- Featured in:
-
More Information Security Consultant Resumes
Use these Information Security Consultant samples as a guideline or visit our extensive library of customizable best resume templates.
Select
Customize
Download
Find out what is the best resume for you in our Ultimate Resume Format Guide.
Additional Data Systems Administration Resume Samples
Information Security Consultant Resume Samples
No results found
0-5 years of experience
Developed, updated and wrote the annual NITC and OCIO security plans in accordance with the standards established by the National Institute of Standards and Technology (NIST) and USDA Cyber Security.
- Led the effort for certification and accreditation for 27 NITC systems.
- Reduced 127 Plan of Action and Milestones (POA&Ms) for security vulnerabilities by 55% and loaded project plans into CSAM.
- Facilitated ongoing process improvement while monitoring security vulnerabilities and discussing action items with system administrators which improved quality and service by 22%.
- Selected Federal employees to participate in NITC wide Vulnerability Assessment Team (VAT) in reducing risks 65% by implementing monthly action item meetings.
- Experience with Government standards and guidelines (OMB A-130, A-123, NIST SP NIST SP 800-37, NIST SP 800-30, FIPS 199, FISMA, PRISMA).
- Conducted technical information security and assurance concepts to non-information security individuals to improve overall security awareness for NITC.
0-5 years of experience
Participated in multiple client projects including Bank of America, Take Two Interactive, MWW Group, Bank Leumi, and NYCHA
- Conducted IT audits for general and application controls for client financial systems
- Reviewed client IT policies and procedures to ensure compliance with best practices.
- Constructed audit test plans utilizing CoBiT and ISO17799 standards for general and application controls
- Interviewed process owners, supervisors and end users to determine correct application and functioning of controls
- Organized and documented test plans, gap logs and evidence in form of work papers
6-10 years of experience
As principal advisor established relationship with businesses and customers, interpreted and applied standards, policies, best practices and analyzed threats and vulnerabilities, and designed system security strategy and architecture. Led team and promoted use of security requirements for System Development Life Cycle across multiple IT projects.
- Analyzed data security controls to identify weaknesses, and designed strategies to address gaps and non-compliance for multiple projects. Leveraged NIST SP 800, PCI DSS, ISO 17799 standards and techniques as basis for risk management assessment.
- Designed, shared, presented and supervised implementation of guidelines for developing secure software, database monitoring and data masking. As accomplished presenter, engaged audience and heightened security awareness throughout enterprise.
- Evaluated technologies, processes and vendors, and selected superior service. Assessed SOW, SLA and service contracts and derived best value proposition.
- Examined Disaster Recovery and Business Continuity plans and addressed short- and long-term critical business requirements.
0-5 years of experience
Conducted Certification & Accreditation activities of the Government’s critical and major support applications.
- Interviewed end-users to quantify and qualify security practices IAW security frameworks, NIST 800-53 and ISO 17799.
- Performed network and application penetration test in test/production environment.
- Conducted black/white box security assessments with industry standard security tools (i.e. Nessus, Fortify).
- Prepared written report for Executives/Stakeholders that explained the vulnerabilities and provided recommendation for mitigation.
- Compiled and wrote risk assessments (RA), Security Manuals, System Security Plans (SSP), Disaster Recovery and Contingency Plans (DR/CP).
- Researched and documented security recommendations and outline a roadmap for implementation.
0-5 years of experience
I served as a senior information security consultant and project manager consisting of the responsibility of all NIDS (Network Intrusion Detection Systems) technical and architectural design and implementation as well as a Unix Security Manager (as a member of the Salt Lake Organizing Committee) for the 2002 Salt Lake Winter Olympic Games in cooperation with the United States Secret Service.
