reports
Three or more years of experience in executing incident response and corresponding computer forensics
Three or more years of experience in running and managing automated vulnerability scanning and related tools
Minimum of three years of experience administering and utilizing SIEM and/or similar systems
Working knowledge of standard vulnerability & exploit frameworks (ex: CVSS)
Solid understanding of network protocols, design and architecture
Three or more years of experience securing multiple platforms and operating systems
Expertise in industry standard threat and vulnerability controls
Demonstrate the ability to learn quickly and apply knowledge accordingly
Excellent interpersonal skills; ability to communicate effectively with team members and other staff
Utmost reliability in ensuring network security and protecting confidential data
Must be proactive and self-driven
Must demonstrate a positive work attitude and strong customer service skills

168

Information Security Specialist Resume Examples & Samples

Identify vulnerabilities and recommend remedial action to be taken by resolver groups
Provide initial preliminary details and/or diagnosis to resolver groups
Detect & eliminate false positives by working with resolver groups and L2 security analysts
Technical expertise in multiple security technologies is a must, as is extensive security incident handling experience
Ability to understand the implementation of Intrusion Detection Systems (IDS), Firewalls, Internet Filters, System and Application Logs, Vulnerability Scanners, and Security Information and Event Management (SIEM) systems is essential
Knowledge in IAM (Identity & Access Management) solutions
Knowledge of operation of Security Solutions including, Firewalls, IDS, Internet Filters, DLP, Vulnerability Scanners, Anti Malware Solutions Etc
Excellent understanding of System, and application Logs from a variety of platforms

169

Senior Information Security Specialist Resume Examples & Samples

University Degree
10+ years of relevant experience and are equipped to provide technical leadership to a larger team portfolio
Comfortable operating as a technical expert with deep knowledge of IT security and risk disciplines and can foresee issues and identify emerging industry trends
Advanced and highly-specialized knowledge of the business, technology controls / security/ risk issues
Experience working on high-profile, complex and/or high-risk technology projects with significant impact to the organization
Ability to demonstrate technical leadership to a larger team portfolio

170

Information Security Specialist Resume Examples & Samples

Exhibit strong analytical and diagnostic skills
Applied security support familiarity with operating systems, networks, productivity software
Ability to apply information security foundations to complex network architectures
Understand the architecture of systems and network including identifying security controls in place and how they are used
Understand security issues associated with operating systems, networking
Maintain a current understanding of security issues and vulnerabilities to information systems, especially cloud service hosted systems
Apply a holistic approach to issue identification and problem resolution
Ability to work methodically and is very detail oriented
Ability to understand and forensically demonstrate attack execution
Ability to apply active listening skills especially with customers
Ability to clearly articulate complex concepts both written and verbally
Excellent presentation and communications skills to effectively communicate with management and customers
Must have five years of experience providing information security/cyber security support (Typically requires Bachelor's degree or equivalent and 2-4 years related experience.)
Secret security clearance must be obtainable; current Secret clearance preferred
Systems Security Certified Practitioner (SSCP), Security+, Advanced Security Practitioner Certification (CASP), or related security certification required
Technical knowledge of mainstream operating systems required (Microsoft Windows, (UNIX and Linux is a plus)
Ability to process email for SPAM, Phishing, and data loss control
Experience with device control management tools (usb) required
Experience with antivirus solutions is a plus
Knowledge of application whitelisting control, using Bit9 specifically, is a plus
Basic understanding of US Government security regulations and methodologies, FISMA, FedRAMP, and NIST special publications required
Must be willing to support occasional weekend work

171

Information Security Specialist Resume Examples & Samples

Support the ongoing development of information security delivery through the application of specialist knowledge and capability
Lead on the business relationships across the BBC, its 3rd party partners and suppliers; nurturing positive relationships to ensure constructive engagements
Provide pan-BBC security expertise and assistance to business areas and individuals on good practice and requirements, to ensure BBC Information is appropriately protected, providing constructive challenge and using persuasion and negotiation to drive policy compliance
Ensure knowledge and understanding keeps pace with the ever changing technologies and threats posed to the BBC
Plan, supervise and review workloads for analysts / junior analysts within the team undertaking appraisals of performance where appropriate
Provide day-to-day support and guidance to analysts / junior analysts and undertake line management of staff as required
Ensure that the analyst workloads are managed in an equitable and efficient manner to meet any SLAs and deadlines agreed with the business and other Technology functions
Ensure knowledge transfer to other members of the Information Security team
Provide input into Information Security Bulletins on vulnerabilities that affect BBC Users and Divisions
Develop authoritative awareness materials and undertake Information Security briefs to staff at all levels from right across the BBC, including journalists, presenters, and managers responsible for strategy, who must fully understand the complex and ever-changing nature of the cyber-related risks they must counter
Report and escalate appropriately any identified risks or threats to BBC Data
Ensure guidelines for senior management are adopted
Act as an authoritative subject-matter expert: making recommendations to project teams, sponsors and senior management with regard to identified Information Security risks and formulating suitable recommendations and policies as required
Maintain high standards and reflect this through Information Security output
Facilitate the ongoing development of information security policy and processes
Produce regular management reports on the status of Information Security Tasks
Broad infrastructure and technology experience, with demonstrable understanding of security issues in multiple technical environments
Demonstrable broad-ranging and comprehensive knowledge of information security theory and practice
Demonstrable minimum of 5 years practical experience working within an Information Security/Assurance or relevant IT role
In-depth knowledge of relevant legislation, codes of practice, guidance and operating procedures
Proven track record of Information Security Delivery
The ability to identify and solve varied problems by the application of a suite of complex tools and techniques
Highly effective and creative problem-solving skills, across a broad range of scenarios, that both deliver novel solutions and enable continual improvement in existing threat mitigation and counter measures
Highly IT literate, able to work quickly and precisely on a variety of systems, often under pressure and to important deadlines
Formal information security qualifications such as SSCP, CISSP, CISM or CRISC, ISO27001 Lead Auditor preferred

172

Senior Information Security Specialist Resume Examples & Samples

Identify potential IT security incidents
Perform triage of incoming security events, preforming preliminary and secondary analysis of those events
Provide analysis and support to include identifying potential threat, anomalies, and infections; assemble indicators to support conclusions, documenting findings, providing recommendations validating the events and work with the IT team to remediate the findings
Analyze traffic flows, system logs, etc.
Conduct hardening and compliance review of Server/Client OS (DHS/USGCB, etc.), Network Devices, and other IT assets
Perform preliminary forensic evaluations of internal systems
Identify, research and resolve technical problems
Document, track and monitor problems to ensure a timely resolution
Ensure that Information Security risk assessments, deficiency analysis, system checks and audits are performed regularly
Responsible for information security incident technical discovery, response and remediation
Continuously monitor the existing Information Security standards (NIST 800-53, 800-171 and FIPS 140-2)
Protect system by defining access privileges, control structures and resources
Recognize problems by identifying abnormalities and reporting violations
Implement security improvements by assessing current situation, evaluating trends and anticipating requirements
Determine security violations and inefficiencies by conducting periodic audits
Keep management informed by preparing performance reports and communicating system status
Maintain quality service by following organization standards
Assist in maintaining security policies, standards and processes when changes are required
Assist in tracking security incidents and maintaining a list of them in a security incident database
Assist in preparing notices for distribution to users alerting them to potential security issues when needed
Establish and maintain information security policies and procedures to safeguard the confidentiality, integrity and availability of all corporate information
Assist in Compliance to ensure the security and integrity of employee, customer and company data
Assist in managing the development, testing, deployment, monitoring, maintenance and operations of information security systems
Assist in ensuring that Information Security risk assessments, deficiency analysis, system checks and audits are performed regularly
Assist in maintaining and monitoring of the company’s Information Technology disaster recovery programs
Identify requirements and assist in maintaining and updating Security training development and Awareness Campaign – annual refresher training content and internal phishing campaigns
LI-ANS

