IT Security Consultant Resume Samples
4.7
(78 votes) for
IT Security Consultant Resume Samples
The Guide To Resume Tailoring
Guide the recruiter to the conclusion that you are the best candidate for the it security consultant job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.
Craft your perfect resume by picking job responsibilities written by professional recruiters
Pick from the thousands of curated job responsibilities used by the leading companies
Tailor your resume & cover letter with wording that best fits for each job you apply
Resume Builder
Create a Resume in Minutes with Professional Resume Templates
CHOOSE THE BEST TEMPLATE
- Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS
- Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES
- Instantly download in PDF format or share a custom link.
FB
F Bartell
Fatima
Bartell
2029 Mills Rapid
Los Angeles
CA
+1 (555) 168 7296
2029 Mills Rapid
Los Angeles
CA
Phone
p
+1 (555) 168 7296
Experience
Experience
Boston, MA
IT Security Consultant
Boston, MA
Swift-Kutch
Boston, MA
IT Security Consultant
- Act as liaison between auditors (both internal and external) and IT management. This position will prepare IT management for audits, provide support during on-going audits, track audit findings, and provide transparency to the IT Leadership. Additionally, this position is responsible for coordinating responses to any third party audit questionnaires
- Provide customer consultation involving validation evidence, exposure, remediation recommendations and risk posture to both executive management and technical teams
- Work with IT management to provide accurate audit evidence and clear, concise audit responses. While this position is not responsible for pulling evidence for the audit, this position is responsible for reviewing the evidence and responses IT management plans to provide and confirming it aligns with the auditor’s requests
- Assist the CISO respond to audit requests from third parties. This includes maintaining relationships with IT management to efficiently respond to third party questionnaires and coordinate onsite assessments
- Identify information security weaknesses and/or gaps in the our current operations and work with the us to bring information security operations up to industry standards and best practices of peer organizations
- Provide security program leadership in designing, procuring and implementing secure IT solutions for enterprise-wide application and infrastructure-related projects including business continuity and disaster recovery plans
- Create detailed risk assessment reports which explain identified security weaknesses, describe potential business risks, present prioritized recommendations for remediation, and estimate costs and effort levels for remediation
Los Angeles, CA
Msla-it Security Consultant
Los Angeles, CA
Shields-Hagenes
Los Angeles, CA
Msla-it Security Consultant
- Performs complex conceptual analyses by mapping between assessment frameworks to ensure complete and consistent security compliance
- Creates and maintains security assessment documentation
- Supports our Information Security Program by leading and completing and assessment activities utilizing the NIST framework
- Updates eGRC/Archer system with assessment findings and action plans
- Assesses security gaps in the current operating procedures against policies, standards, and best practices
- Follows up on assessment findings and action plans to ensure completion by key stakeholders
- Recommends changes to the Information Security Office regarding enterprise security policies, control standards, and operational practices
present
San Francisco, CA
Senior IT Security Consultant
San Francisco, CA
Luettgen-Fahey
present
San Francisco, CA
Senior IT Security Consultant
present
- Provide technical training to junior members of the team
- Create, maintain and drive technology strategies and roadmaps within the area of the responsibility, eg Network Security
- As part of the Security group, plan and drive the implementation of the technology and its capabilities. Responsible for the architecture of the technology, eg Firewall, Proxy, IDS etc
- Set up best practices and provide directions and guidance of how to utilize the technology and its capabilities. Drive the development of security specifications, standards, and processes to ensure adequate protection of corporate network
- Planning and design for security owned systems as well as consult with other groups and 3rd parties
- Positions in this function develop and implement information security policies, standards and procedures to secure and protect data residing on systems
- Supports our Risk Assessment Program by leading and completing and assessment activities utilizing the HiTRUST framework
Education
Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
The University of Texas at Austin
Bachelor’s Degree in Computer Science
Skills
Skills
- Ability to gain and maintain the trust and confidence of others and the organization through consistency and reliability
- Basic financial product knowledge and experience working in financial industry
- Excellent communication skills and ability to work independently, or as part of a team, with minimal supervision
- Strong judgment and analytical ability
- Has good SIEM industry market knowledge including major market leaders and key business, legislative and compliance drivers
- Able to translate security architecture to a tactical and operational level
- Demonstrated integrity in a professional environment
- Knowledge of IT general controls on all major platforms
- Ability to recognize, value, and include different perspectives, experiences, approaches, and cultures in achieving organizational goals
- Overall knowledge of SAP
15 IT Security Consultant resume templates
Read our complete resume writing guides
1
IT Security Consultant Resume Examples & Samples
- Experience providing and validating security requirements related to web based security
- Working experience with web technologies and programming languages
- Working experience with operating systems and database platforms
- Working experience with more than one of these technologies, i.e. Java, .NET, Oracle, SQL, C , webSphere, , IIS, etc
- Working understanding of SharePoint applications (cloud app model, Sandbox code)
- Working understanding of SharePoint Managed Metadata Service (MMS), Search, Business Connectivity Services (BCS), UPRE, Server to Server Authentication (S2S)
2
Senior IT Security Consultant Resume Examples & Samples
- Conduct vulnerability assessments, threat modeling, code review (and audit), penetration testing and SDLC support
- Provide consultancy and vulnerability recommendation to clients
- Provide technical report based on the vulnerability findings
- Provide technical training to junior members of the team
- Able to supervise a team of junior web apps consultants
3
IT Security Consultant Resume Examples & Samples
- Provide security & compliance leadership to multiple interdepartmental stakeholders
- Identify IT compliance program requirements for coverage of global regulations and IT risk frameworks
- Ensure internal controls and regulatory compliance across IT organization, following a risk-based approach that balances efforts with risks
- Promote and implement solutions that reduce the total cost of internal controls compliance
- Monitor and maintain an effective internal control environment across IT organization in accordance with established company policies and procedures
- Develop internal controls best practices initiatives by proactively exploring control deficiencies associated with IT systems and processes throughout the Company