- Scripted a customized, alternative for a file integrity solution for routers for the Schlumberger Network Infrastructure supporting hundreds of routers company-wide
- Created customized, automated scripts utilizing expect and python languages to migrate and capture configuration changes for several hundred company networking routers
- Organized incident response implementations for all 2002 winter Olympic Games networks
- Produced all secured NIDS sensor images and configurations for viable Olympic games networks
- Successfully designed and implemented a comprehensive, network intrusion detection architecture for the 2002 Salt Lake Winter Olympic games network which also included consistent improvement of existing self-written scripts for scalability that created forensic analysis for the Snort intrusion detection engine
- Served as acting manager for all Unix Information Security implementation and administration during the 2002 Salt Lake Winter Olympic games
0-5 years of experience
Developed corporate information security guidelines
- Led the design of a web hosting environment (including DEV/QAT/PRD) when the decision was made to bring the corporate web presence in-house. This project included network design as well as security design/considerations including firewall, IPS, and operating system configurations
- Managed and executed firewall refresh project. This included a vendor comparison to select a platform as well as a redesign of the SCADA environment and corporate perimeter network exchange to better address the needs of the organization. This refresh involved the upgrading/replacing of 20 firewalls including a review/audit of every existing firewall configuration before adding it to the new hardware
- In addition to the 20 firewalls replaced as part of the refresh project, was responsible for all aspects of configuration, deployment and maintenance of approximately 25 more. These configurations include numerous VPNs both internally and externally with vendors/partners. Firewall infrastructure also includes many HA configurations including HA pairs of firewalls located in different physical loctations 10 miles apart which leverage DWDM over dark fiber to provide layer 2 connectivity between sites
- Developed comprehensive standards based 802.1x plan for wired and wireless network access control. Worked with EAP-TLS and TTLS, Microsoft and juniper supplicants, as well as Great Bay Software and Amigopod sponsored guest access solutions
- Played key role in working with network engineering to make network design decisions including the design of a new facility and datacenter
0-5 years of experience
Completed IT risk assessments for a diversified financial institution with operations around the world
- Worked with varying lines of business to facilitate the risk assessment process for on time implementation of projects
- Quickly and competently understood the risks associated with the interconnectivity between complex system spanning multiple platforms
- Scheduled and facilitated conference calls with various teams on a global scale
- Managed and monitored timelines of projects that span multiple months in order ensure on time implementation and completion
- Identified events or circumstances in a variety of systems (application, hardware, infrastructure) that can introduce risk to the organization
- Engaged with Subject Matter Experts as well as team members from other areas of Risk Management to gather information, understand various request, and complete projects on time
0-5 years of experience
Senior Security and Penetration Tester, consulted with Fortune 500 and celebrity clients across the globe to perform threat assessments, audits and penetration tests
- Performed multiple network and application penetration tests for celebrity and fortune 500 clients;
- Developed internal security policies and designed and implemented new more secure network;
- Trained 250+ employees to use new security procedures and hardware;
- Provided remediation and disaster recovery consulting during and after security incidents (both information and physical);
- Evaluated new technologies in surveillance, counter-surveillance, access control, alarms, and information security;
- Performed data recovery and data forensics for clients and internally;
- Performed risk and cost benefit analyses to determine needed levels of security controls;
- Supervised Technical Surveillance and Counter Measures (TSCM) (aka Bug Sweeps) surveys for clients
0-5 years of experience
Led a Team of 3 consultants interfacing with the business, application owners and IT in order to control the Privileged Access accounts and entitlements of primary and secondary access for over 400 SOX critical applications worldwide.
- Responsible for account provisioning and removals across all applications in order to meet audit requirements for SOX applications.
- Coordinated with the Business and various application owners to define business process.
- Directed the consulting team in the distribution of workload from management and created executive status reports and scorecards and trending for management covering the teams’ progress.
0-5 years of experience
Lead Engineer tasked with performing an enterprise wide TAMeb/TDS upgrade from 5.1/5.2 to 6.1.
- Design and detail an upgrade plan that was reviewed and approved by all business owners.
- Perform upgrades in a sandbox environment to demonstrate the feasibility of the upgrade as well as conduct test data migrations to eliminate any lost account data.
- Document and test all upgrade scripts and procedures before handing off to other personnel.
- Conduct Technical investigations, develop enhanced monitoring using TDI as well as maintenance on the upgraded systems.
- Develop TDI solutions for LDAP data validation, backups and monitoring as well as log file management for TAMeb and TDS components.