173

Information Security Specialist Resume Examples & Samples

Identify potential IT security incidents, assemble indicators to support conclusions, and work with the IT team to remediate findings
Analyze traffic flows, system logs, etc
Provide support to end users on a variety of IT and security issues
Respond to telephone calls, email and personnel requests for technical support
Assist in hardening and compliance review of Servers/Client OS (DHS/USGCB, etc.), Network Devices, and other IT assets
Perform a periodic accounts and workspace audits

174

Information Security Specialist Resume Examples & Samples

Verifies that all IKEA US entities run in compliance with IKEA Group Policies, Standards, and Rules on Data Privacy and Information Security, but also in alignment with applicable regulatory requirements
Develops a broad and proactive risk handling approach for the US on Data Privacy and Information Security risks, which is well accepted and understood by the business stakeholders, ensuring the Risk Management Process is followed with risks being identified, assessed, and key risks being treated at an early stage
Partners with the local Information and Business Process owners in order to support them to understand the steering documents as well as the value of the information in their process or solution, and how to subsequently place the necessary Data Privacy and Information Security requirements and measures on their process or solution
Secures awareness and education for all co-workers in Data Privacy and Information Security in the US organization
Ensures that Data Privacy and Information Security requirements are considered for inclusion in all local contracts
Partners with Legal in own country to ensure awareness of all information security and data protection related matters, thus ensuring all US specific legal requirements are effectively managed
Supports and coordinates continuous internal and external compliance measurements (Information Security Self Assessments, PCI-DSS, Penetration testing of local solutions, etc.) and reports on the level of compliance to the relevant business stakeholders
Extensive understanding of potential business and information risks
Experience with implementing or working with Data Privacy and Information Security
Intermediate knowledge in data privacy laws
Background in legal, compliance or other relevant area as Information Management/Information Security
Project management and change management experience
Working knowledge of the IKEA product range, IKEA concept and overall IKEA business process
Proven ability to influence in a matrix organization
Proven ability to contribute to part of a larger team and working cross-functionally in order to delivery overall business goals and objectives
5-25% Travel (1 day per week on avg.)

175

Information Security Specialist, Senior Resume Examples & Samples

Manages firewalls and intrusion detection systems
Safeguards the network against unauthorized infiltration, modification, destruction or disclosure
May research, evaluate, test, recommends communicate and implement new security software or devices
Provides information to management regarding the negative impact caused by theft, destruction, alteration or denial of access to information
Prepares evaluation reports
Recommends remedial action

176

Information Security Specialist, Principal Resume Examples & Samples

Typically requires a bachelor's degree or equivalent and 10 to 12 years related experience. Master's degree or doctorate in field mathematics, telecommunications, electrical engineering, computer engineering, or computer science is preferred
Knowledge in software development using Java, Microsoft .NET (C# or VB) OR C/C++ 5+ years. Knowledge of common build tools (e.g. ant, make, maven, msbuild, etc.)
Knowledge in developing and/or deploying web applications. Knowledge of software, computer, and network architectures
Knowledge and experience in enterprise security or application security. Prior experience working with Federal government organizations (DoD, Civilian agencies)
Be highly motivated, competitive, entrepreneurial and attracted to challenging opportunities. Have demonstrated the ability to work in a fast-paced environment where organizational skills are essential; have strong problem solving, analytical, interpersonal, and ownership skills
Possess excellent collaboration skills with a wide variety of internal team members. Be an intelligent, self-starting, self-confident individual with integrity and accountability. Possess strong written and verbal communication skills as well as presentation skills
Knowledge of Mobile application security testing experience a plus
Experience with multiple operating systems is strongly desired
CISSP, CSSLP, CISA, CEH, and/or MCSE/MCITP certifications are preferable

177

Information Security Specialist Resume Examples & Samples

Implement overall CSA information security service delivery strategy in area of Information Security and Business Continuity
Complete understanding of customer and Nokia security policies
Delivery of solutions to ensure business continuity, disaster recovery and mitigation of security related programme delivery risks
Review of customer security policies and development of security solutions to enable operations access to all systems required to implement operations design
Preparation of security procedures for use by Nokia operations staff
Definition of training programme for all Nokia stakeholders in the security solutions
Create customer data management policy and security management solution to meet customer security policy requirements
Contribute in the risk assessment and remediation action proposal process
Review of network and operations designs and processes to ensure they meet security policy requirements
Implementation Information Security process and procedures
Performing Risk management activities
Proactive monitoring non-technical and technical security controls environment
Good understanding of computer information operate environment
Good understating ISO27001
Understanding on working with quality management and legal standards
Excellent communications and documentation skills in English
Practical project management skills confirmed by working experience
Ability of easy communication in English in international environment
Customer facing security solution design
Security solution design, testing and configuration
Network integration and security solutions testing

178

Finance Information Security Specialist Resume Examples & Samples

Advanced level of English
Ability to work creatively and analytically in a problem-solving environment
Coordination and follow up of other teams/resources activities
Prepare and present specific topics to different kind of audiences
Data manipulation
University degree in finance related careers, like Administration
Expertise working as a team member, very good communication and presentation skills, coordination and follow up activities skills
Capacity for working independently, interacting with people in other countries
General interest in information security topics
Advanced oral and written English

179

Information Security Specialist Resume Examples & Samples

Triage and short-term analysis of real-time data feeds (such as system logs and alerts) for potential intrusions
Understanding and experience with incident analysis, log analysis, how malwares function and a good understanding of adversary TTP’s
Penetration testing activities which includes validating and prioritizing vulnerability findings
Owning and initiating a Threat Intelligence Program and projects related to it
Be an integral part of the Incident Response Team, contributing to the content building and contribute to any major incident response

180

Information Security Specialist Resume Examples & Samples

Seasoned hands-on programming experience in Java technologies is a must have
Programming experience in Information Security is nice to have
Proven knowledge of Agile and DevOPS practices is highly preferred
Ability to offer reasonable remediation solutions to problems created by insecure code is required
Excellent written and verbal communications skills is required
Ability to lead by example and influence change is required

181

Information Security Specialist Resume Examples & Samples

Determines enterprise information security standards
Develops and implements security standards and procedures
Coordinates, develops, and evaluates security programs for an organization. Recommends security solutions to support customers’ requirements
Establishes and satisfies information security requirements based upon the analysis of user, policy, regulatory, and resource demands
Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures
Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers
Provides integration and implementation of the computer system security solution
Analyzes general information security-related technical problems and provides basic engineering and technical support in solving these problems
Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle
*************** No Agencies Please *****************

182

Information Security Specialist Resume Examples & Samples

Manage the Mark Center Information Assurance team
Determines enterprise information security standards and requirements
Ensure the Mark Center is compliant with the deployment of all IA-related tools and applications (e.g. ACAS, HBSS)
Continue to develop the C&A package into eMASS
HBSS deployment needs to be brought into align with cybercom
STIG remediation on Yellow
ACAS upgrade and consolidation
Transition to RMF
8570-compliant IAM Level II or Level III certificate (e.g. CISSP)
DIACAP and or RMF experience
U.S. Information Technology Agency (US ITA) experience working with the Enterprise Information Mission Assurance (EIMA)
Washington Headquarters Services / Enterprise Information Technology Services Director (EITSD) experience
Enterprise mission assurance support system (eMASS) experience
HBSS Deployment experience
TS/SCI Desired