- Adhere to defined SLA for completion of work orders and access requests
- Promote and ensure an effective and efficient end user experience
- 3+ years Information technology experience, including security administration, security governance, and familiarity with SAP
- Knowledge of IT general controls on all major platforms
- Overall knowledge of SAP
- Knowledge of Access Controls on relevant platforms
4
IT Security Consultant Resume Examples & Samples
- Perform Information security assessments
- Conduct risk assessment
- Plan and conduct IS Audits (ISO 27K)
- Develop, evaluate and review IS policies and procedure
- Plan and conduct Application controls and IT General control reviews
- Manage task allocation, ensuring quality of the deliverables in line with industry standards and best practices
- Excellent Verbal and written communication skill
- Should interface with internal and external clients
- 2-6 year experience in Information security / IT audits
- Experienced in ISMS ISO 27001 implementation and audits, Exposure to Service organization controls audits (SAS 70, ISAE 3402)
- Participated in Internal /external audits ensuring adherence to ISO 27001, 9001, CMMi standards
- Experience in maintenance and improvement of Information Security Management System (ISMS)
- Prepare Process documents. Participated in the reviews of process documents
- Prepare Security Policies and procedures
- Conducting Configuration Audits for the projects as defined in the plan
- Knowledge of application risks and controls
- Experienced in IT support audit for financial audit engagements
- Knowledge in information security frameworks
- Experience in information security risk assessments and gap analysis
- Experience in IS security compliance audits
- Experience in IT security policies and procedures development
- Ability to interface with internal and external clients
5
IT Security Consultant Resume Examples & Samples
- ISO 27001 readiness and implementation for different clients
- Perform information security risk assessments
- Plan and execute Application controls and IT General controls review
- Conduct SOX (Sarbanes Oxley Act)–ITGC audits
- Develop and review security policies, standards and procedures
- Advisory offerings on Business continuity and Disaster recovery
- Ensure quality of the deliverables in line with industry standards and best practices
- Manage client expectations
- Develop the delivery schedule and adhere to the same
- Assist in the identification of approaches, methods, and tools to support service offering or industry projects
- Should understand and follow workplace policies and procedures
- Should independently managing the assigned project/engagement with minimal oversight/guidance from the manager
- Experience in ISMS ISO 27001 implementation and audits
- Understanding of security and privacy laws and regulations (e.g., IT Act, HIPAA, GLBA)
- Experience with implementation of GRC solutions (e.g. Archer, OpenPages, SAP GRC, CA GRC Manager) is desirable
- Excellent Verbal and written communication skills
6
IT Security Consultant Resume Examples & Samples
- Possess at least 5 years of working experience in the information security industry
- Have customer facing experience in a support/pre-sales/consulting or equivalent capacity
- Demonstrate excellent skills in structured problem solving techniques, creativity and intelligence in the development of solutions to customer problems
- Must have networking and OS (Microsoft Windows, UNIX, Linux) knowledge
- Have good presentation skills with the ability to present to audiences of mixed business and technical background
- Have good written communication and report writing skills
- Have good personal time management and project management skill
- Must be a good team player
- Keep up-to-date with the IT security industry and is aware of new threats and hacking techniques
- Good knowledge of TCP/IP and network switching/routing
- An understanding of, and the ability to find the most common types of web application security vulnerabilities such as XSS, SQL Injection, authentication security issues, cookie manipulation and parameter manipulation issues
- Hands on experience in network, web application and mobile application penetration Testing
- Have experience on scripting language (Python, Perl, UNIX shell)
- Have CISSP, CISA, CEH, GPEN or other equivalent professional qualifications
- Familiar with Hong Kong Monetary Authority and MAS (Singapore) requirements for banking and financial service institute
- Has experience in risk assessment, policy review and control review type of engagement with banks or other companies in the banking and finance sectors
- Familiar with ISO 27001/27002/31000, Cobit, PCI DSS or privacy ordinance in Hong Kong is a plus
7
IT Security Consultant Resume Examples & Samples
- Build and maintain a network of IT application engineering contacts Stay abreast of IT industry security technology regulations and trends
- Engage vendors to stay current with IT security technology solutions trends and anticipate applicability to Humana
- Be a SME on information security development policies and standards
- Strong interpersonal communication skills (verbal and written) and strong emotional intelligence. Ability to talk with average every day users (CSR, physicians, business, etc.), managers, and senior leaders to gain a clear sense of their security user
- Clear understanding of HIPAA security rules
8
IT Security Consultant Resume Examples & Samples
- Ensure that critical IT security risk issues identified are reviewed by and communicated to appropriate levels of Macquarie leadership
- Maintain an adequate pipeline of work to meet the team's budget and chargeability targets
- Good relationship and collaboration skills – working within their team, with COG Technology colleagues, external service providers and business partners
- Ability to remain calm under pressure and when faced with adversity or urgent issues
- Focused on business enablement whilst being able to reach balanced judgements and apply excellent communication skills
- Able to handle multiple tasks and prioritise effectively
- Commitment to maintaining their personal development to ensure they continue to add value to Macquarie
- He/she should be self-motivated, a self-learner, customer oriented, resourceful, pragmatic, proactive, passionate about technology and should welcome a challenge in the context of an exciting and leading-edge information technology team
9
IT Security Consultant Resume Examples & Samples
- The roles call for a proven record in the IT Industry with experience in a one or more areas of IT Security
- Information Security Management (i.e. CISSP, CISM, CISA)
- Risk Management and Technical Risk Assessment (i.e. ISO27005 Tools and techniques)
- Udit and Compliance Assessments (i.e. SOX, PCI-DSS, SCADA)
- Data Privacy Specialists
- Skills in following areas i.e dinancial systems / payment systems, implementation of single sign-on, Cloud Security, Mobile security, Risk assessment
10
IT Security Consultant Resume Examples & Samples
- Proficiency with the Microsoft Office Suite
- Bachelor degree in Information Systems or Computer Science strongly preferred
- Microsoft certification (e.g Microsoft Certified IT Professional (MCITP), Microsoft Certified Technology Specialist (MCTS), Microsoft Certified Master (MCA), Microsoft Certified Architect (MCA), Microsoft Professional Developer (MCPD), Microsoft Certified Systems Engineer (MCSE), Microsoft Database Administrator (MCDBACNA, MCSE
11
Senior IT Security Consultant Resume Examples & Samples