0-5 years of experience
Provided guidance on security industry and HP best practices with respect to information security while serving as an account security officer. Also charged with monitoring HP access request to client network to ensure that only those HP employees that need access have access.
- Sole information systems security officer for FBI Boston Division office, FISMA and NIST 800-53 expert and consultant to Special Agent in Charge, Chief Security Officer, and Supervisory Information Technology Specialist.
- Authored Site System Security Plan (SSP) for FBI Divisional office and received Authority to Operate with minimal remediation of findings by the Information System Security Manager’s Office.
- Performed vulnerability assessment for regularly mandated auditing and unannounced audits. Documented, performed mitigations and provided C-level management recommendations on risk management activities.
- Responded to and coordinated classified information spillage incident response and information system security related incident response per FBI Corporate Policy Directives.
0-5 years of experience
As a member of the Identity and Access Management (IAM) team, participated in maintaining security for 100,000+ accounts in IBM Tivoli, Novell/NDS and AD/NT environments, in compliance with JPMC IT Security Policies and procedures.
- Utilized security administration tools and technology to generate reports, used in an ongoing security compliance monitoring as well as internal access control assessment. Provided the IT Risk Management and audit committee with status report regarding regulatory compliance.
- Managed and ensured user account creation, deletion and modification, as well as user passwords, system access rights and privileges, adhered to the organization’s security standards and requirements.
- Analyzed and approved creation of system and generic accounts over UNIX, Linux, Windows, Lotus Notes and Oracle platforms.
- Controlled access to users’ data residing on home directory or Notes mailbox and when necessary, provided the management with access to terminated users’ highly sensitive documents for investigation and/or business continuity.
0-5 years of experience
Contracted to assist Costco on several key Company strategic business goals as they focused on global expansion and movement to the Cloud.
- Developed a Software Security Lifecycle program.
- Developed Security Architecture for the Costco treasury department. This was a global initiative to secure electronic money transfers from stores to headquarters to banks.
- Helped Costco plan for a huge rollout of Arcsight SIEM in preparation for a massive data center migration and consolidation.
- Performed a Cloud risk assessment on Google mail, Google Docs, Google Chrome, and Chrome Browser Plugins as they migrated to the Google Cloud Platform.
0-5 years of experience
Healthcare company providing fitness programs through Health Plans.
- Served as the Business Unit’s Sr. Security Engineer and HIPAA Security Officer.
- Answered client (Health Plans) security questionnaires and addressed compliance issues.
- Wrote the BU’s Disaster Recovery Plan which involved developing a strategy using the Cloud for cost efficiency and rapid recovery.
- Implemented a formal process for requesting, approving, and provisioning user access to BU’s applications that processed Protected Health Information which was a remediation activity from an finding during an audit.
- Performed security assessments of new technology in QA and tracked remediation of findings prior to deployment to production.
- Developed a vulnerability/patch management strategy with metrics to measure improvement.
0-5 years of experience
- Identified client requirements, evaluated security solutions, troubleshot network issued and made recommendations
- Assisted client with the preparation and review of security and privacy sections of 10K filing submissions
- Implemented enterprise-wide information security program while coordinating the adoption of information security policies and standards in accordance with SEC and applicable regulations
- Created and documented Standard Operating Procedures for Network Operation and Security teams
0-5 years of experience
Managed information security processes such as the patch management program and firewall change requests.
- Developed procedures used to evaluate IT changes for security risk.
- Reviewed and approved engineering changes for security risk and adherence to standards.
- Performed risk assessments of third parties and new internal applications.
- Monitored IDS and AV systems. Put procedures in place that led to significant reductions in infections.
- Performed malware investigations which led to control and process improvements.
0-5 years of experience
Hired to work with partners to develop information technology solutions, analyze, choose and integrate applications, implement information security program and control documentation and assist with business analysis to further company expansion.