183

Global Information Security Specialist Resume Examples & Samples

4 to 8 years of experience in cyber security or a technology-related field
Evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc
Experience in implementation of information security strategy, including compliance with industry best practices and regulatory requirements
Excellent verbal and written communication skills. Ability to communicate with business leaders, users and tech-savvy stakeholders. Create reports and analyze reports for a diverse group of stakeholders
Ability to take ownership of an initiative/issue thru completion
Ability to work in a collaborative environment
Optional Certifications: CISSP (ISC2), CISA (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2
Bachelor's degree in Information Technology, information security or related field
Ability to work with technical and non-technical business owners

184

Information Security Specialist, Lead Resume Examples & Samples

Provide guidance for securing information systems, and s upport information security assessments
Conduct FISMA security inspections and provide evaluations
Typically requires a bachelors degree and seven to nine years of related experience

185

Principal Information Security Specialist Resume Examples & Samples

Responsible for elements of physical and environmental protection, personnel security, incident handling, and security training and awareness and ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures
Create and maintain existing information system security documentation, including SSP, SCTM, and Security Configuration Guide
Write implementation and design documents describing how security features are implemented
Prepare system documentation for assessment in accordance with the Risk Management Framework (RMF) and NIST Special Publications (800-37, 800-53 and others); identify deficiencies and provide recommendations for solutions; track findings with Plan of Action and Milestones (POA&M) through mitigation and/or risk acceptance
Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes
Conduct daily, weekly and monthly audit review and management of the audit collection system
Implement media control and data transfer policies
Provide direction and guidance to less experienced IA personnel
Remain sensitive to security infractions and assist in security investigations and responses as requested
Monitor system recovery processes to ensure security features and functions are properly restored and functioning correctly following an outage

186

Senior Information Security Specialist Resume Examples & Samples

Extensive knowledge and experience in Active Directory and Windows Server
Familiarity with Powershell
Preferred Experience in Novell, UnboundID, LDAP query language, UNIX/Linux
Excellent communication skills (ability to work with both upper management and general staff)

187

Information Security Specialist Resume Examples & Samples

Provide expertise to computer system end users concerning issues such as computer data access needs, security violations, and system or programming changes
Document computer security and emergency actions set forth in policies, standards, procedures and guidelines
Identify, investigate, and recommend appropriate corrective actions for information security incidents and potential threats, and respond to reported security violations
Identify causes of security violations, and recommend and implement corrective action to ensure information systems security
Enforce security policies and support existing systems in accordance with policies, standards, guidelines, and procedures
Participate in the evaluation, development, and implementation of security standards, procedures, and guidelines for specific system environments to enhance information systems security and prevent the unauthorized use, release, modification, or destruction of data
Assist in developing security awareness materials, presentations, training sessions, and communications, to promote information security awareness
Provide level 3 support for a wide range of highly complex information security issues including secure architectures, secure electronic data traffic, network security, and data security and privacy. Participate in the design, development, evaluation, and integration of highly complex computer systems and networks to maintain system security
Perform software code review to ensure adherence to security best practices
Perform and/or coordinate forensic/external analysis of networks and systems as required by security incident response, or upon request from the legal department
Test and implement appropriate information security methods and control techniques such as firewalls, intrusion detection software, data encryption, data backup and recovery
Maintain an awareness of existing and proposed security standard setting groups, and regulations pertaining to information security
May train less experienced personnel in technical complexities of assigned work
Experience: Minimum of 6 years related experience in IT, with 4+ years in an information security or compliance role
An equivalent combination of education and experience may be accepted as a satisfactory substitute for the specific education and experience listed above
Certification/Licensure: IT security related certification preferred (e.g., CISSP, CISA, GIAC, or similar professional certification)

188

Information Security Specialist Resume Examples & Samples

Responsible for delivery and post-delivery penetration testing support
Exploit using methods such as HTML5 cross domain exploiting, SQL injection, Session tampering, cookie manipulation, XSS exploiting and others
Red Team or Ethical Hacking experience

189

Information Security Specialist Resume Examples & Samples

Responsible for security risk assessments of new and legacy technology solution architecture. This involves collection of artifacts, questionnaires, and reports; drafting of risk assessment reports; and assisting other staff members in navigating the risk assessment process
Provides state-of-the-art technical expertise and support to clients, IT management and staff in risk assessment and the implementation of appropriate data security procedures and products. Reviews the design, development, testing and implementation of appropriate IT security plans, products, firewalls and other access control techniques
Participates in the establishment and implementation of new and existing information security policies and procedures. Assists in policy development when needed
Evaluates effectiveness of training courses and sources of training
Identifies and documents emerging vulnerabilities, evaluates associated risks and threats and provides countermeasures where necessary
Prepares activity and progress reports

190

Information Security Specialist Resume Examples & Samples

Leads the security staff in the architecture, development and implementation of security standards, procedures, and guidelines for multiple platforms and diverse systems environments (e.g., firm-wide, distributed, client server systems, and e-applications)
Participates in the evaluation, development and implementation of security standards, procedures and guidelines for multiple platforms and diverse systems environment (e.g., firm-wide, distributed, client server systems, and e-applications)
Tests and implements appropriate security methods and control techniques such as firewalls, data access rules tables, intrusion detection software, data encryption, data backup and recovery
Supervises, guides and provides technical support and training to the Information Security staff and assists the Manager in the review and evaluation of the work of the staff, planning, organizing and controlling the activities of the section and in the development of the overall project plans and timetables
Consults with IT and client management in the development of tactical security plans and directions to assure the integration and operation of the firm-wide, distributed and/or client server business area architectures
Advises on information security opportunities that can be utilized or adapted to meet business area objectives
Maintains an awareness of existing and proposed security standard setting groups, State and Federal legislation and regulations pertaining to information security and emerging vulnerabilities
Identifies regulatory changes that will affect information security policy, standards and procedures and recommends appropriate changes
Supervises implementation of data privacy and security standards

191

Principal Information Security Specialist Resume Examples & Samples

Deploy security products such as ACAS, McAfee, Nessus
Deploy security patches and implement security controls
Ensure systems are operated, maintained and disposed of in accordance with security policies and procedures as outlined in the security authorization package
Attend required technical and security training (operating system, networking and security management) relative to assigned duties
Maintain required Cyber Security certifications
Conduct periodic reviews of information systems to ensure compliance with security authorization package (Continuous Monitoring)
Serve as a member of the Change Control Board, as needed
Coordinate any changes or modifications to hardware, software or firmware of a system with the ISSM and AO/DAO prior to the change
Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization
Ensure audit records are collected, reviewed and documented (to include any anomalies)

192

Information Security Specialist Resume Examples & Samples

Gain support and understanding for the subject of information security across the organisation, and engaging staff with the subject
Ensure the smooth running of day to day internal communications activities and events, to bring about a change in staff behavior, and increase understanding of the subject. Bringing it to life in creative ways
Build purposeful relationships by collaborating, sharing and seeking opinions and ideas across the BBC
Support the design and drafting of awareness materials across the BBC
Make information security more accessible to staff and raise the profile of the team
Assist other parts of the Information Security team in identifying information security gaps within services, systems and processes
Liaise with 3rd party BBC suppliers with regard to the design and development of information security awareness materials
Contributing to the Information Security programme of information security improvements across the BBC
Demonstrable and practical experience working within an Information Security/Assurance or relevant IT role