- Create, maintain and drive technology strategies and roadmaps within the area of the responsibility, eg Network Security
- As part of the Security group, plan and drive the implementation of the technology and its capabilities. Responsible for the architecture of the technology, eg Firewall, Proxy, IDS etc
- Set up best practices and provide directions and guidance of how to utilize the technology and its capabilities. Drive the development of security specifications, standards, and processes to ensure adequate protection of corporate network
- To architect and design the security solutions for applications or systems, and/or provide expertise and consulting to the project teams on security controls needed
- Planning and design for security owned systems as well as consult with other groups and 3rd parties
- At least 5 years of technology experience as a network engineer, analyst, architect or designer experience with implementation of network security systems such as intrusion detection, cryptography, firewalls, VPNs, remote access solutions, and endpoint protection solutions
- At least 5 years in network security in the services and industry experience in developing network security policies and standards
- Thorough knowledge of internetworking, including TCP/IP, IPsec, routers, IP internetwork configuration and design
- Experience with standards work in security, such as ISO, ANSI, IETF, etc
12
IT Security Consultant Resume Examples & Samples
- Hands on experience with leading firewall, IDS/IPS and APT technologies
- Hands on experience with any of the two leading SIEM technologies (RSA SA for Log, HP Arcsight, IBM Qradar, Mcafee SIEM, LogRhythm, Splunk etc)
- Deep expertise around design, implementation and operations of SIEM/SOC
- Has good SIEM industry market knowledge including major market leaders and key business, legislative and compliance drivers
- Have experience in Security Monitoring, Security Management and Incident Response
- Have experience in defining Incident Response Framework and developing standard operating procedures (IR Playbook)
- Have experience around Managed Security Services is a plus
- Have CISSP or other equivalent professional qualifications
13
IT Security Consultant Resume Examples & Samples
- Work with Business as well as IT teams to gather information necessary to determine the appropriate method for access provisioning
- Manage the configuration of system profiles within the access provisioning tool based on gathered requirements
- Perform user acceptance testing (UAT) for provisioning system development
- Bachelor's Degree in MIS or Computer Science -OR- Associate's Degree and 2 years of equivalent experience -OR- High School Diploma and 4 years of equivalent experience
- 3+ years of Business Analyst experience
- 3+ years of Identity & Access Management (IAM) experience
- 3+ years of gathering and documenting project requirements/specifications
- 2+ years of MS Active Directory administration
- Proficiency with MS Excel and MS Visio
- Proficiency with MS SharePoint
14
Senior IT Security Consultant Resume Examples & Samples
- Positions in this function develop and implement information security policies, standards and procedures to secure and protect data residing on systems
- Oversee and monitor team knowledge and skill levels in as a coach and mentor
- Security Operations Center - Security Incident and Event Management experience
- Understanding of standard log data from appliances, applications and IT/Security infrastructure
- Experience with Case Management and Ticket escalations
- Good Communications skills (written and verbal)
- Willing to work in a 24x7 support environment with occasional on-call support
- Ability to train, mentor and coach others in performing incident handling and triage activities
- Monitor team activity in a level 2 capacity, by identifying appropriate triage steps and helping correct or improve knowledge and skill levels of other analysts
- Develop and host both one-on-one and team training exercises by demonstrating in-depth technical skills in navigating SIEM and other investigative tools and identifying action plans to measure and improve capabilities and improvements over time
- Incident management experience
- MS Outlook Exchange experience
- Log Event Analysis
- Ticketing system knowledge
- Relevant certifications in technology, security or process
15
IT Security Consultant Resume Examples & Samples
- Monitors security advisory groups to ensure all necessary network security updates, patches, and preventive measures are in place
- Anticipates customer’s needs and proactively develops solutions to meet them
- Analyze performance, identify areas of concern, and formulate action plans
- Associate's degree or equivalent work experience in Security Field
- 2+ years of experience in an information security role with strong knowledge of information security concepts
- 2+ years of direct work experience with one or more security technologies such as: Desktop/Server OS functionality, Active Directory knowledge, Network firewall/IPS, Host based Security
- 2+ years of direct work experience with Privileged Identity Management
- Progressively advanced experience in area of expertise
- Ability to troubleshoot in highly complex, technical situations within a matrix organization
- Ability to translate business requirements into technical solutions
- Experience in a Fortune 500 company
- Industry certification, i.e. CISSP or SANS
- Understanding of network infrastructure design and routing concepts
- ITIL model knowledge and understanding
16
IT Security Consultant Resume Examples & Samples
- Consult Application and Development teams on vulnerability remediation efforts
- Maintain, Configure, Support and Administer HP Fortify Security Software Center and WebInspect Enterprise
- Have hands on experience and provide training and problem resolution support related to Fortify, WebInspect, BURP Suite PRO, SoapUI, Kali Linux etc
- Execute application vulnerability assessment of internal and external via automated and manual techniques to understand the risk and security posture of an application
- Provide customer consultation involving validation evidence, exposure, remediation recommendations and risk posture to both executive management and technical teams
- Directs and consults with development teams in the remediation efforts of security findings and explain risk and trade-offs in differing methods of remediation
- Work with technical and non-technical teams to define and document application security requirements vulnerability validation and source code reviews
- Experience with the following Web Assessment tools: Fortify, WebInspect, BURP Suite PRO, SoapUI, Kali Linux and other tools as needed
- Familiarity with Security technologies, including authentication and access control mechanisms, encryption, and penetration testing and vulnerability assessment
17
Senior IT Security Consultant Resume Examples & Samples
- Supports our Risk Assessment Program by leading and completing and assessment activities utilizing the HiTRUST framework
- Assesses security gaps in the current operating procedures against policies, standards, and best practices
- Analyzes data to identify gaps between security policy, practice, prepare report and validate with stakeholders and the business entity requesting HiTRUST certification
- Updates eGRC system with assessment findings and action plans
- Follows up on assessment findings and action plans to ensure completion by key stakeholders
- Anticipates customer needs around the assessment process and proactively develops solutions to help them be compliant with the HiTrust framework