- Implemented Ethernet and Wireless secure networks, created documentation, operational procedures and security controls
- Provided analysis of cloud storage and backup solutions and coordinated service level contracts on behalf of the company
- Established security and control standards for business Windows servers and IP networks
- Created and presented a 1 year tactical IT/IS plan to address immediate business expansion
- Created and presented a 3 year strategic IT/IS plan to accommodate expected business growth
- Created service level agreement for server and network service and support
- Selected service organization and coordinated contract for server and network support
- Worked with partners on web services and creation of company web site
0-5 years of experience
- Assessed gaps and provided oversight of implementation for hundreds of internal and external application projects to comply with Information Security policies, procedures, methodologies, regulatory compliance, Homeland Security, and Presidential Directives.
- Assessed and analyzed the risks and exposures for various types of network architecture system designs (WAN/LAN, Client Server, Internet, VPN, Wireless (802.11) Telephony, Citrix) ensuring data is sent through secure protocols to protect critical company assets and resources.
- Trained and mentored team members on security role in all projects.
- Implemented and trained four business units on Requests for Information/Proposals (RFI/RFP) that impacted over 300 existing and prospective clients.
- Managed and prepared the Fidelity Brokerage Business Unit for ISO 27001:2005 Certification within two months.
- Developed and presented key Information security metrics to Senior Executive Management for inclusion into Information security initiatives.
0-5 years of experience
- Developed corporate Operational Directives for securing UNIX (Solaris and AIX)
- Developed standards for and implemented enterprise security products (eTrust Access Control, SSH, ISS host-based intrusion detection) with a high impact on [company name]’s overall security posture
- Provided UNIX security and platform related (LDAP, access control, ssh) subject matter expertise to projects and consultants
- Managed (as the technical lead) the successful implementation of a centralized eTrust Access Control infrastructure across the enterprise
- Reviewed and recommended new UNIX related security technology solutions (selected corporate SSH product vendor, provided input to enterprise security management initiative)
0-5 years of experience
- Coordinated the design and implementation of TEMPEST architecture of the backbone, programming experience oriented with changes in Unix kernel.
- Assigned the firewall and backbone design, VPN, and security architecture (for the ISP owned by the same group).
- Managed security-auditing requirements (WINDOWS 2000/NT – Unix) as a supervisor of security management in the organization.
0-5 years of experience
Developed an Information Security Management System for two media broadcasting companies in Brazil
- Assisting Chief Information Officers and Chief Security officers with the development of management standards, Policy creation, governance, risk management, compliance and continuity
- Performing an independent audit of Information Security Management System (ISMS), creating risk treatment plans and providing corrective actions on all findings.
- Performing Vulnerability assessment internally, penetration testing, and creating mitigation strategies to reduce exposure
- Providing consulting, guidance and direction to senior managers, Information Security Professionals, Desktop Support engineers, and Help Desk support. Reviewed Processes and revised procedures to comply with Firm’s policies.
- Creating reporting capabilities based on meaningful metrics and measuring their performance.
- Introducing risk management methodology and standards such as ISO 17799, and ISO 27001
- Designing and architecting an Information Security Incident Response Service Providing Digital Forensic Investigations to include a unifying incident response process and overarching investigative methodology.
0-5 years of experience
Responsible for event detection, risk assessment, mitigation and resolution of cyber security threats to [company name] network infrastructure
- Coordinates with Cyber Security Manger and Team Leaders on escalated potential threats to avoid line of business down time and loss of efficiency
- Takes immediate actions to resolve threat events within a given window
- One of only six cyber security consultants in the SOC to monitor and review hundreds of thousands potential threats
- Trusted to be available to resolve all security threat issues to their conclusion with little or no impact to line of business or customers
- Able to use at least six or more security software and hardware platforms to stay ahead of threats and mitigate potential threats
- Coordinates with all levels of the [company name] Business Enterprise regarding real time threats and critical incident response
0-5 years of experience
Consulted companies on Internet and Enterprise Security Architecture.
- Documented procedures for Intrusion Detection Tools on server farm.
- Trained users on security policy and procedures
- Analyzed security needs of client and made recommendations for planning of security architecture
- Documented information security policy.
- Documentation of PKI web-enabled architectures.