193

Information Security Specialist Resume Examples & Samples

Conducting vulnerability assessments on a wide variety of technologies and implementations utilizing
10 + years in the IT profession
5 + years of experience performing vulnerability assessments and penetration testing
Experience/understanding of security principles, policies and industry best practices
Demonstrable experience with common network vulnerability assessment techniques and tools
Familiarity with common penetration testing methodologies such as the OSSTMM, OWASP Testing Guide and the PTES
Emerging Technologies
Industry and Company Knowledge

194

Information Security Specialist Resume Examples & Samples

Requires a Bachelors degree or equivalent and 2-4 years in Engineering, Computer Science or related discipline or equivalent experience
2-4 years of Network Security preferred
Security Plus preferred
Ability to read and understand Security Technical Implementation Guides (STIGs)

195

Information Security Specialist Resume Examples & Samples

3-5 years of progressive experience with network and/or data center security
3-5 years of progressive experience in systems deployment and associated security measures
1-3 years of progressive experience in PCI, FERPA, HIPAA, and/or similar industry security standards
Excellent critical thinking and problem solving skills
Positive attitude and solutions oriented thinking
Ability to communicate technical concepts to both technical and non-technical audiences
MS Visio, MS Project
Position reports to the Manager of Infrastructure Services

196

Cyber Information Security Specialist Resume Examples & Samples

Investigate intrusion attempts and perform in-depth analysis of exploits
Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident
Conduct proactive cyber threat intelligence research
Perform initial triage on security events that are populated in a Security Information and Event Management (SIEM) system
Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
Provide information regarding intrusion events, security incidents, and other threat indications and warning information to US government agencies
Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC operations
Ensure the transfer of knowledge between analyst shifts and leadership to provide an understanding of daily SOC operations and updates for all new and ongoing investigations
Act as an escalation point for event analysis and declared incidents
Responsible for managing Critical incidents to ensure all standard operations are taking place
Develop focused reporting and briefings for advanced cyber threats
Review event analysis and incident reports to ensure proper documentation and quality control
Document and maintain a knowledge base of alarms (false positives and false negatives, blacklists, whitelists) detected by IDS and IPS sensors
Provide subject matter expertise for security/information assurance policy recommendations
Gather internal and Open Source intelligence to increase security posture and reduce attack surface
Minimum of four (4) years of direct experience as a Security Analyst or SOC role within the last five years, and demonstrated ability to execute the duties and responsibilities of a Security Analyst, or a combination of education and experience, which would provide an equivalent background
Experience with conducting operations relating to insider threat, counterintelligence investigations, and counterespionage
Develop, execute, and maintain standard operating procedures (SOPs) for the insider threat program
Perform investigations in support of potential inside threats
Experience and extensive knowledge working with a SIEM and performing triage, information gathering and analysis
Experience in Security Incident Handling and Incident Management procedures
Experience with writing clear and concise technical documents specifically event analysis and incident handling documentation
Demonstrate knowledge of the TCP/IP stack and other protocols
Knowledge of computer networking, routing and switching
Demonstrated experience performing raw packet analysis
Experience with Linux/UNIX and Windows based devices at the System Administrator level
Scripting proficiency (e.g., PERL, Python, shell scripting)
Organizational skills and the ability to work autonomously with attention to detail and processes
Excellent communication skills with experience providing incident briefings to peers, management and clients
One of more of the following Industry recognized professional certifications: CISSP, GCIH, GCIA, CEH, Security+
SIEM experience with Splunk
Experience with a commercial User Behavior Analytics tool
Windows Forensics analysis
Content Management and development for security technologies (AV, FIM, HIPS, NIPS, SIEM, WAF/DAM)
Past experience with or current understanding of government intelligence processes and systems

197

Information Security Specialist Resume Examples & Samples

Assist with internal consulting, advisement and assistance for all aspects of Information Security
Serve as subject matter expert in multiple security disciplines and security consultant for - projects and troubleshooting efforts
Work as the subject matter expert on USIS business unit IT platforms and infrastructure
Work with the USIS business unit IT organization to proactively identify and address security observations
Perform business process related security risk assessments
Maintain and monitor internal observations/findings for both internal customers and third parties
Perform advanced countermeasure design, development, implementation, and assessment in conjunction with Security Engineering
Hands-on technical skills and working knowledge of infrastructure technologies, business processes and applications with a focus on authentication technologies
Committed to operational excellence, with willingness to cross-train and to learn additional technical expertise
Bachelor’s degree in related field preferred
Minimum 3 - 4 years of security experience

198

Information Security Specialist Resume Examples & Samples

Acts self-directed, performing day to day tasks and providing administrative support
Coordinates support activities for major systems and sub-systems
Oncall rotation responding to alarms of monitored systems and co-ordinated change activates
Delivers on multiple operational functions; participates in complex projects, and undertakes activities as required; responsible for the completion of a phase/task or project
Provides short-term and long term strategic input
Formulates and analyzes trends and makes recommendation based on results
Makes operational changes in support of improved metrics
Understands business functions related to existing and proposed technology, solutions and services
Extends knowledge and develops expertise in specific systems and business areas
Undergraduate degree or equivalent (college diploma plus an ancillary well recognized security certification such as CISSP), and 2+ years of applied technical experience
Evidence of wide ranging technical skills suitable for responding to multi-tier security challenges across disparate systems
Evidence of experience working in cross-functional groups taking initiative to drive toward solutions
Demonstrable knowledge, skill and expertise in one or more of the following (or similar) technologies

199

Information Security Specialist Resume Examples & Samples

Five to 10 years' work experience in information security, cyber security, data protection or a related field
5+ years of experience in performing vulnerability management for all platforms
Risk-based vulnerability prioritization, reporting, and developing remediation steps
Developing and work shopping processes and run books for vulnerability identification, analysis, remediation, and reporting
Maintain governance material for the vulnerability management program
Must have solid understanding of Network and Security infrastructure, topology including firewalls, routers, wireless access points, DNS, DHCP, and Group Policy
Experience securing virtual, physical and cloud environments
An understanding of regulatory and Controls requirements: PCI, FFIEC, SOX, HIPAA, ISO 2700x, NIST standards

200

Information Security Specialist Resume Examples & Samples

Thorough Analyst of alerts on SIEM
Forensic tools knowledge – Encase, Nuix, FTK, eDiscovery (various tools)
Forensic hardware - Disk imaging
Information Security Incident management experience
Forensic investigation experience
Ability to analyze malware, Trojan etc
Ability to correlate events, alerts
Decreasing false positives on the SIEM
Prepare dashboards and analysis on the alerts received
Follow ups with respective team to close the alerts
Understand foreigner/non foreigner device and block device accordingly
Liaison with different IT teams from respective sites
Generate and Analyze reports
Carry out Threat management
Thorough understanding of Threats, vulnerabilities and Impact vectors

201

Information Security Specialist Resume Examples & Samples

Implements firewall security rules, Network Address Translation (NAT) rules, and Check Point Virtual Private Networks (VPN)
Implements web proxy policy rules and exceptions
Configures endpoint vpn connections
Ensures functionality of system backups
Monitors success of automated upgrades
Performs system installations, refreshes, and upgrades (i.e. database, operating system, and application)
Assists in firewall rule cleanup and remediation as needed for quarterly reviews
Maintains security process and system configuration documentation and diagrams
Performs additional duties and special assignments, as required and assigned
Extensive knowledge of the Checkpoint Security Appliances