- Provides explanations and information to stakeholders and the business entity requesting HiTRUST certification to support a clear understanding of remediation and ensure compliance to the HITRUST framework
- Recommends changes to the Information Security Office regarding enterprise security policies, control standards, and operational practices
- Bachelor's degree -OR- HS diploma/GED with 3+ years of applicable experience
- 3+ years of experience in an information security role with strong knowledge of information security concepts
- 3+ years of experience working in a customer service focused environment
- Knowledge of regulatory requirements and industry standards(ex. HIPAA Security Rule, PCI, SOX)
- 3+ years of experience with risk assessment and/or risk analysis
- 3+ years of experience with working with security policies and standards
- 3+ years of experience working in a matrixes environment
- Audit background
18
IT Security Consultant Resume Examples & Samples
- Support information security policies, standards and procedures to secure and protect data residing on systems
- Work directly with user departments to implement procedures and systems for the protection, conservation and accountability of proprietary, personal or privileged electronic data
- Works with less structured, more complex issues
- 2+ years of Information Technology Security experience
- 2+ years of experience in support activities related to a primary operating system such as UNIX, Linux, and Microsoft Windows
- Undergraduate degree or higher level of education
- CISSP, CEH, or other security certifications
- Hands on experience with network security devices such as firewalls, IDS, IPS, DNS black hole, etc
- EnCase Enterprise experience
19
Senior IT Security Consultant Resume Examples & Samples
- Group, its affiliates, and customers which include the following
- BS in Computer Science or equivalent work experience
- 3+ years of demonstrated expertise defining, implementing, and delivering threat and vulnerability management scanning tools (e.g. Tripwire, Rapid 7, Nessus, etc.)
- 3+ years of demonstrated expertise defining, implementing, and delivering configuration compliance scanning tools (e.g. Tripwire, Rapid 7, Nessus, etc.)
- Well versed in networking, operating systems (e.g. Linux, Windows, etc.), active directory, authorization and authentication, and databases
- Understanding of controls (e.g. access control, auditing, authentication, encryption, and application security)
- Ability to provide quality deliverables on time and on budget
- Ability to initiate, design, execute, and complete projects independently with minimal direction
- Excellent communication skills (written, verbal) and be able to work effectively with technical and non-technical individuals alike
- Ability to mentor other employees to improve their skills and effectiveness
- United States Citizenship
- Ability to obtain favorable adjudication following submission of Department of Defense eQuip form SF86
- Technical network (e.g. CCNA, CCNP Security) and security certifications (e.g. CISA, CISSP, GCIH)
- Demonstrated experience working in a dynamic, fluid working environment
- Healthcare Experience
20
IT Security Consultant Resume Examples & Samples
- Defining and implementing security architecture in a variety of areas, including: PCI, HIPAA, ISO, FISMA,NIST, NERC/CIP
- Managing multiple project workflows and associated resources. Familiarity with MS Project desirable
- Building strong relationships with clients, acting as a trusted advisor and SME
- Conducting audits for material risks and suggest remediation plans
21
IT Security Consultant Resume Examples & Samples
- Defining and implementing security architecture in a variety of areas, including: PCI, HIPAA, ISO,FISMA and NIST
- 8+ years of related IT experience
- Proven success in a consultative environment
- Excellent communication skills and ability to work independently, or as part of a team, with minimal supervision
22
Senior IT Security Consultant Resume Examples & Samples
- 1 or more Years’ experience with Data Loss Prevention platforms
- Ability to troubleshoot in highly complex, technical situations within a matrixed organization
- Ability to obtain and keep required (government and other) security clearances (US Citizen)
- Collaborate in the development of training content for response and resolution of Cybersecurity issues/incidents
- Have or be in process of obtaining advanced certifications pertinent to area of expertise (CISSP)
- Undergraduate degree and/or equivalent experience
23
IT Security Consultant Resume Examples & Samples
- Identify information security weaknesses and/or gaps in the our current operations and work with the us to bring information security operations up to industry standards and best practices of peer organizations
- Evaluate information security policies, processes, and technical controls through interviews, documentation reviews, and comprehensive technical assessments
- Contribute to the ongoing enhancement of the company’s vulnerability assessment capabilities through the development and implementation of improved methodology, processes, infrastructure, tools, and deliverables
- Create detailed risk assessment reports which explain identified security weaknesses, describe potential business risks, present prioritized recommendations for remediation, and estimate costs and effort levels for remediation
- Work closely with our engineers, systems personnel and architects to develop documentation around existing IT policies, procedures and standards
- Ensure the delivery of information security services meets contract requirements and is consistent with any applicable standards and regulatory requirements
- Participate in the development and implementation of information security policies, strategies, procedures and settings to ensure confidentiality, integrity and availability of customer's environment and data
- Participate in the strategic design process to translate security and business requirements into processes and systems; evaluating new / emerging security products and technologies and making recommendations to customer leadership in regards to the security posture impact on the organization
- Help to establish documentation standards by implementing system to collect and document technical policies and procedures
- Mentor and train team members on assessment methodologies and processes, risk identification and reporting, leading risk management and security practices, industry standards and regulations, and testing tools and techniques
- Minimum 2-4 years of business experience in the area of Information Security
- Certified Information Systems Security Professionals (CISSP) designation
- Experience with information security internal & external audits, governance and risk management, 3rd party risk assessments, contract compliance, and quality initiatives
- Knowledge of security areas such as Auditing, Policy, Database Security, Firewall Design and Implementation, Risk Analysis, Identity Management, Access/Entitlements Management, or Web Services is very desirable
- Experience researching, designing, engineering, implementing, and supporting information security & directory technology systems (both software & hardware)
- System and network administration experience using UNIX and Windows
- Exceptional writing and interpersonal communication skills
24
Senior IT Security Consultant Resume Examples & Samples