- Performed information security health checks
0-5 years of experience
Facilitated the rollout of 1000+ Windows NT/2000, Novell Netware, and Unix servers utilizing Enterprise Security Manager (ESM) and Intruder Alert (ITA);
- Mapped security policies of clients including Navy Marine Corps Intranet (NMCI) to Enterprise Security Manager (ESM) policies;
- Beta tested new releases of ESM;
- Installed and configured Symantec Enterprise Firewalls;
- Designed databases via Microsoft Access in order to organize Agent to Manager registrations of ITA and ESM;
- Performed vulnerability assessments on networks using tools including Symantec’s NetRecon;
- Advised internal staff regarding implementation of security policies;
- Troubleshoot communication issues between ESM and ITA Managers and Agents;
- Trained staff on use of ESM and ITA;
- Provided onsite technical support in response to customer issues.
0-5 years of experience
- Provided IT security support to various BAH clients as a Sr. consultant. Job requirements varied depending on the needs of the client.
- Developed comprehensive strategic security policies for the United States Air Force (OSI) supporting the program goals and asset inventory.
- Created POA&M’s and solutions to mitigate audit findings produced by the annual IG audit.
- Provided research and solutions on evaluating and documenting a suitable inventory program for asset management.
- Supported DISA’s Cross Domain Enterprise Service (CDES) program. Assisted with various aspects of CEDS guard solutions.
0-5 years of experience
Managed 2 Checkpoint 75.20 solutions.
- Upgraded to 75.40 on both modules
- Managed Juniper VPN/RSA SecureID solution
- Reviewed and created policies and procedures for Antivirus, Network asset builds and Email Spam guidelines.
- Managed McAfee Spam Filter Solution for organization.
- Managed project to install RSA envision and perform initial user configuration and device configurations.
6-10 years of experience
Provide comprehensive information security, legal, financial, and technical services with an emphasis on – complex computer and networking solutions
- Provided consultation services on security policies, security controls, and security solutions including threat analysis and infrastructure testing
- Researched and provided consultation on cloud VmWare enhancement for patentability and security.
- Provided overview and documentation for hardening the Red Hat 5 OS environment to enhance security.
- Consulted on audits for security enhancements.
- Provided training and consultation services on current security law and practices
- Clients that utilized the INFOSEC Services include: Oracle
0-5 years of experience
- Performed security auditing and risk assessments company-wide.
- Established security policies and deployed intrusion detection systems on various systems throughout the network.
- Developed a roadmap for further advancement of security procedures.
- Primarily targeted known vulnerabilities and software issues (ArcServe and PCAnywhere) where needed.
- Reviewed Windows 2000 and 2003 Active Directory design and user security and made recommendations of change and policy updates. This was a very large virtual server environment utilizing VMware and a blend of Windows 2003 and Linux servers. Approximately 300 servers with approximately 35,000 end users.
- Developed specification for disaster recovery plan and recommended vendor solutions.
- Utilized many open source tools (nmap, Nessus, Nagios, Snort, Tripwire, among others) to perform monitoring and analysis of network structure and security.
0-5 years of experience
Performed numerous network and system penetration tests, system and network security audits, network infrastructure reviews, and post mortem forensics in support of wide variety of commercial clients including MedStar, Otsuka Pharmaceuticals, Bank of America, Mitsubishi, and several state Lotteries.
- Designed and deployed an IDS solution for a large utility company.
- Single point of contact for security services for several clients including a large New York based exchange.
- Performed numerous policy reviews and analysis of various firewall products.
- SME and author of several courses for the Information Security University (ISU).
0-5 years of experience
- ArcSight system administration including the installation of updates, patches and upgrades to ESM manager, Connector and Logger appliances
- Developed queries and reports within ArcSight Logger for daily audit reviews satisfying PCI-DSS requirements
- Lead audit training for PCI stakeholders on server authentication and security logs
- Documented system processes and maintenance procedures
- Assisted junior security team members
Data Systems Administration Cover Letter Examples
Rate This Article
[Information Security Consultant]
Last edited by: Gabriela Barcenas, CPRW, Content Writer II -
Gabriela Barcenas
CPRW, Content Writer IIGabriela is a Certified Professional Resume Writer (CPRW) and career adviser. With 10 years of digital media experience and five years of resume writing expertise, her publication history includes fashion, education, travel, social justice, equitable design and career advice.