202

Information Security Specialist Resume Examples & Samples

Provides state-of-the-art technical expertise and support to in-house developers to apply appropriate information security procedures and products
Provides technical expertise and support to client, IT management and staff in risk assessments, implementation and operational aspects of appropriate information security procedures and products
Helps to develop communications and related campaigns for information security awareness among all staff
Performs access control and account administration of critical information resources including data access rules tables
Helps to coordinate the reporting data security incidents and may participate in investigations
Reviews the development, testing and implementation of security plans, products and control techniques
Acts as a liaison to the product groups and assists them in the implementation of data privacy, information security technologies, and applications security
Maintains an awareness of existing and proposed security standard setting groups, State and Federal legislation and regulations pertaining to information security
Identifies regulatory changes that will affect information security policy, standards and procedures, and recommends appropriate changes

203

Junior Information Security Specialist Resume Examples & Samples

Manual and automated source code review, especially for ASP.NET and Erlang
Manual and automated web application black-box security testing
Supporting the creation of technical documentation
Developing an understanding of the business
Security vulnerability analysis/assessment
Identifing any nonconformity within the business and escalate appropriately
Understanding of the general principles, practices and technologies of Information/Digital Security
Basic knowledge of structured methodologies for conducting and reporting Web Application Penetration Testing
Understanding of automated dynamic and static application security testing tools
Understanding of manual security testing to find vulnerabilities to logical issues
Basic understanding of developments in security technology and their application
Basic understanding of industry standard Information Security practices
Ability to work to deadlines
Pragmatic approach to the administration of governance and risk
Appreciation of IT principles./**/ Apply for this job

204

Information Security Specialist Resume Examples & Samples

Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field
Typically Minimum 6 Years Relevant Exp
Including network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows; proven experience working with security operations, intrusion detection systems, Security Incident Even Management systems, and anti-virus collection logs; including knowledge of industry standard security compliance programs ((PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act)), etc.). Knowledge of industry standard security compliance programs ((PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act), etc.)
Professional certifications CISSP(Certified Information System Security Professional),CISM(Certified Information Security Manager) ,CISA(Certified-Information-Systems-Auditor),GSEC(GIAC Security Essentials) ,Network +,Security +
Skills / Knowledge - Having wide-ranging experience, uses professional concepts and company objectives to resolve complex issues in creative and effective ways. Some barriers to entry exist at this level (e.g., dept./peer review)
Job Complexity - Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results. Networks with key contacts outside own area of expertise
Supervision - Determines methods and procedures on new assignments and may coordinate activities of other personnel (Team Lead)
Incident Response - Knowledge and skills to contribute to all phases of Incident Response

205

Information Security Specialist Resume Examples & Samples

Lead the engagement with Singapore and Australia Business Unit leadership on Information Security
Lead the development and maintenance of the security risk register for the region, through
A relevant undergraduate qualification (Bachelor's degree or equivalent)
Recognised Information Security risk management qualification/certification (e.g. CRISC, CISSP, CISM)
Implementation experience of common Information Security frameworks such as the ISO27000 series, SANS20, NIST and the ISF control framework
Conducting risk assessments that rely on outside penetration testing support
Information security training and awareness concepts and delivery
Incident response and crisis management concepts experience
Previous experience in a trading environment would be advantageous
Proficiency in English
Experience of a commodities trading environment would be helpful for Marketing. Experience of another industrial company would help with the Mining operations

206

Principal Information Security Specialist Resume Examples & Samples

Provide forensic support as needed or required for security incidents
Build and sustain relations with security partners to maintain solid partnerships
Provide mentorship and technical guidance to less experienced Incident Responders
Monitor External security related resources to maintain an effective security posture
Provide support or guidance to the Awareness Team with improving or developing TWDC Security Training material such as Phishing material, etc
Experience with Cloud Services
Experience with industry standard forensic and digital analysis tools
Solid understanding of Hacker Methodologies (techniques, procedures, skill levels)

207

Information Security Specialist Resume Examples & Samples

The Information Security Specialist will be responsible for performing security analysis, engineering and incident response & troubleshooting in an enterprise class environment
Provide technical analysis and support directly to government POC, service desk operations, and end users to include support for the Security Operations Center (SOC) in the detection, response, mitigation, and reporting of cyber threats affecting the client IT infrastructure
Comprehensive knowledge and experience with information network security equipment and an understanding of information threats such as computer viruses, denial of service attacks and social engineering
Expected to test and operate firewalls, intrusion detection systems, enterprise anti-virus systems, data analysis tools and other security assessment and mitigation tools
Implement countermeasures against unauthorized infiltration, modification, destruction or disclosure of client IT systems
Research, evaluate, test, recommend, communicate and implement new security software or devices. Implement, enforces, communicates and develops security policies or plans for data, software applications, hardware, and telecommunications
Provide information to management regarding the negative impact caused by theft, destruction, alteration or denial of access to information
Provides recommendations on information assurance engineering standards, implementation dependencies, and changing information assurance related technologies
Utilize industry standard tools such as BigFix, Nessus, DbProtect, SNORT, Splunk, Active Defense and RES ONE to monitor, identify, mitigate and remediate threats in the environment
Identify Data Spills - Identify and report on any intentional or unintentional release of secure information within the environment
Utilize ITSM (Remedy or ServiceNow preferred) ticketing system

208

Principal Information Security Specialist Resume Examples & Samples

10+ years of experience on IT or related
8+ years of experience directly related to ILM/IAM and SSO
Technical knowledge of application and network administration and maintenance including - Identity Management system architecture including RBAC, Single Sign On using SAML standards, Active Directory systems, Operating system and application hardening, Cloud applications / application access controls
Experience in a collaborative team environment, delegating workload and responsibilities
Strong interpersonal skills in order to gather feedback from end users
Strong organizational and follow-up skills

209

Information Security Specialist Resume Examples & Samples

Experience as subject matter expert with demonstrated competency in distinct functional or cross-functional security areas (e.g., information security compliance, risk management, security engineering, IT operations security, cybersecurity)
Experience in scoping, planning, and organizing work in ambiguous environments
Experience in developing solutions to complex technical problems requiring knowledge of various methodologies
Experience in providing quality documentation and presentations to senior level government officials
Experience in overseeing and providing guidance to technical staff
Skill in Internet and government searching techniques
Working knowledge of NIST SP 800-53A, ICD 503, FISMA, DCID 6/3, relationships between IC and DoD policies for assessment and authorization
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes
Skill in developing and apply security system access controls
Skill in systems engineering, requirements analysis, system development, software development, or hardware development as applied to the information assurance or cyber security field
Experience in assessing test results and providing information to organizational seniors
Experience in providing advance analysis and observations resulting in actionable recommendations
Working knowledge of web services protocols, including Simple Object Access Protocol (SOAP), Web Services Description Language (WSDL), and Universal Description, Discovery and Integration (UDDI)
Working knowledge of structured content tools and languages, and content management systems
Skill in identifying gaps in technical capabilities and in talking to others to convey information effectively

210

Information Security Specialist Resume Examples & Samples

Minimum 8 years of experience with the DIACAP process and 3 - 5 years with the Navy development, review and approval / validation of C&A packages for software systems and enclaves
Bachelor's degree in Information Systems or a related field
CompTIA Security+ certification or equivalent
Three years of experience with the DoD Enterprise Mission Assurance Support Service (eMASS) C&A processes
Certified Information Systems Security Professional (CISSP) certification or equivalent
Hands on expereince with the NIST Risk Management Framework (RMF)
Certified Navy Validator