- Serve as a subject matter expert to internal IT security, privacy, and compliance stakeholders on specific IT topics/issues to enhance the understanding of the overall IT control framework
- Supports leadership in providing guidance, team direction, problem resolution and accountability
- Collaborate with internal leaders and external business partners to understand their business needs and adapt departmental plans and priorities to address business and operational challenges
- Ability to adhere to end to end process of commercial and government regulatory compliance regarding information systems from RFP to Sales Proposals through decommissioning
- Ability to identify and evaluate technology risks internally and/or third parties, compliance controls which mitigate risks, and related opportunities for compliance control improvements
- Understand the complex business and information technology management processes and identify and resolve technical, operational and organizational problems across the IT enterprise and/or customer accounts (internal or external)
- Support security, privacy, and compliance changes and innovation
- Provide trusted advisory services and guidance to reduce organizational risk and improve overall security and compliance posture
- Manage and ensure compliance with IT structures/processes/technologies including performing assessments of IT controls across the enterprise, including
- Transform corresponding applicable laws and regulations into control requirements
- Perform Information Technology Operational and Security Assessments in accordance with industry frameworks, such as NIST SP 800-53, CMS ARS, CMS MARS-e, IRS 1075, HIPAA Security Rule, and Cloud Security Compliance
- Perform organization control examinations in accordance with SOC1 and SOC2
- Prepare reports and other deliverables that contain strategy, technical analysis, and findings in connection with our advisory and assessment engagements and communicating those results
- Communicate IT assessment reports to management
- Pursue opportunities to adopt new technologies and drive adoption to enhance business outcomes
- Communicate with impact - influence and negotiate effectively with all internal and external stakeholders to achieve win-win solutions that advance organizational goals
- Leverage diversity and inclusion to bring in the right talent, drive employee engagement and foster teamwork and collaboration
- Grow and maintain knowledge of and leverage IT industry/marketplace technologies and trends
- Apply financial knowledge to influence forecasting and financial planning activities
- Demonstrate integrity and ethical behavior by complying with applicable laws, regulations and policies and requiring the same from others
- Supports and coordinates risk assessment methodologies across multiple teams
- Bachelor's Degree (or higher) in Computer Science or related field or a High School Diploma/ GED with 10+ years of IT Industry Experience
- 5+ years of experience in IT Security, Privacy, Risk, Audit and Project Management
- 2+ years of professional IT Management experience in a large, enterprise environment
- 2+ years of experience leading teams and/or managing workloads for IT team members
- Previous experience with implementing CMS ARS, MARS-E, & HIPAA; IRS 1075; and AICPA SOC2 control frameworks
- Previous experience in Internal Audits and External Audits
- Big 4 Audit experience
- Previous Implementation experience with large Government Information Technology Projects with CMS Authorization to Operate (ATO)
- Previous experience with creation of FedRAMP Evidence Packages
- CISSP, CISM or CISA Certification
- Proactive individual who takes ownership of issues
- Proven leadership, able to influence without authority
25
PCI IT Security Consultant Resume Examples & Samples
- Receive and analyze technical information from platform owners
- Curate asset & stakeholder information sources
- Create automation scripts to eliminate manual tasks
- Research and provide recommendations for vulnerability remediation
- Update workbooks and work flow process documentation
- Identify continual improvement opportunities and implement solutions
- Has a deep understanding of PCI businesses, their customers and service-delivery models; this understanding includes key cardholder systems and key contacts within the business and IT
- Participates with lead segment personnel through PCI processes and ensures segments are meeting established requirements and deadlines - processes include but are not limited to
- Bachelor's degree or equivalent experience
- 3+ years of information technology experience
- Ability to work independently and manage through significant change
- Ability to develop and maintain process documentation
- Experience with multiple information technology platforms (Microsoft, Linux, VMware, Cisco, Symantec, etc.)
- Payment card industry experience
- Health care experience
- Experience in developing automation scripts
- Risk management experience
26
IT Security Consultant Resume Examples & Samples
- Analyze business requirements and ensure that solutions meets established security policies and controls for PCI
- Monitor compliance with applicable laws/standards/regulatory controls related to IT security for PCI
- Apply processes/procedure to ensure adherence to all IT security requirements for PCI
- Participate in/contribute to audit activities involving IT security policies/procedures/ controls for PCI
- Participate in/contribute to design/deployment reviews to ensure adherence to policies (e.g., PCI)
- Demonstrate understanding of the relationship between security policies/standards and other control mechanisms pertinent to PCI
- Support security data management/reporting requirements (e.g., metrics)
- Bachelor's degree or HS diploma/GED with 3+ years of applicable experience
- 2+ years of experience working in a customer service focused environment
- Knowledge of regulatory requirements and industry standards (ex. HIPAA Security Rule, PCI, SOX)
- Strong interpersonal skills, including the ability to influence others and establish credibility
- Healthcare experience
- IT Security certifications (CISSP, CISM, CISA, or CFE)
27
IT Security Consultant Resume Examples & Samples
- Be able to transfer the security architecture towards an tactical/operational level
- Experience with implementing security controls based on COBIT or similar framework
- A broad experience in IT security in all aspects/services we deal with in IT (inc. cloud)
- Know the market on Security and IT; what are current threats, what measures are useful
- At least 6 years of relevant working experience. Recognized certification such as CISSP, CEH or similar
- Basic financial product knowledge and experience working in financial industry
- Experience with security assessments or audits and industry standards such as ISO27001
- Experience in area’s such as system administration, security management, audits / assessments, access management, system development, consultancy
- Hands-on experience in performing static and dynamic secure code reviews in .NET
- Hands-on experience in performing vulnerability scanning and penetration testing
28
Msla-it Security Consultant Resume Examples & Samples
- Supports our Information Security Program by leading and completing and assessment activities utilizing the NIST framework
- Analyzes data to identify gaps between security policy, practice, prepare report and validate with stakeholders and the business owners to maintain NIST certification
- Creates and maintains security assessment documentation
- Updates eGRC/Archer system with assessment findings and action plans
- Anticipates customer needs around the assessment process and proactively develops solutions to help them be compliant with the NIST framework
- Performs complex conceptual analyses by mapping between assessment frameworks to ensure complete and consistent security compliance
- Provides explanations and information to stakeholders and the business entity requesting NIST certification to support a clear understanding of remediation and ensure compliance to the NIST framework
- Must be able to successfully pass a Federal Government Security Clearance (NAC)
- 5+ years of experience in an information security role with strong knowledge of information security concepts
- 5+ years of experience in government compliance and Certification and Accreditations
- 5+ years of experience working on technical assessments
- 5+ years of experience working in a customer service focused environment
- 5+ years of experience with risk assessment and/or risk analysis
- 5+ years of experience with working with security policies and standards
- 2+ years of experience with NIST framework, including VA Handbook 6500
- Managed healthcare or insurance industry experience
- Experience working in a matrixes environment
- Knowledge of regulatory requirements and industry standards(ex. HIPAA Security Rule, PCI, SOX, DIACAP, or RMF)
- CISSP/CISA/CISM certification
29
IT Security Consultant Resume Examples & Samples
- Deliver onsite and remote security application/endpoint protection designs, implementations and training for a wide variety of customers
- Be able to identify gaps in application and endpoint security architecture and recommend strategies using a combination of industry-standard security best practices, software controls and other necessary changes to promote a higher level of information security practices
- Write formal engagement reports, architecture designs, optimization guides and best-practice white papers covering a variety of security topics
- Participate in conference calls, onsite meetings and roundtables with customers, sales, internal product development and support to gather data, scope new and existing work, evaluate or suggest new product features and assist in resolving existing product issues-
- Recognize and generate potential product and consulting services sales leads when appropriate and necessary
- Be able to illustrate and explain use cases for implementation of SIEM alarms, watchlists, reporting and correlations of data from and covering multiple data sources
- 20% of position requires technical writing
- B.S. or B.A. in Computer Science, Information Technology, or ICT-related field required
- A minimum of 75% travel within the U.S. and Canada is required
- Prior experience of two 2 or more years within an Information Security consulting, analysis or management role where log analysis technologies were principal technologies actively used
- Proficient in two or more of the following scripting or application languages: JavaScript, Java, T-SQL/PLSQL, C, C++, PowerShell, VBScript, Unix shell KSH, Bash, etc., Python, and/or ePO-API- Ability to use and understand regular expressions
- Detailed understanding of the TCP and IP protocol suites and ability to dissect and explain the contents of traffic and packets
- Experience with configuration of debug, event generation and logging functionality within application and operating systems, using Syslog or flat file generation
- Design, implement and optimize applications within a virtualized environment
- Excellent English oral and written communication skill
- Post-graduate degree or coursework in an ICT-related field preferred
- Two or more security or vendor certifications e.g. CISSP, Cisco, Checkpoint, SANS, ISACA, ISC2, VMWare, McAfee, database certifications, etc
- Any experience with McAfee core technologies for Endpoint or Network Security Prior experience using SIEMs/SEMS Experience working in a NOC/SOC environment
30
Senior IT Security Consultant Resume Examples & Samples
- Integrate businesses acquired within the OptumCare segment into risk prioritized cyber security processes and controls
- Participate in security incident response processes on a per-occurrence basis
- Serve as the segment point of contact for IRM policy and process issues and escalations
- Contribute as a team member in major programs or change initiatives aimed at increasing Optum’s security capabilities
- Communicate (oral and written) to senior management on risks management concepts, as well as specific project risks and risk mitigation options / scenarios
- Maintain a deep understanding of the business, our patients and healthcare-delivery models (this understanding includes key systems, key contacts, priorities and concerns within the business and IT)
- Maintains current knowledge on information security topics and their applicability to Optum and the healthcare provider industry
- Guides business personnel through security processes and ensures business personnel are meeting established requirements and deadlines. Involved security domains include but are not limited to
- 3+ years of information security experience in (or consulting with) large, highly-regulated companies
- Experience with practical interpretation and application of policy and standards
- 3+ years of knowledge of the technology aspects of security
- CISSP / CISM or other IT Security certification
- Project Management experience and / or certification
31
Senior IT Security Consultant Resume Examples & Samples
- Manage remediation requests; identify risks, mitigating controls and rate risk accordingly
- Translate policies and standards in ways that can be understood by a variety of audiences
- Meet established team Service Level Objectives
- Knowledge of regulatory requirements and industry standards
- General IT Technical Knowledge, such as fire wall, network, patch management
- Familiarity with GRC tools
- 3+ years Information Security / Privacy experience or a Bachelor's Degree Preferred
- 3+ years of general understanding of Security Access Controls
- 3+ years of experience working in a matrixed environment
- Associates degree
- SCP, CISSP, CISM, CIPP or other technical, privacy certifications preferred
32
IT Security Consultant Resume Examples & Samples
- Able to translate security architecture to a tactical and operational level
- Someone with knowledge of the security and IT market, aware of current threats and useful countermeasures
- Have a broad experience in all aspects/services we deal with (SEM,TSCM, CSIRT, Threat Intell, VM, etc)
- Able to communicate with our business units on all aspects of IT Security (including Cloud)
33
IT Security Consultant Resume Examples & Samples
- Knowledge of information risk management, security controls, and process design with proven ability to balance desired security with the needs of the business
- Strong ability to independently identify and resolve critical and complex issues through effective problem solving skills
- Proven organizational savvy with demonstrated tact and diplomacy
- Proven ability in dealing with ambiguity Demonstrates excellent written and verbal skills
34
Senior IT Security Consultant Resume Examples & Samples
- Provide consultancy to major projects and services on effective mitigation of risks, and control implementation
- Assist with complex projects to identify business and technical security requirements, design security controls and test their effectiveness
- Review incoming and respond to outgoing due diligence requests from customers and suppliers
- Apply and support IT security, risk and compliance technologies
- Operate IT Security/IT risk frameworks that serve as a basis for regulatory compliance, internal control processes and management of IT Security and IT risk