211

Information Security Specialist Resume Examples & Samples

University degree in Business Administration, System Engineering or Computer Science or related fields
Professional experience in IT, risk management or information security
Experience with cloud offerings such as AWS or Azure
Knowledge of common information security management frameworks and past participation in both initial certification and renewal of one or more of: ISO/IEC 27001, SOC 2/SSAE 16, PCI DSS
Professional security management certification, such as a Certified Information Systems Auditor (CISA) or other similar credentials, is desired
Technical overview of virtualization/containerization technologies (OpenVZ, KVM, Docker, etc), networking and software-defined networking
Technical overview of Windows and Linux operating systems
Proficiency in English (verbal and written)
Good analytical- and excellent problem-solving skills

212

Lead Information Security Specialist Resume Examples & Samples

Approximately 50% of time will be spent performing identification, analysis, and reporting of cyber security threats within the Chase Digital (web & mobile) channels by monitoring those channels. Recommending courses of action for changes to application behavior code to ensure proper application / information security standards are met for the Chase Digital Channels
Approximately 25% of time will be spent performing Splunk-based monitoring to ensure the secure availability and 100% uptime (reliability) of all Chase Digital properties
Approximately 15% of time will be spent liaising with other organizations within JPMC to handle IT compliance/audits/security procedures
Approximately 5% of time will be spent handing a crucial and key responsibility of this role: working with technology vendors to ensure that they accurately perform and apply your recommended security enhancements to the Chase Digital Channels, i.e. integration of new information security tools within and application behavior code revisions to the digital channels
Approximately 5% of time will be spent handling another crucial and key responsibility of this role: understanding the security implications of certain patterns, socializing, and troubleshooting them with a sense of urgency
4+ years of experience deploying, delivering, and supporting secure commercial and custom software solutions with an emphasis on identity and access management, security, integration and support
Strong knowledge of automated intrusion sets

213

Information Security Specialist, Principal Resume Examples & Samples

Manages extensive evaluations of major information security networks, prepares evaluation reports, and presents recommendations
Conducts trade off analyses of products for clients to determine optimal informant security solutions
Provides consulting services on a wide variety of information assurance topics
Prepares remedial options and supervise correction of information security shortfalls
Works independently in expert role at customer site
ICD 503
Security Accreditation Packages
ST&E
Security Test Plan development
SSP development and maintenance
IAVA/IAVB/POA&M development and tracking

214

Information Security Specialist Resume Examples & Samples

Implements and supports Federal Reserve System Security Standards relating to vulnerability and patch management
Develops and maintains strong interpersonal relationships with National IT operators, software vendors and District business lines to develop and share insight and understanding of the District flaw environment
Develops and implements and manages a flaw management program including program documentation, metrics development and delivery, automation of tasks, identifying, researching and testing of new flaw remediations and oversight of the District’s flaw exposure
Responsible for ongoing flaw management activities including vulnerability scanning for endpoints and web applications, as well as ensuring timely remediation of endpoint software and operating system flaws
Assists the development and implementation of flaw related local information security policies, standards, guidelines, metrics and daily operational procedures to aid business lines in achieving compliance
Assists the development and implementation of strategic plan and roadmap for Threat and Vulnerability Management including responsibility for implementation and tracking of strategic initiatives related to flaw management
.net
PowerShell
SQL queries
Certifications/Licenses
GSEC / CWSS / NSA / GCWN
MCITP-Admin / CISSP / MCSE - EDA /
CS-MSCCM / CS-MPSS / RHEL

215

Information Security Specialist Resume Examples & Samples

Experience with cloud offerings such as AWS
Professional security certification, such as a Certified Information Systems Auditor (CISA) or other similar credentials, is desired
University degree in Business Administration, System Engineering or Computer Science or related education in the field of informatics

216

Senior Information Security Specialist Resume Examples & Samples

Plan, coordinate and execute IT Security / special projects
Support customer security reviews for new customers (RFPs) as well as annual current customer security re-reviews
Security, compliance, audit or risk covering a wide area of technologies and security domains including those previously mentioned
CISSP, CISA, CISM or other security/control certifications a plus

217

Information Security Specialist Resume Examples & Samples

Maintain cooperative relationship with business partners or other interconnected systems including System Owners, Network security architects and engineers, and information system security officers
Advise system owners regarding security considerations in applications systems procurement or development, implementation, operation and maintenance, and disposal activities (i.e. life cycle management)
Assist in the determination of an appropriate level of security commensurate with the impact level
Assist in the development and maintenance of system security plans and contingency plans for all systems under their responsibility
Participate in self-assessment of system safeguards and program elements and in A&A of the system; and
Notify the responsible security officials of any suspected incidents in a timely manner, and assist in the investigation of incidents, as necessary
Show excellent oral and written communication skills including the ability to convey complex technical information to individuals or groups in an effective manner, listen to others and respond appropriately, and develop clear and accurate technical documentation
Have good problem solving skills including the ability to anticipate as well as identify problems, use sound judgment to generate and evaluate alternatives, and make recommendations
Prepare A&A packages, develop or review security plans, testing plans, and related documentation; provide recommendations to support each identified A&A effort
Ensure systems and applications A&A packages are complete and thoroughly documented in accordance with requisite federal requirements
Participate in risk assessments to periodically re-evaluate sensitivity of the system, risks and mitigation strategies
Ability to develop and manage plan of actions and milestones (POAM), waiver requests, security guidelines and checklists for ITA systems/devices
Coordinate and interact with government and other contractor staff with technical understanding of systems and applications to ensure the A&A package is complete; and
Collaborate on critical IT projects to ensure that security issues are addressed throughout the System Design Life Cycle (SDLC)
Must have five years of experience in information systems (Typically requires Bachelor's degree or equivalent and 2-4 years related experience.)
Secret security clearance must be obtainable; current Secret clearance strongly preferred
Some experience with Accreditation and Authorization (A&A) / Certification and Accreditation (C&A)
Knowledge of US Government security regulations and methodologies, FISMA, FedRAMP, and NIST special publications
General technical knowledge of mainstream operating systems (Microsoft Windows, UNIX and Linux) and a wide range of security technologies, such as vulnerability assessment scanning solutions and identity and access management (IdAM) systems preferred
Excellent self-motivation, time management, teamwork, and client service skills

218

Information Security Specialist / Analyst Resume Examples & Samples

Evaluate information systems, platforms, and IT operating procedures in accordance with industry standard frameworks, regulations and best practices
Understand our layers of security, processes, and procedures to validate if we are compliant with proposed security language in customer contracts; in cases of discrepancy suggest modified language that would align our practices with customer requirements
Understand our layers of security, processes, and procedures to respond to risk assessments from our existing and potential customers
Create and conduct IT risk assessments of third parties
Contribute to IT Security Program maturity and compliance assessments based upon industry standards and best practices including HIPAA, PCI, ISO, NIST, and HITRUST
Identify, track and escalate gaps identified during risk reviews and communicate compliance issues to senior management
Ensure timely completion of Information Security risk assessment, remediation, and compliance efforts
Contribute to the creation and review of IT and Information Security policies and procedures
Contribute to the Medical Device Security Lifecycle Management Program
Develop and prepare governance KPI reports on status of risk assessments, control effectiveness, control gap remediation, internal audit and examination
Promote integration of Information Security risk management into business and IT processes and projects, as well as Corporate Risk and Compliance programs
Provide Information Security risk advisory and consultative services to internal customers, including IT, Business, and Risk and Compliance stakeholders
Assist with the development of procedures and guidelines in support of Governance, Risk and Compliance programs
Demonstrate excellent communication skills to balance differing stakeholder interests through sound analysis and persuasion
Be flexible, organized, proactive and motivated
Ability to work as part of a high performance team
Ability to comprehend a wide variety of security and enterprise technologies, their directions, trends, and strategic business impact on key business initiatives
Ability to combine strategic business and technical direction, and translate concepts into actionable implementation plans
Possess strong organizational and presentation skills
Experience in an IT Governance, Risk or Compliance role
Possess a high degree of integrity and trust along with the ability to work independently
Demonstrated experience in auditing and assessing compliance controls
Strong interpersonal and communication skills a must
Superior teamwork skills
Strong dedication to quality customer service
Excellent analytical and problem solving skills are essential
B.S. or B.A. in Information Security or related field
CISA is preferred
IT Auditing and HIPAA experience preferred
Incident response experience is preferred
Demonstrated experience in contract review is highly preferred

219

Information Security Specialist Resume Examples & Samples

Mitigate security issues/risks related to the security of the network and systems
Develop processes and procedures for implementation throughout the organization to create the most technologically secure environment and minimize occurrence of security risks
Create definitions surrounding security including but not limited to access privileges
Contribute to information security design and planning, accounting for current and proposed legislation, industry standards, and other foreseeable factors
Install, design, and implement technology for security preservation
Monitor, analyze/evaluate security and provide recommendations/solutions as applicable
Recognize issues for network or systems to ultimately facilitate quickest, most efficient resolution and generate incidence report(s)
Install, implement and possibly create technology for security of systems, networks, and/or data
Determine weaknesses within the security of the organization to thwart any security breaches through the use of different techniques including but not limited to: audits, hacking, trend evaluation, and other knowledge

220

Information Security Specialist Senior Resume Examples & Samples

Contributes to maintenance and update of library of information security control standards and procedures based on Information Security policies and procedures and industry best practices
Performs design and operating effectiveness testing on information security controls
Identifies, documents, and reports control deficiencies and recommendations for improvement
Documents control testing and associated findings into Archer GRC tool (Archer)
Facilitates information security self-assessments with the business and technology teams
Performs information security maturity assessments
4+ years’ experience performing IT/Information Security control assessments
Strong knowledge of information security frameworks such as ISO 27001, NIST, PCI, and HIPAA
CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor or comparable certifications preferred
Strong verbal and written communication skills, and the ability to articulate risks and findings to senior management
Experience with GRC tools, such as Archer preferred

221

Information Security Specialist Resume Examples & Samples

Provides technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation
Responsible for designing and implementing solutions for protecting the confidentiality, integrity and availability of sensitive information
Provides technical evaluations of customer systems and assists with making security improvements
Participates in design of information system contingency plans that maintain appropriate levels of protection and meet time requirements for minimizing operations impact to customer organization
Conducts security product evaluations, and recommends products, technologies and upgrades to improve the customer’s security posture
Conducts testing and audit log reviews to evaluate the effectiveness of current security measures
Min 8+ years of experience must include familiarity with applicable NIST information security documentation; i.e., Special Publication 800 series. Experience must have occurred within the past three (3) years
Three (3) years of experience in National Institute of Standards (NIST) IT Security
Three (3) years of this functional experience must have included securing and evaluating information management systems, security design
Minimum Education: BS or BA preferred. Security+, CISSP, CISA or CISM is recommended but not required

222

Information Security Specialist Resume Examples & Samples

Provide Leadership and guidance in appropriately securing business applications owned, used, and provided by the firm
Create execution strategies that focuses on embedding security controls into existing developer and tester practices and methodologies to enhance effectiveness and automation
Lead and participate in cross Line of Business working groups and committees to review and approve proposed architecture and support presentations to various leadership groups
Define differentiated Cyber controls (standards) for application environments understanding the complex and diverse nature of Experian
Success will be measured by the comprehensiveness of associated standards and controls and the ability to influence BUs in faster adoption of secure SDLC/DevSecOps
7+ years of in atleast 2 of the following
Ability to build and manage highly motivated and innovated technical team
Ability to manage, develop and design global organizations effectively
Ability to communicate effectively with business and technology representatives in articulating strategies and impact

223

Information Security Specialist Resume Examples & Samples

Experience with DoD, Air Force, NIST, and DISA C&A policies
Experience with executing C&A policies
Experience interacting with customers/users
Experience with Microsoft Azure
Experience with Salesforce Platform

224

Information Security Specialist Resume Examples & Samples

Working with organizational stakeholders, develop an information security strategy, obtain executive support of the strategy and monitor progress against it. Ensure organization wide compliance with policies, standards, guidelines and controls
Working with organizational stakeholders, assist the development and support of the information security strategy
Ensure organization wide compliance with policies, standards, guidelines and controls
Maintain Information Security policies and key controls, ensuring adherence to policy framework by engaging cross-functional organizational stakeholders in periodic policy review and changes
Monitor external information security risk landscape for changes, analyze impacts to information security strategy of changes and ensure that security practices and programs adequately address changing dynamics
Conduct periodic User Entitlement Reviews (certification) to ensure effectiveness of program and practices
Assist application owners with management of profiles and identities ensuring that roles, job types and segregation of duties are aligned with Bank policy and regulatory expectations
Review user access rights relating to employee access, terminations and transfers
Assist in the delivery of a Bank wide information security education and awareness program, ensuring that broad-based enterprise awareness objectives as well localized business needs are met
Work with 3rd party managed security services providers to develop improved system monitoring and correlation rules to improve overall security posture
Capability to serve as a security resource to all levels including executive management, department employees, business associates, and external bodies such as state agencies. Demonstrate competence in the areas of the critical thinking and problem solving, interpersonal relationships, and technical skills
Responsible for interfacing on a regular basis with Technology Infrastructure departments (i.e. Security Engineering, Systems Engineering, Network Engineering, etc.) to provide recommendations for improving configuration standards, based on personal expertise and outside sources
Five to Seven years’ experience in delivering or managing information security services, policies, standards and programs
Security-related professional designation preferred: CISSP, CISM, CISA certifications
Experience with control and security frameworks such as COSO, COBIT, and ISO 27001
Understanding of privacy rules and best practices as they pertain to the Financial Industry or applicable experience from similar industries (Health Care, Government, etc.)Strong analytical and problem solving skills

225

Information Security Specialist Resume Examples & Samples

Occasional Travel
You may be expected to travel for this position
Skilled in collecting and analyzing data effectively, efficiently, and accurately
Ability to clearly enunciate English without impediment of speech that would interfere or prohibit; effective two-way radio or telephone communication
Ability to communicate -orally and in writing- clearly and effectively
Skilled in applying procedures and directives by reading and interpreting technical material

226

Information Security Specialist Resume Examples & Samples

Bachelor's Degree. 2-4 years’ experience in Information Assurance and Security
Knowledge of secure operating systems as well as data security across multiple computer platforms
Ability to communicate effectively and clearly present technical approaches and findings
Ability to apply technical expertise, and may have knowledge of other related disciplines
Ability to work effectively in a diverse work group
A security clearance of an appropriate level may be required after employment

227

Information Security Specialist & IT Auditor Resume Examples & Samples

Assists with managing IT Compliance and Information Security framework in adherence with federal, state, Information Security and Risk Management policies, standards and guidelines
Assists with managing IT policies, standards, procedures, manuals and guidelines ensuring they are updated and compliant
Assists with managing devices that protect the confidentiality, integrity and availability of information relating to members, associate, and business in compliance with organizational policies and standards
Lead, coordinate, and execute proactive Information Security consulting to the business and technology teams covering, but not limited to, cyber security, disaster recovery, management of data, network architecture and design, user access management, and management of third parties
Assists with developing and maintaining an effective incident management and vulnerability management program driven by Information Security risk assessment
Oversee or conducts regular security monitoring and reporting to ensure adequate security defenses, systems and settings are in place to protect against intrusion, theft, destruction or misuse of Spartan Motors, Inc. data and user identities
Lead or assist with audits--Sarbanes-Oxley, PCI-DSS and other internal and external regulatory IT audits and reviews
Coordinates activities related to vendor audits and collaborate with third party auditors for compliance
Assists with establishing and maintaining effective communication with vendors, fellow associates, and management on Information Security and IT compliance areas
Strictly adheres to and enforces system security policies and follows all company standards. Must comply with applicable laws and regulations, and all company policies
Other duties and tasks as assigned
A degree in Information Security preferred or a Bachelor’s degree and relative experience
Minimum of 1 year relevant experience
Security+, CISSP or related certifications preferred
Proven Skills, Knowledge, and Ability of