- Ensure compliance with IT related policies and regulatory requirements and develop a plan to remediate compliance gaps
- Facilitate and take part in regular global IT Security and IT risk/control assessment initiatives
- Support security event monitoring and incident response processes
- Support the ongoing development of less experienced staff members
- Experience as an IT Security/IT Risk Specialist for International Companies
- Bachelor’s Degree or equivalent in Computer Science or related subject - nice
- Professional Security Qualification(s) - e.g. CISA, CISM, CISSP - essential
- Good understanding of technical components of a network infrastructure
- Good understanding of IT Security/risk management
- Proven experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x
- Good knowledge of IT Risk management standards and disciplines
- Excellent communication skills, being able to take part in meetings and provide expert advice
- Good listening and questioning skills
35
IT Security Consultant Resume Examples & Samples
- Remotely monitor and troubleshoot network access control and security technologies across Deloitte Central Europe in a 24x7x365 environment
- Perform advanced troubleshooting and configurations of VPN gateways, Firewalls, IDS, IPS, DLP, Proxy servers, PKI, etc. to isolate the trouble and take appropriate action to resolve
- Analyze Internet access problems, respond to security issues
- Proactively identify and respond to events impacting systems, applications and networks
- Deploy and install security systems, applications and other IT components
- Develop automated solutions for routine tasks
- Provide high quality support to other technical IT teams within Deloitte Central Europe Business Services Center
- Prepare guides and documentation
- Cooperate with Deloitte Central Europe Business Services Center IT and global IT teams
- Supervise vendors in implementation and technical support tasks
36
Senior IT Security Consultant Resume Examples & Samples
- Provide consultancy to major Global projects and services on effective mitigation of Information Security risks and Information Security control implementation
- Bachelor’s Degree or equivalent in Computer Science or related subject
- Professional Security Qualification(s) - e.g. CISA, CISM, CISSP
37
Senior IT Security Consultant Resume Examples & Samples
- Provide a variety of IT advisory services related to internal control, risk management, IT controls and related standards (Sarbanes-Oxley, FISCAM, FISMA, NIST, COBIT)
- Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
- Serve as a supporting member of the Information Risk Management & Security team focused on identifying opportunities for enterprise security profile improvement
- Effectively communicate with client and Project Manager/Accretive Solutions Practice Director/VP to understand and document priorities and work status
- Develop a thorough understanding of the client's business and culture in order to better support the client's strategic objectives
- Develop, document and execute work plan/project plan while meeting agreed upon deadlines and
- Commitments
- Prepare, delegate if appropriate, and review client deliverables
- Leverage client and Accretive Solutions subject matter experts (SME) to execute the project
- Effectively
- Use, administer and promote company practices, standards, procedures, tools and methodologies
- Perform all necessary administrative responsibilities in a timely manner (e.g. Timesheet and expense report submission, response to e-mail and voice-mail, forecasting of upcoming availability)
- Proactively communicate status of work to Accretive Solutions direct Manager on the engagement
- Maintain practice specific active professional certification status
38
IT Security Consultant Resume Examples & Samples
- Utilize T - SQL to perform Audit Data Validations and comparisons
- Perform and support ad hoc entitlement review requests
- Assist with HIX, ICFR, and SA9 platforms Access Reviews and Audit planning and support
- Monitor and support enterprise Identity - Based Entitlement Reviews
- Perform and support custom entitlement review requests
- Investigate and document root causation for provisioning issues as requested by Audit
- Support Audit walkthroughs
- Perform manual Secure synchronizations as needed
- Investigate and facilitate remediations for Secure synchronization exceptions
- Train and mentor new team members on team best practices
- Create and document new processes or update existing processes to enhance efficiency and drive innovation
- 2 or more years of Identity & Access Management (IAM) experience
- 2 or more years working with Entitlement / Access Control tools and processes
- 2 or more years of proven experience as a Data Analyst
- Experience performing data validation using SQL
- Experience analyzing and documenting root cause for IAM problems
- Experience gathering requirements and performing analysis
- Proficiency with MS Excel
- Undergraduate degree
- Understanding of Role Based Access Controls
- Proficient in one or more programming languages such as .NET, Visual Basic, Java, Python etc
- Experience writing complex SQL queries
- Prior experience working across organizational groups and influencing others
- Mentoring experience
39
Senior IT Security Consultant Resume Examples & Samples
- Undertake data analysis of information collated via the Information Security Risk Assessment Process to identify emerging risks, trends and common themes
- Interpret data findings and produce comprehensive reporting to Senior Stakeholders
- Consult on complex projects to identify business and technical security requirements, ensure security controls are designed, implemented and operating effectively
- Review incoming due diligence assessments of suppliers
- Operate Information Security/Information Security Risk frameworks that serve as a basis for regulatory compliance, internal control processes and management of IT Security and IT risk
- Ensure compliance with Information Security related policies and regulatory requirements and develop a plan to remediate compliance gaps
- Experience as an IT Security/IT Security Risk Specialist for International Companies
- Experience of data analysis and reporting in an IT Security capacity
- Professional Security Qualification(s) - e.g. CISM, CISSP
40
Infra / IT Security Consultant Resume Examples & Samples
- Extensive knowledge, understanding and awareness of IT, Security, Risk and Compliance Controls related to Applications and Infrastructure. Preferable having exposure to UCF, CSF, RMF etc
- Hands on knowledge of modern day technologies related to Application Development, Enterprise Infrastructure and Security Tools and Technology
- Very strong knowledge of Application Development Life Cycle (SDLC) and any relevant industry best practices: Waterfall, Agile, Iterative, SCRUM etc. RUP,
- Good understanding of at least 3 of the following Industry standard, best practice and frameworks: ISO 27001-5, NIST, ITIL v3, COSO, SABSA, UCF, OCEG
- Reasonable understanding and awareness of any 2 of the following regulatory, statutory and 3rd Party standards or control requirements: FFIEC, SEC 404 (SOX), SSAE 16 SOC 1/2/3, MaS
- Having any 3 of the following certificates: CISSP, CISM, SRISC, CIA, CSA, C-EH, CFE, PMP, ITIL v3 (Life Cycle Modules or Expert) etc
- Deep understanding of Security and IT Technologies of a modern-day Enterprise
- Good understanding of Control Compliance Review, Risk Assessment, Security Assessment and recommending remediation and/or mitigation controls