228

Information Security Specialist Resume Examples & Samples

As required for job training or mission requirements
Knowledge of organizational level training program management for multiple AFSCs, including program compliance & documentation, training course scheduling
Knowledge of policies and procedures required to manage sensitive compartmented information (SCI) programs and to protect SCI resources
Ability to develop goals/objective that integrate organizational missions and security requirements per national/service/local operating instructions
Knowledge of administrative support duties within an orderly room and/or an administrative functional area
Ability to effectively manage, organize, and safeguard, personnel records, including information pertaining to security clearances and training
Resume showing work schedule, hours worked per week, dates (format should include Month and Year) of employment and duties performed
OF-306

229

Information Security Specialist Resume Examples & Samples

Implements a formal information system security program and policies for NTC
Ensures all Risk Management Framework (RMF) activities are in accordance with NIST, Federal, and DOE policies
Develops account processes, network rights, and access to NTC network systems and equipment
Manages the remediation/mitigation of security violations to determine if the network has been breached, assess the impact, and preserves the evidence
Provides oversight and guidance ensuring systems are properly configured, optimized, and tested ensuring all policy and technical requirements are met
Manages processes and procedures in the development of and implementation of access control lists on routers, firewalls, printing devices, and other network devices
Develops and implements an effective information system security education, training, and awareness program
Evaluates potential network security risks and take appropriate corrective and recovery action
Provides guidance of network personnel implementing applicable patching oversight and validation of all security related updates
Provides oversight to all personnel monitoring/managing firewalls and intrusion detection systems and end-point security systems
Provides security awareness training for all personnel
Prepares written and oral reports for management as requested
Bachelor’s Degree in related field preferred or equivalent experience
DOE experience is desired
Expert knowledge of DOE security Orders and Manuals
Knowledge of and ability to perform the primary responsibilities of this position

230

Information Security Specialist Resume Examples & Samples

Evaluates potential network security risks and takes appropriate corrective and recovery action
Responsible for participating in incident response activities as needed
In the event of an emergency, coordinates with Building Emergency Team (BET) members at assembly areas to assist with employee, student, and visitor accountability
To prepare for emergencies, participates in scheduled evacuation drills
A current “Q” access authorization or current equivalent clearance (Top Secret) granted by another Federal agency
Minimum of 3 years direct "hands-on" experience in the performance of Information Assurance Support
Experience with analysis, design and implementation of security procedures of hardware and software on complex, large-scale systems in an enterprise environment
Experience in conducting audits and risk assessments with NIST RMF
Experience with Federal/DOE information security

231

Senior Information Security Specialist Resume Examples & Samples

You are continuously learning and acquiring knowledge within the areas of Broadridge Product/Service offerings across all business units and the Company's Information Security Policies
Review any assigned client Information Security requests and provide appropriate responses, using subject matter experts where necessary
Provide oversight of the Information Security knowledge base
Evaluate/update Information Security client questionnaire policies, standards, and procedures as required
Actively participate in the higher education security community such as ISACA
You will collaborate with the Chief Information Security Officer and Vice President to build a practical Threat Intelligence program
Consume and process multiple threat feeds and build tactical and strategic reports based on Broadridge's business against the threats that would impact the organization
Craft a business case for expansion of the program, gaining acceptance from Senior Management
We seek a Bachelor's Degree in Computer Science or similar field with ideally 4+ years experience in the area of Client Information Security Response and Threat Intelligence
We seek strong knowledge of Information Security practices/industry standards
You are an excellent communicator with strong written and organization skills along with effective multi-tasking skills
Capable of meeting deadlines
LI-PH1

232

Senior Information Security Specialist Resume Examples & Samples

A broad and diverse security skill-set with advanced understanding of both technical and non-technical controls and the ability to effectively apply this knowledge when assessing 3rd-parties and contract language
An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate actions
Confidence to effectively influence others to modify their opinions, plans, or behaviors; this includes fortitude to challenge leaders to balance security in relation to business priorities
An understanding of business needs and a commitment to delivering high-quality, prompt, and efficient service to the business
Organizational skills that enables one to work on several tasks simultaneously, providing management with appropriate insight into the workload and priorities
BS or MA in Business, Computer Science, Information Security, or related field
5+ years of work experience in Information Security, and/or a closely related function, such as IT Audit, IT Compliance, Enterprise Risk Management, etc
Proficient in Excel or other metrics reporting tools
Proficient knowledge of regulatory compliance and information security management frameworks, including IS0 27001, 27002, SP80050, SP800-16, NIST 800, COBIT, etc
Practical experience with risk assessment frameworks, including the BITS Shared Assessments program, Cloud Security Alliance (CSA) and other benchmark approaches
Industry recognized certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA)
Business Owner Mindset- Operate with keen business knowledge, expense, risk & controls driven mindset
Communication- Influence through a consultative approach
NO AGENCIES PLEASE **

Download Information Security Specialist Resume Sample as Image file

Related Job Titles

Information Security Administrator Resume Sample

Information Security Consultant Resume Sample

Application Security Specialist Resume Sample

Cyber Security Specialist Resume Sample

Security Delivery Specialist Resume Sample

Security Operations Specialist Resume Sample

Security Technology Specialist Resume Sample

Information System Security Manager Resume Sample

Information Security Lead Resume Sample

Business Information Security Resume Sample

Security Information Specialist Resume Sample

Specialist Security Resume Sample

Browse More

Information Security Specialist Resume Samples

The Guide To Resume Tailoring

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Resume Builder

15 Information Security Specialist resume templates

Read our complete resume writing guides

How to Tailor Your Resume

How to Make a Resume

How to Mention Achievements

Work Experience in Resume

50+ Skills to Put on a Resume

How and Why Put Hobbies

Top 22 Fonts for Your Resume

50 Best Resume Tips

200+ Action Words to Use

Internship Resume

Killer Resume Summary

Write a Resume Objective

What to Put on a Resume

How Long Should a Resume Be

The Best Resume Format

How to List Education

CV vs. Resume: The Difference

Include Contact Information

Resume Format PDF vs Word

How to Write a Student Resume

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Vulnerability Lifecycle Manager Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Senior Information Security Specialist Resume Examples & Samples

a&a Information Security Specialist Resume Examples & Samples

Technology Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Uat K Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Cyber Security Dashboard Sme Information Security Specialist Resume Examples & Samples

Information Security Specialist Visa Incident Response Team Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Rft Risk & Controls Information Security Specialist Resume Examples & Samples

Information Security Specialist Portland Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Rft Risk & Controls Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Senior Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Monitoring Information Security Specialist Resume Examples & Samples

Information Security Specialist, Awareness Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Senior Information Security Specialist Resume Examples & Samples

Infrastructure Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Senior Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Senior Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Resume Examples & Samples

Information Security Specialist Access Management Resume Examples & Samples

How to Make
a Resume

50 Best
Resume Tips

200+ Action
Words to Use

Internship
Resume