- Program, Project or Process management skills including oversight of progress in Matrix organization
- Year of Experience - At least 5 to 7+ years of handling IT security
41
IT Security Consultant Resume Examples & Samples
- Participate in the audit planning process to validate audit scope, requirements, and timing. The scope, requirements, and timing will then be communicated to IT management to set expectations for the audit
- Work with IT management to provide accurate audit evidence and clear, concise audit responses. While this position is not responsible for pulling evidence for the audit, this position is responsible for reviewing the evidence and responses IT management plans to provide and confirming it aligns with the auditor’s requests
- Validate audit findings with auditors and IT management and assist in developing management solutions, if necessary
- Track audit findings and management solutions to verify the appropriate actions are being implemented. On a monthly basis, update IT Leadership on the current status of audit findings and outstanding management solutions
- Develop and provide training to IT management that will be audited in the upcoming year to prepare them for the audit process
- Assist the CISO respond to audit requests from third parties. This includes maintaining relationships with IT management to efficiently respond to third party questionnaires and coordinate onsite assessments
- Stay knowledgeable on current audit techniques, IT industry risks, and ongoing IT projects within the organization
- Act as liaison between auditors (both internal and external) and IT management. This position will prepare IT management for audits, provide support during on-going audits, track audit findings, and provide transparency to the IT Leadership. Additionally, this position is responsible for coordinating responses to any third party audit questionnaires
- Familiarity with Governance, Risk and Compliance (GRC) systems
- Familiarity with IT Audit general controls
- Proficient with Sharepoint
- Leads or participates in security reviews, evaluations, and risk assessments, developing and implementing appropriate recommendations
- Leads or performs analysis of companys information security architecture, including hardware and software components, with the objective of standardizing security throughout our infrastructure. Responsible for designing various security architectures in accordance with accepted industry standards and subsequent implementation oversight
- Participates in the ongoing evaluation and development of security policies and procedures. Leads the revision of policies and procedures, as needed
- Responsible for providing technical expertise and support for security software, including operational aspects of the software. Responsible for mentoring junior members of the team and may supervise the work of the department in the absence of immediate supervisor
- Responsible for providing guidance, direction, and oversight for companys compliance with all federal, state, and local mandated information security laws, rules, and guidelines. Remain current with the latest industry technical information
- Serves as primary leader of information security projects, including the development of project scope requirements, budgeting, and project planning
- Coordinates the handling of security incidents, recoveries, breaches, intrusions, and system abuses
42
IT Security Consultant Resume Examples & Samples
- Identify, monitor, and assist manage Banner Health’s regulatory and industry compliance responsibilities at the local, state, and federal level, including HIPAA, PCI DSS, and others
- Develop and oversee Banner’s PCI DSS compliance program, including scoping activities, oversight of deployment of point-to-point encryption (P2PE) technologies, controls validation, remediation activities, annual attestation activities, approving new payment technologies, and establishing a PCI DSS governance function
- Support/facilitate third party audit requests/queries and breach notification processes; coordinate stakeholder meetings, interviews, communications, and reporting, as required
- Support management of the GRC tool and workflows; develop, update, maintain, and validate automated tool workflows to support Information Security compliance
- Understanding of governance and control disciplines within the healthcare industry
- Understanding of cyber risk management and ability to effectively communicate cyber risk to senior leadership
- Knowledge of regulations, industry standards, and/or contractual obligations, including but not limited to: HIPAA, PCI DSS, Sarbanes Oxley, GLBA, SOC /SSAE16, HYTRUST etc
43
IT Security Consultant Resume Examples & Samples
- Plan, design, implement, and monitor risk mitigation and compliance of security measures, policies, and procedures
- Manage response to high-level information security issues
- Manage authentication, access control, and perimeter security systems
- Provide security program leadership in designing, procuring and implementing secure IT solutions for enterprise-wide application and infrastructure-related projects including business continuity and disaster recovery plans
- Develop, maintain and publish documentation for enterprise-wide information technology security standards, procedures, and guidelines
- Maintain awareness of security industry trends and identify areas where existing information or physical security infrastructure requires change or development
- Provide risk assessments and security briefings to advise on critical issues that may affect security of enterprise infrastructure or business process
- Perform information and physical security investigations
- Develop security awareness and compliance training programs, and conduct and support compliance audits
- Consult on projects or project manage security implementations and development
- Perform computer security incident response to possible security breaches or policy violations
- Plan, design, implement, monitor risk mitigation and compliance of security measures, and policies and procedures
- Develop, maintain and publish documentation for enterprise-wide information technology security standards, procedures and guidelines
- Develop security awareness and compliance training programs
- Knowledge in networking, wireless, databases, applications and system operations and how they interact with each other
- Knowledge of enterprise information security systems and implementation
- Knowledge of securing different types of systems
- Knowledge of industry and department best practices, requirements and policies and procedures
- Skills in security assessments and recommendations
- Skill in analyzing and investigation of information security trends
- Skill in mentoring and monitoring daily work activities of others
- Skill in selecting and using training/instructional methods and procedures
- Skill in documenting and maintaining complex application and process or configuration information
- Skill in identifying complex problems and implementing solutions
- Ability to educate various personnel regarding information security
- Ability to identify trends as well as isolated events
- Ability to accurately identify/determine customer needs and take appropriate actions and/or steps to address identified needs
- Ability to recognize, value, and include different perspectives, experiences, approaches, and cultures in achieving organizational goals
- Ability to gain and maintain the trust and confidence of others and the organization through consistency and reliability
